Information Security: Understanding Security Tools and Services, Lab Reports of Applications of Computer Sciences

An introduction to information security, focusing on security tools and services such as confidentiality, authenticity, access control, integrity, non-repudiation, availability, firewalls, intrusion detection systems, network address translation, proxy servers, demilitarized zones, virtual private networks, honeypots, and secure socket layer. It covers the principles and functions of each security service and tool, as well as existing security systems.

Typology: Lab Reports

2020/2021

Uploaded on 11/17/2022

ronin-says
ronin-says 🇳🇵

2 documents

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Information Security 1
Information Security:
Security Tools
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download Information Security: Understanding Security Tools and Services and more Lab Reports Applications of Computer Sciences in PDF only on Docsity!

Information Security:

Security Tools

Information security is defined

as methods and technologies

for deterrence (scaring away hackers),

protection, detection, response,

recovery and extended functionalities

Introduction

Security Tools

 (^) Introduction  (^) Security Services  (^) Overview of Existing Security Tools

Security Services : Confidentiality

To keep a message secret to those that are not authorized to read it Confidentiality Authenticatio n Access Control Integrity Availability Non-repudiation

Security Services: Access Control

Confidentiality Authentication Access Control Integrity Availability Non-repudiation To be able to tell who can do what with which resource

Security Services: Integrity

Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that a message has not been changed while on Transfer, storage, etc

Security Services: Availability

Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that the services are always available to users.

Security Overview

 (^) Introduction  (^) Security Services  Overview of Existing Security Systems

Overview of Existing Security Systems : Detection - Intrusion Detection Systems Intrusion Detection System (IDS)  Examines the activity on a network Goal is to detect intrusions and take action Two types of IDS: Host-based IDS  Installed on a server or other computers (sometimes all) Monitors traffic to and from that particular computer Network-based IDS  Located behind the firewall and monitors all network traffic

Overview of Existing Security

Systems : Network Address Translation

(NAT)

Network Address Translation (NAT) Systems  Hides the IP address of network devices Located just behind the firewall. NAT device uses an alias IP address in place of the sending machine’s real one “You cannot attack what you can’t see”

Adding a Special Network called Demilitarized Zone (DMZ) Demilitarized Zones (DMZ)  Another network that sits outside the secure network perimeter. Outside users can access the DMZ, but not the secure network Some DMZs use two firewalls. This prevents outside users from even accessing the internal firewall  Provides an additional layer

Overview of Existing Security Systems : Virtual Private Networks (VPN)  (^) Virtual Private Networks (VPNs)  A secure network connection over a public network

  • (^) Allows mobile users to securely access information
  • (^) Sets up a unique connection called a tunnel

Overview of Existing Security Systems : Honeypots Honeypots  Computer located in a DMZ and loaded with files and software that appear to be authentic, but are actually imitations Intentionally configured with security holes Goals: Direct attacker’s attention away from real targets; Examine the techniques used by hackers

Overview of Existing Security Systems : Secure Socket Layer (SSL) SSL is used for securing communication between clients and servers. It provides mainly confidentiality, integrity and authentication WWW Server Client Establish SSL connection - communication protected