computer security n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Computer Security PowerPoint Presentation
Download Presentation
Computer Security

Loading in 2 Seconds...

play fullscreen
1 / 20
sasha-ruiz

Computer Security - PowerPoint PPT Presentation

170 Views
Download Presentation
Computer Security
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Computer Security Email Hacking dibyajit dash@PIET,ORISSA

  2. what exactly HACKING is ? ->Hacking is a process to bypass the security mechanisms of an information system or network. These are two types:- Local hacking: Local hacking is done in local area where we physical access ,like through printer etc. Remote hacking: Remote hacking is done remotely by taking advantages of the vulnerability of the target system. dibyajit dash@PIET,ORISSA

  3. Internet Protocol Stack BitTorrent SMTP HTTP Application Layer RTSP UDP TCP Transport Layer IP Network Layer Ethernet 802.11(b, a, g) / WiFi Link Layer Physical Layer Cables Fiber Optics Radio dibyajit dash@PIET,ORISSA

  4. SMTP ->SMTP used to send email from sender to recipient’s mail server ->Then use POP3, IMAP or HTTP (Web mail) to get messages from server ->As with many application protocols, SMTP commands are human readable recipient sender SMTP SMTP POP3 dibyajit dash@PIET,ORISSA

  5. Electronic Mail Three major components: • user agents • mail servers • simple mail transfer protocol: SMTP User Agent • a.k.a. “mail reader” • composing, editing, reading mail messages • e.g., pine, Outlook, elm, Thunderbird • outgoing, incoming messages stored on server SMTP SMTP SMTP user agent Mail server user agent Mail server user agent user agent Mail server user agent user agent dibyajit dash@PIET,ORISSA

  6. Electronic Mail: mail servers Mail Servers • mailbox contains incoming messages for user • message queue of outgoing (to be sent) mail messages • SMTP protocol between mail servers to send email messages – client: sending mail server – “server”: receiving mail server SMTP SMTP SMTP Mail server Mail server Mail server dibyajit dash@PIET,ORISSA

  7. Sending Server toReceiving Server • three phases of transfer – handshaking (greeting) – transfer of messages – closure • command/response interaction – commands: ASCII text: HELO, MAIL, RCPT, DATA, QUIT, etc. – response: status code and phrase • messages must be in 7-bit ASCII dibyajit dash@PIET,ORISSA

  8. Mail message format RFC 822: standard for text message format: • header lines, e.g., – To: – From: – Subject: • body – the “message”, ASCII characters only blank line header body dibyajit dash@PIET,ORISSA

  9. More mail access protocols • SMTP: delivery/storage to receiver’s server • Mail access protocol: retrieval from server – POP: Post Office Protocol [RFC 1939] • authorization (agent <-->server) and download – IMAP: Internet Mail Access Protocol [RFC 1730] • more features (more complex) • manipulation of stored messages on server – HTTP: Hotmail , Yahoo! Mail, etc. dibyajit dash@PIET,ORISSA

  10. What is Security? Security is the protection of assets. The three main aspects are: • prevention • detection • re-action dibyajit dash@PIET,ORISSA

  11. Some differences between traditional security and information security • Information can be stolen - but you still have it • Confidential information may be copied and sold - but the theft might not be detected • The criminals may be on the other side of the world dibyajit dash@PIET,ORISSA

  12. Computer Security deals with the prevention and detection of unauthorised actions by users of a computer system. dibyajit dash@PIET,ORISSA

  13. There is no single definition of security What features should a computer security system provide? dibyajit dash@PIET,ORISSA

  14. Confidentiality • The prevention of unauthorized disclosure of information. • Confidentiality is keeping information secret or private. • Confidentiality might be important for military, business or personal reasons. dibyajit dash@PIET,ORISSA

  15. Security systems • A security system is not just a computer package. It also requires security conscious personnel who respect the procedures and their role in the system. • Conversely, a good security system should not rely on personnel having security expertise. dibyajit dash@PIET,ORISSA

  16. Risk Analysis • The disadvantages of a security system are that they are time-consuming, costly, and impede management and smooth running of the organization. • Risk analysis is the study of the cost of a particular system against the benefits of the system. dibyajit dash@PIET,ORISSA

  17. Designing a Security System There are a number of design considerations: • Does the system focus on the data, operations or the users of the system? • What level should the security system operate from? Should it be at the level of hardware, operating system or applications package? • Should it be simple or sophisticated? • In a distributed system, should the security be centralised or spread? • How do you secure the levels below the level of the security system? dibyajit dash@PIET,ORISSA

  18. Summary By now you should have some idea about • Why we need computer security (prevention, detection and re-action) • What a computer security system does (confidentiality, integrity, availability, non-repudiation, authentication, access control, accountability) • What computer security exerts do (design, implement and evaluate security systems) dibyajit dash@PIET,ORISSA

  19. Thank You… dibyajit dash@PIET,ORISSA

  20. Dibyajit Dash dibyajit dash@PIET,ORISSA