NETWORK COMMUNICATIONS SOFTWARE
Communications software provides many functions in a network. These functions include error checking, message formatting, communications logs (listings of all jobs and communications in a specified period of time), data security and privacy, and translation capabilities. These functions are performed by various parts of network communications software, which includes network operating systems, network management software, and protocols.
Network Operating Systems
A network operating system (NOS)is systems software that controls the hardware devices, software, and communications media and channels across a network. The NOS enables various devices to communicate with each other. NetWare by Novell and Windows NT from Microsoft are popular network operating systems for LANs.
Network Management Software
Network management softwarehas many functions in operating a network. These functions reduce time spent on routine tasks, such as remote, electronic installation of new software on many devices across a network. They also provide faster response to network problems, greater control over the network, and remote diagnosing of problems in devices connected to the network. In short, network management software performs functions that decrease the human resources needed to manage the network.
Protocols
Computing devices that are connected to the network (often referred to as “nodes” of the network) access and share the network to transmit and receive data. These components work together by adhering to a common set of rules that enable them to communicate with each other. This set of rules and procedures governing transmission across a network is a protocol.
The principal functions of protocols in a network are line access and collision avoidance. Line access concerns how the sending device gains access to the network to send a message. Collision avoidance refers to managing message transmission so that two messages do not collide with each other on the network. Other functions of protocols are to identify each device in the communication path, to secure the attention of the other device, to verify correct receipt of the transmitted message, to verify that a message requires retransmission because it cannot be correctly interpreted, and to perform recovery when errors occur.
Ethernet.The most common protocol is Ethernet10BaseT. Over three-fourths of all networks use the Ethernet protocol. The 10BaseT means that the network has a speed of 10 Mbps. Fast Ethernet is 100BaseT, meaning that the network has a speed of 100 Mbps. The most common protocol in large corporations is the Gigabit Ethernet. That is, the network provides data transmission speeds of one billion bits per second (666 times faster than a T1 line). However, ten-gigabit Ethernet is becoming the standard (ten billion bits per second).
|
|
|
TCP/IP.The Transmission Control Protocol/Internet Protocol (TCP/IP)is a file transfer protocol that can send large files of information across sometimes-unreliable networks with assurance that the data will arrive in uncorrupted form. TCP/IP allows efficient and reasonably error-free transmission between different systems and is the protocol of the Internet. As we will see in Chapter 7, TCP/IP is becoming very popular with business organizations due to its reliability and the ease with which it can support intranets and related functions.
Communication between protocols.Network devices from different vendors must communicate with each other by following the same protocols. Unfortunately, commercially available data communication devices follow a number of different protocols, causing substantial problems with data communications networks.
Attempts at standardizing data communications have been somewhat successful, but standardization in the United States has lagged behind that in other countries where the communications industry is more closely regulated. Various organizations, including the Electronic Industries Association (EIA), the Consultative Committee for International Telegraph and Telephone (CCITT), and the International Standards Organization (ISO) have developed electronic interfacing protocols that are widely used within the industry.
Typically, the protocols required to achieve communication on behalf of an application are actually multiple protocols existing at different levels or layers. Each layer defines a set of functions that are provided as services to upper layers, and each layer relies on services provided by lower layers. At each layer, one or more protocols define precisely how software on different systems interacts to accomplish the functions for that layer. This layering notion has been formalized in several architectures. The most widely known is the reference model of the International Standards Organization Open Systems Interconnection (ISO-OSI), which has seven layers. See the book’s Web site for a table that details the seven layers of the OSI model protocol.
|
|
|
Lecture №8.
Subject: CYBER SECURITY
1.WHAT IS CYBER SECURITY?
2.WHY IS CYBER SECURITY IMPORTANT
Network outages, data compromised by hackers, computer viruses and other incidents affect our lives in ways that range from inconvenient to life-threatening. As the number of mobile users, digital applications and data networks increase, so do the opportunities for exploitation.
WHAT IS CYBER SECURITY?
Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.
WHY IS CYBER SECURITY IMPORTANT?
Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.
During a Senate hearing in March 2013, the nation's top intelligence officials warned that cyber attacks and digital spying are the top threat to national security, eclipsing terrorism.
What are the possible relations between these two fields of security?
- Cyber security is subset of Information security.
- Information security is subset of Cyber security.
- They are slightly different, with common intersection.
Let start with definitions and then discuss.
Information Security (INFOSEC)
ISO/IEC 27000:2009 definition 2.33
Information security - preservation of confidentiality, integrity and availability of information. Note 1 to entry: In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.
|
|
|
CNNS definition
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
Cyber security (CYBERSEC)
Definition of cybersecurity, referring to ITU-T X.1205
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.
Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment.
Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following:
• Availability
• Integrity, which may include authenticity and non-repudiation
• Confidentiality
Simple cyber security definition
When preparing Cybersec law in Slovakia we proposed definition: “Set of measures, activities, tools and things ensuring protection of cyberspace against cyber threats and cyberspace vulnerabilities.”
It means that in Cyber Security we are dealing only with threats via cyberspace (not threats for Cyberspace such as physical disasters to datacentre, non-availability of electric power, direct sabotage, stealing tablet or smartphone …).
Cyberspace
We need also some definition of cyber environment or cyberspace. Have a look on the NATO definitions, see Cyber Definitions You have a bulk of definitions from member states and international organizations.
Simple and useful is International Organization for Standardization definition: “The complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form.”
|
|
|
Differences: INFOSEC vs. CYBERSEC
• INFOSEC is dealing also with information in paper form, CYBERSEC no.
• INFOSEC is typically not dealing with:
o Cyber-warfare.
o Information warfare.
o Negative social impacts of interaction of people, software and services on the Internet such as:
Sexual abuse of children over Internet.
On-line radicalisation.
Cyber stalking.
o Critical infrastructure protection (control systems).
o Part of the IoT security, where no processors are used (some controllers, passive RFID or so).
• Cyber Security is not dealing with preservation of confidentiality, integrity and availability of information, when using physical, administration or personal security.
But what can be common term, which includes all CYBERSEC and all non-paper part of INFOSEC? It can be: “Cyberspace Protection”- it means protect cyberspace against all threats and vulnerabilities from virtual and real, physical world.
Imagine a Venn diagram, where Information Security and Cyber Security have a large overlap. Cyber Security concerns itself with security in the "Cyber" realm or dimension, and will include, for example, the security of your company's personnel on social media websites, the propensity of certain attackers to attack your assets or brand, the exposure of your SCADA infrastructure (which may include, for example, your data center's HVAC infrastructure) to attacks, etc. etc., while Information Security mostly concerns itself with your digital assets and their confidentiality, integrity and availability.
At the operational level, Information Security will usually start out by asking "what are my valuable digital assets" and look to holistically protect them. Cyber Security will usually start out with "who wants to harm what" and look to defend against them. While more often than not the conclusions of both will converge, the different points of view will often lead to differing prioritization of resources in dealing with the issues.
Most Information Security professionals will claim to have been doing Cyber security the whole time, and many will be correct, if they've been assessing threats and threat actors as part of their methodologies. But as the Cyber realm grows in both sheer size and (more importantly) in our social and economic dependence on it, a holistic view that includes more than just assessing our own assets, is necessary for true security.
Imagine if you will an attack on your CEO through their personal Facebook page, so as to extort money or favors from them directly related to their work. Is this an Information Security issue? Are your digital assets at risk? Is this a Cyber issue (hint: yes)? Should the Information Security officer be involved or should this be just a law-enforcement issue? These are issues faced by companies today as the perimeters between work and personal in Cyberspace disappear.
CYBER SECURITY GLOSSARY OF TERMS
Learn cyber speak by familiarizing yourself with cyber security terminology.
Access - The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains or to control system components and functions.
Active Attack − An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data or its operations.
Blacklist−A list of entities that are blocked or denied privileges or access.
Bot−A computer connected to the Internet that has been surreptitiously/secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator.
Cloud Computing−A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Critical Infrastructure−The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment or any combination of these matters.
Cryptography−The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication and data origin authentication.
Cyber Space−The interdependent network of information technology infrastructures, that includes the Internet, telecommunications networks, computer systems and embedded processors and controllers.
Data Breach−The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
Digital Forensics−The processes and specialized techniques for gathering, retaining and analyzing system-related data (digital evidence) for investigative purposes.
Enterprise Risk Management−A comprehensive approach to risk management that engages people, processes and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization's ability to achieve its objectives.
Information Assurance−The measures that protect and defend information and information systems by ensuring their availability, integrity and confidentiality.
Intrusion Detection−The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.
Key−The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation or signature verification.
Malware−Software that compromises the operation of a system by performing an unauthorized function or process.
Passive Attack−An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system but does not attempt to alter the system, its resources, its data or its operations.
Penetration Testing−An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.
Phishing−A digital form of social engineering to deceive individuals into providing sensitive information.
Root−A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges and conceal the activities conducted by the tools.
Software Assurance−The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.
Virus−A computer program that can replicate itself, infect a computer without permission or knowledge of the user and then spread or propagate to another computer.
Whitelist−A list of entities that are considered trustworthy and are granted access or privileges.
Lecture №9
Дата добавления: 2018-04-15; просмотров: 650; Мы поможем в написании вашей работы! |
Мы поможем в написании ваших работ!