SlideShare une entreprise Scribd logo

SYSTEM SECURITY - Chapter 1 introduction

Télécharger en tant que PPT, PDF
Afna Crcs
Afna Crcs
Formation
1  sur  39
Chapter 1: Introduction 1
Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 2
A Technology play role and influence in community service 3
Consumer Market First, Let us look at the Evolution of Communications 4 Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market 80-90s: A New World Called Internet • • The start of the Internet for masses using dial-up: Phone line is shared between the PC and the phone – Emergence of the ISP concept with AOL,… New concept: Content available to everybody • • Modem • • First Internet boom: “New economy concept” Phone Line 28 – 56kbps 5 Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market 2000 – 2003: The Beginning of the Always-On Concept • Emergence of the ADSL technology: – Higher bandwidth than dial-up: typically 64k to 384kbps – “Always on” concept; i.e., no busy signal • Device per service – One phone – One PC ADSL 64 – 384 kbps 6 Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market 2003 – 2005: Emergence of Basic Home Networks and Triple Play Services • • xDSL 20+ Mbps Emergence of the new DSL and xPON technologies: – Higher bandwidth than ADSL: typically 20Mbps per home First signs of home networks with the digitalization of the Home: – Digital Camera, Camcorder, Playstation, DVD, iPOD… 7 Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market 2005 – 2015: The Digital Connected Home • Many multi-service devices in the home: – All using IP as a foundation • Virtualization of Content: – Access content anywhere/anytime, whether it is home-based (Personal) or networkbased (Public) • Communications and Entertainment 8 Extracted from : Next Generation Home Networks: Driving a New Society?
Example of Network Infrastructure BTU Residential Gateway (RG) Broadband Termination Unit (BTU) 9
Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 10
We will see now where a security mechanism is mbed on technology. Security use in daily basis. 11
Services DATA VOICE IMAGE 12
Security use in daily basis 1 - biometric 13
Security use in daily basis 2 - Business 14
Security use in daily basis 3 – Voice Communication 15
Security use in daily basis 4 – Integration Operation 16
Security use in daily basis 5 – Operating System 17
Security use in daily basis 6 – WEB 18
Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 19
Let me share with you on OSI layers and Internet layers 20
Seventh layers OSI Model Application Application OSI Model Network process to application Presentation Data Unit Layer Function Application Application Application Network process to application Presentation Host Layers Session Presentation Data Presentation Data representation and encryption Session Interhost communication Segments Transport End-to-end communications and reliability (TCP) Network Packets Network Path determination and logical addressing (IP) Media Data Link Layers Frames Data Link Physical addressing (MAC & LLC) Bits Physical Media, Signal and binary transmission 21
Five Layers TCP/IP Model Application Transport Application DHCP • DNS • FTP • Gopher • HTTP • IMAP4 • IRC • NNTP • XMPP • MIME • POP3 • SIP • SMTP • SNMP • SSH • TELNET • RPC • RTP • RTCP • TLS/SSL • SDP • SOAP • VPN • PPTP • L2TP • GTP • Presentation TCP • UDP • DCCP • SCTP • Internet IP (IPv4 • IPv6) • IGMP • ICMP • RSVP • BGP • RIP • OSPF • ISIS • IPsec • ARP • RARP • Data Link 802.11 • ATM • DTM • Ethernet • FDDI • Frame Relay • GPRS • EVDO • HSPA • HDLC • PPP • Physical Ethernet physical layer • ISDN • Modems • PLC • SONET/SDH • G.709 • Wireless • 22
Five Layers TCP/IP Model Refer to the TCP/IP Presentation Slides 23
Before I explain to you on security layer Let review back the slides that presenting on “security use in daily basis” 24
What is behind of these applications? What is a mechanism that make it secure? 25
Security Layer * Applications Protocol Cryptography Applications: Web, email, any application use security mechanism Protocol: SSL, TLS Algorithm: Symmetric, Asymmetric (i.e.:Cipher, DES, AES) * This approach is totally under my knowledge and experience, is not a standard, just to understand 26 the layer concept.
Security versus OSI & TCP/IP Model OSI TCP/IP Application Application Presentation Application Presentation Security Applications Session Transport Transport Network Internet Data Link Data Link Physical Physical Protocol Cryptography 27
Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 28
Concept Why we want security? Let review back the slides that presenting on “security use in daily basis” 29
Could you explain to me why we need security? 30
Why We Need Security Privacy The protection of data from unauthorized disclosure. Integrity The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion. Authentication The assurance that the communicating entity is the one that it claims to be. Provides protection against denial by one of the entities Nonrepudation involved in a communication of having participated in all or part of the communication. Security Services (X.800) 31
Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 32
Hacking - 1 33
Hacking - 2 DATA CENTER 34
Type of Attacks Passive Active Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are release of message contents and traffic analysis. Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service. 35
Passive Attack Release of Message Contents Read contents of message from Bob to Alice Traffic Analysis Observe pattern of messages from Bob to Alice 36
Active Attack - 1 Masquerade Message from Hacker that appears to be from Bob Replay* Capture message from Bob to Alice; later replay message to Alice * An attack in which a service already authorized and completed is forged by another "duplicate request" in an attempt to repeat authorized commands. 37
Active Attack - 2 Modification of messages Modifies message from Bob to Alice Denial of Service disrupts service provided by server 38
How Do You Want Protect Your Network System Thank You See You Next Week 39

