1 MCC Data Security Data Security
11MCC
Data SecurityData Security
22MCC
Topics to be coveredTopics to be covered Encryption Firewalls Virtual Private Network Authentication Digital Certification
Digital Certificate Certification Authorities Digital Signatures
Internet Virus Online Data Security Assistants
33MCC
EncryptionEncryption
The translation of data into a secret code. Encryption is the most effective way to achieve data security.
To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.
Unencrypted data is called plain text; encrypted data is referred to as cipher text.
There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.
44MCC
FirewallFirewall
A combination of hardware and software that secures access to and from the LAN.
A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall.
An organization will typically install a firewall to give users access to the internet while protecting their internal information.
55MCC
Public/ExternalPublic/ExternalInternet UsersInternet Users
Intranet
ClientsClients
ServersServersERP
Legacy Legacy systemssystems
E-mail E-mail serversservers
Web servers
DatabasesDatabases
FirewallsFirewalls
5
Sample usage of FirewallSample usage of Firewall
66MCC
Virtually Private Network Virtually Private Network (VPN)(VPN)
VPN is a secure network on the Internet using the tunneling schemes
“tunnels” are secure data flows w/ cryptography and authorization algorithms
The major objective of a VPN is to use the Internet as an inexpensive WAN backbone
77MCC
VPNs (cont:)VPNs (cont:)
When two sites are connected across a VPN, each must have a VPN-capable router, firewall, or VPN access device installed
When VPN is used to link mobile clients with Internet dial-up connections, the laptops must be equipped with VPN client software equipped with the addresses and associated encryption keys for corporate host sites
88MCC
Tunneling Internet
Extranet
IntranetFirewall
Intranet
Firewall
Usage of the VPNsUsage of the VPNs
SuppliersVPN
Distributors VPN
Customers
VPN
99MCC
AuthenticationAuthentication
Determines a user's identity, as well as determining what a user is authorized to access.
The most common form of authentication is user name and password, although this also provides the lowest level of security.
VPNs use digital certificates and digital signatures to more accurately identify the user.
1010MCC
Digital CertificateDigital Certificate
Electronic counterparts to driver licenses, passports. Certificates are the framework for identification
information, and bind identities with public keys.They provide a foundation for
identification , authentication and non-repudiation.
Enable individuals and organizations to secure business and personal transactions across communication networks.
1111MCC
Certification AuthoritiesCertification Authorities
Trusted organization that issues certificates and maintains status information about certificates.
Certification Practice Statement
Certification Authority’sPrivate Key
X.509 v3Format
Certificate
CA’s DigitalSignature
Generate DigitalSignature
1212MCC
How Digital Certificates work? Generate Public and Private Keys. Get Certificate from the CA Sign the document/page using the private key. Send signed document over open networks along
with the CA’s certificate. Recipient verifies using the signing CA’s public key Trust Chain and Fingerprints
1313MCC
Types of CertificatesTypes of Certificates
Root or Authority certificates These are self signed by the CA that created them Institutional authority certificates Also called as “campus certificates” Client certificates These are also known as end-entity certificates, identity certificates,or personal certificates. Web server certificates used for secure communications to and from Web servers
1414MCC
Digital SignatureDigital Signature
An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document.
It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged.
1515MCC
Internet Virus IssueInternet Virus Issue
Computer virusComputer virus A virus is a type of program that can replicate
itself by making (possibly modified) copies of itself.
A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable disk
1616MCC
Internet Virus Issue (cont)Internet Virus Issue (cont) Macro virus
Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates.
Worm computer worms are malicious programs that copy
themselves from system to system, rather than sensitive legal files.
Trojan horse Trojans, another form of malware, are generally
agreed upon as doing something other than the user expected, with that “something” defined as malicious.
1717MCC
Internet Virus Issue (cont)Internet Virus Issue (cont) Hybrids
In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus, wasn't merely a virus.
Malware Taken as a group, these many types of software
are called "malicious software", because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity.
Spam "Spamming [the sending of unsolicited email] is the
scourge of electronic-mail and newsgroups on the Internet.
1818MCC
Virus EncyclopediaVirus Encyclopedia
1.File Viruses, DOS2.Boot Viruses3.
Multipartite (File and Boot) Viruses
4.Multi-Platform Viruses5.NewExe Viruses6.Macro Viruses 7.Virus Constructors8.Windows HLP Viruses9.Java Viruses
10.Trojan horses11.Script Viruses12.Internet Worms13.Virus Hoaxes and Non- Viruses14.Palm15.Malware16.Jokes17. Worms18. Spam
1919MCC
Top Ten Virus ListTop Ten Virus List
2020MCC
1. Install anti-virus software and keep the virus definitions up to date.
2. Don't automatically open attachments
3. Scan all incoming email attachments
4. Get immediate protection
5. Update your anti-virus software frequently.
6. Avoid downloading files you can't be sure are safe
7. Don't boot from a floppy disk
8. Don't share floppies
9. Scan floppies before using them
10. Use common sense
Golden Tips to prevent VirusGolden Tips to prevent Virus
2121MCC
Main Features of AntiVirusMain Features of AntiVirus
Provides complete e-mail Eliminates all types of viruses Easy to use: install and forget Automatic virus definitions updates Uses powerful virus scanning engines Provides complete e-mail protection Creates detailed scan reports ..etc
2222MCC
Powerful Anti-VirusPowerful Anti-VirusVirus Encyclopedia
http://www.antivirus.com/vinfo/virusencyclo/ Virus pattern downloads http://www.antivirus.com/download/pattern.asp Subscribe to email alerts on Virus http://www.antivirus.com/vinfo/ Online virus scanner, Housecall
http://housecall.antivirus.com/ Real-time Virus Tracking
http://wtc.trendmicro.com/wtc/ Mcafee Security
http://www.mcafee.comNortan Antivirus
http://symantec.com
2323MCC
2424MCC
www.cert.orgwww.cert.org
2525MCC
www.mmcert.org.mm