SlideShare a Scribd company logo

Types of Networks Week7 Part4-IS RevisionSu2013 .docx

Download as DOCX, PDF
W
willcoxjanay

Types of Networks Week7 Part4-IS RevisionSu2013 Types of Networks There are different types of networks. Each type has different characteristics and therefore different security needs. Some of the fundamental differentiating attributes of the various types of networks are:  the physical distance the network spans  the topology of the network nodes  the types of media used for communication between nodes in the network  the different devices supported on the network  the different applications supported on the network  the different groups of users permitted on the network  the different protocols supported on each network Depending on the type of network there may be different information security requirements requiring that various protocols, security services, security mechanisms are used in a fashion to support that type of network. While each network environment has some characteristics and security needs unique to that environment, there are many security techniques that should be universally applied to all environments. For example; sound policies and procedures, risk assessment of the assets, user awareness training, encryption technology, authentication technology, sound credential (password) selection and protection, malware protection, firewalls are a few security techniques that need to be applied in all of the networks albeit in configurations that best suits a particular environment. Local Area Network (LAN) A LAN network covers a small geographic area that takes advantage of high speed data transfers usually implemented through Ethernet or fiber. A LAN could be a home, office, group of building with local proximity (university, business). LANs typically share resources such as file servers and printers. Wide Area Network (WAN) A WAN covers a large geographic area that may require connection through satellite, high speed dedicated lines and other means. The internet is a WAN. WANs can connect LANs together into a larger organizational structure that can be used to share resources such as file, email, dns servers to name a few. Resources can be shared using slower connections on geographically separated areas across the WAN. Wireless Networks and Mobile Networks The movement to laptop systems at home and workplaces accelerated the mobility of computing. As employees traveled between offices, client sites, home and various other remote locations they could remain connected to company servers as long as the remote site had connectivity to the companies’ intranet. Initially this connectivity was provided by having Ethernet cabling available for remote users to physically plug their laptops into. Eventually, companies started installing wireless hotspots that could be automatically detected by systems that had wireless cards. The proliferation of wireless connectivity and internet use spread from the workplace to genera ...

