Business Data Communications, Fourth Edition Chapter 10: Network Security
advertisement
Business Data Communications, Fourth Edition Chapter 10: Network Security Learning Objectives • Describe the security duties of a network administrator • List the types of physical security used on a computer network • Describe a device that can be used for physical security • List three types of software security • Describe two types of encryption Chapter 10: Network Security 2 Learning Objectives • List three encryption standards • Describe digital signatures and digital certificates • Define the Secure Sockets Layer • List the differences between a virus and a worm • Describe firewalls Chapter 10: Network Security 3 Introduction • Security is extremely important in today’s network environment • Hackers can be a serious problem for both corporate and private computers • Physical and software security are used • Network administrator develops and implements security systems Chapter 10: Network Security 4 Physical Security • Can use a locked room for computers • Remote clients not as easily locked up • Today’s open environment with PCs everywhere presents a problem • Handhelds and laptops connected to corporate networks are of particular concern Chapter 10: Network Security 5 Physical Security • Measures to Control Physical Access to Networks – – – – Fingerprint device Video camera Movement detection devices Medium • Wires are more secure than wireless • Fiber optic most secure of wired systems – Encryption used to encode data – Dial-in access is a problem Chapter 10: Network Security 6 Physical Security • Data/Network Security Equipment – Fingerprint/voiceprint devices to prevent access – Callback unit • Blocks unauthorized network access • Used with dial-up lines • Computer calls user back at predetermined number • Will not work with mobile computer that uses different phone number Chapter 10: Network Security 7 Software Security • IDs and Passwords – Assigned to users, must be protected – Need to use password that is not obvious – Should be changed periodically • Some systems force users to change them – Network software monitors use and reports on attempted unauthorized access – Applications can require IDs as well Chapter 10: Network Security 8 Software Security • Encryption – Scrambling data before transmission – Uses encryption key – Plaintext versus cipher text Chapter 10: Network Security 9 Software Security • Encryption – Symmetric key encryption • • • • • • One key used by both ends of transmission Data Encryption Standard (DES) (56 bits) Triple DES – more secure (112 bits) Blowfish (32 to 448 bits) International Data Encryption Algorithm (128 bit) Clipper Chip Chapter 10: Network Security 10 Chapter 10: Network Security 11 Software Security • Encryption – Public Key Encryption • Two keys are used (public & private keys) • RSA is most common form • Pretty Good Privacy (shareware) – Elliptic Curve Cryptography (ECC) • Uses logarithm to create key Chapter 10: Network Security 12 Digital Signatures • Used for verification of files transmitted over a network • Impossible to counterfeit • Digital Certification – E-Signature – Actual handwritten signature attached to a document • Makes a document legal Chapter 10: Network Security 13 Chapter 10: Network Security 14 Chapter 10: Network Security 15 Digital Signatures • Digital Certification – Digital Certificates – Verifies a persons identity using multiple forms of identification • Combined with digital signature – Wireless networks use encryption, digital signatures and digital certificates to secure data Chapter 10: Network Security 16 Chapter 10: Network Security 17 Secure Sockets Layer (SSL) • Allows security of credit card numbers for e-commerce • URL starts with https:// • Software is on the server and client PC (included with most browsers now) • Many sites also encrypt information before it is sent over the Internet Chapter 10: Network Security 18 Chapter 10: Network Security 19 Security Issues • Forms of Computer Attacks – Virus – Worm • Internet Worm – 1988 – Antivirus software needed, with updates – Denial of Service (DoS) attacks Chapter 10: Network Security 20 Chapter 10: Network Security 21 Security Issues • Firewalls – Software program – Determines if user/software can access a system – Used in corporate networks and home computers – Trojan Horse – hidden program that executes by a trigger Chapter 10: Network Security 22 Chapter 10: Network Security 23 Chapter 10: Network Security 24 Security Issues • Firewalls – Packet-level firewall • Determines if packets should pass to the network • IP Spoofing – intruder appears to be from a valid address on the network – Application-level firewall • Prevents unauthorized access to applications – Proxy Server • Creates artificial addresses so to the outside, it looks like only one server exists on the corporate network, rather than several Chapter 10: Network Security 25 Chapter 10: Network Security 26 Chapter 10: Network Security 27 Summary • Network security is high priority issue • Physical security is one level of defense • Software security is used extensively – Several types of encryption are used • Digital signatures and digital certificates are used to verify a user’s identity Chapter 10: Network Security • Viruses and worms are a threat • Denial of service attacks have become a problem • Firewalls protect a network from outside access 28
