Page 1. Lecture 1: Introduction to. Introduction to Computer Networks Security. Input file DES DES DES DES. Output file

(1)

S. Muftic / M. Ciobanu Morogan

S. Muftic / M. Ciobanu Morogan Computer Networks Security Computer Networks Security

Lecture 1:

Introduction to

Computer Networks Security

Prof. Sead Muftic

Matei Ciobanu Morogan

1

1 S. Muftic / M. Ciobanu Morogan S. Muftic / M. Ciobanu Morogan Computer Networks Security Computer Networks Security 2 2

Lecture 1 :

Introduction to Computer Networks Security

Subjects / Topics :

1. Overview of the course

2. Approach and relationship with prerequisites

3. Threats to computer networks and applications

4. Network security services and mechanisms

5. A model for inter

–

network security

S. Muftic / M. Ciobanu Morogan Computer Networks Security Computer Networks Security 3 3

Lecture 1 :

Introduction to Computer Networks Security

Subjects / Topics :

1. Overview of the course

2. Approach and relationship with prerequisites

3. Threats to computer networks and applications

4. Network security services and mechanisms

5. A model for inter

–

network security

Approach

1. Based on the textbook

2. Based on Internet standards (RFCs)

3. Mixture of theoretical overview and

practical approach (examples)

4. From basic components towards

an integrated global network security system

5. Some advanced aspects

4 4

DES algorithm in Previous Courses

Input file

8

8 IV

IV

DES algorithm in IV2020

6 6

(2)

Certificate in Previous Courses

7 7

Algorithm ID

Serial number

Validity period (from, to)

CA signature

Issuer (CA)

Subject (User)

Public key

Certificate in IV2020

8 8

Certificate:

30 82 01 F3

30 82 01 9D

-- SEQUENCE

02 01 00

-- Serial Number

30 0D

-- Signature Algorithm

06 09 2A 86 48 86 F7 0D 01 01 02 05

00 30 64 31 32

-- Issuer’s X.500 DN

30 09

06 03 55 04 06

13 02 73 65 30 25

06 03 55 04 0A

...

17 0D

-- Time Validity

39 34 30 36 32 32 32 31

39 35 30 36 32 32 32 31

...

Lecture 1 :

Introduction to Computer Networks Security

Subjects / Topics :

1. Overview of the course

2. Approach and relationship with prerequisites

3. Threats to computer networks and applications

4. Network security services and mechanisms

5. A model for inter

–

network security

Normal flow of messages

User

Server

Client

Network

10 10

Interruption

User

Server

Client

Network

11

11 S. Muftic / M. Ciobanu Morogan S. Muftic / M. Ciobanu Morogan Computer Networks Security Computer Networks Security

Interception

User

Server

Client

Network

12 12

(3)

Modification

User

Server

Client

Network

13

Fabrication

User

Server

Client

Network

14 14

Classification of threats

15

Additional aspects

User

Server

Client

Network

1. Simple client/server model

2. Mainly communication services

3. Static allocation of code

16 16

Multi

–

party transactions

Client

Network

17

Application requirements

Client

Network

18 18

(4)

Mobile agents security

1. Simple client/server model

2. Mainly communication services

3. Static allocation of code

_1.

_{Mobile agents security}

2. Applets security

3. “Small footprint” code

User

Server

Client

19

19 S. Muftic / M. Ciobanu Morogan S. Muftic / M. Ciobanu Morogan Computer Networks Security Computer Networks Security 20 20

Lecture 1 :

Introduction to Computer Networks Security

Subjects / Topics :

1. Overview of the course

2. Approach and relationship with prerequisites

3. Threats to computer networks and applications

4. Network security services and mechanisms

5. A model for inter

–

network security

2. Access control

3. Data confidentiality

4. Data integrity

1. Authentication

5. Non

-

repudiation

OSI Security Services

21

2. Authorization

3. Registration (directory)

4. Security management

1. Availability

5. Mobile agents security

Additional Services

22 22

2. Security platform and APIs

3. Documents encapsulation

4. Integration

1. Key exchange protocols

5. Smart cards

Security Architecture

23

2. Distributed system security

3. Verification and evaluation

4. Java security

1. Secure payment transactions

5. Generic security objects

Not covered

24 24

(5)

Lecture 1 :

Introduction to Computer Networks Security

Subjects / Topics :

1. Overview of the course

2. Approach and relationship with prerequisites

3. Threats to computer networks and applications

4. Network security services and mechanisms

5. A model for inter

–

network security

Simple client/server model

User

Server

Client

Network

26 26

Trusted third party

27

Communication / socket level security

Protected

Unprotected

_Unprotected

User

Server

Client

Network

28 28

Applications/document level security

User

Server

Client

Network

29

Smart cards: User level security

User

Server

Client

Network

30 30

(6)

Additional features

User

Server

Client

Network

1. Non–repudiation

2. Storage of secrets

3. User mobility

4. Mobile code

31

Trusted third party

32 32

Functions

33

Security infrastructure

B

A

TTP

TTP TTP TTPTTP 34 34

Network access security model

35

Firewalls

–

packet filtering

36 36

(7)

Firewalls

–

application filtering

37

System resources access control

38 38

Users and application level

Apache

39 39

Application

Server

Reference monitor

40 40

Authorization

?

41

In closed environments

Application

Server

Security

Administration

42 42

(8)

In open networks

43

Networks security model

Crypto modules Crypto modules Smart card

Smart card Certification clientCertification client

Security Platform

TCA TCA PCA PCA UCA UCA HCA HCA PCA PCA UCA UCA HCA HCA