Education
1 of 45
Types of Networks Week7 Part4-IS RevisionSu2013 Types of Networks There are different types of networks. Each type has different characteristics and therefore different security needs. Some of the fundamental differentiating attributes of the various types of networks are: the network ifferent applications supported on the network
Depending on the type of network there may be different information security requirements requiring that various protocols, security services, security mechanisms are used in a fashion to support that type of network. While each network environment has some characteristics and security needs unique to that environment, there are many security techniques that should be universally applied to all environments. For example; sound policies and procedures, risk assessment of the assets, user awareness training, encryption technology, authentication technology, sound credential (password) selection and protection, malware protection, firewalls are a few security techniques that need to be applied in all of the networks albeit in configurations that best suits a particular environment. Local Area Network (LAN) A LAN network covers a small geographic area that takes
advantage of high speed data transfers usually implemented through Ethernet or fiber. A LAN could be a home, office, group of building with local proximity (university, business). LANs typically share resources such as file servers and printers. Wide Area Network (WAN) A WAN covers a large geographic area that may require connection through satellite, high speed dedicated lines and other means. The internet is a WAN. WANs can connect LANs together into a larger organizational structure that can be used to share resources such as file, email, dns servers to name a few. Resources can be shared using slower connections on geographically separated areas across the WAN. Wireless Networks and Mobile Networks The movement to laptop systems at home and workplaces accelerated the mobility of computing.
As employees traveled between offices, client sites, home and various other remote locations they could remain connected to company servers as long as the remote site had connectivity to the companies’ intranet. Initially this connectivity was provided by having Ethernet cabling available for remote users to physically plug their laptops into. Eventually, companies started installing wireless hotspots that could be automatically detected by systems that had wireless cards. The proliferation of wireless connectivity and internet use spread from the workplace to general societal use. Average users demanded access to the internet and company intranets. Soon public places such as airports, libraries, train stations, schools and coffee shops installed wireless hotspots to allow people internet access. Some towns and cities are installing wireless hotspots to allow internet connectivity for citizens.
In addition to wireless hotspots becoming omnipresent the use of handheld devices is on the rise. Handheld devices started with cell phones and moved to higher functionality devices such as the Blackberry and Palm smart phones which allowed email access, and various local applications. The handheld devices have continued to evolve to higher functioning devices which provide general internet services as well as thousands of applications. Examples of these are the Apple iphone and the numerous smartphones that support the Google Android operating system. Of course these devices still provide telephone services! These devices make use of various cellular network technologies such as GSM (Global System for Mobile Communications), CDMA (Code Division Mobile Access) which conform to 3G and 4G technologies for connectivity. Types of *NET environments. The various types of network environments can be deployed
into different types of interconnected environments. We should not think of all interconnected computers as the internet. Depending on the allowable members and systems of an inter-connected environment the environment may be termed: “internet”, the “intranet” or the “extranet”. Internet The internet is global network of interconnected computers and computer networks. The systems that are members of the internet use the standard “internet protocol suite” which is TCP/IP, however not all applications use TCP/IP. The internet serves billions of users worldwide. Intranet An intranet is a private global network of interconnected computers and computer networks that is used by an organization. It uses all the protocols used in the internet only the scope of the network is within the organization.
Extranet An extranet is a private global network of interconnected computers and computer networks that is used by an organization. It uses all the protocols used in the internet. It differs from an intranet in that it expands connectivity to other users, suppliers, organizations through secure protocols to facilitate information exchange and communication. Summary These networks continue to grow in complexity. These networks exist in an endless number of different configurations which all share the same requirement which is to be secure. To add to the complexity of the networks, devices are being deployed into virtualized environments, some of which are deployed to the Cloud Computing environment. The added dimensions of virtualization and cloud deployments raise the complexity of securing these environments.
As the network complexity grows the complexity for securing the environment grows. The preferred approach to implementing security in these ever increasing complex environments is a strategy of security in depth. Security Architecture for OSI Week7 Part3-IS RevisionSu2013 Security Architecture for OSI The ITU (International Telecommunications Union) is a United Nations sponsored agency which develops standards (called recommendations) for telecommunications and open systems interconnection (OSI). Recommendation X.800, Security Architecture for OSI defines a systematic approach for the manager and technical professional responsible for implementing security in a network, communications or computer environment to
systematically define the requirements for security and to characterize various approaches to implement functionality that satisfies the requirements. The framework provided by the architecture categorizes the elements of security into security attacks, security services and security mechanisms. A Security Attack is an action that compromises the information owned or entrusted to the organization. The compromise affects some attribute of the CIA triad. A Security Service is a collection of functionality (routines, programs, algorithms, specifications) that provides support for various aspects of security: In order to protect a network from attack, mechanisms need to be implemented that support each of these services to the extent they are needed in the target environment. Security services are implemented by making use of one or more security mechanisms. Security Services:
cating entity is the one they claim to be. resource. unauthorized disclosure. a are available. sent/received/stored is exactly as it was sent/received/stored by the authorized entity. parties in a communication that they sent or received all or part of it. observation and logging of system activity. The security services enumerated above are categories of services that are further divided into specific services that apply to different aspects of a service. For example; the authentication service is divided into two specific services peer entity authentication and
data origin authentication. Peer entity authentication involves each party in a logical connection being able to confirm to some degree of confidence the identity of the other party. Data origin authentication is used in a connectionless transfer such that the recipient of the data can be confident in the identity of the sender. RFC 2828 provides the following definition for a security service: Definition: Security Service: A processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies by using security mechanisms. A Security Mechanism is a particular technique or set of techniques that are used to implement a security service.
Security mechanisms are divided into two groups: specific security mechanisms and pervasive security mechanisms. A specific security mechanism is implemented in a particular protocol layer or layers (e.g. TCP and/or application layer, etc.) to provide a security service. For example: encipherment is a specific security mechanism that could be implemented at various protocol layers. Encipherment may be implemented at the application level using PGP, the transport layer using SSL and the IP layer using IPsec. Specific Security Mechanisms: encrypt and decrypt information. Supports authentication, data confidentiality, data integrity. value and append it to a data object such that any recipient of the data can verify the data's origin and integrity. resource (control, data) from unauthorized use in accordance by the
systems security policy. unauthorized changes to data, both malicious and accidental. identity of an entity. frustrate analysis of the data stream. s mechanisms to control the path data takes from source to destination to ensure secure transmission of data. for the integrity of a data exchange (i.e. Digital Certificates) Pervasive security mechanisms are not specific to any protocol layer or security service. The mechanism is implemented in any protocol layer and for any service. Pervasive Security Mechanisms:
g an action to be taken. audit record of security activity. recovery from various events. ITU-T X.800 Security Architecture for OSI can be found at: http://www.itu.int/rec/T- REC-X.800-199103-I/en http://www.itu.int/rec/T-REC-X.800-199103-I/en http://www.itu.int/rec/T-REC-X.800-199103-I/en Layers and Protocols Week7 Part2-IS Revision Spring2014
Layers and Protocols Since the layers of the OSI reference model do not match the TCP/IP layers exactly we need to modify how we think about the OSI layers in the context of TCP/IP. The terminology of the OSI reference model helps us understand the functions and divisions between each layer. As the discussion moves to reference an actual implementation we need to learn about the terminology and details of that implementation, which in this case is TCP/IP. Numerous protocols have been listed with each layer to familiarize you with the layer the protocol operates at and to provide a sense for the number of protocols there are. These are a sampling of the protocols. Credit to TCP/IP Network Administration by O’Reilly for assistance in organizing thoughts and some diagrams. Application Layer: User accessed programs and processes are accessed from this layer. In
TCP/IP any application that occurs above the transport layer is an application. Any program a user directly interacts with, as well as various services a user may not be aware of (i.e. daemons, services) is at this layer. Note – some applications are associated with well-known port numbers to establish host to host communications using TCP/IP. The port numbers for some of the sample applications are included below. Examples of application protocols: - Port 25 – HyperText Transfer Protocol – Port 80 – HyperText Transfer Protocol Secure – Ports 161 and 162 TP – Ports 20 and 21 – Port 23 - Mail delivery – Secure shell
Presentation Layer: How data is represented needs to agreed to by cooperating applications. Applications typically take care of this job in TCP/IP; however there is standardization around various presentation protocols (i.e. MIME, TIFF, JPEG). Examples of presentation protocols: – American Standard Code for Information Interchange – Extended Binary-Coded Decimal Interchange Mode FF – Tagged Image File Format – Joint Photo Experts Group – Motion Picture Experts Group – Musical Instrument Digital Interface – Graphic Interchange Format Session Layer: There is no separately identifiable session layer
in the TCP/IP protocol hierarchy. That is not to say session functions do not exist in TCP/IP as they certainly do. In TCP/IP session management for the most part occurs at the TCP/IP layer. The mechanisms used for session communication in TCP/IP are called ports and sockets. Some protocols that are considered session layer protocols are: – Network File System – Structured Query Language – Remote Procedure Call Transport Layer: Much of the discussion around TCP/IP occurs at the transport layer. It is important to note that in TCP there are two transport services: TCP and UDP. TCP provides a connection based, reliable, guaranteed data delivery across the network. UDP (User Data Protocol) provides an unreliable, connectionless protocol. UDP has little protocol overhead so it is very efficient. For sending short amounts of information very
quickly UDP may be preferred. If information is dropped or lost during transmission it is easier to resend the data than to set up a TCP connection. Between the two protocols there is different terminology used to describe the data that is transmitted. Note the differences are at the application and transport layers. Examples of Transport layer protocols: – Transmission Control Protocol. Connection-oriented, full-duplex, guaranteed delivery, unit of transmission is called TCP Segment – User Datagram Protocol. Connectionless, no guaranteed delivery , minimal overhead, unit of transmission is called UDP Packet Network Layer: This layer manages connections across the network. It isolates the upper level protocols from the details of the underlying network. In TCP/IP this function is
implemented by IP (Internet Protocol), It takes care of IP addressing and routing the data from network to network. Examples of Network Layer Protocols: – Connectionless, 32-bit/4 byte address – 128 bit/16 byte address. More security features than IPv4. – Internet Control Message Protocol – Used by IP and other connectionless protocols to detect and react to transmission errors. ICMP used to: report network/routing failures; test node reachability; increase routing efficiency (informs routers of better routes; and informs source when datagram has exceeded time to exist. – Routing Information Protocol – Internal routing protocol within an AS. Decides based on number of hops, doesn’t consider line utilization or bandwidth. – Open Shortest Path First – Internal routing protocol within an autonomous system
– Border Gateway Protocol – Exterior routing protocol between autonomous systems Stream Segment Datagram Frame Message Packet Datagram Frame TCP UDP Application layer Transport layer Internet layer Network Access layer – Internet Group Management Protocol – allows hosts to participate in
multicasting. – The most secure tunneling protocol. Is an integrated part of IPv6 and add- on for IPv4. – Simple Key Exchange for IP – Internet Key Exchange – Internetwork Packet Exchange Protocol Data Link Layer: The reliable delivery of data across the physical network is handled by the data link layer. IP tends to make use of existing data link protocols. – MAC Layer – MAC Layer – MAC Layer – Serial Line Internet Protocol – Point-to-Point Protocol (replaced SLIP) – encapsulates to go across serial lines. Not routable over Internet. Has header & data compression, error correction, different auth protocols, and encapsulates more than IP. Uses PAP,
