LEARNING OUTCOME

By the end of this chapter, students will be able to:

1) Understand the needs for network security
2) Describe terminologies
3) Describe Open, Restrictive, Closed security models
4) Identify roles of information security organizations
5) Identify Internet services
6) Describe security terms
7) Identify security threats
THE NEED FOR NETWORK SECURITY

Security Goals

Confidentiality Integrity Availability

 TERMINOLOGIES
Asset Identification: involve tagging each physical (router, computers) and intangible
asset (database content).
With a physical label (frequently with a bar code) or a tag with RFID (Radio Frequency
Identification) we can tag physical assets.
Assets loss can be compromised by the competitors to take advantage over a company.
 TERMINOLOGIES

A vulnerability assessment is a search for weaknesses in order to apply a patch or fix to

prevent a compromise.

Ways to counteract those weaknesses include:

Installing vendor patches
Implementing IDS or virus scanning software
 TERMINOLOGIES
Threat identification involve listing a possible threat that can occur in an organization. Example
list of sources of threats could include:
The ex-employee who desires revenge.
The deliberate cyber-spy looking to accumulate competitive information on your
company that he can use to improve his own companys positioning.
The employee who doesnt know that email attachments ending in .exe should not be
opened without the system administrators permission.
 OPEN SECURITY
Open Security Model/Policy:
MODELS
Is the easiest to implement
Few security measures are implemented.
Foundation: simple passwords
This model assumes that users are trusted, protected assets are minimal and threats are also minimal.
 RESTRICTIVE SECURITY MODELS
Restrictive Security Model/Policy:
More difficult to implement
More security measures are implemented.
Foundation: firewalls
This model assumes that protected assets are substantial, some users are not trustworthy and threats are likely to occur.
 CLOSED SECURITY MODELS
Closed Security Models/Policy
Most difficult to implement
All security measures are implemented
Assumes that the protected assets are premium, all users are not trustworthy and threats are frequent.
Companies require high number and better trained network administrator to maintain tight security.
Network administrator also may require greater skills and more time to administer the network.
ROLES OF INFORMATION SECURITY ORGANIZATION
CERT/CC
US-CERT
SANS Institute
ISC2
Common Criteria
FIPS
ICSA
INTERNET SERVICES
Electronic mail and news
Ways for people to exchange information with each other without requiring an
immediate, interactive response.
File transfer
Transmitting files over a computer network or the Internet (the simplest way to
exchange files).
Remote Access to Host
The ability to log onto a network from a distant location (eg; TELNET-port:23)
Real time conferencing services
Designed for interactive use by on-line participants (video conference).
 SECURITY TERMS
Information Theft:
Attacks that allow an attacker to get data without ever having to directly use your
computers.

How: - dumpster diving

- steal your e-mail

Used for: -to access bank account

-to make loans (car, real estate)
 SECURITY TERMS
Unauthorised disclosure :
An organization suspects some of its employees of leaking confidential
information to its competitor.

It is also usually believed that its competitor actually planted spies within the
organization in order to target and steal new product plan.

How: - planting virus, trojan horse

- snooping software
 SECURITY TERMS
Information warfare:
Is the use and management of information in pursuit of a competitive advantage
over an opponent.

Remotely disabling target using software (e.g.; television and radio disinformation)

Disinformation: false or inaccurate information that is spread deliberately.

 SECURITY TERMS
Accidental data loss:
Most common data loss cause, simply accidentally deleting a file that wasn't
supposed to be deleted

Caused by a careless employee or an untrained employee who did not know better
SECURITY THREATS
Categories::
Data disclosure:
Exposure of data to third parties. Key point to consider is whether the disclosure is
relevant and necessary.
Data modification:
A modification attack is an attempt to modify information that an attacker is not
authorized to modify.
Data availability:
Describe products and services that that continues to be available at a required level
of performance in situations ranging from normal through "disastrous."
 SECURITY THREATS
Activities::
Hacking:
Activities to breaks into someone else's computer system to accomplish the hackers goal.

Cracking:
Bypasses passwords or licenses in computer programs.
 SECURITY THREATS
Spoofing:
A method of attacking a computer program, in which the program is modified so as
to appear to be working normally when in reality it has been modified with the
purpose to circumvent security mechanisms.

Sniffing:
A method that a network device uses to identify available wireless networks in the
area.
REFLECTION
TEST YOUR UNDERSTANDING
1- When Maybank2u.com website encounter system down, which network security
goals it violates?

2- User access is difficult and cumbersome. Which security models suits this
statement?

3- Give one example of RFID tags used in our daily life.

 THANK YOU!
Any questions??