Recommandé

Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Cyber security
Cyber securityCyber security
Cyber security
colebassett
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
dadkhah077
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
OPSWAT
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security Cases
Hakan Yüksel
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
 
Masters in cyber security
Masters in cyber securityMasters in cyber security
Masters in cyber security
VihaanBajaj
 
Cyber security
Cyber securityCyber security
Cyber security
Prem Raval
 

Recommandé

Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Cyber security
Cyber securityCyber security
Cyber security
colebassett
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
dadkhah077
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
OPSWAT
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security Cases
Hakan Yüksel
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
 
Masters in cyber security
Masters in cyber securityMasters in cyber security
Masters in cyber security
VihaanBajaj
 
Cyber security
Cyber securityCyber security
Cyber security
Prem Raval
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Cyber security
Cyber securityCyber security
Cyber security
Sakib Sami
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mostafa Elgamala
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Maryam Hidayatallah CPFA,MIPA,MA,CICA
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Mohammad Shakirul islam
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentation
elihuwalker
 
cyber security
cyber securitycyber security
cyber security
BasineniUdaykumar
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information security
AYESHA JAVED
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber security
Vansh Bathla
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
FellowBuddy.com
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
PranjalShah18
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
Self-employed
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentation
hamzakareem2
 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
Sandip Juthani
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
Jim Kaplan CIA CFE
 
Cyber Threat Simulation
Cyber Threat SimulationCyber Threat Simulation
Cyber Threat Simulation
Tonex
 
Cyber security
Cyber securityCyber security
Cyber security
TaimoorArshad5
 
Network security
Network securityNetwork security
Network security
mena kaheel
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
saag-3.ppt
saag-3.pptsaag-3.ppt
saag-3.ppt
HazemElabed2
 

Contenu connexe

Tendances

IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentation
elihuwalker
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
FellowBuddy.com
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
Jim Kaplan CIA CFE
 
Cyber Threat Simulation
Cyber Threat SimulationCyber Threat Simulation
Cyber Threat Simulation
Tonex
 

Tendances (20)

Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentation
 
cyber security
cyber securitycyber security
cyber security
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information security
 
Cyber attack
Cyber attackCyber attack
Cyber attack
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber security
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
 
Cyber Threat Simulation
Cyber Threat SimulationCyber Threat Simulation
Cyber Threat Simulation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Network security
Network securityNetwork security
Network security
 

Similaire à SYSTEM SECURITY - Chapter 1 introduction

Thesis Statement On Digital Security
Thesis Statement On Digital SecurityThesis Statement On Digital Security
Thesis Statement On Digital Security
Lindsey Jones
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Editor IJCATR
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of Things
Gordon Haff
 

