Post on 20-Dec-2015
Learning Objectives
• Describe the security duties of a network administrator
• List the types of physical security used on a computer network
• Describe a device that can be used for physical security
• List three types of software security• Describe two types of encryption
Chapter 10: Network Security 2
Learning Objectives
• List three encryption standards
• Describe digital signatures and digital certificates
• Define the Secure Sockets Layer
• List the differences between a virus and a worm
• Describe firewalls
Chapter 10: Network Security 3
Introduction
• Security is extremely important in today’s network environment
• Hackers can be a serious problem for both corporate and private computers
• Physical and software security are used
• Network administrator develops and implements security systems
Chapter 10: Network Security 4
Physical Security
• Can use a locked room for computers
• Remote clients not as easily locked up
• Today’s open environment with PCs everywhere presents a problem
• Handhelds and laptops connected to corporate networks are of particular concern
Chapter 10: Network Security 5
Physical Security
• Measures to Control Physical Access to Networks– Fingerprint device– Video camera– Movement detection devices– Medium
• Wires are more secure than wireless• Fiber optic most secure of wired systems
– Encryption used to encode data– Dial-in access is a problem
Chapter 10: Network Security 6
Physical Security
• Data/Network Security Equipment– Fingerprint/voiceprint devices to prevent
access– Callback unit
• Blocks unauthorized network access• Used with dial-up lines• Computer calls user back at predetermined
number• Will not work with mobile computer that uses
different phone number
Chapter 10: Network Security 7
Software Security
• IDs and Passwords– Assigned to users, must be protected– Need to use password that is not obvious– Should be changed periodically
• Some systems force users to change them
– Network software monitors use and reports on attempted unauthorized access
– Applications can require IDs as well
Chapter 10: Network Security 8
Software Security
• Encryption– Scrambling data before transmission– Uses encryption key– Plaintext versus cipher text
Chapter 10: Network Security 9
Software Security
• Encryption– Symmetric key encryption
• One key used by both ends of transmission• Data Encryption Standard (DES) (56 bits)• Triple DES – more secure (112 bits)• Blowfish (32 to 448 bits)• International Data Encryption Algorithm (128 bit)• Clipper Chip
Chapter 10: Network Security 10
Software Security
• Encryption– Public Key Encryption
• Two keys are used (public & private keys)• RSA is most common form• Pretty Good Privacy (shareware)
– Elliptic Curve Cryptography (ECC)• Uses logarithm to create key
Chapter 10: Network Security 12
Digital Signatures
• Used for verification of files transmitted over a network
• Impossible to counterfeit• Digital Certification
– E-Signature – Actual handwritten signature attached to a document
• Makes a document legal
Chapter 10: Network Security 13
Digital Signatures
• Digital Certification– Digital Certificates – Verifies a persons
identity using multiple forms of identification• Combined with digital signature
– Wireless networks use encryption, digital signatures and digital certificates to secure data
Chapter 10: Network Security 16
Secure Sockets Layer (SSL)
• Allows security of credit card numbers for e-commerce
• URL starts with https://
• Software is on the server and client PC (included with most browsers now)
• Many sites also encrypt information before it is sent over the Internet
Chapter 10: Network Security 18
Security Issues
• Forms of Computer Attacks– Virus– Worm
• Internet Worm – 1988
– Antivirus software needed, with updates– Denial of Service (DoS) attacks
Chapter 10: Network Security 20
Security Issues
• Firewalls– Software program– Determines if user/software can access a
system– Used in corporate networks and home
computers– Trojan Horse – hidden program that executes
by a trigger
Chapter 10: Network Security 22
Security Issues• Firewalls
– Packet-level firewall• Determines if packets should pass to the network• IP Spoofing – intruder appears to be from a valid
address on the network
– Application-level firewall• Prevents unauthorized access to applications
– Proxy Server• Creates artificial addresses so to the outside, it
looks like only one server exists on the corporate network, rather than several
Chapter 10: Network Security 25
Summary
• Network security is high priority issue
• Physical security is one level of defense
• Software security is used extensively– Several types of encryption are used
• Digital signatures and digital certificates are used to verify a user’s identity
Chapter 10: Network Security 28
Summary
• Viruses and worms are a threat
• Denial of service attacks have become a problem
• Firewalls protect a network from outside access
Chapter 10: Network Security 29