Network and Security Fundamentals with Haider al-Mahmood
Explore the essentials of network definitions, OSI model, computer security, confidentiality, integrity, and availability through the teachings of Lecturer Haider al-Mahmood. Gain knowledge on network structures, security triad, and the challenges of computer security to enhance your understanding of information systems protection.
Uploaded on | 0 Views
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Introduction to Network and Security Lecturer Haider al-Mahmood haideritsec@hotmail.com Room 08
Learning outcome Definitions for network Review for OSI Network model Security triad The Challenges of Computer Security
Network Definitions Network explained as an arrangement of intersecting horizontal and vertical lines. "a spider constructs a complex network of several different kinds of threads"
Network Definitions Data network is a digital telecommunications network which allows nodes to share resources A computer network is a set of connected computers. Computers on a network are callednodes.
Computer Security The NIST Computer Security Handbook [NIST95] defines the term computer security as follows: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). https://www.nist.gov/
Confidentiality Integrity Availability
Confidentiality A- Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals or Entities . B- Privacy: Assures that individuals control what information related to them. It may be collected and stored by others and may be disclosed.
Confidentiality What is the difference between Privacy and Confidentiality?
The characteristics for Confidentiality Preserving authorized restrictions on information access and disclosure A loss of confidentiality is the unauthorized disclosure of information.
Integrity: This term covers two related concepts: A.Data integrity: Assures that information and programs are changed only in a specified and authorized manner. A.System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or in advertent unauthorized manipulation of the system.
The characteristics of Integrity Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information. Give examples
Availability Assures that systems work promptly and service is not denied to authorized users.
The Characteristics of Availability Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system.
Other Terms in Information Security Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a message transmission or message originator. This means verifying that users are who they say they are, and each input arriving at the system came from a trusted source.
Other Terms in Information Security Accountability: System(s) must be able to link a security breach to a responsible party Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes.
The Challenges of Computer Security Security is not as simple as it might first appear to the novice. the mechanisms used to meet security requirements can be quite complex. Security requirement represented by (Confidentiality, Integrity, Availability)
The Challenges of Computer Security In developing a particular security mechanism or algorithm, one must always consider potential attacks on those security features. Think as attacker Consult others
The Challenges of Computer Security Because of previous point, the procedures used for providing particular services are often counterintuitive.
The Challenges of Computer Security Having designed various security mechanisms, it is necessary to decide where to use them.
The Challenges of Computer Security Computer and network security is essentially a battle of wits between a perpetrator who tries to find holes and the designer or administrator who tries to close them Q: who has the great chance to beat the other, Why? Chain weaknesses
The Challenges of Computer Security Security requires regular monitoring Is it possible in today s short-term, overloaded environment? Why?
The Challenges of Computer Security Security is still left behind first time design
The Challenges of Computer Security Users and security administrators view strong security as an impediment to efficient and user- friendly operation of an information system Ex: Anti virus Strong password Firewall
Quick Review Definitions Security triad challenges
