1 / 8

Lecture I : Internet Security Landscape

Lecture I : Internet Security Landscape. Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005. The Problem. Internet (Packet Switching) is inherently insecure Highly Asymmetric Defense Offenders can use little amount of resources

jshelley
Download Presentation

Lecture I : Internet Security Landscape

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture I : Internet Security Landscape Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005

  2. Internet Security - Introduction The Problem • Internet (Packet Switching) is inherently insecure • Highly Asymmetric Defense • Offenders can use little amount of resources • Defenders must consume large amount of resources • Situation is getting worse, and will not get better • More “Bad Guys”: • Armature Hackers “Ankle Bitters” • Professional Criminals • Corporate Espionage • International Cyber-warfare • More Powerful Attacks : • Public Domain Attack Tools • Automated Attacks • Concealed Tracks • Consequences is becoming more devastating

  3. Internet Security - Introduction Attack Sophistication vs. Intruder Knowledge

  4. Internet Security - Introduction The Causes • Our world relies increasingly on a Global Information Infrastructure • Why? • Add Values • Reduce Costs • Increase Productivity • Our industry makes more aggressive tradeoffs and thus more devastating mistakes • Easy to Use vs. Safe to Operate  Mismanagement • Time to Market vs. Perfect in Making  Flaws • Performance vs. Costs  Under-investment • Our community becomes both more diverse and more integrated • Many users • One Network

  5. Internet Security - Introduction The Solution Space • Type of Protection • Aspects of Enforcement • Procedures of Realization

  6. Security Services Authentication Data Origin Authentication Peer Entity Authentication Confidentiality Connectionless Confidentiality Connection Confidentiality Selective Field Confidentiality Traffic Flow Confidentiality Integrity Connectionless Integrity Connection Integrity Selective Field Integrity Non-Repudiation Data Origin Data Reception Access Control Security Mechanisms Encipherment Secret Key Ciphers Public Key Ciphers Integrity Checks Non-keyed Checks Keyed Checks Digital Signature Access Control Mechanisms Access Control Lists Capabilities Traffic Padding Notarization Audit Internet Security - Introduction Types of Protection (ISO 7498-2)

  7. Internet Security - Introduction Aspects of Enforcement

  8. Internet Security - Introduction Procedures of Realization

More Related