Similaire à SYSTEM SECURITY - Chapter 1 introduction (20)

Cyber security
Cyber securityCyber security
Cyber security
 
saag-3.ppt
saag-3.pptsaag-3.ppt
saag-3.ppt
 
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 Introducation
 
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointNt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
 
It 241 Week 1 Cp Essay
It 241 Week 1 Cp EssayIt 241 Week 1 Cp Essay
It 241 Week 1 Cp Essay
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
 
3G Wireless Access, Abstract
3G Wireless Access, Abstract3G Wireless Access, Abstract
3G Wireless Access, Abstract
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information Transparency
 
Security And Privacy Issues Of Iots
Security And Privacy Issues Of IotsSecurity And Privacy Issues Of Iots
Security And Privacy Issues Of Iots
 
Thesis Statement On Digital Security
Thesis Statement On Digital SecurityThesis Statement On Digital Security
Thesis Statement On Digital Security
 
Lecture 01 {Introduction}.pptx
Lecture 01 {Introduction}.pptxLecture 01 {Introduction}.pptx
Lecture 01 {Introduction}.pptx
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of Things
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
 
seminar presentation
seminar presentationseminar presentation
seminar presentation
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 

Dernier

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Dernier (20)

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 

SYSTEM SECURITY - Chapter 1 introduction

  • 2. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 2
  • 3. A Technology play role and influence in community service 3
  • 4. Consumer Market First, Let us look at the Evolution of Communications 4 Extracted from : Next Generation Home Networks: Driving a New Society?
  • 5. Consumer Market 80-90s: A New World Called Internet • • The start of the Internet for masses using dial-up: Phone line is shared between the PC and the phone – Emergence of the ISP concept with AOL,… New concept: Content available to everybody • • Modem • • First Internet boom: “New economy concept” Phone Line 28 – 56kbps 5 Extracted from : Next Generation Home Networks: Driving a New Society?
  • 6. Consumer Market 2000 – 2003: The Beginning of the Always-On Concept • Emergence of the ADSL technology: – Higher bandwidth than dial-up: typically 64k to 384kbps – “Always on” concept; i.e., no busy signal • Device per service – One phone – One PC ADSL 64 – 384 kbps 6 Extracted from : Next Generation Home Networks: Driving a New Society?
  • 7. Consumer Market 2003 – 2005: Emergence of Basic Home Networks and Triple Play Services • • xDSL 20+ Mbps Emergence of the new DSL and xPON technologies: – Higher bandwidth than ADSL: typically 20Mbps per home First signs of home networks with the digitalization of the Home: – Digital Camera, Camcorder, Playstation, DVD, iPOD… 7 Extracted from : Next Generation Home Networks: Driving a New Society?
  • 8. Consumer Market 2005 – 2015: The Digital Connected Home • Many multi-service devices in the home: – All using IP as a foundation • Virtualization of Content: – Access content anywhere/anytime, whether it is home-based (Personal) or networkbased (Public) • Communications and Entertainment 8 Extracted from : Next Generation Home Networks: Driving a New Society?
  • 9. Example of Network Infrastructure BTU Residential Gateway (RG) Broadband Termination Unit (BTU) 9
  • 10. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 10
  • 11. We will see now where a security mechanism is mbed on technology. Security use in daily basis. 11
  • 13. Security use in daily basis 1 - biometric 13
  • 14. Security use in daily basis 2 - Business 14
  • 15. Security use in daily basis 3 – Voice Communication 15
  • 16. Security use in daily basis 4 – Integration Operation 16
  • 17. Security use in daily basis 5 – Operating System 17
  • 18. Security use in daily basis 6 – WEB 18
  • 19. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 19
  • 20. Let me share with you on OSI layers and Internet layers 20
