Business Data Communications 4e

advertisement
Topic 10: Network Security
Management
- Chapter 18: Doing Business on the Internet
- Chapter 20: Network Security
Business Data Communications,
4e
Why Networks Need Security
In recent years, organizations have become increasingly
dependent on the data communication networks for
their daily business communications, database
retrieval, distributed data processing, and the
internetworking of LANs.
The losses associated with security failures can be
huge.
More important than direct theft losses are the potential
losses from the disruption of applications systems
that run on computer networks.
Business Data Communications,
4e
2
Loss from Hack Attacks
The cost of cyberattacks to U.S. businesses doubled to
$10 billion in 1999, according to estimates from the
Computer Security Institute (CSI). The research
group today is releasing the results of its survey of
643 large organizations, showing estimated losses of
$266 million in 1999 from cybercrime, which is more
than twice the amount lost in 1998.
- Los Angeles Times (03/22/00) P. C1; Piller, Charles
Business Data Communications,
4e
3
A Hacker’s Story
 Kevin Mitnick - a famous hacker


arrested At 1:30 a.m., February 15, 1995
released on January 21, 2000
 What has he done?



Broke into LA Unified School District’s main computers when
he was in high school.
Accessed North American Air Defense Command computers
He is referred to as “electronic terrorist” for many computer
break-ins he has committed.
 More stories
Business Data Communications,
4e
4
A True Story of Linux Hacking
 How the hacker did?




Got the login for admin account
Delete netlog directory to prevent discovery
Load a DoS software bomb
Attack other computers using the bomb
 How it is discovered?


When it attacks someone caught it
A complaint is sent to Tech
Business Data Communications,
4e
5
A True Story of Linux Hacking
From: roger rick [mailto:h4ker@hotmail.com]
Sent: Sunday, February 04, 2001 2:32 PM
To: J.Stalcup@ttu.edu; webmaster@ba.ttu.edu
Subject: Compromised Box?
I believe on of your systems on your subnet has been compromised and is
now running a eggdrop on IRC EFnet. A eggdrop is a client that is always
connected to the EFnet server and allows a user to get Operator status.
This eggdrop could result in DoS attacks on your server if the user makes
the right people angry.
ÚÄÄÄÄÄ---Ä--ÄÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ -- | H20B0NG ( bong@geek.ba.ttu.edu <mailto:bong@geek.ba.ttu.edu> )
³ ircname : ]real eyes realize real lies[
| channels : #shells
³ server
: irc.stanford.edu
ÀÄÄÄÄÄ---Ä--ÄÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ -- There is the bot and system information. If you are not concerned about
this, sorry for wasting your time. But it could result in downtime in
the long run. Look for a connection to a irc server on port 6667, It might
reveal the persons IP that is using your box to connect.
Thanks.
Business Data Communications,
Roger
4e
6
Security Threats
 Passive attacks


Eavesdropping on, or monitoring, transmissions
Electronic mail, file transfers, and client/server
exchanges are examples of transmissions that can
be monitored
 Active attacks


Modification of transmitted data
Attempts to gain unauthorized access to computer
systems
Business Data Communications,
4e
7
Security Threats - Type 1
Non-technical based threats and can be prevent
and protected using managerial approaches.
Typically, they are from disasters.
Nature disasters: flood, fire, earthquake, etc
Terror attacks
Criminal cases
Accidents by human error
Direct consequences:
 Destroying host computers or large sections of the
network.
 Damaging data storages




Business Data Communications,
4e
8
How to prevent the losses
from type 1 threats?
 Discussion focus: If you were CIO for a
large company what you should do to
prevent the losses from a disaster from
a managerial point of view?
Business Data Communications,
4e
9
Security Threats - Type 2
These are technical attacks. Need both technical and
managerial approaches to prevent and protect the
attacks.
 Destruction: Virus/Worm attacks
 Disruption: DoS (Denial of Service) and DDoS (Distributed
DoS) attack
 Unauthorized access: often viewed as hackers gaining access
to organizational data files and resources.


