Erik steingas, carter mode, jennifermorse, and aaronthibault
Lecture overview Encryption: PGP SSL SSH IPSec Authentication: Types of Protocols RADIUS PAP CHAP EAP
Lecture overview Firewalls: Types Packet Filters Stateful Inspections Network Addressing Translation Proxy Server Cloud Computing: Three models Data loss Traffic Hijacking Denial of Service Malicious Insiders Insecure Interfaces and API;s
Key encryption Public Key: Uses a combination of a public and a private key. The private key is for your computer only and the public key is shared between the two devices that are attempting to communicate. Private Key: Uses the same key for encryption and decryption.
PGP: pretty good privacy Provides cryptographic and authentication for data communication. Most commonly used for signing and encrypting texts, emails, files and directories. Uses a serial combination of hashing, data compression and each of these steps uses a supported algorithm. PGP combines symmetric and public key encryption to send confidential messages. To this day, there is no known method that will allow a person to break through this type of encryption.
SSL: Secure Sockets layer Protocol developed by Netscape for transmitting confidential documents over the internet. Uses public and private key encryption. Internet Explorer uses this protocol along with many websites that use it for gathering user information, such as credit card numbers. URLs that start with https instead of http require this protocol. http://www.youtube.com/watch?v=SJJmoDZ3il8
Ssh: secure shell SSH is a secure program which allows you to remotely connect to another device, exchange files, and execute commands. It provides strong authentication and secure communications over insecure channels. PuTTY and OpenSSH are examples of SSH clients.
IPSec: IP security Supports secure exchanges of packets at the IP layer. Transport: Encrypts only the data portion (payload) of the packet. Tunnel: encrypts both the payload and the header of each packet. An IPSec – compliant device must be on the receiving end to decrypt each packet. Sending and receiving devices must both share a common public key.
Authentication Protocols Authentication: Verifying a users credentials to grant access to secured resources Authentication Protocols: Rules that computers follow to accomplish authentication
Authentication Protocols(TYPES) RADIUS PAP CHAP EAP EAPoL
Remote Authentication Dial-In User Service (RADIUS) Used when many simultaneous dial-up connections must be supported Software on remote access server or a dedicated computer (RADIUS SERVER) Highly Scalable
Password Authentication Protocol (PAP) Link with a server must be established through Point-To-Point Protocol (PPP) PAP sends authentication request including its credentials to server Server matches credentials against its user database Simple Unsecure and does not use encryption
Challenge Handshake Authentication Protocol (CHAP) Like PAP, it works in tandem with PPP Encryption Three step process (three-way handshake) Step 1: Server sends Client a challenge Step 2: Client and Server add the User’s password to the challenge and encrypt it Step 3: Server compares the two encrypted strings to see if they match
Extensible Authentication Protocol (EAP) Another PPP extension Used in tandem with other authentication and encryption schemes Server sends multiple requests to client Asks identity and indicates authentication type Info to prove clients identity Flexible
802.1x EAPoL (EAP overLan) Grants access to, and dynamically generates and updates authentication keys for transmissions to, a particular port Commonly used in conjunction with RADIUS Port-based authentication
802.1x Process Diagram
General: Firewalls are a network technology used to control internet traffic based upon set rules. Can be hardware and software but an ideal firewall consists of both. Users can customize the firewall settings. For example blocking certain ports.
Types of firewalls Software Usually used with computers in homes where a firewall service can be purchased to protect your home network from the Internet Hardware Firewalls built into Routers with an Ethernet card and hub
Packet filters Packet Filtering simply inspects the header of each packet transferred from computer to computer . If the packet meets the set upon rules it will pass, if not it will be discarded. Works in the first 3 layers of the OSI model Disadvantage is IP spoofing where an unauthorized user tries to gain access to the network by saying its from a trusted host
Stateful inspections The main job is to check that all packets coming in were from an outbound request. Therefore it can identify packets that weren't requested and can deny it of potential harm Also only packets that match a known active connection are allowed to be processed through Works in Layers 1-4 on the OSI Model
Network addressing translation (NAT) NAT is has the capabilities of changing the source and/or IP address. With the firewall it gives everyone inside the network different addresses that are shown to the public making it difficult to attack. Only works at the TCP/IP level
Proxy server Adding a proxy service with the packet filter can make a very secure network. Also known as application layer gateway Works by determining whether a process should accept any connections. It also inspects packs for content that looks like a threat Proxy servers connect the application layer with the lower layers of the OSI model
Characteristics Service control: Controls the types of inbound and outbound Internet services that can be accessed on the network Direction control: Determines which direction requested services are allowed to flow
Characteristics Behavior control: Controls how services are used Ex: Filtering emails User control Acts as a control access to services allowing only certain access to users that have permission
Cloud Computing Definition: “The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.” http://www.youtube.com/watch?v=ae_DKNwK_ms
Three Models SaaS(Software as a Service) PaaS (Platform as a Service) IaaS(Infrastructure as a Service)
Software as a service Most popular form of cloud computing Easy to use Applications managed by third party but accessed on the client side Pay-per-use cost structure All maintenance and support managed by vendors Example: Gmail
Platform as a Service More complicated Customizable applications Provides the computing infrastructure, hardware and platforms installed on top of the hardware Scalable Users manage: Applications and data Vendors manage: Runtime, Middleware, O/S, Virtualization, Servers, Storage, and Networking
Infrastructure as a Service Computer infrastructure, storage and networking Users pay for the services they want and have more management control Users manage: Applications, Data, Runtime, Middleware, and O/S Vendors manage: Virtualization, Servers, Hard drives, Storage, and Networking
Security Challenges Data Loss Traffic Hijacking Denial of Service Malicious Insiders Insecure Interfaces and API’s
Data loss An increase in sensitive information stored on cloud providers causes an increase in risk for data loss – accidentally and intentionally Encrypting data can provide protection, unless the encryption key is lost Service provider could be destroyed due to a natural disaster Ex: Fire, flood, earthquake Offline backups are often not secure and can lead to data breaches
Traffic hijacking Hackers can gain information regarding services and direct users to fake websites Risk is increased when account services are accessed from remote locations such as laptops Should implement two way authentication methods
Denial of service Companies pay for services based on use or consumed disk space Hackers can cause delays in use, causing expensive processing times Denies access
Malicious insiders Employees (past and present) have access to information and use it in a detrimental way Can cause significant financial damage and loss of productivity Important to have a way to monitor what employees have access to and only give sensitive information to those who need it
Insecure interfaces and api’s Application Program Interface (API) “Set of routines, protocols and tools for building software applications” Interfaces are responsible for cloud provisioning, management, orchestration, and monitoring Interfaces and API’s are involved in encryption and authentication Security issues include: Confidentiality, integrity, availability and accountability