Transcript 2512 - Network Security

Methods of protecting data
Learning Objective:
By the end of this topic you should be able to:
• discuss how the following can be used to protect data:
– encryption,
– authorisation,
– authentication,
– virus checking,
– virus protection,
– physical security
Learning Objective (synoptic)
• explain methods for combating ICT crime and
protecting ICT systems:
–
–
–
–
–
–
–
physical security,
firewalls,
backup,
encryption,
biometric security,
software patches/updates,
‘anti-virus’ & antispyware software,
–
–
–
–
–
–
access rights,
auditing,
education of users,
user IDs,
passwords
methods for ensuring
passwords remain
effective
Network Security
• networked computers are prone to security problems:
– hacking (unauthorised access)
– viruses
– spyware
Encryption
What is Encryption?
• the process of disguising messages or data
– ‘scrambling’ data
– so that only the intended recipient can understand them
– if data accessed unlawfully, it will be meaningless to
unauthorised user
• involves data being ‘arithmetically transformed'
before transmission in a scrambled form.
– uses a random process set up using a special key value
– the data is then decoded at receiver by reversing the
encryption process.
Encryption
Why use Encryption?
• to provide security of data
– especially during transmission through the Internet
– where it is liable to interception.
• so that sensitive data cannot be understood by criminals
– credit card details, emails
• to ensure that data of a sensitive nature can only be
accessed by those for whom data is intended
– to maintain privacy
• to protect important data that might be hacked or stolen
– music CD, movie DVD, digital TV
Authorisation
Authentication
• “the process of determining the identity and
legitimacy of a user or process”
– ensuring that a user is who they say they are
• the process of attempting to verify the digital identity
of the sender of a communication
– e.g. a request to log in
• examples of access control involving authentication:
– withdrawing cash from an ATM.
– controlling a remote computer over the Internet.
– using an Internet banking system.
Authentication
3 main ways for authenticating individuals:
• 'Something you know'
– password, PIN
• 'Something you have'
– mobile phone, credit card or hardware security token.
• 'Something you are'
– fingerprint, a retinal scan, or other biometric.
Authentication
• ensures who sent and who received the data
• ensures the person is who they say they are
– during transmission
• two parties need to know what authentication is being
used in order to access/unscramble the data
Physical Security
•
•
•
•
lock the computer up
entry measure to get into building
disconnect (or remove) floppy/CD/DVD drives
disconnect USB ports (memory sticks/portable HDD)
Levels of Access
• may want to restrict access to data
– so that unauthorised changes are not made
• data is commercially valuable
– could be stolen or damaged/modified
• legal restrictions on the access to personal data
– DPA
 access to data must be controlled
Levels of Access
None
Create
user cannot obtain information nor
change data
user can obtain information but not
change the data
user can create new data records
Write
user allowed to make changes to data
Full
administrator/supervisor level - can
perform all operations
Read only
User IDs & Passwords
Why?
• allow access to user areas
– stop unauthorised access
– protect data
• to make individual users members of groups
– allow access to files based on access rights
– allow access to resources – printers, software
• to be able to monitor use
– audit logs
• to comply with the law
– DPA
User IDs
Effectiveness of user ID maintained by:
• must be unique
– so can be sure who is doing what
• can be suspended when user is away
– on holiday,
• can be linked to resources
– an individual machine
– software applications
– times of use
Passwords
Effectiveness of password maintained by:
1. Network Manager:
–
–
–
–
–
–
force password change frequently
make minimum length password
make unrecognisable words only (not in dictionary)
must contain numbers and letters
cannot reuse passwords
three password attempts and account is locked
2. User:
–
–
–
not writing password down
make it something no one else can guess – not personal
make sure no one is looking when you type it in
Audit Logs
•
•
•
•
consist of data about each stage of any transaction,
logs are maintained automatically by the system
allow the network manager to examine patterns of use
audit logs track:
– who did what,
– at which workstation,
– when it occurred.
• logs can be used to see which member of staff:
– accessed particular files
– other resources
– web pages.
Firewall
• network security device
– stands between a network and the outside world
– can either be hardware and/or software based.
– examines data packets moving into and out of the system.
• configured to permit or deny connections
– using a set of rules
– access is denied if not allowed by the rules
– rules set using the organization's security policy
• configured by the system administrator
– checks data sent by users and applications
– filters websites users are permitted to visit
Why use a Firewall?
• prevents external users from gaining unauthorised
access to a computer system
• limits/filters the data that can be received or sent to
external users
• could block certain types of data
• to protect data from being viewed/altered/deleted
• to comply with the Data Protection Act
• to stop hackers/viruses from entering the system
January 2007
Viruses
• a program which infects computer systems by selfreplicating (copying itself to other systems)
• removable media used in an infected system can then
carry the virus to another machine.
• programs downloaded from the Internet or other WANs
can also spread a virus.
Boot Sector Viruses
• spreads by hiding itself in the boot sector your hard
drive or floppy disk.
• when your computer reads an infected floppy disk, the
virus is copied from the disk to your computer's
memory.
• any new disk, CD or memory stick inserted in the
computer will then become infected
• if this storage medium is used on another computer – it
becomes infected ……
E-mail Virus
• contained in attachments to e-mail messages,
• replicates itself by automatically mailing itself to
people in the victim's e-mail address book.
• spreads very rapidly
Trojan
• a computer program
• program claims to do one thing but instead does
damage when you run it
– delete files, erase hard disk
• opens your computer up to malicious intruders,
allowing them to read your files
• appears to be friendly – but isn’t!
Macro Virus
• many applications now have their own built-in
programming language (macro language)
– Microsoft Office applications use Visual Basic
• infects word processor files, spreadsheets, databases …
• can spread quickly
– if a Word file is sent via email
– file used by many people.
• Microsoft added protection into later versions of Word,
– now receive a warning about infected documents.
Virus Protection
• install anti-virus software on all computers
–
–
–
–
detects viruses
allows removal of infected code from file
deletion of infected files
must regularly update virus data files
• install firewall on network
– hardware or software
• prevent use of removable storage media
– floppy disks, CDs, DVDs
– USB devices - memory stick, removable HDD
Encryption
What is Encryption?
• the process of disguising messages or data
– ‘scrambling’ data
– so that only the intended recipient can understand them
– if data accessed unlawfully, it will be meaningless to
unauthorised user
• involves data being ‘arithmetically transformed'
before transmission in a scrambled form.
– uses a random process set up using a special key value
– the data is then decoded at receiver by reversing the
encryption process.
Encryption
Why use Encryption?
• to provide security of data
– especially during transmission through the Internet
– where it is liable to interception.
• so that sensitive data cannot be understood by criminals
– credit card details, emails
• to ensure that data of a sensitive nature can only be
accessed by those for whom data is intended
– to maintain privacy
• to protect important data that might be hacked or stolen
– music CD, movie DVD, digital TV