Most unauthorized access incidents involve employees. Serious
intruders could change files to commit fraud or theft, or destroy
information to injure the organization.
Story: Microsoft network was hacked in Oct. 2000
Business Data Communications,
4e
10
Attacks: Passive vs. Active
 Passive Attacks


Eavesdropping
Monitoring
 Active Attacks




Modification
Hacking
Software bombing
Disrupting
Business Data Communications,
4e
11
Worm vs. Virus
Business Data Communications,
4e
12
Red Alert Worm
 "'Code Red' Unleashed on Web"

Los Angeles Times (08/01/01) P. C3; Piller, Charles
A malicious computer worm is spreading over the Internet, causing
infected computers to search the Web to find more victims. Eventually
the Code Red worm, which only recently began its spread, will cause
its host computers to deluge the White House Web site with a barrage
of data. However, a previous version of the worm was released earlier
last month against the same White House target. That version also
defaced the Web sites hosted on the servers it infected with a
message claiming "Hacked by Chinese," though the Chinese
government has denied the worm originated in that country. Officials
at the White House have since used an address-change technique to
divert the data flow from Code Red computers, and the site will also
remain safe from the current version. Code Red, however, will
continue to spread, reaching its peak within 36 hours of its August 1st
release date, according to Internet Security Systems researcher Chris
Rouland. The worm is programmed to go dormant on August 28th.
Business Data Communications,
4e
13
A True Story of Red Alert
Attack
 When: July 20, 2001
 Where: Dr. Lin’s Office
 What computer: 129.118.49.94, Windows 2000
Advanced Server
 How: Not known yet
 Who discovered the attack: someone using
DShield.org reported and they sent BACS an email
 Symptoms:


When using asp scripts, the page displays: “Hacked by
Chinese”
A malicious program scans ports of other computer
Business Data Communications,
4e
14
Security Attacks
Source
Destination
Normal
Normal Flowflow
Interruption
Interruption
Interception
Interception
Business Data Communications,
4e
Modification
Modification
Masquerade
Fabrication
15
Preventing Unauthorized
Access
Approaches to preventing unauthorized access:







Developing a security policy
Developing user profiles
Strengthen physical security and software security
Securing dial-in service system
Fix security holes
Using firewall
Using encryption
A combination of all techniques is best to
ensure strong security.
Business Data Communications,
4e
16
Securing Network Access
Points
What is a firewall: A router, gateway, or special
purpose computer that examines packets flowing into
and out of a network and restricts access to the
organization’s network.
Why using firewall: With the increasing use of the
Internet, it becomes important to prevent
unauthorized access to your network from intruders
on other networks.
Case Study: Attack to a firewall
Business Data Communications,
4e
17
Securing Network Access
Points
Packet-level firewall:
 Examines the source and destination address of every
network packet that passes through it and only allows
packets that have acceptable source and destination
addresses to pass.
 Vulnerable to IP-level spoofing, accomplished by
changing the source address on incoming packets from
their real address to an address inside the organization’s
network.
 Many firewalls have had their security strengthened
since the first documented case of IP spoofing in
December 1994. Business Data Communications,
4e
18
*Spoof
 "Spoof" was a game invented in 1933 by an English comedian,
Arthur Roberts. Webster's defines the verb to mean (1) to
deceive or hoax, and (2) to make good-natured fun of. On the
Internet, "to spoof" can mean:



