4-1 Chapter 4 The Internet And Security Robert Riordan, Carleton University.
-
date post
21-Dec-2015 -
Category
Documents
-
view
214 -
download
1
Transcript of 4-1 Chapter 4 The Internet And Security Robert Riordan, Carleton University.
4-2Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Learning Objectives
1. Describe the Internet and how it works
2. Describe the basic Internet services and the use of the World Wide Web
3. Explain what is meant by the term “information systems security” and describe various approaches for ensuring information systems security
4-3Information Systems Today, 2/C/e ©2008 Pearson Education Canada
History of the Internet
ARPANET (Advanced Research Project Agency Network)• Created in the 1960s by DARPA (Defense Advance
Research Projects Agency)• Used by government and universities as a means to
communice for research purposes
NSFNET (National Science Foundation Network)• Created in 1986 by the National Science Foundation for
connecting research institutions• Connected to ARPANET and many others (BITNET,
CSNET, etc) to become a major component of the Internet
Internet Support• Ongoing support comes from many universities, federal
and state governments, and national international research institutions and industry
4-4Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Visions of the Internet in the 1960’s
4-5Information Systems Today, 2/C/e ©2008 Pearson Education Canada
How the Internet Works – Connecting to the Internet
Modem (stands for Modulate/Demodulate)• A modem converts signals back and forth from digital to
analog for transmission and receipt between computers• A computer requires a modem to get access to the Internet
Internet Service Provider (ISP)• These companies provides access to the Internet for a fee• A computer is connected to an ISP through a modem to
allow Internet access
Network Access Points (NAPs)• NAP’s connect ISPs together• They serve as Internet access points for the ISPs and serve
as exchange points for Internet traffic
Internet Backbone• Collection of main network connections and
telecommunications lines that make up the Internet
4-7Information Systems Today, 2/C/e ©2008 Pearson Education Canada
How the Internet Works – Shows the Internet Backbone
4-9Information Systems Today, 2/C/e ©2008 Pearson Education Canada
How the Internet Works – TCP/IP & Routers
TCP – Transmission Control Protocol• Breaks information into small chucks called data packets• Manages the transfer of the packets from computer to computer• Reassembles data packets into a message at the destination
IP – Internet Protocol• Controls how data packets are formed• Addresses each packet with the source and destination address• A data packet conforming to the IP spec is called an IP datagram
Routers• Connect one network to another• Identify each device on a network as unique using IP protocol• Serve as the “Traffic Cop” directing packets to their destination
TCP/IP Approach
4-10Information Systems Today, 2/C/e ©2008 Pearson Education Canada
How the Internet Works – Connecting Networks
(Computer A) TCP - Breaks message into data packetsIP - Adds address of destination Computer D
Example: Sending a message from Computer A to D
(Computer D) TCP - Checks for missing packets, reassembles message,discards duplicatepackets
(Router) Reads IP Address of packet, routes message to Network 2 and Computer D
1 3
2
4-11Information Systems Today, 2/C/e ©2008 Pearson Education Canada
How the Internet Works – Web Addresses & Domains
Domain• Identifies the Website (host)• Comes in many suffixes
such as:.edu (educational
institutions).org (organizations; non-
profit).mil (military).net (network
organizations)
Example: microsoft.com(URL) Uniform Resource Locator• Identifies particular Web pages within a domain
Example: http://www.microsoft.com/security/default.mspx
IP Address• Each domain is associated
with one or more IP addresses
• Format: a 32-bit address written as 4 numbers (from 0-255) separated by periods
Example: 1.160.10.240
4-12Information Systems Today, 2/C/e ©2008 Pearson Education Canada
How the Internet Works – Managing the Internet
Internet Registry• Central repository of all Internet-related information• Provides central allocation of all network system identifiers• Managed by Internet Assigned Numbers Authority (IANA)