  • 21. Seventh layers OSI Model Application Application OSI Model Network process to application Presentation Data Unit Layer Function Application Application Application Network process to application Presentation Host Layers Session Presentation Data Presentation Data representation and encryption Session Interhost communication Segments Transport End-to-end communications and reliability (TCP) Network Packets Network Path determination and logical addressing (IP) Media Data Link Layers Frames Data Link Physical addressing (MAC & LLC) Bits Physical Media, Signal and binary transmission 21
  • 22. Five Layers TCP/IP Model Application Transport Application DHCP • DNS • FTP • Gopher • HTTP • IMAP4 • IRC • NNTP • XMPP • MIME • POP3 • SIP • SMTP • SNMP • SSH • TELNET • RPC • RTP • RTCP • TLS/SSL • SDP • SOAP • VPN • PPTP • L2TP • GTP • Presentation TCP • UDP • DCCP • SCTP • Internet IP (IPv4 • IPv6) • IGMP • ICMP • RSVP • BGP • RIP • OSPF • ISIS • IPsec • ARP • RARP • Data Link 802.11 • ATM • DTM • Ethernet • FDDI • Frame Relay • GPRS • EVDO • HSPA • HDLC • PPP • Physical Ethernet physical layer • ISDN • Modems • PLC • SONET/SDH • G.709 • Wireless • 22
  • 23. Five Layers TCP/IP Model Refer to the TCP/IP Presentation Slides 23
  • 24. Before I explain to you on security layer Let review back the slides that presenting on “security use in daily basis” 24
  • 25. What is behind of these applications? What is a mechanism that make it secure? 25
  • 26. Security Layer * Applications Protocol Cryptography Applications: Web, email, any application use security mechanism Protocol: SSL, TLS Algorithm: Symmetric, Asymmetric (i.e.:Cipher, DES, AES) * This approach is totally under my knowledge and experience, is not a standard, just to understand 26 the layer concept.
  • 27. Security versus OSI & TCP/IP Model OSI TCP/IP Application Application Presentation Application Presentation Security Applications Session Transport Transport Network Internet Data Link Data Link Physical Physical Protocol Cryptography 27
  • 28. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 28
  • 29. Concept Why we want security? Let review back the slides that presenting on “security use in daily basis” 29
  • 30. Could you explain to me why we need security? 30
  • 31. Why We Need Security Privacy The protection of data from unauthorized disclosure. Integrity The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion. Authentication The assurance that the communicating entity is the one that it claims to be. Provides protection against denial by one of the entities Nonrepudation involved in a communication of having participated in all or part of the communication. Security Services (X.800) 31
  • 32. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 32
  • 34. Hacking - 2 DATA CENTER 34
  • 35. Type of Attacks Passive Active Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are release of message contents and traffic analysis. Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service. 35
  • 36. Passive Attack Release of Message Contents Read contents of message from Bob to Alice Traffic Analysis Observe pattern of messages from Bob to Alice 36
  • 37. Active Attack - 1 Masquerade Message from Hacker that appears to be from Bob Replay* Capture message from Bob to Alice; later replay message to Alice * An attack in which a service already authorized and completed is forged by another "duplicate request" in an attempt to repeat authorized commands. 37
  • 38. Active Attack - 2 Modification of messages Modifies message from Bob to Alice Denial of Service disrupts service provided by server 38
  • 39. How Do You Want Protect Your Network System Thank You See You Next Week 39

Notes de l'éditeur

  1. Liberation : Kebebasan Membebaskan diri dari terikat kepada ASTRO, RTM. Customer boleh download mana2 pun
  2. AOL – American Online. Founded in 1983. Bought over by Time Warner (media company) in 2001 AOL began as a short-lived venture called Quantum Computer Services (or QCS), founded by William von Meister. Its sole product was an online service called Gameline for the Atari 2600 video game console after von Meister's idea of buying music on demand was rejected by Warner Brothers. (Klein, 2003) Subscribers bought a modem from the company for $49.95 and paid a one-time $15 setup fee. Gameline permitted subscribers to temporarily download games and keep track of high scores, at a cost of approximately $1 per hour.
  3. iPOD – portable media player
  4. Explain about having several gadgets connecting all this services, stress on the security part.