To deceive for the purpose of gaining access to someone else's
resources (for example, to fake an Internet address so that one
looks like a certain kind of Internet user)
To simulate a communications protocol by a program that is
interjected into a normal sequence of processes for the purpose of
adding some useful function
To playfully satirize a Web site.
Business Data Communications,
4e
19
Application-level Firewall
Application-level firewall
 Acts as an intermediate host computer or gateway between the
Internet and the rest of the organization’s network.
 In many cases, needs special programming codes to permit the use
of application software unique to the organization.
Difference:
 packet-level firewalling - prohibits only disabled accesses
 application-level firewalling - permits only authorized accesses
Business Data Communications,
4e
20
Proxy Server
Proxy server - the technology for firewalls
 Uses an address table to translate network addresses inside the
organizations into fake addresses for use on the Internet
(network address translation or address mapping). This way
systems outside the organization never see the actual internal
IP addresses.
 Is becoming the application-level firewall of choice.
Many organizations use a combination of packet-level and
application-level firewalls.
Business Data Communications,
4e
21
Network Address Translation
(NAT)
 The process of translating between one set of private
addresses inside a network and a set of public
address outside the network.
 Transparent
 A NAT proxy server uses an address table to translate
the private IP addresses used inside the organization
into proxy IP address used on the Internet. It uses
the source port number in the TCP packet to a
unique number that it uses as an index into its
address table to find the IP address of the actual
sending computer in the internal network.
Business Data Communications,
4e
22
*Proxy Server Software
There are numerous proxy server software products on
the market, priced ranging $300 to $1000 currently.
Examples are:
 Microsoft Proxy Server






[http://www.microsoft.com/proxy/default.asp],
Netscape Proxy Server [http://home.netscape.com/proxy/v3.5/],
Novell BorderManager [http://www.novell.com/bordermanager/]
Squid [http://squid.nlanr.net],
Harvest [http://harvest.transarc.com],
WinGate [http://www.wingate.com],
WinProxy [http://www.ositis.com/dloadfr.htm], etc.
Business Data Communications,
4e
23
*Proxy Server Features
Reverse hosting.
Reverse proxy.
Multi-protocol support.
Virtual private networking ability.
Application-level proxy
Circuit level proxy with SOCKS 4 client support and SOCKS 5 logic
policy support.
 Secure Sockets Layer (SSL) tunneling.
 Authentication.
 Enterprise security management such as LDAP based
user/group/password management for proxy authentication, Simple
Network Management Protocol (SNMP) support, etc.






Business Data Communications,
4e
24
(Demilitarized Zone)
Business Data Communications,
4e
25
DMZ
 Features:




Allows limited accesses to DMZ from the outside
(Using a packet level firewall)
Prevent unauthorized accesses to departmental
networks from the Internet (using a proxy server)
Allows full accesses to DMZ and the Internet from
internal networks
Limits inter-departmental accesses (using the
proxy server for each department)
Business Data Communications,
4e
26
Network Eavesdropping
Another way to gain unauthorized access, where the
intruder inserts a listening device or computer into
the organization’s network to record messages.
Targets:


Network cables,
Network devices such as controllers, hubs, and bridges
Certain types of cable can impair or increase security by
making eavesdropping easier (i.e. wireless) or more
difficult (i.e. fiber optic).
Physical security of the network’s local loop and
interexchange telephone circuits is the responsibility
of the common carrier.
Business Data Communications,
4e
27
Trojan Horse - A Malicious
Sniffer
A tiny program that runs on a workstation (PC
or Macintosh). In its simplest form, it simply
records every key pressed, including your
username and password when logging onto any
computer network.
Trojan Horse may steal the important security
information without awareness.
Business Data Communications,
4e
28
Outline of Encryption
 Symmetric key encryption
 Public-key encryption
 Key management
 Digital signature
 Digital certificate
 Certificate authority
Business Data Communications,
4e
29
Encryption
Encryption: A means of disguising information by the use of
mathematical rules known as algorithms to prevent
unauthorized access.
Five components to the algorithm
 Plaintext: The original readable message or data
 Ciphertext: encrypted message produced as output.



