310 likes | 325 Views
Business Data Communications, Fourth Edition. Chapter 10: Network Security. Learning Objectives. Describe the security duties of a network administrator List the types of physical security used on a computer network Describe a device that can be used for physical security
E N D
Business Data Communications, Fourth Edition Chapter 10: Network Security
Learning Objectives • Describe the security duties of a network administrator • List the types of physical security used on a computer network • Describe a device that can be used for physical security • List three types of software security • Describe two types of encryption Chapter 10: Network Security 2
Learning Objectives • List three encryption standards • Describe digital signatures and digital certificates • Define the Secure Sockets Layer • List the differences between a virus and a worm • Describe firewalls Chapter 10: Network Security 3
Introduction • Security is extremely important in today’s network environment • Hackers can be a serious problem for both corporate and private computers • Physical and software security are used • Network administrator develops and implements security systems Chapter 10: Network Security 4
Physical Security • Can use a locked room for computers • Remote clients not as easily locked up • Today’s open environment with PCs everywhere presents a problem • Handhelds and laptops connected to corporate networks are of particular concern Chapter 10: Network Security 5
Physical Security • Measures to Control Physical Access to Networks • Fingerprint device • Video camera • Movement detection devices • Medium • Wires are more secure than wireless • Fiber optic most secure of wired systems • Encryption used to encode data • Dial-in access is a problem Chapter 10: Network Security 6
Physical Security • Data/Network Security Equipment • Fingerprint/voiceprint devices to prevent access • Callback unit • Blocks unauthorized network access • Used with dial-up lines • Computer calls user back at predetermined number • Will not work with mobile computer that uses different phone number Chapter 10: Network Security 7
Software Security • IDs and Passwords • Assigned to users, must be protected • Need to use password that is not obvious • Should be changed periodically • Some systems force users to change them • Network software monitors use and reports on attempted unauthorized access • Applications can require IDs as well Chapter 10: Network Security 8
Software Security • Encryption • Scrambling data before transmission • Uses encryption key • Plaintext versus cipher text Chapter 10: Network Security 9
Software Security • Encryption • Symmetric key encryption • One key used by both ends of transmission • Data Encryption Standard (DES) (56 bits) • Triple DES – more secure (112 bits) • Blowfish (32 to 448 bits) • International Data Encryption Algorithm (128 bit) • Clipper Chip Chapter 10: Network Security 10
Software Security • Encryption • Public Key Encryption • Two keys are used (public & private keys) • RSA is most common form • Pretty Good Privacy (shareware) • Elliptic Curve Cryptography (ECC) • Uses logarithm to create key Chapter 10: Network Security 12
Digital Signatures • Used for verification of files transmitted over a network • Impossible to counterfeit • Digital Certification • E-Signature – Actual handwritten signature attached to a document • Makes a document legal Chapter 10: Network Security 13
Digital Signatures • Digital Certification • Digital Certificates – Verifies a persons identity using multiple forms of identification • Combined with digital signature • Wireless networks use encryption, digital signatures and digital certificates to secure data Chapter 10: Network Security 16
Secure Sockets Layer (SSL) • Allows security of credit card numbers for e-commerce • URL starts with https:// • Software is on the server and client PC (included with most browsers now) • Many sites also encrypt information before it is sent over the Internet Chapter 10: Network Security 18
Security Issues • Forms of Computer Attacks • Virus • Worm • Internet Worm – 1988 • Antivirus software needed, with updates • Denial of Service (DoS) attacks Chapter 10: Network Security 20
Security Issues • Firewalls • Software program • Determines if user/software can access a system • Used in corporate networks and home computers • Trojan Horse – hidden program that executes by a trigger Chapter 10: Network Security 22
Security Issues • Firewalls • Packet-level firewall • Determines if packets should pass to the network • IP Spoofing – intruder appears to be from a valid address on the network • Application-level firewall • Prevents unauthorized access to applications • Proxy Server • Creates artificial addresses so to the outside, it looks like only one server exists on the corporate network, rather than several Chapter 10: Network Security 25
Summary • Network security is high priority issue • Physical security is one level of defense • Software security is used extensively • Several types of encryption are used • Digital signatures and digital certificates are used to verify a user’s identity Chapter 10: Network Security 28
Summary • Viruses and worms are a threat • Denial of service attacks have become a problem • Firewalls protect a network from outside access Chapter 10: Network Security 29