security management
DESCRIPTION
Security Management. IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong. Note:. Textbook now available in bookstore Essay due next week in tutorials Seminars one and two due next week in tutorials Lecture note powerpoint files can be accessed from - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/1.jpg)
Security Management
IACT 418/918 Autumn 2005
Gene Awyzio
SITACS University of Wollongong
![Page 2: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/2.jpg)
2
Note:
• Textbook now available in bookstore
• Essay due next week in tutorials
• Seminars one and two due next week in tutorials
• Lecture note powerpoint files can be accessed from – http://www.uow.edu.au/~gene/2005/iact418/lectures/
![Page 3: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/3.jpg)
3
Overview Security Management
• Security management is the process of protecting sensitive information
• Sensitive information is any data an organisations wants to secure
• It may include
– Payroll data
– Customer accounts
– Research and development schedules
![Page 4: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/4.jpg)
4
Overview Security Management
• Security management enables network engineers to protect sensitive data by
– Limiting access to hosts and network devices
– Notifying the engineer of actual breaches
![Page 5: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/5.jpg)
5
Overview Security Management
• It consists of
– Identifying the sensitive information to be protected
– Finding the access points
• software services
• Hardware components
• Network media
– Securing the access points
– Maintaining the secure access points
![Page 6: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/6.jpg)
6
Overview Security Management
• Should NOT be confused with
– Application security
– Operating system security
– Physical security
![Page 7: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/7.jpg)
7
Benefits of the Security Management Process• Primary concern of users
– Lack of security for sensitive information located on HOST
• One solution
– Remove network access to host
• Whilst secure this method is not efficient and removes need for data network altogether
• Drawbacks of NOT having security management
– All users have access to ALL information
– What happen if network connects to a public network
– Virus and worm attacks
![Page 8: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/8.jpg)
8
Accomplishing Security Management• Balance required between
– Need to secure sensitive information
– Needs of users to access information to do their job
• Security Management involves the following four steps
– Identify the sensitive information
– Find the access points
– Secure the access points
– Maintain the secure access points
![Page 9: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/9.jpg)
9
Identify the Sensitive Information
• Determine which hosts on the network have sensitive information
– Organisation may have polices on what is considered sensitive
• Information may relate to
– Accounting
– Financial
– Customer
– Market
– Engineering
– Employees
![Page 10: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/10.jpg)
10
Identify the Sensitive Information
• What is defined as sensitive may vary depending on the specific environment
• Most difficult part may be identifying WHERE the information resides
![Page 11: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/11.jpg)
11
Find the Access Points
• Once you know
– What data is considered sensitive
– Where the data is located
• Need to find out how network users access the information
• Access methods and points may be
– Physical
– Software
![Page 12: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/12.jpg)
12
Find the Access Points
• Software that accesses the network can potentially access any data on the network
• Most networks allow for remote login
– If remote login doesn’t
• Identify users uniquely and
• Limit their movements to authorised areas
– This access point needs to be examined
![Page 13: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/13.jpg)
13
Find the Access Points
• File transfer programs
– If users cannot be uniquely identified
• Use needs to be examined or limited
• Restrict access to onsite
• DMZs
• Firewall anonymous FTP
![Page 14: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/14.jpg)
14
Find the Access Points
• Other programs to examine may include
– Remote process execution
– File and directory servers
– Name servers
– Web servers
![Page 15: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/15.jpg)
15
Find the Access Points
• Security management can be accomplished by
– Hiding information from client systems
– Segmenting network into regions
• Apple zones
• DMZ
![Page 16: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/16.jpg)
16
Find the Access Points
• Leaks may come from
– Network analysers
– Network management protocols
– Network management system
• Policies may include
– Hosts with sensitive information may not also allow anonymous FTP
– Personal computer software packages MUST meet security standards before installation
![Page 17: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/17.jpg)
17
Secure the Access Points
• Access points can be secured by
– Using encryption at the data link layer
– Secure traffic flow by using packet filters at the network layer
– On every host use one or more of
• Host authentication
• User authentication
• Key authentication
![Page 18: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/18.jpg)
18
Maintain the Secure Access Points
• Key to maintaining security is the location of actual or potential security breaches
– May be done as part of the security audit
– Hard to keep current with volume of networking software
• May use a program itself to check for known security problems
• May offer a cash prize to first to breach security
– Generally offered by company who designed software/hardware
![Page 19: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/19.jpg)
19
Attaching to a Public Network
• Three types of access from a public data network to an organisations network– No access
• Send and receive email
• Modem used
– Full access
– Limited access• Small subset of hosts authorised to provide public access
service
• These hosts should be separated with firewall from private zone
![Page 20: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/20.jpg)
20
Security Management on a Network Management System• Simple
– Show where security measures have been set up
– Show all security measures applicable to device or host
– Query configuration database
![Page 21: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/21.jpg)
21
Security Management on a Network Management System• More Complex
– Include real time application to monitor access points
– Query number of breaches using network management tool
– Produce reports on breaches
– Automatic notification
• Advanced
– Use data to guide network engineers
– Examine types of security required
– Alerts for repercussions
![Page 22: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/22.jpg)
22
Reporting Security Events
• Audit trails that summarise and report on security
• Example
– Key personnel leaving to go to competition
• Remove physical access to network
• Remove accounts, change passwords etc
• Set up, or confirm, audit trails on device former employee had access to
• Look for files application employee may have altered to gain future access
![Page 23: Security Management](https://reader035.vdocument.in/reader035/viewer/2022062409/56814e5d550346895dbbfa3e/html5/thumbnails/23.jpg)
23
Note:
• Textbook now available in bookstore
• Essay due next week in tutorials
• Seminars one and two due next week in tutorials
• Lecture note powerpoint files can be accessed from – http://www.uow.edu.au/~gene/2005/iact418/lectures/