Encryption algorithm: Performs various substitutions and
transformations on the plaintext.
Secret key: Input to the encryption algorithm. Substitutions and
transformations performed depend on this key
Decryption algorithm: Encryption algorithm run in reverse. Uses
ciphertext and the secret key to produce the original plaintext.
Business Data Communications,
4e
30
Using Encryption
Today, the U.S. government considers
encryption to be a weapon, and regulates its
export in the same way it regulates the
export of machine guns or bombs. The
government is also trying to develop a policy
called key escrow (key recovery), requiring
key registration with the government.
Business Data Communications,
4e
31
Encryption Methods
 The essential technology underlying virtually
all automated network and computer security
applications is cryptography
 Two fundamental approaches are in use:


conventional encryption, also known as symmetric
encryption
public-key encryption, also known as asymmetric
encryption
Business Data Communications,
4e
32
Conventional Encryption
Operation
Business Data Communications,
4e
33
Conventional Encryption
Requirements & Weaknesses
 Requirements


A strong encryption algorithm
Secure process for sender & receiver to
obtain secret keys
 Methods of Attack


Cryptanalysis
Brute force
Business Data Communications,
4e
34
Symmetric Key Encryption DES
Data encryption standard (DES):


A commonly used encryption algorithm.
Symmetric (the key used to decrypt a particular bit stream is
the same one used to encrypt it)
Symmetric algorithms can cause problem with key
management; keys must be dispersed and stored
carefully.
A 56-bit version of DES is the most commonly used
encryption technique today.
Business Data Communications,
4e
35
Data Encryption Standard
(DES)
 Adopted in 1977, reaffirmed for 5 years in
1994, by NBS/NIST
 Plaintext is 64 bits (or blocks of 64 bits), key
is 56 bits
 Plaintext goes through 16 iterations, each
producing an intermediate value that is used
in the next iteration.
 DES is now too easy to crack to be a useful
encryption method
Business Data Communications,
4e
36
Triple DEA (TDEA)
 Alternative to DES, uses multiple encryption
with DES and multiple keys
 With three distinct keys, TDEA has an
effective key length of 168 bits, so is
essentially immune to brute force attacks
 Principal drawback of TDEA is that the
algorithm is relatively sluggish in software
Business Data Communications,
4e
37
Public-Key Encryption
 Based on mathematical functions rather than
on simple operations on bit patterns
 Asymmetric, involving the use of two
separate keys
 Misconceptions about public key encryption


it is more secure from cryptanalysis
it is a general-purpose technique that has made
conventional encryption obsolete
Business Data Communications,
4e
38
Public-Key Encryption
Operation
Business Data Communications,
4e
39
Public-Key Signature
Operation
Business Data Communications,
4e
40
Characteristics of Public-Key
 Infeasible to determine the decryption key given
knowledge of the cryptographic algorithm and the
encryption key.
 Either of the two related keys can be used for
encryption, with the other used for decryption.
 Slow, but provides tremendous flexibility to perform a
number of security-related functions
 Most widely used algorithm is RSA, invented by Ron
Rivest, Adi Shamir and Len Adleman at MIT in 1977.
Business Data Communications,
4e
41
Conventional Encryption
Key Distribution
 Both parties must have the secret key
 Key is changed frequently
 Requires either manual delivery of keys,
or a third-party encrypted channel
 Most effective method is a Key
Distribution Center (e.g. Kerberos)
Business Data Communications,
4e
42
Public-Key Encryption
Key Distribution
 Parties create a pair of keys; public key is broadly
distributed, private key is not
 To reduce computational overhead, the following
process is then used:
1. Prepare a message.
2. Encrypt that message using conventional encryption with a
one-time conventional session key.
3. Encrypt the session key using public-key encryption with
recipient’s public key.
4. Attach the encrypted session key to the message and send it.
Business Data Communications,
4e
43
Digital Signature
 An electronic message that can be used by someone
to authenticate the identity of the sender of a
message or of the signer of a document.
 Can also be used to ensure that the original content
of the message or document that has been conveyed
is unchanged.
 Additional benefits:

Easy transportation, not easily repudiated, not imitated by
someone else, and automatically time-stamped.
Business Data Communications,
4e
44
Digital Signature Process
Business Data Communications,
4e
45
Public Key Certificates
1. A public key is generated by the user and submitted
to Agency X for certification.
2. X determines by some procedure, such as a face-toface meeting, that this is authentically the user’s
public key.
3. X appends a timestamp to the public key, generates
the hash code of the result, and encrypts that result
with X’s private key forming the signature.
4. The signature is attached to the public key.
Business Data Communications,
4e
46
Certificate Authority
A certificate authority is a trusted organization that can
vouch for the authenticity of the person or
organization using authentication.
 A person wanting to use a CA registers with the CA and must provide some



proof of identify.
The CA issues a digital certificate that is the requestor's public key encrypted
using the CA's private key as proof of identify.
This certificate is then attached to the user's email or Web transactions in
addition to the authentication information.
The receiver then verifies the certificate by decrypting it with the CA's public key
-- and must also contact the CA to ensure that the user's certificate has not
been revoked by the CA.
 For higher level security certification, the CA requires that a unique “fingerprint”
(key) be issued by the CA for each message sent by the user.
Business Data Communications,
4e
47
*VeriSign, Inc
 Headquartered in Mountain View, California, a
leading provider of Internet trust services
authentication, validation and payment - needed by
Web sites, enterprises, and e-commerce service
providers to conduct trusted and secure electronic
commerce and communications over IP networks.
 To date, VeriSign has issued over 215,000 Web site
digital certificates and over 3.9 million digital
certificates for individuals.
Business Data Communications,
4e
48
*VeriSign
"Group Approves VeriSign's Control Over Web Addresses” Wall
Street Journal (04/03/01) P. B4; Bridis, Ted
In a 12-3 vote, ICANN's board approved its new deal with VeriSign, allowing the
company to retain control of the .com domain without divesting portions of its
business. By Dec. 2002, VeriSign will give up the .org domain, and the .net
domain will be surrendered at a later date, although VeriSign will have a chance
to bid for control of the .net domain. There were a few changes made to the
agreement. The $10,000 fee that registrars pay to VeriSign was dropped and
VeriSign now has to spend $200 million toward the research necessary to create
a directory of all domain names. Further, VeriSign must keep the registrar and
registry portions of its business separate or it will face fines. The U.S. Commerce
Department still has to approve the deal, and four members of Congress have
suggested that the Commerce Department "fully analyze" competitive concerns
stemming from the new deal. These suggestions, which were made by Reps.
(http://www.washingtonpost.com/wp-dyn/articles/A35085-2001Apr3.html)
Business Data Communications,
4e
49
Secure Transactions for EPayment
Secure transactions must have at least the
following characteristics:
Confidentiality: others cannot eavesdrop on an exchange.
Integrity: the messages received are identical to the messages sent.
Authenticity: you are assured of the persons with whom you are making
an exchange.
Non-Repudiation: none of the involved parties can deny that the
exchange took place.
Business Data Communications,
4e
50
Confidentiality
 The protection of transmitted data from
passive attacks: release of message contents,
and traffic analysis.

With respect to the release of message contents,
several levels of protection can be identified. The
broadest service protects all user data transmitted
between two users over a period of time.
Business Data Communications,
4e
51
Authentication
 Authentication service is concerned with assuring
that a communication is authentic.



In the case of a single message, to assure the recipient that the
message is from the source that it claims to be from
In the case of an ongoing interaction, to assure that the two
entities are authentic
To assure that the connection is not interfered with in such a way
that a third party can masquerade as one of the two legitimate
parties for the purpose of unauthorized transmission and reception.
Business Data Communications,
4e
52
Integrity
 The integrity service is applied particularly to
total stream protection.


In connection-oriented service, to assure
messages are received as sent, without
duplication, insertion, modification, recording, or
replays.
In connectionless service, generally provides
protection against message modification.
Business Data Communications,
4e
53
Non-repudiation
 To prevent either sender or receiver from
denying a transmitted message.


The receiver can prove that the message was in
fact sent by the alleged sender.
The sender can prove that the message was in
fact received by the alleged receiver.
Business Data Communications,
4e
54
How to prevent repudiation?
 What is repudiation: Denial of the
message previously sent
 Idea: keep the original message
encrypted using sender’s private key
 How: using digital signature
Business Data Communications,
4e
55
Internet Security Architecture
PGP
S/MIME
SET
HTTP
S-HTTP
FTP
Application
oriented
SMTP
SSL or TLS
Transport
oriented
TCP
IP/IPSec
Business Data Communications,
4e
Network
oriented
56
IPSec
 Why IPSec?