Domain Name System (DNS)• Maintained by the Internet Registry• Used to associates hosts or domains with IP addresses• Root DNS database is replicated across the Internet
InterNic Registration Service• Canadian Internet Registration Authority (CIRA)• Assigns Internet Domains and IP addresses• Internet Corp. for Assigned Names and Number (ICANN) has
responsibility for managing IP addresses, domain names, and root server system management
4-13Information Systems Today, 2/C/e ©2008 Pearson Education Canada
World Wide Web
Web Browser
Hypertext• A Web page stored on a Web server• Contains information and links to
other related information (hyperlinks)
HTML (Hypertext Markup Language)• A standard method used to specify
the format of Web pages• Uses codes/tags which stipulate how
the content should appear to the user
Web Browser• A software program used to locate
and display Web pages• Includes text, graphics, and
multimedia content
4-14Information Systems Today, 2/C/e ©2008 Pearson Education Canada
World Wide Web
HTTP (Hypertext Transfer Protocol)• A protocol used to process user
requests for displaying Web pages from a Web server
Web Servers• A special computer that is
specifically designed to store and “serve up” Web pages
• This machine contains special hardware and software to perform its many specialized functions
4-16Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Current State of the Internet
Internet hosts per 1000 inhabitants
Internet hosts 1991-2007Numbers in millions
4-17Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Internet2
Internet Research User FrustrationAfter 1995, increases in personal and business traffic began congesting the network primarily used for research
Internet Research User FrustrationAfter 1995, increases in personal and business traffic began congesting the network primarily used for research
Internet2University Corporation for Advanced Internet Development (UCAID) was formed to lead the design and development of an private high-speed alternative to the public Internet
Internet2University Corporation for Advanced Internet Development (UCAID) was formed to lead the design and development of an private high-speed alternative to the public Internet
Abilene network backboneA new network has been developed connecting IS researchers by use of GigaPop (Gigabit Point of Presence) network access points to a high-speed private network (currently operating at 10Gbps with a goal of 100Gbps)
Abilene network backboneA new network has been developed connecting IS researchers by use of GigaPop (Gigabit Point of Presence) network access points to a high-speed private network (currently operating at 10Gbps with a goal of 100Gbps)
4-18Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Internet2
• Mission: Internet2 is a not-for-profit consortium, led by over 200 US universities, developing and deploying advanced network applications and technology, accelerating the creation of tomorrow's Internet.
• Facilitate and coordinate the development, deployment, operation, and technology transfer of advanced, network-based applications and network services to further US leadership in research and higher education and accelerate the availability of new services and applications on the Internet.
4-19Information Systems Today, 2/C/e ©2008 Pearson Education Canada
• Abilene: Internet2 backbone network (IP over SONET)
• A project of the University Corporation for Advanced Internet Development (UCAID) in collaboration with various corporate partners
• Link Capacity: 13,000 miles of fiber optic cable, with over 8,000 miles of interior circuits and another 5,000 miles of access circuits
• Operates at OC-192 (9.6 gigabits per second) or about 354,000 times faster than a typical computer modem.
Internet2
4-21Information Systems Today, 2/C/e ©2008 Pearson Education Canada
• Examples of Applications:– Grid computing– Telemedicine– Astronomy– Tele-immersion– Music– Digital Video– Tele-Operation of Remote Equipment– Tele-Presence (Magic)
Internet2
4-22Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Changes to the Internet
• Privacy? – Increased government access to personal
information in the name of security / anti terrorism measures.
• Paying for bandwidth?– Big sites Vs personal home pages– Already exists in the world of cell phones, why
not?
