Scribd Logo
Upload

Welcome to Scribd!

  • 134 1-TongQuan AnNinhMang

    Uploaded by

    Tâm Tồ
    9 views25 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views25 pages

    134 1-TongQuan AnNinhMang

    Uploaded by

    Tâm Tồ

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 25

    2008, Vietnam-Korea Friendship IT College 1

    AN NINH MNG
    Network Security
    Computer Sciences Div.
    2008, Vietnam-Korea Friendship IT College 2
    An Ninh Mng Ni dung

    1- Tng quan v an ninh mng
    4- Cc hnh thc v k thut tn cng
    5- M c hi
    2- K thut m ha
    6- Cc bin php k thut bo mt v an ton h thng
    3- Chng thc ngi dng - phn quyn s dng
    7- Chnh sch bo mt - thc thi chnh sch bo mt
    2008, Vietnam-Korea Friendship IT College 3
    An Ninh Mng Lch hc
    Thi gian
    Sng: 7h30
    Chiu: 13h30
    T2: Tng quan; KT m ha
    T3, T4: chng thc phn quyn; tm hiu cc
    hnh thc k thut tn cng h thng; m c hi
    T5, T6: Cc bin php k thut m bo an ton
    h thng; Trin khai chnh sch bo mt
    T6 (chiu): kim tra kt thc kha hc
    2008, Vietnam-Korea Friendship IT College 4
    TNG QUAN V
    AN NINH MNG

    Network Security Overview
    2008, Vietnam-Korea Friendship IT College 5
    Ni dung
    S cn thit phi c an ninh mng
    Cc yu t m bo an ton thng tin
    Mi e da an ninh mng (Threat)
    L hng h thng (Vulnerable)
    Nguy c h thng (Risk)
    nh gi nguy c h thng

    2008, Vietnam-Korea Friendship IT College 6
    S cn thit phi c an ninh mng
    Cc yu t cn bo v
    D liu
    Ti nguyn: con ngi, h thng, ng truyn
    Danh ting

    2008, Vietnam-Korea Friendship IT College 7
    S cn thit phi c an ninh mng
    Tc hi n doanh nghip
    Tn km chi ph
    Tn km thi gian
    nh hng n ti nguyn h thng
    nh hng danh d, uy tn doanh nghip
    Mt c hi kinh doanh

    2008, Vietnam-Korea Friendship IT College 8
    S cn thit phi c an ninh mng
    Cn nhc
    Kh nng truy cp v kh nng bo mt h thng t l
    nghch vi nhau.
    2008, Vietnam-Korea Friendship IT College 9
    Cc yu t m bo an ton thng tin
    Tnh b mt: Thng tin phi m bo tnh b mt v c
    s dng ng i tng.
    Tnh ton vn: Thng tin phi m bo y , nguyn
    vn v cu trc, khng mu thun
    Tnh sn sng: Thng tin phi lun sn sng tip cn,
    phc v theo ng mc ch v ng cch.
    Tnh chnh xc: Thng tin phi chnh xc, tin cy
    Tnh khng khc t (chng chi b): Thng tin c th
    kim chng c ngun gc hoc ngi a tin

    2008, Vietnam-Korea Friendship IT College 10
    Cc mi e da (threat)
    Cc mi e da (threat) n an ton h thng l
    cc hnh ng hoc cc s kin/hnh vi c kh
    nng xm hi n an ton ca mt h thng
    thng tin
    Mc tiu e da tn cng.
    i tng e da tn cng (ch th tn cng)
    Hnh vi e da tn cng
    2008, Vietnam-Korea Friendship IT College 11
    Cc mi e da (threat)-2
    Mc tiu e da tn cng (Target): ch yu l cc dch
    v an ninh (dch v www, dns, )
    Kh nng bo mt thng tin: s b e da nu thng tin khng
    c bo mt
    Tnh ton vn ca thng tin: e da thay i cu trc thng tin
    Tnh chnh xc ca thng tin: e da thay i ni dung thng tin
    Kh nng cung cp dch v ca h thng: lm cho h thng
    khng th cung cp c dch v (tnh sn sng)
    Kh nng thng k ti nguyn h thng
    2008, Vietnam-Korea Friendship IT College 12
    Cc mi e da (threat)-3
    i tng e da tn cng (Agent) l ch th
    gy hi n h thng
    Kh nng e da tn cng ca i tng: kh nng
    truy cp khai thc cc l hng h thng to ra mi
    e da trc tip
    S hiu bit ca i tng v mc tiu e da tn
    cng: user ID, file mt khu, v tr file, a ch mng,
    ng c tn cng ca i tng: chinh phc, li ch
    c nhn, c tnh
    2008, Vietnam-Korea Friendship IT College 13
    Cc mi e da (threat)-4
    Hnh vi e da tn cng
    Li dng quyn truy nhp thng tin h thng
    C tnh hoc v tnh thay i thng tin h thng
    Truy cp thng tin bt hp php
    C tnh hoc v tnh ph hy thng tin hoc h thng
    Nghe ln thng tin
    n cp phn mm hoc phn cng
    ..
    2008, Vietnam-Korea Friendship IT College 14
    Cc mi e da (threat)-5
    Phn loi cc mi e da
    C mc ch
    Khng c mc ch
    T bn ngoi
    T bn trong
    2008, Vietnam-Korea Friendship IT College 15
    L hng h thng (Vulnerable)
    L hng h thng
    l ni m i tng tn cng c th khai thc thc
    hin cc hnh vi tn cng h thng. L hng h thng
    c th tn ti trong h thng mng hoc trong th tc
    qun tr mng.
    L hng lp trnh (back-door)
    L hng H iu hnh
    L hng ng dng
    L hng vt l
    L hng trong th tc qun l (mt khu, chia s,)
    2008, Vietnam-Korea Friendship IT College 16
    Nguy c h thng (Risk)
    Nguy c h thng: c hnh thnh bi s kt
    hp gia l hng h thng v cc mi e da
    n h thng
    Nguy c = Mi e da + L hng h thng
    2008, Vietnam-Korea Friendship IT College 17
    Nguy c h thng (Risk)
    Cc cp nguy c
    Nguy c cao
    Nguy c trung bnh
    Nguy c thp

