Professional Documents
Culture Documents
welcome
• Self introductions and course Expectations
Aim of the course
To provide the student with theoretical and practical skills needed to
design, implement and manage network security.
Assessment weighting
• 50% course work
• 50% examinations
Why security?
• Internet was designed for connectivity
• A lot is being done on the internet
• Trust assumed
• Fundamental aspects of information must be protected
• Confidential Data
• Employee Information
• Financial Data
• Difficult to isolate from internet
• Most business are done online
• Customer care
• Third party services are provided online
Introduction to Network Security
• What is Network Security?
• Network security is the actual protection of the underlying
networking infrastructure from unauthorized access, misuse or
theft.
• This involves creating a secure infrastructure for devices,
applications and users to operate in a secure manner.
Who is vulnerable?
• Financial institutions and banks
• Internet service providers
• Pharmaceutical companies
• Government and defense agencies
• Contractors to various government agencies
• Multinational corporations
• ANYONE ON THE NETWORK
Key principle behind Security : CIA TRIAD
Key principle behind Security
• Confidentiality
• Preventing unauthorized use or disclosure of information
• Examples of controls that improve confidentiality include
• encryption, steganography, access control lists (ACLs), and
• data classifications
• Integrity
• Safeguarding accuracy and completeness of information
• An example is using a hash algorithm
• Availability
• Authorized users have reliable and timely access to information.
• Example is Load balancing
Access control
• This is the ability to permit or deny use of an object by a subject.
• This is achieved by
• Authentication( who can log in ) is the verification or proof of someone’s
or something’s identity. The most common form of authentication is the
use of a password
• Authorization( what authorized users can do)The process of authorization
ensures that the requested activity or access to an object is possible given
the rights and privileges assigned to the authenticated identity.
• Accountability (identifying what a user did)
Importance of Network Security