Network Security - Belk College Of Business

homuskratΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

86 εμφανίσεις

Network Security

ITIS 6201


Computer Security and Privacy



ITIS 6201


Dr. Foley

Network Security

1

Mainframe

Server


Farms

Data

Storage

Authentication

Services

Administrative
Services

External

Transition

Zone

Accounting &
Billing

Medical Records
& Insurance

HR

The
Internet

Remote
Users

Internet
Access
(In/Out)

Medical Care Facilities


Patient Care Centers


Nurses Stations


Doctors’ Offices


Operating Theatre


Emergency Room

Medical Technology


X
-
ray


Scans


Labs

Pharmacy

Physical Security

Cloud
-

Intranet

Fictional Health Services


High
-
level Network Diagram

ITIS 6201


Dr. Foley

Network Security

2

Admin Network

Internet Inbound
-

Network Diagram

ITIS 6201


Dr. Foley

Network Security

3

Public Internet

Internet Common

Web Presentation Tier

Application/DB Tier

Authentication Zone

The Internet

Cloud
-

Intranet

Internet
User

Load
Balancing

Boundary
Router &
IDS

Load
Balancing

App
Proxy
Firewall

Border
Web
Server

XLM
Content
Filter

Authentication
Server

Data
Base
Server

Application
Servers

Load
Balancing

Load
Balancing

Application
Servers

Data
Base
Server

XLM
Content
Filter

App
Proxy
Firewall

Border
Web
Server

Data Base
Server

Administration
Server

Monitoring
Server

Foundation
Network

IDS

IDS

IDS

IDS

ITIS 6201


Dr. Foley

Network Security

4

Internal Node
-

Network Diagram

Cloud
-

Intranet

Data Center

The
Internet

Work
Stations

Print
Server

Network
Node

Wireless
Node

Shared
Printer

Router

Medical Care Facilities

IDS

Malicious Code


Virus



Replicates and passes the malicious code to other programs


Transient


Tied to the life of the host


Resident


Resides in memory


Trojan Horse


Does additional things as well as what is seen


Logic Bomb


Time bomb (the “trigger” is either logic or time)


Trap Door/Back Door


Supposedly only known to the insider


Worm



Spreads through the network. Replicates standalone programs of
itself.


Zeus is the current big bad boy. Worm launched from a Trojan horse.


Rabbit



Replicates with out bound. Usually designed to bring down a
resource.


Replay Attack



A form of a network attack in which a valid data transmission
is maliciously or fraudulently repeated or delayed


Denial of Service



An attack that overwhelms the resource with a flood of
requests


Zero
-
day Attacks


Attacks on a vulnerability not yet known by the developer

ITIS 6201


Dr. Foley

Network Security

5

Operating Systems Access
Controls

Primary OS Functions


Memory


Sharable I/O devices, such as disks


Serially reusable I/O devices, such as printers and
tape drives


Sharable programs and sub
-
procedures


Networks


Sharable data

7

ITIS 6201
-

Foley

Programming Weaknesses/Vulnerabilities


Buffer Overflows


Incomplete Mediation
(like uncontrolled date or value fields)


Time
-
of
-
check to Time
-
of
-
use weaknesses

8

ITIS 6201
-

Foley