In 1994, IAB (Internet Architecture Board) issued “Security in the
Internet Architecture” (RFC 1636)
In 1996, CERT’s annual report listed 8000 reported security
incidents affecting 4 million hosts, identifying IP spoofing attacks.
IAB proposed security features for IPv6, which are applicable to
IPv4. So came IPSec.
 IP Sec can secure communications across a LAN, WANs, and/or
the Internet
 Examples of use:




Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establishing extranet and intranet connectivity with partners
Enhancing electronic commerce security
Business Data Communications,
4e
57
Benefits of IPSec
 When implemented in a firewall or router, provides




strong security for all traffic crossing the perimeter
IPSec in a firewall is resistant to bypass
Runs below the transport layer (TCP, UDP) and so is
transparent to applications
Can be transparent to end users because it is under
transport layer
Can provide security for individual users if needed,
e.g. a remote access VPN for mobile users
Business Data Communications,
4e
58
IPSec Functions
 IPSec provides three main facilities


authentication-only function referred to as
Authentication Header (AH)
combined authentication/encryption function
called Encapsulating Security Payload (ESP)
 Transport mode: protects upper-layer protocols, and is
for end-end communications; good for small networks
 Tunnel mode: protects entire IP packet, and is used
between two security gateways; more efficient for VPNs

a key exchange function
 Supports DES or other algorithms; HMAC, a
new scheme, is required for authentication.
Business Data Communications,
4e
59
ESP Encryption &
Authentication
Business Data Communications,
4e
60
IPSec Key Management
 Manual


System administrator (SA) manually configures each system
with its own keys and with the keys of other communicating
systems
Practical for small, relatively static environments
 Automated


Enables the on-demand creation of keys for SAs and
facilitates the use of keys in a large distributed system
Most flexible but requires more effort to configure and
requires more software
Business Data Communications,
4e
61
Web Security
 Web Vulnerabilities
Unauthorized alteration of data at the Web site
 Unauthorized access to the underlying operating system at the Web
server
 Eavesdropping on messages passed between a Web server and a
Web browser
 Impersonation
 Securing the Web site itself




install all operating system security patches
install the Web server software with minimal system privileges
use a more secure platform
 Securing the Web application


Secure HyperText Transfer Protocol (S-HTTP)
Secure Sockets Layer (SSL)
Business Data Communications,
4e
62
SSL & TLS
 Protocols that sit between the underlying transport
protocol (TCP) and the application
 Provides security at the “socket” level, just above the
basic TCP/IP service
 Can provide security for a variety of Internet services,
not just the WWW
 Secure Socket Layer (SSL)

Originated by Netscape
 Transport Layer Security (TLS)

TLS has been developed by a working group of the IETF,
and is essentially SSLv3.1
Business Data Communications,
4e
63
SSL Implementation
 Focused on the initialization/handshaking to set up a
secure channel





Client specifies encryption method and provides challenge
text
Server authenticates with public key certificate
Client send master key, encrypted with server key
Server returns a message encrypted with the master key
The message (key) is used to generate the key sending
message from client to the server
 Digital signatures used in initialization are based on
RSA; after initialization, single key encryption
systems like DES can be used
Business Data Communications,
4e
64
Secure Hypertext Transfer
Protocol (S-HTTP)
 The logical extension of HTTP.
 A method that is used to support the encryption and decryption
of specific WWW documents sent over the Internet.
 Uses RSA public-key encryption. A main use is expected to be
for online payments.
 Supported by America Online, CompuServe, IBM, Netscape,
Prodigy, SPRY (at http://www.spry.com, and now owned by
CompuServe), and Spyglass.
 Designed by Allan Schiffman, then at EIT (which is now working
with Terisa Systems).
Business Data Communications,
4e
65
*PGP
 Pretty Good Privacy


