My ContentData Security, Network Security, Firewalls, Cryptographic Techniques, Anti-virus Software, Anti-spyware, Intrusing Detection System
Data SecurityTypes of Data Security Controls Authentication Access Control Backup and Recovery Encryption Data masking Tokenization Deletions and erasureNetwork Security BlankFirewalls Type of Firewalls Packet Filtering Firewall.
Circuit level Gateway.
Stateful inspection firewall
Application level Gateway
Next generation firewallCryptographic Techniques Types of cryptography
Symmetric cryptography.
Asymmetric cryptographyAnti-Virus Software Anti-SpywareIntruding Detection System Types of IDS Host based Intrusion Detection Network Based Intrusion DetectionComponents of Network Based Intrusion Detection
Circuit level Gateway.
Stateful inspection firewall
Application level Gateway
Next generation firewall
Symmetric cryptography.
Asymmetric cryptography
Data Security, Network Security, Firewalls, Cryptographic Techniques, Anti-virus Software, Anti-Spyware, Intrusing Detection System
Data Security
Data Security is both the practice and the technology of protecting valuable and sensitive company and castomer data, such as personal or financial information. Think about the valuable data your company collects, store and manages. Information like f inancial or payment data, intellectual property and sensitive personal information about your employees and customers are a goldmine for hackers. Data security- the processes and technologies you should be using to safeguard that data is a crucial element in protecting your company's reputation and fiscal health.
Types of Data Security Controls
Understanding the importance of data security will help you formulated a plan to protect that data. There are many data security technologies and processes that can support your company's productivity while safeguarding data. Types of data security controls include.
1. Authentication
Authentication, along with authorization, is one of the recommended way the boost data security and protect against data breaches. Authentication technology verifies if a users credentials match those stored in your database. Today's standard authentication processes include using a combination of way to identify an authorized user, such as password, pins, security tokens, a swipe card on biometrics.
Authentication is mode easier through single sign-on technology which, with one security token, allows an authenticated user access to multiple systems, platforms, and applications, Authorization technology determines what an authenticated user are allowed to do or see on your website or server.
2. Access Control
Authentication and authorization happen through the process called access control. Access control systems can include :
• Discretionary access control (the least restrictive), which allows access to resources based on the identity of users or groups.
• Role-based access control, which assigns access based on organizational role allows users accesss only to specific information.
• And mandatory access control, which allows a system administrator to strictly control access to all information.
3. Backup and Recovery
Prioritizing data security also requires a plan for how to access your company's and client's data in the event of systems failure, disaster, data corruption on breach. Doing regular data backup is an important activity to help with that access.
A data backup entails making a copy of your data and storing it on a separate system or medium such as a tape, disk or in the cloud. You can then recover lost data by using your backup.
4. Encryption
Data encryption software effectively enhances data security by using an algorithm (called a cipher) and an encryption key to turn normal text into encrypted ciphertext. To an unauthorized person, the cipher data will be unreadable.
The data can then be decrypted only by a user with an authorised key. Encryption is used to protect the data that you store (called data at rest) and data exchanged between databases, mobile devices and the cloud (called data in transit). Your encryption keys must be securely managed, including protecting your critical management systems, managing a secure, off site, encryption backup and restricting access.
5. Data masking
Data masking software hides data by obscuring letters and numbers with proxy characters. The data is still there, behind the masking. The software change the data back to its original from only when an authorized user receives that data.
6. Tokenization
Tokenization subsititutes sensitive data with random characters that are not algorithmically reversible. The relationship between the data and its token values is stored in a protected database lookup table, rather than being generated by and decrypted by a mathematical algorithm (as in the case of encryption). The token representing the real data is used across different systems as a replacement, while the actual data is stored on a separate, security platform.
7. Deletions and erasure
When electronic data is no longer needed and must be permanently cleared from the system, erasure can overwrite that data so that it is irretrievable. Erasure is different from deletion, which is a process that simply hides data in such a way that makes it easy to retrieve.
Network Security Blank
Firewalls
• A Network device.
• Hardware and software device.
• All the data passes through the firewall.
• After examining the data, fire wall either block on pass the data only authorised traffic will be allowed to pass.
A firewall is a network. security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Type of Firewalls
1. Packet Filtering Firewall.
2. Circuit level Gateway.
3. Stateful inspection firewall
4. Application level Gateway
5. Next generation firewall
1. Pocket Filtering firewall
• Is the most basic to oldest type of f irewall architecture.
• The firewall performs a simple check of data packet's coming through the router.