    2008, Vietnam-Korea Friendship IT College 18
    nh gi nguy c h thng
    Nguy c h thng
    `
    Xc nh l hng
    h thng
    Xc nh cc mi e
    da n h thng
    Cc bin php an ton h
    thng hin c
    2008, Vietnam-Korea Friendship IT College 19
    Xc nh cc l hng h thng: vic xc nh
    cc l hng h thng c bt u t cc im
    truy cp vo h thng nh:



    mi im truy cp, ta phi xc nh c cc
    thng tin c th truy cp v mc truy cp vo
    h thng

    nh gi nguy c h thng (2)
    - Kt ni mng Internet
    - Cc im kt ni t xa
    - Kt ni n cc t chc khc
    - Cc mi trng truy cp vt
    l n h thng
    - Cc im truy cp ngi dng
    - Cc im truy cp khng dy
    2008, Vietnam-Korea Friendship IT College 20
    nh gi nguy c h thng (3)
    Xc nh cc mi e da
    y l mt cng vic kh khn v cc mi e da
    thng khng xut hin r rng (n)
    Cc hnh thc v k thut tn cng a dng:
    DoS/DDoS, BackDoor, Trn b m,
    Virus, Trojan Horse, Worm
    Social Engineering
    Thi im tn cng khng bit trc
    Qui m tn cng khng bit trc
    2008, Vietnam-Korea Friendship IT College 21
    nh gi nguy c h thng (3)
    Kim tra cc bin php an ninh mng
    Cc bin php an ninh gm cc loi sau:

    - Bc tng la - Firewall
    - Phn mm dit virus
    - iu khin truy nhp
    -H thng chng thc (mt khu,
    sinh trc hc, th nhn dng,)
    - M ha d liu
    - H thng d xm nhp IDS
    -Cc k thut khc: AD, VPN, NAT
    - thc ngi s dng
    - H thng chnh sch bo mt v
    t ng v li h thng

    2008, Vietnam-Korea Friendship IT College 22
    nh gi nguy c h thng (4)
    Xc nh mc nguy c
    Sau khi xc nh c cc l hng h thng, cc mi
    e da v cc bin php an ninh hin c, ta c th
    xc nh c mc nguy c h thng nh sau:
    Ti mt im truy cp cho trc vi cc bin php an
    ninh hin c, xc nh cc tc ng ca cc mi e da
    n h thng: kh nng bo mt, tnh bo ton d liu,
    kh nng p ng dch v, kh nng phc hi d liu
    thng qua im truy cp .
    2008, Vietnam-Korea Friendship IT College 23
    nh gi nguy c h thng (4)
    Xc nh mc nguy c (tt)
    Cn c vo 5 tiu ch nh gi (Chi ph, Thi gian,
    Danh d, Ti nguyn h thng, C hi kinh doanh) ta
    c th phn nguy c an ton mng mt trong cc
    mc: cao, trung bnh, thp.
    Nu h thng kt ni vt l khng an ton th h
    thng cng mc nguy c cao
    2008, Vietnam-Korea Friendship IT College 24
    Tho lun nh gi
    nh gi nguy c h thng ti doanh nghip ?
    Xem xt cc l hng h thng
    Xem xt cc kh nng tn cng.
    Xem xt cc bin php an ton h thng

    2008, Vietnam-Korea Friendship IT College 25
    Trantheson@mic.gov.vn
    H v tn
    C quan cng tc
    1- Hiu bit v an ninh mng/ mng my tnh
    2- Cu hnh mng hin ti ca c quan/doanh
    nghip
    3- nh gi bo mt / an ton mng ca c
    quan/doanh nghip (s b)
    Xem xt cc l hng mng thng qua cc kt ni n
    c quan/doanh nghip
    Cc bin php AN mng hin c

    You might also like