1 / 30

Business Data Communications, Fourth Edition

Business Data Communications, Fourth Edition. Chapter 10: Network Security. Learning Objectives. Describe the security duties of a network administrator List the types of physical security used on a computer network Describe a device that can be used for physical security

btunnell
Download Presentation

Business Data Communications, Fourth Edition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Business Data Communications, Fourth Edition Chapter 10: Network Security

  2. Learning Objectives • Describe the security duties of a network administrator • List the types of physical security used on a computer network • Describe a device that can be used for physical security • List three types of software security • Describe two types of encryption Chapter 10: Network Security 2

  3. Learning Objectives • List three encryption standards • Describe digital signatures and digital certificates • Define the Secure Sockets Layer • List the differences between a virus and a worm • Describe firewalls Chapter 10: Network Security 3

  4. Introduction • Security is extremely important in today’s network environment • Hackers can be a serious problem for both corporate and private computers • Physical and software security are used • Network administrator develops and implements security systems Chapter 10: Network Security 4

  5. Physical Security • Can use a locked room for computers • Remote clients not as easily locked up • Today’s open environment with PCs everywhere presents a problem • Handhelds and laptops connected to corporate networks are of particular concern Chapter 10: Network Security 5

  6. Physical Security • Measures to Control Physical Access to Networks • Fingerprint device • Video camera • Movement detection devices • Medium • Wires are more secure than wireless • Fiber optic most secure of wired systems • Encryption used to encode data • Dial-in access is a problem Chapter 10: Network Security 6

  7. Physical Security • Data/Network Security Equipment • Fingerprint/voiceprint devices to prevent access • Callback unit • Blocks unauthorized network access • Used with dial-up lines • Computer calls user back at predetermined number • Will not work with mobile computer that uses different phone number Chapter 10: Network Security 7

  8. Software Security • IDs and Passwords • Assigned to users, must be protected • Need to use password that is not obvious • Should be changed periodically • Some systems force users to change them • Network software monitors use and reports on attempted unauthorized access • Applications can require IDs as well Chapter 10: Network Security 8

  9. Software Security • Encryption • Scrambling data before transmission • Uses encryption key • Plaintext versus cipher text Chapter 10: Network Security 9

  10. Software Security • Encryption • Symmetric key encryption • One key used by both ends of transmission • Data Encryption Standard (DES) (56 bits) • Triple DES – more secure (112 bits) • Blowfish (32 to 448 bits) • International Data Encryption Algorithm (128 bit) • Clipper Chip Chapter 10: Network Security 10

  11. Chapter 10: Network Security 11

  12. Software Security • Encryption • Public Key Encryption • Two keys are used (public & private keys) • RSA is most common form • Pretty Good Privacy (shareware) • Elliptic Curve Cryptography (ECC) • Uses logarithm to create key Chapter 10: Network Security 12

  13. Digital Signatures • Used for verification of files transmitted over a network • Impossible to counterfeit • Digital Certification • E-Signature – Actual handwritten signature attached to a document • Makes a document legal Chapter 10: Network Security 13

  14. Chapter 10: Network Security 14

  15. Chapter 10: Network Security 15

  16. Digital Signatures • Digital Certification • Digital Certificates – Verifies a persons identity using multiple forms of identification • Combined with digital signature • Wireless networks use encryption, digital signatures and digital certificates to secure data Chapter 10: Network Security 16

  17. Chapter 10: Network Security 17

  18. Secure Sockets Layer (SSL) • Allows security of credit card numbers for e-commerce • URL starts with https:// • Software is on the server and client PC (included with most browsers now) • Many sites also encrypt information before it is sent over the Internet Chapter 10: Network Security 18

  19. Chapter 10: Network Security 19

  20. Security Issues • Forms of Computer Attacks • Virus • Worm • Internet Worm – 1988 • Antivirus software needed, with updates • Denial of Service (DoS) attacks Chapter 10: Network Security 20

  21. Chapter 10: Network Security 21

  22. Security Issues • Firewalls • Software program • Determines if user/software can access a system • Used in corporate networks and home computers • Trojan Horse – hidden program that executes by a trigger Chapter 10: Network Security 22

  23. Chapter 10: Network Security 23

  24. Chapter 10: Network Security 24

  25. Security Issues • Firewalls • Packet-level firewall • Determines if packets should pass to the network • IP Spoofing – intruder appears to be from a valid address on the network • Application-level firewall • Prevents unauthorized access to applications • Proxy Server • Creates artificial addresses so to the outside, it looks like only one server exists on the corporate network, rather than several Chapter 10: Network Security 25

  26. Chapter 10: Network Security 26

  27. Chapter 10: Network Security 27

  28. Summary • Network security is high priority issue • Physical security is one level of defense • Software security is used extensively • Several types of encryption are used • Digital signatures and digital certificates are used to verify a user’s identity Chapter 10: Network Security 28

  29. Summary • Viruses and worms are a threat • Denial of service attacks have become a problem • Firewalls protect a network from outside access Chapter 10: Network Security 29

  30. Chapter 10 Complete

More Related