Lecture I : Internet Security Landscape - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

Lecture I : Internet Security Landscape

Description:

Offenders can use little amount of resources. Defenders must consume large amount ... Corporate Espionage. International Cyber-warfare. More Powerful Attacks : ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 9
Provided by: john198
Category:

less

Transcript and Presenter's Notes

Title: Lecture I : Internet Security Landscape


1
Lecture I Internet Security Landscape
  • Internet Security Principles Practices
  • John K. Zao, PhD SMIEEE
  • National Chiao-Tung University
  • Fall 2005

2
The Problem
  • Internet (Packet Switching) is inherently
    insecure
  • Highly Asymmetric Defense
  • Offenders can use little amount of resources
  • Defenders must consume large amount of resources
  • Situation is getting worse, and will not get
    better
  • More Bad Guys
  • Armature Hackers Ankle Bitters
  • Professional Criminals
  • Corporate Espionage
  • International Cyber-warfare
  • More Powerful Attacks
  • Public Domain Attack Tools
  • Automated Attacks
  • Concealed Tracks
  • Consequences is becoming more devastating

3
Attack Sophistication vs. Intruder Knowledge
4
The Causes
  • Our world relies increasingly on a Global
    Information Infrastructure
  • Why?
  • Add Values
  • Reduce Costs
  • Increase Productivity
  • Our industry makes more aggressive tradeoffs and
    thus more devastating mistakes
  • Easy to Use vs. Safe to Operate ? Mismanagement
  • Time to Market vs. Perfect in Making ? Flaws
  • Performance vs. Costs ? Under-investment
  • Our community becomes both more diverse and more
    integrated
  • Many users
  • One Network

5
The Solution Space
  • Type of Protection
  • Aspects of Enforcement
  • Procedures of Realization

6
Types of Protection (ISO 7498-2)
  • Security Services
  • Authentication
  • Data Origin Authentication
  • Peer Entity Authentication
  • Confidentiality
  • Connectionless Confidentiality
  • Connection Confidentiality
  • Selective Field Confidentiality
  • Traffic Flow Confidentiality
  • Integrity
  • Connectionless Integrity
  • Connection Integrity
  • Selective Field Integrity
  • Non-Repudiation
  • Data Origin
  • Data Reception
  • Access Control
  • Security Mechanisms
  • Encipherment
  • Secret Key Ciphers
  • Public Key Ciphers
  • Integrity Checks
  • Non-keyed Checks
  • Keyed Checks
  • Digital Signature
  • Access Control Mechanisms
  • Access Control Lists
  • Capabilities
  • Traffic Padding
  • Notarization
  • Audit

7
Aspects of Enforcement
8
Procedures of Realization
Write a Comment
User Comments (0)
About PowerShow.com