CHAP, or EAP to authenticate to Net Access Server (NAS). – Address Resolution Protocol - IP passed down from upper layers, DL needs to resolve it into a MAC (hardware) address in order to put into the MAC address in the header portion of the frame. ARP broadcasts a frame with the IP in it, the one with that IP address responds with its MAC. Addresses are cached in ARP table. ARP Poisoning – type of masquerade, alter ARP table to point to attacker’s own MAC. – Reverse Address Resolution Protocol. Used by diskless machines to get IP address. Booting system broadcasts a RARP with its MAC address, and RARP Server responds with an assigned IP. – Enhancement to RARP. In addition to IP address, BOOTP server also provides diskless workstation with its DNS server address, and default gateway address. – Dynamic Host Configuration Protocol – Layer 2 Forwarding
– Layer 2 Tunneling Protocol (typically services are combined IPsec) – – Integrated Services Digital Network – – Synchronous Data Link Control – Link Access Procedure – Link-Access Procedure-Balanced – High-Level Data Link Control, extension of SDLC, encapsulation used in X.25 – Password Authentication Protocol – Challenge Handshake Protocol - Extensible Authentication Protocol Physical Layer: This layer defines the physical characteristics of the equipment needed to
carry signals across the communications/network system. Examples of protocols and standards that operate at this layer are: – High Speed Serial Interface Encapsulation of data As in the OSI reference model data is passed down the stack when being sent to the network. When it is received it is passed up the stack. To show how data is actually passed we will use the TCP/IP layers since it represents an actual implementation. Consider the example where Machine 1 at the application level creates data. It passes the data to the layer below it (transport layer). The transport layer creates its data and encapsulates the data from the application data and passes it to the internet layer. This
process continues down the protocol stack on machine 1 by the internet layer passing the data down to the network access layer. Once the network access layer is reached the data is transmitted on the network to Machine 2. When Machine 2 receives the data it is at the lowest layer in the protocol stack. The lower level deals with the network access protocol data from the sending machine (Machine 2) and unwraps (removes the encapsulating protocol) and passes the remaining data to the layer above it which is the internet layer. The internet layer unwraps (removes the encapsulating protocol) and passes the remaining data to the layer above it (Transport layer). This continues up the protocol stack on Machine 2 by the Transport layer unwrapping its data and passing the remaining data to the Application layer.
One of the elegant features of the protocol stack is how the protocols are nested for transmission. Each layer has its own independent structures. Conceptually, a layer is not aware of the data used in the adjacent layers (layers above or below it). Each layer has its own data structures, and there own terminology for describing the data structure. This is all described in the RFC standards for each protocol. Data is encapsulated by the layer by placing a “header” in front of the data it is transmitting. The header makes the data understandable to that layer. For any given layer the data structure consists of a header and data. As you move down the stack headers are added in front of the data. As you move up the stack the header for a given layer is “removed” yielding the “data” which is passed back up the stack. Of course the next layer in the stack is interpreting that “data” as a “header” followed by “data”. Machine 1 Machine 2
Transmitted over Network Application Transport Internet Network Access Application Transport Internet Network Access Encryption at Various Protocol Layers Encryption can be implemented at various protocol layers in the
OSI stack. Typical encryption models are “end to end” encryption and “link level” encryption. It is worthwhile to differentiate the implications of encrypting at the various levels. Following is a diagram credited to: Encryption in relation to the protocol layers (Source: based on King and Newson, 1999, p. 104). This diagram provides a clear picture of where encryption occurs in the protocol stack. Data Data Data Data Header Header Header Header Header Header Application Layer Transport Layer
Network Access Layer Internet Layer Send Receive End-to-End Encryption End-to-end encryption is also known as application layer encryption. Encryption is implemented at the highest layer of the OSI stack. A protocol example of end-to-end encryption is the sending and receiving of encrypted email using services such as PGP or S/MIME. Other examples of end-to-end encryptions are applications such as: SHTTP (secure hypertext transfer) or SET (Secure Electronic Transactions). You could think of this as encryption occurring between processes. With application layer encryption the routing information is not encrypted. Since the encryption occurs at the highest protocol layer as the data is passed down the stack to lower layers routing information is
prepended to support routing between intermediate hosts. The routing information is not encrypted and therefore exposed to an attacker. Therefore, while the data is encrypted, the traffic pattern is not encrypted and could be captured and analyzed by an eavesdropper. With end-to-end encryption keys must be exchanged by each pair of application users. This is in contrast to link layer encryption where encryption keys are exchanged between hosts. The number of encryption keys for distribution and management is an area of concern. Transport/Network Encryption With IPsec encryption occurs at the Network and IP layers of the stack. With IPsec security associations can be set up between hosts and devices with IP addresses and port numbers. This permits a more granular policy than link layer encryption. While the end- points in Transport/Network encryption are not as wide as
Application encryption it is considered in the above diagram as end-to-end encryption. Link Layer Encryption Link layer encryption occurs at both ends (incoming and outgoing) of each communications link such as a frame relay switch or a router. This provides a high level of security but it does require a lot of encryption devices. Since the message is decrypted each time it enters an encryption device there is a window the data is exposed to eavesdroppers before the data is re-encrypted for the next hop. When sending data across the internet the user has no control over the security implemented at various hosts (hops) along the route. For intranets or extranets link layer encryption may be adequate since the infra-structure is under the management and control of the organization but when information is sent outside an organization link layer encryption may not be adequate.
Often, both end-to-end and link layer encryption are combined for additional protection. With end-to-end encryption the user data is encrypted with encryption keys known only to the sender and receiver at the application layers. Each data frame is then encrypted with encryption keys shared by adjacent devices or hosts for sending to the next device/host. By implementing both techniques the application message is never in plaintext until it reaches its destination. Using both encryption techniques does provide a small window of opportunity for an eavesdropper when the frame header is in decrypted within the frame switch or router. Telecommunications, Network and Internet Security
Week7 Part1-IS RevisionSu2013 Telecommunications, Network and Internet Security The topics in this lesson cover several areas in the domain of information security. Much of material in this lesson is a framework for Information Security, however presenting it at this point has afforded us the opportunity to build up a base of knowledge covering various topics from a more pragmatic perspective. This lesson will provide some architectural framework around the concepts we have discussed so far and also provide essential concepts for further learning of Information Security concepts. Open Systems Interconnection (OSI) Reference Model Data communications and network technology is very complex. They consist of numerous functions and protocols that describe the actions and interactions that go on in
a network. The OSI reference model provides a model that neatly divides the network into layers. The OSI reference model provides a universally accepted model for discussing communication functions. By dividing the functions into layers the complexity of the entire communications/network model is “simplified” (relatively speaking). Each layer consists of the functions and protocols implemented at that layer. Any given layer implements numerous functions and protocols. Definition: Protocol: An agreed upon set of rules for communicating. The layers functionally build on one another. That is, an upper layer relies on the services and protocols of a lower layer. The stacked layers are commonly referred to as the protocol stack (general term) or IP stack (example of a specific stack). There are seven
layers in the OSI reference model. The layers are defined in descending order from highest to lowest. Number Name Description 7 Application Various application programs 6 Presentation Services to present data to applications 5 Session Manages sessions between applications. Establishing connections and terminating sessions. 4 Transport Provides end to end delivery of data 3 Network Manages data addressing and delivery between networks 2 Data Link Provides reliable data communication across physical link 1 Physical Defines physical characteristics of network media When two machines communicate with one another the
respective layers on each machine communicate with one another. That is, the same layer on each machine understands the protocols for that layer. For example, application data layers on one machine can understand application data layers on another machine since they use the same protocols. The following is a logical view of how each machine understands the protocols from the respective layer on the other machine. Standards Committees The OSI reference model is a reference model. In other words it is used as a reference to simplify the understanding of what occurs in a network and communications model. Of equal importance to the functions that occur at each layer in the protocol stack is how each layer in the protocol stack interfaces to the layer above and below it. There was a time when manufacturers developed their own proprietary interfaces. Allowing a competitor to easily interface to their hardware or
software was not a priority. 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical Machine 1 Machine 2
Logical View of Communication between Protocol Layers In fact, the more difficult it was for a competitor the better since it meant the customer would look to a single supplier for a complete solution. This is no longer acceptable practice. Customers want systems that adhere to standard interfaces. They want to be able to choose between various manufacturers and mix and match components that are tailored to their requirements. Proprietary interfaces are still developed by manufacturers so that their specialized hardware and software can be optimized to their environment. However standard interfaces must also be provided, and not as an afterthought. They must be an integral part of the implementation which is fully documented, tested and supported. It should be noted that when a new technology is brought to the market that first implementation has a significant advantage in establishing the
standards. Subsequent implementations by various companies will undoubtedly influence the standards, but the first to the market with a good idea usually has a distinct advantage since they gain market share (and influence) and they often represent the leading authority on the technology. Discussion: There was a time when many operating systems were completely proprietary. To use a third party device required opening up source code to understand how a device driver could be written for a “non- standard device”. I recall working on problems in the 1960s and 1970s developing on-line interfaces to various photo composition machines (fore runners of today’s laser and inkjet printers). The interfaces for writing a device driver in the operating system code were not cleanly delineated and over time customers demanded that operating systems open their source code so third party manufacturers
could implement to various operating system interfaces so devices would work “out of the box” with minimal problems. By having well defined interfaces between the layers different manufacturers can implement hardware and software that work together. The well defined protocols are published in standards. Standards committees are comprised of representatives from various companies throughout the communications, network and computing industry worldwide. The protocols are developed and standards documents are published that document the protocols. As the protocols are used problems are found which result in the protocols being modified in stepwise refinement. As changes are made revised standards are issued for review. When approval is reached a new version of the standard is issued. The world of network and communications technology has a huge number of standards
and protocols. The standards committees are made up from experts in the various technologies from industry, government and academia. The representatives are from throughout the world since communications standards must span international borders. If you are thinking of developing anything you need to first check the body of standards to see what is already available. Some of the standards organizations are: P (Federal Information Processing Standard) from the NIST (National Institute of Standards and Technology). Standardization Sector (ITU-T)
TCP/IP The OSI reference model is an idealized model that neatly breaks down communications and networks technology into functional layers with sharp well defined interfaces between each layer. The model provides useful abstractions to help to organize your thinking without being “burdened” by the details of an actual implementation. When design moves to implementation the details need to be considered. There are several implementations of networks that used the OSI reference as a model. Digital Equipment Corporations DECnet and Novell Networks are two implementations that made use of OSI reference model. The dominant networking protocols used today is TCP/IP (Transmission Control Protocol – Internet Protocol). There is not a consensus on how the TCP/IP protocol stack maps to the OSI reference
model. Following are two different mapping between the OSI reference model layers and the layers in the TCP/IP implementation: Example 1: OSI Reference Model Layer OSI Layer Equivalent TCP/IP layer 7, 6 , 5 Application, Presentation, Session, Application 4 Transport Transport 3 Network Network 2 Data Link Data Link 1 Physical Physical
Example 2: OSI Reference Model Layer OSI Layer Equivalent TCP/IP layer 7, 6 , 5 Application, Presentation, Session Application 4 Transport Host to Host Transport 3 Network Internet 2, 1 Data Link, Physical Network Access Layer

