Upload
afna-crcs
View
91
Download
0
Embed Size (px)
Citation preview
1
Chapter 1:Introduction
2
Technology HistoryTechnology History
Security UseSecurity Use
Security LayerSecurity Layer
Why Security?Why Security?
Attack/HackAttack/Hack
3
A Technology play role and
influence in community service
4
First, Let us look at the Evolution of Communications
Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market
5
• The start of the Internet for masses using dial-up:
• Phone line is shared between the PC and the phone– Emergence of the ISP
concept with AOL,…
• New concept:• Content available to
everybody
• First Internet boom: • “New economy concept”
Modem
Phone Line28 – 56kbps
Extracted from : Next Generation Home Networks: Driving a New Society?
80-90s: A New World Called Internet
Consumer Market
6
2000 – 2003: The Beginning of the Always-On Concept
• Emergence of the ADSL technology:– Higher bandwidth than
dial-up: typically 64k to 384kbps
– “Always on” concept; i.e., no busy signal
• Device per service– One phone– One PC
ADSL64 – 384 kbps
Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market
7
xDSL20+ Mbps
• Emergence of the new DSL and xPON technologies:– Higher bandwidth than
ADSL: typically 20Mbps per home
• First signs of home networks with the digitalization of the Home:– Digital Camera,
Camcorder, Playstation, DVD, iPOD…
Extracted from : Next Generation Home Networks: Driving a New Society?
2003 – 2005: Emergence of Basic Home Networks and Triple Play Services
Consumer Market
8
2005 – 2015: The Digital Connected Home
• Many multi-service devices in the home:– All using IP as a
foundation
• Virtualization of Content: – Access content
anywhere/anytime, whether it is home-based (Personal) or network-based (Public)
• Communications and Entertainment
Extracted from : Next Generation Home Networks: Driving a New Society?
Consumer Market
9
Example of Network Infrastructure
Residential Gateway (RG)
Broadband Termination Unit (BTU)
BTU
10
Technology HistoryTechnology History
Security UseSecurity Use
Security LayerSecurity Layer
Why Security?Why Security?
Attack/HackAttack/Hack
11
We will see now where a security mechanism isembed on technology.
Security use in daily basis.
12
DATA VOICE
IMAGE
Services
13
Security use in daily basis 1 - biometric
14
Security use in daily basis 2 - Business
15
Security use in daily basis 3 – Voice Communication
16
Security use in daily basis 4 – Integration Operation
17
Security use in daily basis 5 – Operating System
18
Security use in daily basis 6 – WEB
19
Technology HistoryTechnology History
Security UseSecurity Use
Security LayerSecurity Layer
Why Security?Why Security?
Attack/HackAttack/Hack
20
Let me share with you on OSI layers and
Internet layers
21
Seventh layers OSI Model
Physical
Network
Data Link
Transport
Session
Presentation
Application
Bits
Packets
Frames
Segments
Presentation
Application
Network
Data Link
Session
Presentation
Application
Media, Signal and binary transmission
Path determination and logicaladdressing (IP)
Physical addressing (MAC & LLC)
End-to-end communications andreliability (TCP)
Interhost communication
Data representation and encryption
Network process to application
Data
MediaLayers
Data Unit
Application
Layer
Application
Function
Network process to application
HostLayers
OSI Model
Presentation
22
Five Layers TCP/IP Model
Ethernet physical layer • ISDN • Modems • PLC • SONET/SDH • G.709 • Wireless •
Presentation
ApplicationDHCP • DNS • FTP • Gopher • HTTP • IMAP4 • IRC • NNTP • XMPP • MIME • POP3 • SIP • SMTP • SNMP • SSH • TELNET • RPC • RTP • RTCP • TLS/SSL •
SDP • SOAP • VPN • PPTP • L2TP • GTP •
TCP • UDP • DCCP • SCTP •
IP (IPv4 • IPv6) • IGMP • ICMP • RSVP • BGP • RIP • OSPF • ISIS • IPsec • ARP • RARP •
802.11 • ATM • DTM • Ethernet • FDDI • Frame Relay • GPRS • EVDO • HSPA • HDLC • PPP •
Physical
Internet
Data Link
Transport
Application
23
Five Layers TCP/IP Model
Refer to the TCP/IP Presentation Slides
24
Before I explain to you on security layerLet review back the slides that presenting on
“security use in daily basis”
25
What is behind of these applications?
What is a mechanism that make it secure?
26
Security Layer *
CryptographyAlgorithm:Symmetric, Asymmetric (i.e.:Cipher, DES, AES)
Protocol
Applications
Protocol:SSL, TLS
Applications:Web, email, any application use security mechanism
* This approach is totally under my knowledge and experience, is not a standard, just to understand the layer concept.
27
Security versus OSI & TCP/IP Model
Physical
Network
Data Link
Transport
Session
Presentation
Application
Physical
Internet
Data Link
Transport
Presentation
Application
Application
OSI TCP/IP
Cryptography
Protocol
Applications
Security
28
Technology HistoryTechnology History
Security UseSecurity Use
Security LayerSecurity Layer
Why Security?Why Security?
Attack/HackAttack/Hack
29
Concept
Why we want security?
Let review back the slides that presenting on “security use in daily basis”
30
Could you explain to me why we need security?
31
Why We Need Security
Privacy
Integrity
Authentication
Nonrepudation
The protection of data from unauthorized disclosure.
The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion.
The assurance that the communicating entity is the one that it claims to be.
Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Security Services (X.800)
32
Technology HistoryTechnology History
Security UseSecurity Use
Security LayerSecurity Layer
Why Security?Why Security?
Attack/HackAttack/Hack
33
Hacking - 1
34
Hacking - 2
DATA CENTER
35
Type of Attacks
Passive
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are release of message contents and traffic analysis.
Active
Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.
36
Passive Attack
Read contents of message from Bobto Alice
Release of Message Contents
Observe pattern ofmessages from Bobto Alice
Traffic Analysis
37
Active Attack - 1
Message from Hackerthat appears to be from Bob
Masquerade
Capture message fromBob to Alice; laterreplay message to Alice
Replay*
* An attack in which a service already authorized and completed is forged by another "duplicate request" in an attempt to repeat authorized commands.
38
Active Attack - 2
Modifies message from Bob to Alice
Modification of messages
disrupts service provided by server
Denial of Service
39
How Do You Want Protect Your Network System
Thank YouSee You Next Week