4-23Information Systems Today, 2/C/e ©2008 Pearson Education Canada
State of IS Security - Security Threats & Technologies
Security TechnologiesCompanies and research organizations continue to develop and refine technologies to prevent security breaches. Some Include:• Firewalls• Biometrics• VPN and Encryption
Security ThreatsToday we hear about many security breaches that affect organizations and individuals. Some recently in the news:• Identity Theft – gaining access to someone’s personal
information allowing them to imitate you (stolen laptop) • Denial of Service – attacks on websites using zombie
computers that overwhelm the site and shut it down• Others: Spyware, Spam, Wireless Access, Viruses
4-24Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Security Threat: Spyware, Spam, and Cookies
CookiesA message passed to a browser from a Web server. Used by legitimate programs to store state and user information• Problems: can be used to track user activities• Prevention: browser settings, firewall
SpywareAny software that covertly gathers information about a user through an Internet connection without the user’s knowledge• Problems: uses memory resources, uses bandwidth, and can cause system instability• Prevention: Firewalls and Anti-spyware software
SpamElectronic junk mail or junk newsgroup postings usually for purpose of advertising some product and/or service• Problems: nuisance, wastes time deleting, uses storage• Prevention: Spam Blocker software
4-25Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Information System Security – Managerial Techniques
Organizational Policies and Procedures• Acceptable Use Policies – formally document how systems
should be used, for what, and penalties for non-compliance
Backups and Disaster Recovery• Backups – taking periodic snapshots of critical systems data
and storing in a safe place or system (e.g. backup tape)• Disaster Recovery Plans – spell out detailed procedures to
be used by the organization to restore access to critical business systems (e.g. viruses or fire)
• Disaster Recovery – executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost
4-26Information Systems Today, 2/C/e ©2008 Pearson Education Canada
IS Security: Technology
Firewall Techniques• Packet Filter – examine each packet entering and leaving
network and accept/reject based on rules• Application Level Control – Performs certain security
measures based on a specific application (e.g. file transfer)• Circuit Level Control – detects certain types of
connections or circuits on either side of the firewall• Proxy Server – acts as, or appears as, an alternative
server that hides the true network addresses
FirewallsA system of software, hardware or both designed to detect intrusion and prevent unauthorized access to or from a private network
4-27Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Security Technology: Biometrics
Biometrics• A sophisticated authentication
technique used to restrict access to systems, data and/or facilities
• Uses biological characteristics to identify individuals such as fingerprints, retinal patterns in the eye, etc. that are not easily counterfeited
• Has great promise in providing high security
4-28Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Security Threat: Viruses
VirusesPrograms that can attack a computer and/or a network and delete information, disable software, use up system resources, etc.
Prevention Steps: AntiVirus software: Install this software which is designed to block all known viruses and offers automatic or manual updates to virus patterns to block future virusesNo Disk Sharing – Viruses can be transferred to clean computers by inserting disks containing infected filesDelete Suspicious Email Messages – Do not open suspicious e-mail messages…Delete Only!Report Viruses – If you get a virus, report it to you network administrator immediately!
4-29Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes
Computer CrimeThe act of using a computer to commit an illegal act. The broad definition of computer crime can include the following:
• Targeting a computer while committing an offense (e.g gaining entry to a computer system in order to cause damage to the computer or the data it contains)
• Using a computer to commit and offense (e.g. stealing credit card numbers from a company database)
• Using computers to support criminal activity(e.g. drug dealer using computers to store records of illegal transactions)
Computer CrimeThe act of using a computer to commit an illegal act. The broad definition of computer crime can include the following:
• Targeting a computer while committing an offense (e.g gaining entry to a computer system in order to cause damage to the computer or the data it contains)
• Using a computer to commit and offense (e.g. stealing credit card numbers from a company database)
• Using computers to support criminal activity(e.g. drug dealer using computers to store records of illegal transactions)
4-30Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes and the Impact on Organizations
4-31Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crime – Unauthorized Access
Unauthorized AccessA person gaining entry to a computer system for which they have no authority to use such access
THIS IS A COMPUTER CRIME!
Unauthorized AccessA person gaining entry to a computer system for which they have no authority to use such access
THIS IS A COMPUTER CRIME!
4-32Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crime – Unauthorized Access Trends
4-33Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes – Who Commits Them?
Unauthorized Access1998 Survey of
1600 companies by PricewaterhouseCoopers
82% come from inside the
organization(employees)
4-34Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes – Who Commits Them?
Unauthorized Access2004 Survey by
Computer Security Institute
Unauthorized Access2004 Survey by
Computer Security Institute
4-35Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crime – Various Types 1st Half
4-36Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crime – Various Types 2nd Half
4-37Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes - Hacking and Cracking
HackersA term to describe unauthorized access to computers based entirely on a curiosity to learn as much as possible about computers. It was originally used to describe MIT students in the 1960s that gained access to mainframes. It was later used universally used for gaining unauthorized access for any reason
HackersA term to describe unauthorized access to computers based entirely on a curiosity to learn as much as possible about computers. It was originally used to describe MIT students in the 1960s that gained access to mainframes. It was later used universally used for gaining unauthorized access for any reason
CrackersA term to describe those who break into computer systems with the intention of doing damage or committing crimes. This term was created because of protests by true hackers
CrackersA term to describe those who break into computer systems with the intention of doing damage or committing crimes. This term was created because of protests by true hackers
4-38Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes – Cracker (Humorous)
4-39Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crime – Software Piracy
Software PiracyThis practice of buying one copy and making multiple copies for personal and commercial use, or for resale is illegal in most countries while others offer weak or nonexistent protections. This has become and international problem as shown below
4-40Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Destructive Code that Replicates
Viruses These programs disrupt the normal function of a computer system through harmless pranks or by destroying files on the infected computer. They come in several types:
• Boot Sector – attaches to the section of a hard disk or floppy disk that boots a computer.