Recommended

Ii2514901494
Ii2514901494Ii2514901494
Ii2514901494IJERA Editor
 
Info scince pp
Info scince ppInfo scince pp
Info scince ppmalakAlHarbi94
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final pptpriyanka Garg
 
Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_Mudassar Mehmud
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.comIJERD Editor
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 

Recommended

Ii2514901494
Ii2514901494Ii2514901494
Ii2514901494IJERA Editor
 
Info scince pp
Info scince ppInfo scince pp
Info scince ppmalakAlHarbi94
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final pptpriyanka Garg
 
Aca presentation arm_
Aca presentation arm_Aca presentation arm_
Aca presentation arm_Mudassar Mehmud
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.comIJERD Editor
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications TechnologiesSarah Jimenez
 
network security.pdf
network security.pdfnetwork security.pdf
network security.pdfJeganathanJayaran
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Controljwpiccininni
 
Network security
Network securityNetwork security
Network securityRavikumar Natarajan
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdfSitamarhi Institute of Technology
 
Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Sitamarhi Institute of Technology
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...SubmissionResearchpa
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptxssuserd24233
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448IJRAT
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfaquazac
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommercepriyanka Garg
 
Infrastructure SecurityChapter 10Principles of Compute.docx
Infrastructure SecurityChapter 10Principles of Compute.docxInfrastructure SecurityChapter 10Principles of Compute.docx
Infrastructure SecurityChapter 10Principles of Compute.docxannettsparrow
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)Amare Kassa
 
Security Attacks And Solutions On Ubiquitous Computing Networks
Security Attacks And Solutions On Ubiquitous Computing NetworksSecurity Attacks And Solutions On Ubiquitous Computing Networks
Security Attacks And Solutions On Ubiquitous Computing NetworksAhmad Sharifi
 
Lecture 07 networking
Lecture 07 networkingLecture 07 networking
Lecture 07 networkingHNDE Labuduwa Galle
 
Internet Protocol Security as the Network Cryptography System
Internet Protocol Security as the Network Cryptography SystemInternet Protocol Security as the Network Cryptography System
Internet Protocol Security as the Network Cryptography SystemUniversitas Pembangunan Panca Budi
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 
IJISRT22MAR7471.docx
IJISRT22MAR7471.docxIJISRT22MAR7471.docx
IJISRT22MAR7471.docxballolliemin
 
Critical Response Rubric Category 0 1 1.5 2 Timelin.docx
Critical Response Rubric Category 0 1 1.5 2 Timelin.docxCritical Response Rubric Category 0 1 1.5 2 Timelin.docx
Critical Response Rubric Category 0 1 1.5 2 Timelin.docxwillcoxjanay
 
Critical Response Rubric- Please view the videos provided on Asha De.docx
Critical Response Rubric- Please view the videos provided on Asha De.docxCritical Response Rubric- Please view the videos provided on Asha De.docx
Critical Response Rubric- Please view the videos provided on Asha De.docxwillcoxjanay
 

More Related Content

Similar to Types of Networks Week7 Part4-IS RevisionSu2013 .docx

Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications TechnologiesSarah Jimenez
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Controljwpiccininni
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...SubmissionResearchpa
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptxssuserd24233
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448IJRAT
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfaquazac
 
Infrastructure SecurityChapter 10Principles of Compute.docx
Infrastructure SecurityChapter 10Principles of Compute.docxInfrastructure SecurityChapter 10Principles of Compute.docx
Infrastructure SecurityChapter 10Principles of Compute.docxannettsparrow
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)Amare Kassa
 
Security Attacks And Solutions On Ubiquitous Computing Networks
Security Attacks And Solutions On Ubiquitous Computing NetworksSecurity Attacks And Solutions On Ubiquitous Computing Networks
Security Attacks And Solutions On Ubiquitous Computing NetworksAhmad Sharifi
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 
IJISRT22MAR7471.docx
IJISRT22MAR7471.docxIJISRT22MAR7471.docx
IJISRT22MAR7471.docxballolliemin
 

Similar to Types of Networks Week7 Part4-IS RevisionSu2013 .docx (20)

Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications Technologies
 
network security.pdf
network security.pdfnetwork security.pdf
network security.pdf
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Control
 
Network security
Network securityNetwork security
Network security
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdf
 
Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptx
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdf
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommerce
 
Infrastructure SecurityChapter 10Principles of Compute.docx
Infrastructure SecurityChapter 10Principles of Compute.docxInfrastructure SecurityChapter 10Principles of Compute.docx
Infrastructure SecurityChapter 10Principles of Compute.docx
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
 
Security Attacks And Solutions On Ubiquitous Computing Networks
Security Attacks And Solutions On Ubiquitous Computing NetworksSecurity Attacks And Solutions On Ubiquitous Computing Networks
Security Attacks And Solutions On Ubiquitous Computing Networks
 
Lecture 07 networking
Lecture 07 networkingLecture 07 networking
Lecture 07 networking
 
Internet Protocol Security as the Network Cryptography System
Internet Protocol Security as the Network Cryptography SystemInternet Protocol Security as the Network Cryptography System
Internet Protocol Security as the Network Cryptography System
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
 
IJISRT22MAR7471.docx
IJISRT22MAR7471.docxIJISRT22MAR7471.docx
IJISRT22MAR7471.docx
 

More from willcoxjanay

Critical Response Rubric Category 0 1 1.5 2 Timelin.docx
Critical Response Rubric Category 0 1 1.5 2 Timelin.docxCritical Response Rubric Category 0 1 1.5 2 Timelin.docx
Critical Response Rubric Category 0 1 1.5 2 Timelin.docxwillcoxjanay
 
Critical Response Rubric- Please view the videos provided on Asha De.docx
Critical Response Rubric- Please view the videos provided on Asha De.docxCritical Response Rubric- Please view the videos provided on Asha De.docx
Critical Response Rubric- Please view the videos provided on Asha De.docxwillcoxjanay
 
Critical Reflective AnalysisIn developing your genogram and learni.docx
Critical Reflective AnalysisIn developing your genogram and learni.docxCritical Reflective AnalysisIn developing your genogram and learni.docx
Critical Reflective AnalysisIn developing your genogram and learni.docxwillcoxjanay
 
Critical Reflection Projectzzz.docx
Critical Reflection Projectzzz.docxCritical Reflection Projectzzz.docx
Critical Reflection Projectzzz.docxwillcoxjanay
 
Critical reflection on the reading from Who Speaks for Justice, .docx
Critical reflection on the reading from Who Speaks for Justice, .docxCritical reflection on the reading from Who Speaks for Justice, .docx
Critical reflection on the reading from Who Speaks for Justice, .docxwillcoxjanay
 
Critical Reflection ExerciseStudents are expected to have co.docx
Critical Reflection ExerciseStudents are expected to have co.docxCritical Reflection ExerciseStudents are expected to have co.docx
Critical Reflection ExerciseStudents are expected to have co.docxwillcoxjanay
 
Critical Reading StrategiesThe University of Minnesota published.docx
Critical Reading StrategiesThe University of Minnesota published.docxCritical Reading StrategiesThe University of Minnesota published.docx
Critical Reading StrategiesThe University of Minnesota published.docxwillcoxjanay
 
