Mis jaiswal-chapter-11
Download as PPTX, PDF0 likes526 views
This document discusses information security and provides definitions and concepts related to protecting information systems. It defines information security as measures taken to protect information from unauthorized access, modification, or denial of service. It then outlines key aspects of information security management including security policies, risk analysis, contingency planning and more. Finally, it describes various information security threats like viruses, Trojan horses, and worms as well as methods of protecting information systems through encryption, authentication, firewalls, and other technical controls.
Mis jaiswal-chapter-11
- 2. The protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats The result of any system of administrative policies and procedures for identifying, controlling, and protecting from unauthorized disclosure, information the protection of which is authorized by executive order
- 3. Information Security Management provides: - a systematic approach to achieving effective information security within an organization; - a realistic understanding of information security risks and issues facing organizations; and effective techniques for matching information security requirements with business requirements. - consists of various facets : security policy, risk analysis, risk management, contingency planning, and disaster recovery
- 4. Information Security Threats Software agents and malicious code Virus : A program which gets executed when ever a program is run on computer Trojan Horse : A program which does its supposed job but also includes unsuspected and undesirable functions. e. g. deletion of desirable items Worm : A self replicating program, creates its own copies and executes, works in networks.
- 5. Information Security Threats contd Threats to Servers on Networks Hackers have potential access to large systems with prospects of security holes Hackers use popular UNIX programs to discover account names and guess passwords Hackers can use electronic eavesdropping to trap user and un-encrypted passwords Hackers can spoof or configure a system to mimic some other system
- 6. Security Architecture Business Data and application security Network Security Authentication and Authorization Physical Security Procedural Security External World
- 7. Information Security Architecture Information Security Authentication Message received by B has actually come from A Confidentiality Message is secured and not seen by any snooper Integrity Message has not been distorted by accident or design Non repudiation B can make A legally responsible for the message
- 8. Information Security A B A sends a message to B
- 9. Information Security contd Encryption and Decryption Technology Transfer Rs. 10,000 to the account of X Encrypt bjqhiudiiodo Send Decrypt Receive Transfer Rs. 10,000 to the account of X
- 10. Information Security contd Symmetric Encryption : The sender encrypts a message by using a secret key and the receiver uses the same key for decryption Useful where two parties are well known Difficulties in sharing the keys especially in large networks DATA ENCRYPTION STANDARD ( DES ) • Secret Key, Symmetric Encryption • 56 bit secret key which means 2^56 possibilities (56 Bit DES recently broken in a few hours, 128 bit Okay) • Triple DES uses 112 bit key • Bigger the bit size larger amount it takes for decryption
- 11. Information Security contd Public and Private Key encryption Message Decrypted with B’s private key B A Encrypted with B’s public key Message Both parties have one public key and one private key each The public keys are known to each other, Private key is not. Message is encrypted using B’s public key It can be opened only when B uses its private key CONFIDENTIALITY IS ENSURED RSA ( Rivest Shamir Adleman) algorithm for public key 768 bit RSA considered safe presently
- 12. Information Security contd Public and Private Key encryption Message Encrypted with B’s public key A Decrypted with A’s public key and B’s private key Message B Encrypted with A’s private key Message is encrypted using B’s public key. The packet of the message encrypted with B’s public key is further encrypted by A using A’s private key. It can be opened only when B uses the public key of A and its own private key CONFIDENTIALITY AND AUTHENTICITY IS ENSURED
- 13. Information Security contd Digital signature and public key encryption Message Digital Signature using A’s private key Encryption with A’s private key Encrypted with B’s Public Key Digital Signature A Sum check number called finger print (like Message Authentication Code (MAC) as used in banking industry) which is included in the message to ensure INTEGRITY CONFIDENTIALITY, INTEGRITY AND AUTHENTICITY ENSURED BUT REPUDIATION POSSIBLE
- 14. Information Security contd Digital Certificate Issued by Certifying Authority links the person with his public and private key Standard X.509 VERSION Certificate Serial No. Signature Algorithm ID. ISSUER C.A.PRIVATE KEY VALIDITY Period Subject Subject Public KEY INFO. ISSUER Unique Identifier GENERATE DIGITAL SIGNATURE Subject Unique Identifier Extensions C.A.DIGITAL Signature
- 15. Information Security contd Public Key Infrastructure Set of agreed upon standards, certification authorities, structure between multiple authorities, methods to discover and validate certification paths,operational protocols, management protocols, inter operable tools and supporting legislature PKI Issues : Regulation • Governments are producing legislation to govern e-commerce • Who regulates Certification Authorities • C A Liability • Revocation of certificates
- 16. Internet Security • Internet provides global reach at very low cost and high speed but is not secure due to its inherent weakness in TCP/IP • Growth of the Internet Exponential results in a rise of security incidents • Most ISP and user organisations use public domain software such as LINUX, Apache for Internet that are more prone to security threads • Default network OS setting and access to
- 17. Security Threats to Internet Types of Attack • Password - Based Attack - cracking, FTP, Telnet, etc/password • IP Spoofing - TCP/IP allows anyone to generate a message claiming to be another machine • Session Hijacking - special type of IP Spoofing which an intruder is able to determine the sequence used between two parties • Network Snooping / Packet sniffing Packets can easily be intercepted at any point in the network
- 18. Internet Security Web Network level - Firewall server FTP server External Users Inside Gopher server Inbound traffic from the Internet to the internal network Outbound traffic from the internal network Inbound traffic from the Internet to public services
- 19. Internet Security Technology Operational Technology •One-Time passwords •Network Monitoring Tools •Network Security Analysis Tools •Firewalls Cryptography Policy based Technology •Digital Signature •PKI Policy
- 20. Security Architecture Network Security - Firewall