Day 1 - Introduction - IT443

advertisement
IT443 – Network Security Administration
Week 1 – Introduction
Instructor: Alfred J Bird, Ph.D., NBCT
abird@cs.umb.edu
http://it443-s14-bird.wikispaces.umb.edu/
Door Key: 643478*
Office – McCormick 3rd floor 607 (617.287.3827)
Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm
1
Basic Information
• Textbook:
– Network Security: Private Communications in a Public World
– by Charlie Kaufman, Radia Perlman and Mike Speciner
– 2nd Edition, Prentice Hall, ISBN 0-13-046019-2
• Location and time of classes
– Section 1
• Web Lab S-3-028
• Monday and Wednesday 4:00pm to 5:15pm
– Section 2
• IT Lab S-3-143
• Tuesday and Thursday 5:30 to 6:45pm
2
Course Outline
•
•
•
•
•
•
•
•
•
Network Basics
Cryptography Basics
Authentication
Public Key Infrastructure
IPsec
SSL/TLS
Firewall / Intrusion Detection
Email Security
Wireless security / Worm (backup)
3
Course Work
• 6~7 Lab Assignments (50%)
– Team of 2 students
– Lab Notebook (Individual)
– Lab report (Individual)
• Written Projects (25%)
• Final Exam (25%)
4
Potential Labs
•
•
•
•
•
•
•
•
•
Understanding network packets
Encryption/decryption
Password cracking
Intrusion detection
System monitoring
Implementing certificate
Implementing VPN
Configuring a firewall
Wireless security / Worm (backup)
5
Policies
• Lab reports
– Partial points will be given for incomplete work
– Late submissions will be accepted for reduced
credit.
• Honor code
• No makeup exam without prior permission
• Accommodations
– Ross Center for Disability Service
• Campus Center Room 211, 617.287.7430
6
Some Network Security Websites
• CERT @ Carnegie Mellon University
– http://www.cert.org/
• Trend Micro Threat Tracker
– http://apac.trendmicro.com/apac/
• CERT @ Dept of Homeland Security
– http://www.us-cert.gov/
• Symantec Threat Explorer
– http://us.norton.com/security_response/threatexplorer/index.jsp
7
Some Postulates about Network Security
• You can never prove something perfect, all you can do
is fail to prove that it has some faults! Keep looking!
• If a lot of smart people have failed to solve the
problem, then it probably won’t be solved (soon!) (p41
in the text)
• Security people need to remember that most people
regard security as a nuisance rather than as needed
protection and left to their own devices they often
carelessly give up the security that someone worked
so hard to provide. (p245 in the text)
8
Introduction to Network Security
• Security threats
– Malware: Virus, worm, spyware
– Spam
– Botnet
– DDoS attacks
– Phishing
– Cross-site scripting (XSS)
– Theft and/or Whistleblowers
–…
9
Introduction to Network Security
• Security breaches in 2011
– Sony's PlayStation Network (77M clients)
– Epsilon (60M clients)
– Fidelity National ($13M loss)
– Sega's online gaming network (1.3M clients)
– Citigroup (210K clients)
– MA Executive Office of Labor and Workforce
Development (210K records)
– SF Subway, Health Net, …
10
Contributing Factors
• Lack of awareness of threats and risks of information
systems
– Security measures are often not considered until an Enterprise
has been penetrated by malicious users
• Wide-open network policies
– Many Internet sites allow wide-open Internet access
• Lack of security in TCP/IP protocol suite
– Most TCP/IP protocols not built with security in mind
• Complexity of security management and administration
• Software vulnerabilities
– Example: buffer overflow vulnerabilities
• Cracker skills keep improving
11
Security Objectives (CIA)
12
Security Objectives (CIA)
• Confidentiality — Prevent/detect/deter
improper disclosure of information
• Integrity — Prevent/detect/deter improper
modification of information
• Availability — Prevent/detect/deter
improper denial of access to services
provided by the system
13
OSI Security Architecture
• ITU-T X.800 “Security Architecture for OSI”
• Defines a systematic way of defining and
providing security requirements
• It provides a useful, if abstract, overview of
concepts we will study
14
Aspects of Security
• 3 aspects of security:
– security attack
• Any action that compromises the security of
information owned by an organization
– security mechanism
• A process that is designed to detect, prevent, or
recover from a security attack
– security service
• Counter security attacks: make use of one or more
security mechanisms to provide the service
15
Threat Model and Attack Model
• Threat model and attack model need to be
clarified before any security mechanism is
developed
• Threat model
– Assumptions about potential attackers
– Describes the attacker’s capabilities
• Attack model
– Assumptions about the attacks
– Describe how attacks are launched
16
Passive Attacks
17
Active Attacks
18
Security Mechanism (X.800)
• Specific security mechanisms:
– encipherment, digital signatures, access
controls, data integrity, authentication
exchange, traffic padding, routing control,
notarization
• Pervasive security mechanisms:
– trusted functionality, security labels, event
detection, security audit trails, security
recovery
19
Security Service
• Enhance security of data processing systems
and information transfers of an organization
• Intended to counter security attacks
• Using one or more security mechanisms
• Often replicates functions normally associated
with physical documents
– For example, have signatures, dates; need protection
from disclosure, tampering, or destruction; be
notarized or witnessed; be recorded or licensed
20
Security Service
• Authentication - assurance that communicating entity is the
one claimed
• Access Control - prevention of the unauthorized use of a
resource
• Data Confidentiality –protection of data from unauthorized
disclosure
• Data Integrity - assurance that data received is as sent by an
authorized entity
• Non-Repudiation - protection against denial by one of the
parties in a communication
• Availability – resource accessible/usable
21
For Next Time
• Prepare a 500 word essay on the topic:
– In your view what is meant by the term “Network
Security”?
– An essay is not a research paper but is a written work
expressing and defending your views!
– What do you think about the topic and why!
• Be prepared to discuss the topic on
Wednesday. We will be having a class
discussion and you (each and every one)
will be expected to participate!
22
Download