A freeware public key encryption package
developed by Philip Zimmermann that is often
used to encrypt e-mail.
User post their public key on web pages, for
example, and anyone wishing to send them an
encrypted message simply cuts and pastes the key
off the web page in to PGP software, which
encrypts and sends the message.
Business Data Communications,
4e
66
Secure Electronic Transactions
 SET is a payment protocol supporting the use
of bank/credit cards for transactions
 Supported by MasterCard, Visa, and many
companies selling goods and services online
 SET is an open industry standard, using RSA
public-key and DES single-key encryption
Business Data Communications,
4e
67
*SET Participants &
Interactions
Business Data Communications,
4e
68
*Agents in SET
 Cardholder, workstation of the person holding
the card
 Merchant, needs merchant CA (MCA)
 CAs


Security services
Certificates
 Financial institution
Business Data Communications,
4e
69
*Electronic Shopping
 Shopping & browsing
 Item and merchant selection
 Ordering and negotiating
 Payment selection
 Payment authorization and transport
 Confirmation and delivery
 Good delivery
 Merchant reimbursement
Business Data Communications,
4e
70
Ideal Components of
Electronic Cash
 Independent of physical location
 Security
 Privacy
 Off-line payment

No need for third-party vendor
 Transferability to other users
 Divisibility

“Making change”
Business Data Communications,
4e
71
E-Cash
 Created by David Chaum in Amsterdam in
1990
 Maintains the anonymity of cash transactions
 Users maintain an account with a
participating financial institution, and also
have a “wallet” on their computer’s hard drive
 Digital coins, or tokens, are stored in the
wallet
Business Data Communications,
4e
72
*Digital Wallet (SET)
 In the physical world, your wallet stores your credit
cards and cash. In the online world, your digital
wallet is installed as a plug-in to your web browser.
Like your real wallet, your digital wallet stores your
credit card number and your shipping information.
Unlike your real wallet, you need to the know the
secret "password" to use what's inside. Your wallet
implements the "encryption" that makes SET secure.
See Digital Wallet Demo
Business Data Communications,
4e
73
*Free Trade Zones (FTZ)
 Area where communication and transactions




occur between trusted parties
Isolated from both the external environment
and the enterprise’s internet network
Supported by firewalls on both ends
Inside the FTZ, all communications can be in
clear mode without any encryption
Necessary because logical boundaries
between BTB and IB are becoming fuzzy.
Business Data Communications,
4e
74
Intrusion Detection System
Internet
Network-based
IDS Sensor
Internal
Subnet
Router
Firewall
Web Server
with host-based IDS
and application-based IDS
NAT
Proxy Server
with network-based IDS
Router
Switch
Internal
Subnet
Router
Switch
Mail Server
with host-based IDS
Network-based
IDS Sensor
DMZ
DNS Server
with host-based IDS
IDS Management
Console
Business Data Communications,
4e
Internal
Subnet
75
Detecting Unauthorized
Access
 Using Intruder Detection System (IDS).
There are three type of IDS:



Network-based
Host-based
Application-based
 Two techniques for IDS:


Misuse detection
Anomaly detection
Business Data Communications,
4e
76
Computer forensics
 The use of computer analysis techniques to
gather evidence for criminal and/or civil trials
 Includes the following steps:




Identify potential evidence.
Preserve evidence by making backup copies and
use those copies for all analysis.
Analyze the evidence.
Prepare a detailed legal report for use in
prosecutions.
Business Data Communications,
4e
77
*Computer Forensics
"Whodunnit?” Economist (03/31/01) Vol. 358, No. 8215, P. 73
Computer forensics--the tools and techniques used to find, keep, and analyze the digital
evidence from cybercrimes--is a field that is becoming more commercially viable by the day.
Computer forensics experts must search through data that is often encrypted or put in
graphics files in order to establish an "audit trail." Such experts are needed to combat the
growing popularity of programs on the Internet that enable a hacker to gain control of a
computer's operating system. With more and more computers attached to large networks,
and with few users taking anything more than minimal security precautions--if even that-hackers relying on these programs could easily have a field day employing ordinary users'
systems to mount sophisticated hacking attacks. However, there are now automated
investigation tools that can counter the hacking programs, such as Coroners Toolkit, which
speeds up and standardizes the digital-forensic examination process. A group of antihacking experts have even set up a network of "honeypots," vulnerable but unimportant
computers designed to lure hackers so that the experts can study their habits and
techniques.
http://www.economist.com/science/displayStory.cfm?Story_ID=550004
Business Data Communications,
4e
78
Entrapment - Honey-Pot
 A server that contains highly interesting fake
information available only through illegal intrusion to
“bait” or "entrap" the intruder and also possibly divert
the hacker's attention from the real network assets.
 The honey pot server has sophisticated tracking
software to monitor access to this information that
allows the organization and law enforcement officials
to trace and document the intruder’s actions. If the
hacker is subsequently found to be in possession of
information from the honey pot, that fact can be
used in prosecution.
Business Data Communications,
4e
79
VPN
A virtual private network (VPN) is an extension of an
enterprise’s private intranet across a public network
such as the Internet, creating a secure private
connection, essentially through a private tunnel. VPN
provides cost-effective data transmission with high
security.
Business Data Communications,
4e
80
*VPN is a cost-effective
solution
According to industry analyst Forrester Research Inc., when
comparing the cost of traditional leased line network versus
today's Internet-based VPN, the cost differences for 1,000
users are eye-popping.
Phone/ISP Charges
User Support
Capital Expenses
T1 Lines
Total
Traditional RAS
VPN Costs
Costs
$1.08M
$0.54M
$0.30M
$0.00M (included in user access costs)
$0.10M
$0.02M
$0.02M
$0.03M
$1.50M
$0.59M
(COSTS PER 1000 USERS)
Business Data Communications,
4e
81
*Monthly costs for leasedline network and Internet
VPN
City
Distance (mi.)
T1 Fees
Internet VPN Fee
SF-Denver
Denver-Chicago
Chicago-NY
1,267
1,023
807
$13,535
$12,315
$11,235
$1,900
$1,900
$1,900
SF-LA
Denver-Salt Lake
Denver-Dallas
NY-DC
NY-Boston
384
537
794
235
194
$ 5,520
$ 6,285
$ 7,570
$ 4,775
$ 4,570
$1,900
$1,900
$1,900
$1,900
$1,900
Business Data Communications,
4e
82
Virtual Private Networks
There are two important disadvantages of
VPNs:


Traffic on the Internet is unpredictable.
There are several competing standards for
Internet-based VPN, so not all vendor’s
equipment and services are compatible.
Business Data Communications,
4e
83
Typical VPN
implementation
Extranet VPNs between a corporation and its
strategic partners, customers, and suppliers.
Business Data Communications,
4e
84
Typical VPN
implementation
Intranet VPNs between internal corporate
departments and branch offices
Business Data Communications,
4e
85
Typical VPN
implementation
Remote Access VPNs between a corporation and
remote or mobile employees
Business Data Communications,
4e
86
* Technologies in VPNs
 Tunneling and Security Protocols




IP Security (IPSec)
Point-to-Point Tunneling Protocol (PPTP)
Layer2 Tunneling Protocol (L2TP)
SOCKS (a layer 3 VPN protocol)
 Cryptography Key Management

ISAKMP/Oakley (Internet Security Association and Key
Management Protocol)
 VPN Hardware



Security policy server
Certificate authority
Security gateway
Business Data Communications,
4e
87
* VPN Solution Providers
IBM - eNetwork
AT&T - WorldNet VPN service
Checkpoint -VPN-1
Microsoft - PPTP by Windows NT 4.0
FreeGate - Virtual Services Management
TradeWave - TradeVPI
MultiVPN - Ascend
VTCP/Secure - InfoExpress
SmartGate - V-ONE
Countless VPN solutions:
3Com, Bay, Lucent, ADI, Aventail, PSINet, RedCreek, Shiva, TimeStep,
VPNet
Business Data Communications,
4e
88
Download