Critical Qualitative Research Designpages 70–76Related to un.docx
Critical Qualitative Research Designpages 70–76Related to un.docxCritical Qualitative Research Designpages 70–76Related to un.docx
Critical Qualitative Research Designpages 70–76Related to un.docxwillcoxjanay
 
Critical InfrastructuresThe U.S. Department of Homeland Security h.docx
Critical InfrastructuresThe U.S. Department of Homeland Security h.docxCritical InfrastructuresThe U.S. Department of Homeland Security h.docx
Critical InfrastructuresThe U.S. Department of Homeland Security h.docxwillcoxjanay
 
Critical Infrastructure Protection Discussion Questions How.docx
Critical Infrastructure Protection Discussion Questions How.docxCritical Infrastructure Protection Discussion Questions How.docx
Critical Infrastructure Protection Discussion Questions How.docxwillcoxjanay
 
Critical InfrastructuresIn terms of critical infrastructure and ke.docx
Critical InfrastructuresIn terms of critical infrastructure and ke.docxCritical InfrastructuresIn terms of critical infrastructure and ke.docx
Critical InfrastructuresIn terms of critical infrastructure and ke.docxwillcoxjanay
 
Critical Infrastructure Case StudyPower plants are an important .docx
Critical Infrastructure Case StudyPower plants are an important .docxCritical Infrastructure Case StudyPower plants are an important .docx
Critical Infrastructure Case StudyPower plants are an important .docxwillcoxjanay
 
Critical Infrastructure and a CyberattackPresidential Decisi.docx
Critical Infrastructure and a CyberattackPresidential Decisi.docxCritical Infrastructure and a CyberattackPresidential Decisi.docx
Critical Infrastructure and a CyberattackPresidential Decisi.docxwillcoxjanay
 
Critical Incident Protection (CIP)Plans need to have your name o.docx
Critical Incident Protection (CIP)Plans need to have your name o.docxCritical Incident Protection (CIP)Plans need to have your name o.docx
Critical Incident Protection (CIP)Plans need to have your name o.docxwillcoxjanay
 
Critical Evaluation of Qualitative or Quantitative Research Stud.docx
Critical Evaluation of Qualitative or Quantitative Research Stud.docxCritical Evaluation of Qualitative or Quantitative Research Stud.docx
Critical Evaluation of Qualitative or Quantitative Research Stud.docxwillcoxjanay
 
Critical Analysis of Phillips argument in her essay Zombie Studies.docx
Critical Analysis of Phillips argument in her essay Zombie Studies.docxCritical Analysis of Phillips argument in her essay Zombie Studies.docx
Critical Analysis of Phillips argument in her essay Zombie Studies.docxwillcoxjanay
 
Critical Appraisal Process for Quantitative ResearchAs you cri.docx
Critical Appraisal Process for Quantitative ResearchAs you cri.docxCritical Appraisal Process for Quantitative ResearchAs you cri.docx
Critical Appraisal Process for Quantitative ResearchAs you cri.docxwillcoxjanay
 
CriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docx
CriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docxCriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docx
CriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docxwillcoxjanay
 
Critical analysis of primary literature - PracticePurposeThis.docx
Critical analysis of primary literature - PracticePurposeThis.docxCritical analysis of primary literature - PracticePurposeThis.docx
Critical analysis of primary literature - PracticePurposeThis.docxwillcoxjanay
 
Critical analysis of one relevant curriculum approach or model..docx
Critical analysis of one relevant curriculum approach or model..docxCritical analysis of one relevant curriculum approach or model..docx
Critical analysis of one relevant curriculum approach or model..docxwillcoxjanay
 

More from willcoxjanay (20)

Critical Response Rubric Category 0 1 1.5 2 Timelin.docx
Critical Response Rubric Category 0 1 1.5 2 Timelin.docxCritical Response Rubric Category 0 1 1.5 2 Timelin.docx
Critical Response Rubric Category 0 1 1.5 2 Timelin.docx
 
Critical Response Rubric- Please view the videos provided on Asha De.docx
Critical Response Rubric- Please view the videos provided on Asha De.docxCritical Response Rubric- Please view the videos provided on Asha De.docx
Critical Response Rubric- Please view the videos provided on Asha De.docx
 
Critical Reflective AnalysisIn developing your genogram and learni.docx
Critical Reflective AnalysisIn developing your genogram and learni.docxCritical Reflective AnalysisIn developing your genogram and learni.docx
Critical Reflective AnalysisIn developing your genogram and learni.docx
 
Critical Reflection Projectzzz.docx
Critical Reflection Projectzzz.docxCritical Reflection Projectzzz.docx
Critical Reflection Projectzzz.docx
 
Critical reflection on the reading from Who Speaks for Justice, .docx
Critical reflection on the reading from Who Speaks for Justice, .docxCritical reflection on the reading from Who Speaks for Justice, .docx
Critical reflection on the reading from Who Speaks for Justice, .docx
 
Critical Reflection ExerciseStudents are expected to have co.docx
Critical Reflection ExerciseStudents are expected to have co.docxCritical Reflection ExerciseStudents are expected to have co.docx
Critical Reflection ExerciseStudents are expected to have co.docx
 
Critical Reading StrategiesThe University of Minnesota published.docx
Critical Reading StrategiesThe University of Minnesota published.docxCritical Reading StrategiesThe University of Minnesota published.docx
Critical Reading StrategiesThe University of Minnesota published.docx
 
Critical Qualitative Research Designpages 70–76Related to un.docx
Critical Qualitative Research Designpages 70–76Related to un.docxCritical Qualitative Research Designpages 70–76Related to un.docx
Critical Qualitative Research Designpages 70–76Related to un.docx
 
Critical InfrastructuresThe U.S. Department of Homeland Security h.docx
Critical InfrastructuresThe U.S. Department of Homeland Security h.docxCritical InfrastructuresThe U.S. Department of Homeland Security h.docx
Critical InfrastructuresThe U.S. Department of Homeland Security h.docx
 
Critical Infrastructure Protection Discussion Questions How.docx
Critical Infrastructure Protection Discussion Questions How.docxCritical Infrastructure Protection Discussion Questions How.docx
Critical Infrastructure Protection Discussion Questions How.docx
 
Critical InfrastructuresIn terms of critical infrastructure and ke.docx
Critical InfrastructuresIn terms of critical infrastructure and ke.docxCritical InfrastructuresIn terms of critical infrastructure and ke.docx
Critical InfrastructuresIn terms of critical infrastructure and ke.docx
 
Critical Infrastructure Case StudyPower plants are an important .docx
Critical Infrastructure Case StudyPower plants are an important .docxCritical Infrastructure Case StudyPower plants are an important .docx
Critical Infrastructure Case StudyPower plants are an important .docx
 
Critical Infrastructure and a CyberattackPresidential Decisi.docx
Critical Infrastructure and a CyberattackPresidential Decisi.docxCritical Infrastructure and a CyberattackPresidential Decisi.docx
Critical Infrastructure and a CyberattackPresidential Decisi.docx
 
Critical Incident Protection (CIP)Plans need to have your name o.docx
Critical Incident Protection (CIP)Plans need to have your name o.docxCritical Incident Protection (CIP)Plans need to have your name o.docx
Critical Incident Protection (CIP)Plans need to have your name o.docx
 
Critical Evaluation of Qualitative or Quantitative Research Stud.docx
Critical Evaluation of Qualitative or Quantitative Research Stud.docxCritical Evaluation of Qualitative or Quantitative Research Stud.docx
Critical Evaluation of Qualitative or Quantitative Research Stud.docx
 
Critical Analysis of Phillips argument in her essay Zombie Studies.docx
Critical Analysis of Phillips argument in her essay Zombie Studies.docxCritical Analysis of Phillips argument in her essay Zombie Studies.docx
Critical Analysis of Phillips argument in her essay Zombie Studies.docx
 
Critical Appraisal Process for Quantitative ResearchAs you cri.docx
Critical Appraisal Process for Quantitative ResearchAs you cri.docxCritical Appraisal Process for Quantitative ResearchAs you cri.docx
Critical Appraisal Process for Quantitative ResearchAs you cri.docx
 
CriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docx
CriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docxCriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docx
CriteriaExcellentSuperiorGoodWork neededFailingIntrodu.docx
 
Critical analysis of primary literature - PracticePurposeThis.docx
Critical analysis of primary literature - PracticePurposeThis.docxCritical analysis of primary literature - PracticePurposeThis.docx
Critical analysis of primary literature - PracticePurposeThis.docx
 
Critical analysis of one relevant curriculum approach or model..docx
Critical analysis of one relevant curriculum approach or model..docxCritical analysis of one relevant curriculum approach or model..docx
Critical analysis of one relevant curriculum approach or model..docx
 

Recently uploaded

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 

Recently uploaded (20)

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 

Types of Networks Week7 Part4-IS RevisionSu2013 .docx

  • 1. Types of Networks Week7 Part4-IS RevisionSu2013 Types of Networks There are different types of networks. Each type has different characteristics and therefore different security needs. Some of the fundamental differentiating attributes of the various types of networks are: the network ifferent applications supported on the network
  • 2. Depending on the type of network there may be different information security requirements requiring that various protocols, security services, security mechanisms are used in a fashion to support that type of network. While each network environment has some characteristics and security needs unique to that environment, there are many security techniques that should be universally applied to all environments. For example; sound policies and procedures, risk assessment of the assets, user awareness training, encryption technology, authentication technology, sound credential (password) selection and protection, malware protection, firewalls are a few security techniques that need to be applied in all of the networks albeit in configurations that best suits a particular environment. Local Area Network (LAN) A LAN network covers a small geographic area that takes
  • 3. advantage of high speed data transfers usually implemented through Ethernet or fiber. A LAN could be a home, office, group of building with local proximity (university, business). LANs typically share resources such as file servers and printers. Wide Area Network (WAN) A WAN covers a large geographic area that may require connection through satellite, high speed dedicated lines and other means. The internet is a WAN. WANs can connect LANs together into a larger organizational structure that can be used to share resources such as file, email, dns servers to name a few. Resources can be shared using slower connections on geographically separated areas across the WAN. Wireless Networks and Mobile Networks The movement to laptop systems at home and workplaces accelerated the mobility of computing.
  • 4. As employees traveled between offices, client sites, home and various other remote locations they could remain connected to company servers as long as the remote site had connectivity to the companies’ intranet. Initially this connectivity was provided by having Ethernet cabling available for remote users to physically plug their laptops into. Eventually, companies started installing wireless hotspots that could be automatically detected by systems that had wireless cards. The proliferation of wireless connectivity and internet use spread from the workplace to general societal use. Average users demanded access to the internet and company intranets. Soon public places such as airports, libraries, train stations, schools and coffee shops installed wireless hotspots to allow people internet access. Some towns and cities are installing wireless hotspots to allow internet connectivity for citizens.
  • 5. In addition to wireless hotspots becoming omnipresent the use of handheld devices is on the rise. Handheld devices started with cell phones and moved to higher functionality devices such as the Blackberry and Palm smart phones which allowed email access, and various local applications. The handheld devices have continued to evolve to higher functioning devices which provide general internet services as well as thousands of applications. Examples of these are the Apple iphone and the numerous smartphones that support the Google Android operating system. Of course these devices still provide telephone services! These devices make use of various cellular network technologies such as GSM (Global System for Mobile Communications), CDMA (Code Division Mobile Access) which conform to 3G and 4G technologies for connectivity. Types of *NET environments. The various types of network environments can be deployed
  • 6. into different types of interconnected environments. We should not think of all interconnected computers as the internet. Depending on the allowable members and systems of an inter-connected environment the environment may be termed: “internet”, the “intranet” or the “extranet”. Internet The internet is global network of interconnected computers and computer networks. The systems that are members of the internet use the standard “internet protocol suite” which is TCP/IP, however not all applications use TCP/IP. The internet serves billions of users worldwide. Intranet An intranet is a private global network of interconnected computers and computer networks that is used by an organization. It uses all the protocols used in the internet only the scope of the network is within the organization.
  • 7. Extranet An extranet is a private global network of interconnected computers and computer networks that is used by an organization. It uses all the protocols used in the internet. It differs from an intranet in that it expands connectivity to other users, suppliers, organizations through secure protocols to facilitate information exchange and communication. Summary These networks continue to grow in complexity. These networks exist in an endless number of different configurations which all share the same requirement which is to be secure. To add to the complexity of the networks, devices are being deployed into virtualized environments, some of which are deployed to the Cloud Computing environment. The added dimensions of virtualization and cloud deployments raise the complexity of securing these environments.
  • 8. As the network complexity grows the complexity for securing the environment grows. The preferred approach to implementing security in these ever increasing complex environments is a strategy of security in depth. Security Architecture for OSI Week7 Part3-IS RevisionSu2013 Security Architecture for OSI The ITU (International Telecommunications Union) is a United Nations sponsored agency which develops standards (called recommendations) for telecommunications and open systems interconnection (OSI). Recommendation X.800, Security Architecture for OSI defines a systematic approach for the manager and technical professional responsible for implementing security in a network, communications or computer environment to
  • 9. systematically define the requirements for security and to characterize various approaches to implement functionality that satisfies the requirements. The framework provided by the architecture categorizes the elements of security into security attacks, security services and security mechanisms. A Security Attack is an action that compromises the information owned or entrusted to the organization. The compromise affects some attribute of the CIA triad. A Security Service is a collection of functionality (routines, programs, algorithms, specifications) that provides support for various aspects of security: In order to protect a network from attack, mechanisms need to be implemented that support each of these services to the extent they are needed in the target environment. Security services are implemented by making use of one or more security mechanisms. Security Services:
  • 10. cating entity is the one they claim to be. resource. unauthorized disclosure. a are available. sent/received/stored is exactly as it was sent/received/stored by the authorized entity. parties in a communication that they sent or received all or part of it. observation and logging of system activity. The security services enumerated above are categories of services that are further divided into specific services that apply to different aspects of a service. For example; the authentication service is divided into two specific services peer entity authentication and
  • 11. data origin authentication. Peer entity authentication involves each party in a logical connection being able to confirm to some degree of confidence the identity of the other party. Data origin authentication is used in a connectionless transfer such that the recipient of the data can be confident in the identity of the sender. RFC 2828 provides the following definition for a security service: Definition: Security Service: A processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies by using security mechanisms. A Security Mechanism is a particular technique or set of techniques that are used to implement a security service.
  • 12. Security mechanisms are divided into two groups: specific security mechanisms and pervasive security mechanisms. A specific security mechanism is implemented in a particular protocol layer or layers (e.g. TCP and/or application layer, etc.) to provide a security service. For example: encipherment is a specific security mechanism that could be implemented at various protocol layers. Encipherment may be implemented at the application level using PGP, the transport layer using SSL and the IP layer using IPsec. Specific Security Mechanisms: encrypt and decrypt information. Supports authentication, data confidentiality, data integrity. value and append it to a data object such that any recipient of the data can verify the data's origin and integrity. resource (control, data) from unauthorized use in accordance by the
  • 13. systems security policy. unauthorized changes to data, both malicious and accidental. identity of an entity. frustrate analysis of the data stream. s mechanisms to control the path data takes from source to destination to ensure secure transmission of data. for the integrity of a data exchange (i.e. Digital Certificates) Pervasive security mechanisms are not specific to any protocol layer or security service. The mechanism is implemented in any protocol layer and for any service. Pervasive Security Mechanisms:
  • 14. g an action to be taken. audit record of security activity. recovery from various events. ITU-T X.800 Security Architecture for OSI can be found at: http://www.itu.int/rec/T- REC-X.800-199103-I/en http://www.itu.int/rec/T-REC-X.800-199103-I/en http://www.itu.int/rec/T-REC-X.800-199103-I/en Layers and Protocols Week7 Part2-IS Revision Spring2014
  • 15. Layers and Protocols Since the layers of the OSI reference model do not match the TCP/IP layers exactly we need to modify how we think about the OSI layers in the context of TCP/IP. The terminology of the OSI reference model helps us understand the functions and divisions between each layer. As the discussion moves to reference an actual implementation we need to learn about the terminology and details of that implementation, which in this case is TCP/IP. Numerous protocols have been listed with each layer to familiarize you with the layer the protocol operates at and to provide a sense for the number of protocols there are. These are a sampling of the protocols. Credit to TCP/IP Network Administration by O’Reilly for assistance in organizing thoughts and some diagrams. Application Layer: User accessed programs and processes are accessed from this layer. In
  • 16. TCP/IP any application that occurs above the transport layer is an application. Any program a user directly interacts with, as well as various services a user may not be aware of (i.e. daemons, services) is at this layer. Note – some applications are associated with well-known port numbers to establish host to host communications using TCP/IP. The port numbers for some of the sample applications are included below. Examples of application protocols: - Port 25 – HyperText Transfer Protocol – Port 80 – HyperText Transfer Protocol Secure – Ports 161 and 162 TP – Ports 20 and 21 – Port 23 - Mail delivery – Secure shell
  • 17. Presentation Layer: How data is represented needs to agreed to by cooperating applications. Applications typically take care of this job in TCP/IP; however there is standardization around various presentation protocols (i.e. MIME, TIFF, JPEG). Examples of presentation protocols: – American Standard Code for Information Interchange – Extended Binary-Coded Decimal Interchange Mode FF – Tagged Image File Format – Joint Photo Experts Group – Motion Picture Experts Group – Musical Instrument Digital Interface – Graphic Interchange Format Session Layer: There is no separately identifiable session layer
  • 18. in the TCP/IP protocol hierarchy. That is not to say session functions do not exist in TCP/IP as they certainly do. In TCP/IP session management for the most part occurs at the TCP/IP layer. The mechanisms used for session communication in TCP/IP are called ports and sockets. Some protocols that are considered session layer protocols are: – Network File System – Structured Query Language – Remote Procedure Call Transport Layer: Much of the discussion around TCP/IP occurs at the transport layer. It is important to note that in TCP there are two transport services: TCP and UDP. TCP provides a connection based, reliable, guaranteed data delivery across the network. UDP (User Data Protocol) provides an unreliable, connectionless protocol. UDP has little protocol overhead so it is very efficient. For sending short amounts of information very
  • 19. quickly UDP may be preferred. If information is dropped or lost during transmission it is easier to resend the data than to set up a TCP connection. Between the two protocols there is different terminology used to describe the data that is transmitted. Note the differences are at the application and transport layers. Examples of Transport layer protocols: – Transmission Control Protocol. Connection-oriented, full-duplex, guaranteed delivery, unit of transmission is called TCP Segment – User Datagram Protocol. Connectionless, no guaranteed delivery , minimal overhead, unit of transmission is called UDP Packet Network Layer: This layer manages connections across the network. It isolates the upper level protocols from the details of the underlying network. In TCP/IP this function is
  • 20. implemented by IP (Internet Protocol), It takes care of IP addressing and routing the data from network to network. Examples of Network Layer Protocols: – Connectionless, 32-bit/4 byte address – 128 bit/16 byte address. More security features than IPv4. – Internet Control Message Protocol – Used by IP and other connectionless protocols to detect and react to transmission errors. ICMP used to: report network/routing failures; test node reachability; increase routing efficiency (informs routers of better routes; and informs source when datagram has exceeded time to exist. – Routing Information Protocol – Internal routing protocol within an AS. Decides based on number of hops, doesn’t consider line utilization or bandwidth. – Open Shortest Path First – Internal routing protocol within an autonomous system
  • 21. – Border Gateway Protocol – Exterior routing protocol between autonomous systems Stream Segment Datagram Frame Message Packet Datagram Frame TCP UDP Application layer Transport layer Internet layer Network Access layer – Internet Group Management Protocol – allows hosts to participate in
  • 22. multicasting. – The most secure tunneling protocol. Is an integrated part of IPv6 and add- on for IPv4. – Simple Key Exchange for IP – Internet Key Exchange – Internetwork Packet Exchange Protocol Data Link Layer: The reliable delivery of data across the physical network is handled by the data link layer. IP tends to make use of existing data link protocols. – MAC Layer – MAC Layer – MAC Layer – Serial Line Internet Protocol – Point-to-Point Protocol (replaced SLIP) – encapsulates to go across serial lines. Not routable over Internet. Has header & data compression, error correction, different auth protocols, and encapsulates more than IP. Uses PAP,
  • 23. CHAP, or EAP to authenticate to Net Access Server (NAS). – Address Resolution Protocol - IP passed down from upper layers, DL needs to resolve it into a MAC (hardware) address in order to put into the MAC address in the header portion of the frame. ARP broadcasts a frame with the IP in it, the one with that IP address responds with its MAC. Addresses are cached in ARP table. ARP Poisoning – type of masquerade, alter ARP table to point to attacker’s own MAC. – Reverse Address Resolution Protocol. Used by diskless machines to get IP address. Booting system broadcasts a RARP with its MAC address, and RARP Server responds with an assigned IP. – Enhancement to RARP. In addition to IP address, BOOTP server also provides diskless workstation with its DNS server address, and default gateway address. – Dynamic Host Configuration Protocol – Layer 2 Forwarding
  • 24. – Layer 2 Tunneling Protocol (typically services are combined IPsec) – – Integrated Services Digital Network – – Synchronous Data Link Control – Link Access Procedure – Link-Access Procedure-Balanced – High-Level Data Link Control, extension of SDLC, encapsulation used in X.25 – Password Authentication Protocol – Challenge Handshake Protocol - Extensible Authentication Protocol Physical Layer: This layer defines the physical characteristics of the equipment needed to
  • 25. carry signals across the communications/network system. Examples of protocols and standards that operate at this layer are: – High Speed Serial Interface Encapsulation of data As in the OSI reference model data is passed down the stack when being sent to the network. When it is received it is passed up the stack. To show how data is actually passed we will use the TCP/IP layers since it represents an actual implementation. Consider the example where Machine 1 at the application level creates data. It passes the data to the layer below it (transport layer). The transport layer creates its data and encapsulates the data from the application data and passes it to the internet layer. This
  • 26. process continues down the protocol stack on machine 1 by the internet layer passing the data down to the network access layer. Once the network access layer is reached the data is transmitted on the network to Machine 2. When Machine 2 receives the data it is at the lowest layer in the protocol stack. The lower level deals with the network access protocol data from the sending machine (Machine 2) and unwraps (removes the encapsulating protocol) and passes the remaining data to the layer above it which is the internet layer. The internet layer unwraps (removes the encapsulating protocol) and passes the remaining data to the layer above it (Transport layer). This continues up the protocol stack on Machine 2 by the Transport layer unwrapping its data and passing the remaining data to the Application layer.
  • 27. One of the elegant features of the protocol stack is how the protocols are nested for transmission. Each layer has its own independent structures. Conceptually, a layer is not aware of the data used in the adjacent layers (layers above or below it). Each layer has its own data structures, and there own terminology for describing the data structure. This is all described in the RFC standards for each protocol. Data is encapsulated by the layer by placing a “header” in front of the data it is transmitting. The header makes the data understandable to that layer. For any given layer the data structure consists of a header and data. As you move down the stack headers are added in front of the data. As you move up the stack the header for a given layer is “removed” yielding the “data” which is passed back up the stack. Of course the next layer in the stack is interpreting that “data” as a “header” followed by “data”. Machine 1 Machine 2
  • 28. Transmitted over Network Application Transport Internet Network Access Application Transport Internet Network Access Encryption at Various Protocol Layers Encryption can be implemented at various protocol layers in the
  • 29. OSI stack. Typical encryption models are “end to end” encryption and “link level” encryption. It is worthwhile to differentiate the implications of encrypting at the various levels. Following is a diagram credited to: Encryption in relation to the protocol layers (Source: based on King and Newson, 1999, p. 104). This diagram provides a clear picture of where encryption occurs in the protocol stack. Data Data Data Data Header Header Header Header Header Header Application Layer Transport Layer
  • 30. Network Access Layer Internet Layer Send Receive End-to-End Encryption End-to-end encryption is also known as application layer encryption. Encryption is implemented at the highest layer of the OSI stack. A protocol example of end-to-end encryption is the sending and receiving of encrypted email using services such as PGP or S/MIME. Other examples of end-to-end encryptions are applications such as: SHTTP (secure hypertext transfer) or SET (Secure Electronic Transactions). You could think of this as encryption occurring between processes. With application layer encryption the routing information is not encrypted. Since the encryption occurs at the highest protocol layer as the data is passed down the stack to lower layers routing information is
