![Page 1: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/1.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Module 1Module 1Introduction: To Information & Introduction: To Information & SecuritySecurity Modified by :Ahmad Al Ghoul Philadelphia University Faculty Of Administrative & Financial
Sciences Business Networking & System
Management Department Room Number 32406 Email Address: [email protected]
![Page 2: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/2.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Objectives Information cycle, What is the role of computers in the
information cycle? What is System Security? What are we protecting? Ensure security in a network & Enhancing security by Security awareness Causes of system security lapses Security procedures & Security phases Security Goals Types of Threat, Risk, Attack Security Policy Definition and planning
![Page 3: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/3.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Information cycle
Security is required at all phases of the information cycle – 1-gathering, 2-creating, 3-processing, 4-storing,5- transmitting and 6-deleting. Security is only as good as the weakest link in the system
![Page 4: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/4.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
UNESCO ICTLIP Module 1. Lesson 2 15
The Information Processing Cycle
ProcessDataInput
DocumentStored Data
Output
NewDocument
![Page 5: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/5.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
What is the role of computers in the information cycle?
Accept data through input devices Process data using microprocessors Store data for interactive use in the
RAM and for longer periods of storage in the hard disks
Output data through output devices.
![Page 6: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/6.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
What is System Security?
Protection of assets from unauthorized access– protection from unauthorized access both from within
and external Security is a process of reducing risk or the
likelihood of harm– Security is a weak link problem- total security is no
better than the weakest link.– It must, therefore, be evaluated across the entire
enterprise– Security is a series of trade-offs: the greater the level
of security the worse the ease of use.
![Page 7: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/7.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
What are we protecting? We are protecting system resources:
– Business information– Equipment– Systems– Data (information)
Data and Information - the most important resource:– Data is a physical phenomena that represents certain aspects of our
knowing of the world– When we process data we give it meaning and we call it information.– Data and information are:
• Stored• Moved over communication channels
We focus on security of data and information:– At source ( source: server/client)– At destination (destination: server/client)– In the communication channel
The security of computer networks means the security of information on that network.
![Page 8: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/8.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Ensure security in a network by: Access – legal channels of getting
resources Identification – to uniquely distinguish a
user of a resource Authentication – to prove positively that
the user is what he/she claims to be. Authorization – being able to determine
and allow the user only those resources the user has ability to utilize.
![Page 9: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/9.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Enhance security by:
Accountability – ability to associate activities with the actors.
Awareness – create a level of understanding of security issues
Administration – ability to manage the security system.
![Page 10: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/10.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security awareness Security is a continuous process of making
valuable resources secure. First act in securing system resources is
awareness– Process of making people understand the
implications of security in their lives – All people in the enterprise must understand the
importance of security– All people must understand the following:
• Appropriate use of resources – all people must know why security of resources matter.
• Relevancy of security• Individual’s role • Responsibility
![Page 11: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/11.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Causes of system security weakness- Hardware – many security problems originate
from hardware failures and poor designs – Software – lots of security problems originate
from poor software designs and testing – Human/user – humans are very unpredictable
and malicious– * Resources ( data and information)– because the
resources within the computer system themselves may contain loopholes through which, if found, intruders enter the systems.
![Page 12: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/12.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
•Security procedures:
–Good and effective security is a result of a good security policy
–A policy may have one or more of the following procedures:
•For servers and Clients:
–Intrusion Detection Systems (IDS)
–Firewalls
•For the communication channel:
–Encryption
–Authentication
![Page 13: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/13.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security phases:– Inspection – identifying key security functions needed
and the capabilities available to achieve the desired security level
– Protection – proactive risk reduction – mechanism in place to prevent reduction in desired security level
– Detection ( in action)– to take measures to detect whether an asset has been damaged, how, and who has caused the damage.
– Response ( post-action)– to take measures that allow recovery of assets or recovery from damage, and minimize losses.
– Reflection – plans/processes that focus on security improvements.
![Page 14: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/14.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
There are 10 fundamental aspects of security ( system security): – Awareness – make every one understand the critical role security
plays in their well-being– Access – ability to connect to the system resources– Identification – to be able to know the user– Authentication – preventing unauthorized interception of
information during transmission– Authorization – allowing identifiable users access to the resources– Availability – preventing unauthorized withholding of
information and resources– Integrity – preventing unauthorized modification of information– Accuracy – an assurance of the integrity of the resources– Confidentiality – the assets of a computing system are accessible
only by authorized parties.– access to information, the source can be easily found it.
![Page 15: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/15.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security Goals
Confidentiality– the assets of a computing system are accessible
only by authorized parties.
Integrity– assets can be modified only by authorized
parties or only in authorized ways.
Availability– assets are accessible to authorized parties.
![Page 16: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/16.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Fourth Objective
Securing computing resources: prevent/detect/ improper use of computing resources
• Hardware
• Software
• Data
• Network
![Page 17: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/17.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Confidentiality
Only authorized people can see protected data.
