Internet Security

Networking

What you need to know…

• Firewalls– Packet filtering– Proxy server

• Encryption– Public/private key encryption

• Digital signatures and certificates– how they are obtained and used.

• Virus detection– Discuss worms, spam, phishing, pharming as well as viruses,

also vulnerabilities that these exploit and how to address them through improved code quality, monitoring, protection.

• Computer security procedures– Authentication, Authorisation, Accounting

Firewalls

Firewalls

• A firewall is a device or program that monitors and controls data traffic between the internet and a private network (such as your network at home). Every firewall can be customised and assigned rules which determine which data packets are allowed through from the internet and which are not.

• Firewalls can also be used to block data from certain IP addresses, domain names or port numbers. Many firewalls also have the capability of being able to search individual packets for specific matches of text.

Firewalls

• Packet filtering– When using the packet filtering method, the firewall

analyses the packets that are sent from the internet against a set of filters (firewall rules) which determine whether or not the packet is allowed to go through.

• Proxy server– Proxy servers prevent the user of a private network

coming into direct contact with the computer that hosts a web page on the internet. This works by the proxy requesting the data from the internet and then passing it on to the private network user

Encryption

• Encryption is used to hide sensitive messages from illegitimate recipients by using encryption algorithms and an encryption key to convert plain text to cipher text, illegible to those without the encryption and decryption key

• Private/Public key encryption is when both parties have a pair of keys, one private and one public. The Public Key is kept in the open freely usable by anyone as is the encryption algorithm, however the Private Key is kept hidden

Digital Signatures

• These are a way for the sender to prove to the receiver that the message did in fact originate from them

Digital Signatures

1. Message is hashed to get a message digest.

2. The message digest is encrypted with A's private key, this then becomes the signature.

3. The signature is appended to the message.

4. The message is encrypted using B's public key.

5. The encrypted message is sent to B.

6. B decrypts the message with B's private key.

7. B decrypts the signature with A's public key to get the original message digest.

8. The decrypted message is hashed again, reproducing the message digest.

9. The message has not been tampered with if the decrypted message digest is the same as the reproduced digest.

Digital Certificate

• A Digital Certificate is a way of proving that the public key of the sender is authentic. Digital Certificates are only issued by the Certification Authorities (CAs).

• The certificates are encrypted into the message via the CA's private key, and can only be decrypted with the CA's public key.

Task 1

• You have 15 minutes to summarise the points we have just gone through.

• Success Criteria– Definition of the terms firewall, packet filtering and

proxy server.– Explanation of what encryption is including details

on public/private keys– Explanation of digital signatures and digital

certificates including details about the process involved.

Viruses

• What is meant by these terms?– Worms, – Spam, – Phishing, – Pharming,– Viruses

• Add an explanation of each to your notes, including details on how these can be avoided.

Computer security procedures

• Authentication,• This refers to the process where an entity's identity is authenticated,

typically by providing evidence that it holds a specific digital identity such as an identifier and the corresponding credentials

• Passwords, digital certificates, digital signatures

• Authorisation,• This function determines whether a particular entity is authorized to

perform a given activity• time-of-day restrictions, physical location restrictions, or restrictions

against multiple access by the same entity or user

• Accounting• This refers to the tracking of network resource consumption by

users for the purpose of capacity and trend analysis, cost allocation or billing