  • 31. prepended to support routing between intermediate hosts. The routing information is not encrypted and therefore exposed to an attacker. Therefore, while the data is encrypted, the traffic pattern is not encrypted and could be captured and analyzed by an eavesdropper. With end-to-end encryption keys must be exchanged by each pair of application users. This is in contrast to link layer encryption where encryption keys are exchanged between hosts. The number of encryption keys for distribution and management is an area of concern. Transport/Network Encryption With IPsec encryption occurs at the Network and IP layers of the stack. With IPsec security associations can be set up between hosts and devices with IP addresses and port numbers. This permits a more granular policy than link layer encryption. While the end- points in Transport/Network encryption are not as wide as
  • 32. Application encryption it is considered in the above diagram as end-to-end encryption. Link Layer Encryption Link layer encryption occurs at both ends (incoming and outgoing) of each communications link such as a frame relay switch or a router. This provides a high level of security but it does require a lot of encryption devices. Since the message is decrypted each time it enters an encryption device there is a window the data is exposed to eavesdroppers before the data is re-encrypted for the next hop. When sending data across the internet the user has no control over the security implemented at various hosts (hops) along the route. For intranets or extranets link layer encryption may be adequate since the infra-structure is under the management and control of the organization but when information is sent outside an organization link layer encryption may not be adequate.
  • 33. Often, both end-to-end and link layer encryption are combined for additional protection. With end-to-end encryption the user data is encrypted with encryption keys known only to the sender and receiver at the application layers. Each data frame is then encrypted with encryption keys shared by adjacent devices or hosts for sending to the next device/host. By implementing both techniques the application message is never in plaintext until it reaches its destination. Using both encryption techniques does provide a small window of opportunity for an eavesdropper when the frame header is in decrypted within the frame switch or router. Telecommunications, Network and Internet Security
  • 34. Week7 Part1-IS RevisionSu2013 Telecommunications, Network and Internet Security The topics in this lesson cover several areas in the domain of information security. Much of material in this lesson is a framework for Information Security, however presenting it at this point has afforded us the opportunity to build up a base of knowledge covering various topics from a more pragmatic perspective. This lesson will provide some architectural framework around the concepts we have discussed so far and also provide essential concepts for further learning of Information Security concepts. Open Systems Interconnection (OSI) Reference Model Data communications and network technology is very complex. They consist of numerous functions and protocols that describe the actions and interactions that go on in
  • 35. a network. The OSI reference model provides a model that neatly divides the network into layers. The OSI reference model provides a universally accepted model for discussing communication functions. By dividing the functions into layers the complexity of the entire communications/network model is “simplified” (relatively speaking). Each layer consists of the functions and protocols implemented at that layer. Any given layer implements numerous functions and protocols. Definition: Protocol: An agreed upon set of rules for communicating. The layers functionally build on one another. That is, an upper layer relies on the services and protocols of a lower layer. The stacked layers are commonly referred to as the protocol stack (general term) or IP stack (example of a specific stack). There are seven
  • 36. layers in the OSI reference model. The layers are defined in descending order from highest to lowest. Number Name Description 7 Application Various application programs 6 Presentation Services to present data to applications 5 Session Manages sessions between applications. Establishing connections and terminating sessions. 4 Transport Provides end to end delivery of data 3 Network Manages data addressing and delivery between networks 2 Data Link Provides reliable data communication across physical link 1 Physical Defines physical characteristics of network media When two machines communicate with one another the
  • 37. respective layers on each machine communicate with one another. That is, the same layer on each machine understands the protocols for that layer. For example, application data layers on one machine can understand application data layers on another machine since they use the same protocols. The following is a logical view of how each machine understands the protocols from the respective layer on the other machine. Standards Committees The OSI reference model is a reference model. In other words it is used as a reference to simplify the understanding of what occurs in a network and communications model. Of equal importance to the functions that occur at each layer in the protocol stack is how each layer in the protocol stack interfaces to the layer above and below it. There was a time when manufacturers developed their own proprietary interfaces. Allowing a competitor to easily interface to their hardware or
  • 38. software was not a priority. 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical Machine 1 Machine 2
  • 39. Logical View of Communication between Protocol Layers In fact, the more difficult it was for a competitor the better since it meant the customer would look to a single supplier for a complete solution. This is no longer acceptable practice. Customers want systems that adhere to standard interfaces. They want to be able to choose between various manufacturers and mix and match components that are tailored to their requirements. Proprietary interfaces are still developed by manufacturers so that their specialized hardware and software can be optimized to their environment. However standard interfaces must also be provided, and not as an afterthought. They must be an integral part of the implementation which is fully documented, tested and supported. It should be noted that when a new technology is brought to the market that first implementation has a significant advantage in establishing the
  • 40. standards. Subsequent implementations by various companies will undoubtedly influence the standards, but the first to the market with a good idea usually has a distinct advantage since they gain market share (and influence) and they often represent the leading authority on the technology. Discussion: There was a time when many operating systems were completely proprietary. To use a third party device required opening up source code to understand how a device driver could be written for a “non- standard device”. I recall working on problems in the 1960s and 1970s developing on-line interfaces to various photo composition machines (fore runners of today’s laser and inkjet printers). The interfaces for writing a device driver in the operating system code were not cleanly delineated and over time customers demanded that operating systems open their source code so third party manufacturers
  • 41. could implement to various operating system interfaces so devices would work “out of the box” with minimal problems. By having well defined interfaces between the layers different manufacturers can implement hardware and software that work together. The well defined protocols are published in standards. Standards committees are comprised of representatives from various companies throughout the communications, network and computing industry worldwide. The protocols are developed and standards documents are published that document the protocols. As the protocols are used problems are found which result in the protocols being modified in stepwise refinement. As changes are made revised standards are issued for review. When approval is reached a new version of the standard is issued. The world of network and communications technology has a huge number of standards
  • 42. and protocols. The standards committees are made up from experts in the various technologies from industry, government and academia. The representatives are from throughout the world since communications standards must span international borders. If you are thinking of developing anything you need to first check the body of standards to see what is already available. Some of the standards organizations are: P (Federal Information Processing Standard) from the NIST (National Institute of Standards and Technology). Standardization Sector (ITU-T)
  • 43. TCP/IP The OSI reference model is an idealized model that neatly breaks down communications and networks technology into functional layers with sharp well defined interfaces between each layer. The model provides useful abstractions to help to organize your thinking without being “burdened” by the details of an actual implementation. When design moves to implementation the details need to be considered. There are several implementations of networks that used the OSI reference as a model. Digital Equipment Corporations DECnet and Novell Networks are two implementations that made use of OSI reference model. The dominant networking protocols used today is TCP/IP (Transmission Control Protocol – Internet Protocol). There is not a consensus on how the TCP/IP protocol stack maps to the OSI reference
  • 44. model. Following are two different mapping between the OSI reference model layers and the layers in the TCP/IP implementation: Example 1: OSI Reference Model Layer OSI Layer Equivalent TCP/IP layer 7, 6 , 5 Application, Presentation, Session, Application 4 Transport Transport 3 Network Network 2 Data Link Data Link 1 Physical Physical
  • 45. Example 2: OSI Reference Model Layer OSI Layer Equivalent TCP/IP layer 7, 6 , 5 Application, Presentation, Session Application 4 Transport Host to Host Transport 3 Network Internet 2, 1 Data Link, Physical Network Access Layer