• File Infector – attach themselves to certain file types such as .doc, .exe, etc.
• Combination – viruses can change types between boot sector and file infector to fool antivirus programs
• Attachment – released from an e-mail when an attachment is launched. Can also send themselves your address book
Viruses These programs disrupt the normal function of a computer system through harmless pranks or by destroying files on the infected computer. They come in several types:
• Boot Sector – attaches to the section of a hard disk or floppy disk that boots a computer.
• File Infector – attach themselves to certain file types such as .doc, .exe, etc.
• Combination – viruses can change types between boot sector and file infector to fool antivirus programs
• Attachment – released from an e-mail when an attachment is launched. Can also send themselves your address book
Worms This destructive code also replicates and spreads through networked computers but does damage by clogging up memory to slow the computer versus destroying files
Worms This destructive code also replicates and spreads through networked computers but does damage by clogging up memory to slow the computer versus destroying files
4-41Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Computer Crimes – Destructive Code
4-42Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Destructive Code that Doesn’t Replicates
Trojan HorsesThese programs do not replicate but can do damage as they run hidden programs on the infected computer that appears to be running normally (i.e. a game program that creates an account on the unsuspecting user’s computer for unauthorized access)
Trojan HorsesThese programs do not replicate but can do damage as they run hidden programs on the infected computer that appears to be running normally (i.e. a game program that creates an account on the unsuspecting user’s computer for unauthorized access)
Logic or Time BombsA variation of a Trojan Horse that also do not replicate and are hidden but are designed to lie in wait for a triggering operation. (i.e. a disgruntled employee that sets a program to go off after they leave the company)
• Time Bombs – are set off by dates (e.g. a birthday)
• Logic Bombs – are set off by certain operations (e.g. a certain password)
Logic or Time BombsA variation of a Trojan Horse that also do not replicate and are hidden but are designed to lie in wait for a triggering operation. (i.e. a disgruntled employee that sets a program to go off after they leave the company)
• Time Bombs – are set off by dates (e.g. a birthday)
• Logic Bombs – are set off by certain operations (e.g. a certain password)
4-43Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Cyberwar and Cyberterrorism
Cyberwar
An organized attempt by a country’s military to disrupt or destroy the information and communications systems of another country. Common targets include:
• Command and control systems
• Intelligence collection and distribution systems
• Information processing and distribution systems
• Tactical communication systems
• Troop and weapon positioning systems
• Friend-or-Foe identification systems
• Smart weapons systems
Cyberwar
An organized attempt by a country’s military to disrupt or destroy the information and communications systems of another country. Common targets include:
• Command and control systems
• Intelligence collection and distribution systems
• Information processing and distribution systems
• Tactical communication systems
• Troop and weapon positioning systems
• Friend-or-Foe identification systems
• Smart weapons systems
4-44Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Cyberwar and Cyberterrorism
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack):
• an attempt to make a computer resource unavailable to its intended users.
• motives for, and targets of a DoS attack may vary• generally consists of the concerted efforts of a
person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.
• perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack):
• an attempt to make a computer resource unavailable to its intended users.
• motives for, and targets of a DoS attack may vary• generally consists of the concerted efforts of a
person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.
• perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
4-45Information Systems Today, 2/C/e ©2008 Pearson Education Canada
Cyberwar and Cyberterrorism
Cyber Terrorism
The use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals
Cyber Terrorism
The use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals
Responses to the ThreatAt greatest risk are those that depend highly on computers and networking infrastructure (i.e. governments, utilities, transportation providers, etc.) Responses include:
• Improved intelligence gathering techniques
• Improved cross-government cooperation
• Providing incentives for industry security investment
Responses to the ThreatAt greatest risk are those that depend highly on computers and networking infrastructure (i.e. governments, utilities, transportation providers, etc.) Responses include:
• Improved intelligence gathering techniques
• Improved cross-government cooperation
• Providing incentives for industry security investment