Problems 1-who determine who is authorized? 2- what he/ she can see ?
![Page 18: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/18.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Integrity
There are three aspects to integrity 1-Authorized action. 2-Separation and protection of resources. 3-Error detection and correction
![Page 19: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/19.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Availability
Availability applies both to data and to service ( access to computing resources
Availability means: 1- Presence of object or service in usable
form. 2- Capacity to meet service needs. 3- Progress: bounded waiting time.
![Page 20: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/20.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Goals of Availability
1- Timely response. 2- Fault tolerance. The ability of a computer or an
operating system to respond to a catastrophic event or fault
3-Utility or Usability ( can be used as intended)
4- Controlled concurrency: support for simultaneous access, deadlock management, and exclusive access.
![Page 21: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/21.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security GoalsSecurity Goals
Integrity
Confidentiality
Avalaibility
![Page 22: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/22.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Achieving Security
Policy– What to protect?
Mechanism– How to protect?
Assurance– How good is the protection?
![Page 23: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/23.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Threat, Risk, Attack
Threat: potential occurrence that can have an undesired effect on the system
Risk: measure of the possibility of security breaches and severity of the damage
Attack: action of malicious intruder that exploits vulnerabilities of the system to cause a threat to occur
![Page 24: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/24.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Types of Threats Threats
– Interruption: an asset of the system becomes lost, unavailable, or unusable
– Interception: some unauthorized party has gained access to an asset
– Modification: an unauthorized party not only accesses but tampers with an asset
– Fabrication: unauthorized party fabricate counterfeit objects on a computing system
![Page 25: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/25.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Threats to Hardware
– Interruption• denial of service
• destruction, etc.
– Interception• Theft: unauthorized product owned by other vendors
![Page 26: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/26.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Threats to Software– Interruption
• deletion• configuration management is required
– Interception• software theft:this attack include unauthorized copying of software
– Modification• Trojan horse:a program that does one thing while covertly doing
anther• virus: a specific type of trojan horse, that can be used to spread
infection from one computer to anther.• trapdoor: a program that has a secret entry point.• information leaks: in a program, which make information accessible
to unintended people or programs• check the vendor
– use anti-virus software
![Page 27: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/27.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Threats to Data
– Interruption(loss)• availability • include key loss(encryption)
– Interception• confidentiality
– Modification• integrity
– Fabrication• include replay attack
– internet banking
![Page 28: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/28.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Assets vs. Threats
![Page 29: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/29.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security of Data
![Page 30: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/30.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Types of Attacks (1)
Interruption – an asset is destroyed, unavailable or unusable (availability)
Interception – unauthorized party gains access to an asset (confidentiality)
Modification – unauthorized party tampers with asset (integrity)
Fabrication – unauthorized party inserts counterfeit object into the system (authenticity)
![Page 31: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/31.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Types of Attacks (2)
Passive attacks: Eavesdropping Monitoring
Active attacks: Masquerade – one entity pretends to be a different entityReplay – passive capture of information and its retransmissionModification of messages – legitimate message is alteredDenial of service – prevents normal use of resources
![Page 32: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/32.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Intrusion Points Intrusion points are areas that provide an access point to your
company's information. Some of these are obvious, but others are not. For instance, you might realize that you need to install a firewall to protect the internal network and computers from hackers, but if a hacker took a temporary job at your company, the firewall would be of little use. When identifying intrusion points, you must consider internal threats as well as external threats. Some internal and external access points are as follows:
Internal access points Systems that are not in a secured room Systems that do not have any local security configured External access points Network components that connect your company to the Internet Applications that are used to communicate across the Internet Communications protocols
![Page 33: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/33.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security Policy
Organizational Policy
Computerized Information SystemPolicy
![Page 34: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/34.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Planning a security policy
The first, and most important, principle in security of any kind is to have a well-defined security policy. To develop a policy, you need to answer these two questions:
1. What constitutes a well-defined security policy?
2. How can I make a security policy without understanding the threats against me?
![Page 35: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/35.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
Security policy Basics
Consistent with other corporate policies Accepted by the network support staff as
well as the appropriate levels of management
Suitable for using with the existing network equipment and procedures
Compliant with local, state, and federal laws
![Page 36: Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security Modified by :Ahmad Al Ghoul Philadelphia](https://reader038.vdocuments.mx/reader038/viewer/2022110207/56649d755503460f94a5694f/html5/thumbnails/36.jpg)
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011
What is a good Security policy?
A well-defined security policy outlines your requirements and limits your exposure to risk. There are three criteria for creating and evaluating a policy for information security.
1. Confidentiality: Your information must be kept private. Unauthorized access must be prevented.
2. Integrity: Your information must be protected from tampering. It cannot be modified from its original form without your authorization.
3. Availability: Your information must be available to authorized users when they need it.