business data communications, fourth edition chapter 10: network security

Business Data Communications, Fourth Edition

Chapter 10: Network Security

Learning Objectives

• Describe the security duties of a network administrator

• List the types of physical security used on a computer network

• Describe a device that can be used for physical security

• List three types of software security• Describe two types of encryption

Chapter 10: Network Security 2

Learning Objectives

• List three encryption standards

• Describe digital signatures and digital certificates

• Define the Secure Sockets Layer

• List the differences between a virus and a worm

• Describe firewalls


Introduction

• Security is extremely important in today’s network environment

• Hackers can be a serious problem for both corporate and private computers

• Physical and software security are used

• Network administrator develops and implements security systems


Physical Security

• Can use a locked room for computers

• Remote clients not as easily locked up

• Today’s open environment with PCs everywhere presents a problem

• Handhelds and laptops connected to corporate networks are of particular concern


Physical Security

• Measures to Control Physical Access to Networks– Fingerprint device– Video camera– Movement detection devices– Medium

• Wires are more secure than wireless• Fiber optic most secure of wired systems

– Encryption used to encode data– Dial-in access is a problem


Physical Security

• Data/Network Security Equipment– Fingerprint/voiceprint devices to prevent

access– Callback unit

• Blocks unauthorized network access• Used with dial-up lines• Computer calls user back at predetermined

number• Will not work with mobile computer that uses

different phone number


Software Security

• IDs and Passwords– Assigned to users, must be protected– Need to use password that is not obvious– Should be changed periodically

• Some systems force users to change them

– Network software monitors use and reports on attempted unauthorized access

– Applications can require IDs as well


Software Security

• Encryption– Scrambling data before transmission– Uses encryption key– Plaintext versus cipher text


Software Security

• Encryption– Symmetric key encryption

• One key used by both ends of transmission• Data Encryption Standard (DES) (56 bits)• Triple DES – more secure (112 bits)• Blowfish (32 to 448 bits)• International Data Encryption Algorithm (128 bit)• Clipper Chip


Software Security

• Encryption– Public Key Encryption

• Two keys are used (public & private keys)• RSA is most common form• Pretty Good Privacy (shareware)

– Elliptic Curve Cryptography (ECC)• Uses logarithm to create key


Digital Signatures

• Used for verification of files transmitted over a network

• Impossible to counterfeit• Digital Certification

– E-Signature – Actual handwritten signature attached to a document

• Makes a document legal


Digital Signatures

• Digital Certification– Digital Certificates – Verifies a persons

identity using multiple forms of identification• Combined with digital signature

– Wireless networks use encryption, digital signatures and digital certificates to secure data


Secure Sockets Layer (SSL)

• Allows security of credit card numbers for e-commerce

• URL starts with https://

• Software is on the server and client PC (included with most browsers now)

• Many sites also encrypt information before it is sent over the Internet


Security Issues

• Forms of Computer Attacks– Virus– Worm

• Internet Worm – 1988

– Antivirus software needed, with updates– Denial of Service (DoS) attacks


Security Issues

• Firewalls– Software program– Determines if user/software can access a

system– Used in corporate networks and home

computers– Trojan Horse – hidden program that executes

by a trigger


Security Issues• Firewalls

– Packet-level firewall• Determines if packets should pass to the network• IP Spoofing – intruder appears to be from a valid

address on the network

– Application-level firewall• Prevents unauthorized access to applications

– Proxy Server• Creates artificial addresses so to the outside, it

looks like only one server exists on the corporate network, rather than several


Summary

• Network security is high priority issue

• Physical security is one level of defense

• Software security is used extensively– Several types of encryption are used

• Digital signatures and digital certificates are used to verify a user’s identity


Summary

• Viruses and worms are a threat

• Denial of service attacks have become a problem

• Firewalls protect a network from outside access


Chapter 10 Complete

business data communications, fourth edition chapter 10: network security

Documents