• If the information packet doesn't pass inspection, it is dropped.
• They aren't very resources intensive.
• However, they are relatively easy to by pass.
2. Circuit level Gateway
• Works at the session layer of OSI model.
• Meant to quickly to easily approve or deny traffic without consuming significant computing resources.
• Work by verifying TCP handshake.
• While extremely resource efficient, there firewall do not check pocked itself.
3. Stateful Inspection Firewall
• Combine both packet inspection technology to TCP handshake.
• Great protection than previous two.
• However, these firewall do put more of a strain on computing resources as well.
4. Proxy firewall (Application level Gateway)
• Operate at application layer to filter incoming traffic between your network to traffic source.
• Rather than letting traffic connect directly the proxy firewall first establishes a connection to source of traffic to inspect incoming data packet.
• Check is similar to stateful inspection but is deeper.
• Drawback : Can create a significant slowdown because of extra step.
5. Next Generation Firewall
• Many of the most recently released f irewall products are being called as next generation architectures.
• Some common features include deep packet inspection, surface level packet inspection, intrusion prevention system, etc.
Cryptographic Techniques
Plantaxt- Hello.
Ciphes text - #02ab@
Decyption - Hello.
sender message. media. receiver
plantext. ciphes text (code). decyption (decode)
The art of protecting information by transforming it into an unreadable format >cryptography.
Or Method of protecting information and communication through the us of coues so that only those for whom the information is intended can read and process it.
Cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages.
Types of cryptography
i. Symmetric cryptography.
ii. Asymmetric cryptography.
i. Symmetric cryptography
It is the simplest kind of encryption technique that involves only 1 key to encrypt and decrypt (or cipher and decipher) information. It is also called secret key cryptography / private key cryptograph. The most popular symmetric key cryptography system is DES (data encryption system). Example - Pin, Password.
ii. Asymmetric cryptography
It uses two keys is a pair of keys for encryption and decryption. It is also called public key cryptography. example -Name, age, Sex.
Cryptography
Symmetric key Cryptography. Asymmetric key Cryptography.
Classical Cryptography. Modern Cryplogrphy
transposition cipher. Stream cipher
Substitution cipher. Block cipher.
Anti-Virus Software
• A malicious program that attaches itself to a host program and makes multiple copies of itself, slowing down, corrupting or destroying the system in called virus.
• A software that assist the OS in providing virus free environment to the users is called antic virus.
• Scans the system for any virus and if detected, gets rid of it by deleting or isolating it.
• It can detect many types of virus like
✓ Book virus.
✓ Trojan
✓ Worm
✓ Spyware, etc.
• External storage device like USB drive scanned by anti-virus.
• Set up your system for periodic scans whenever you feel the need.
V - Vital
I - Information
R - Resources
U - Under
S - Size.
Anti-Spyware
Blank
Intruding Detection System
Intruders
One of the two most publicized threats do security is the intruder (the other is viruses), generally referred to as a hacker or cracker. In an important early study of intrusion, Anderson identified three classes of intruders.
i. Masquerader :
An individual who is not authorized to use the computer and who penetrates a system's access controls to exploit a legitimate user's account.
ii. Misfeasor :
A legitimate user who accesses data, programs on resources for which such access in not authorized, or who is authorized for such access but misuses his or her privileges.
iii. Clandestine User :
An individual who grabs supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection.
Intrusion Detection System
Intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. When intrusion detection takes a preventive measure without direct human intervention, then it becomes an intrusion - prevention system.
Types of IDS
Host besed intrusion Detection. Network Based intrusion Detection
Host based Intrusion Detection
Intrusion detection systems that run on a host to detect inappropriate activity on that host are called host-based intrusion detection systems. For the network administrator to properly monitor for intrusion detection, he needs to be familiar with.
1. The host machine
2. The network connections to that machine,
3. Applications insulted on the host machine and.
4. The habits of users accessing the hast machine.
Network Based Intrusion Detection
Intrusion detection systems that examine network data flow are called based intrusion detection systems. Network-based intrusion defection monitoring and analyzing the traffic on a network segment. Generally, this process is accomplished by placing a servers network interface card (NIC) into promiscuous mode to capture all network traffic that crosses into its network segment. Each packed on the network segment is examined. Packets that match a particular signature are examined more closely.
Components of Network Based Intrusion Detection
1. Header Signature.
2. Port Signatures
3. String signature
4. Checksum violations.
5. File Permission violations.
No comments:
Post a Comment