SlideShare uma empresa Scribd logo

E gov security_tut_session_12

Mustafa Jarrar
Mustafa Jarrar
Tecnologia
1 de 67
Baixar para ler offline
‫أكاديمية الحكومة اإللكترونية الفلسطينية‬ The Palestinian eGovernment Academy www.egovacademy.ps Security Tutorial Sessions 12 PalGov © 2011 1
About This tutorial is part of the PalGov project, funded by the TEMPUS IV program of the Commission of the European Communities, grant agreement 511159-TEMPUS-1- 2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.ps Project Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, Palestine Coordinator: Dr. Mustafa Jarrar Birzeit University, P.O.Box 14- Birzeit, Palestine Telfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
© Copyright Notes Everyone is encouraged to use this material, or part of it, but should properly cite the project (logo and website), and the author of that part. No part of this tutorial may be reproduced or modified in any form or by any means, without prior written permission from the project, who have the full copyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SA This license lets others remix, tweak, and build upon your work non- commercially, as long as they credit you and license their new creations under the identical terms. PalGov © 2011 3
Tutorial 5: Information Security Session 12: Auditing and Wireless Security Session 12 Outline: • Security Auditing • Break • Wireless Security Protocols PalGov © 2011 4
Tutorial 5: Session 12: Auditing This session will contribute to the following ILOs: • A: Knowledge and Understanding a2: Defines security standards and policies. • B: Intellectual Skills b3: Design end-to-end secure and available systems. • D: General and Transferable Skills d2: Systems configurations. d3: Analysis and identification skills. PalGov © 2011 5
Security Audit • Auditing used on the security of an organization’s information system (IS) assets. • Definition – “An independent review and examination of a system's records and activities to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures. The basic audit objective is to establish accountability for system entities that initiate or participate in security-relevant events and actions. Thus, means are needed to generate and record a security audit trail and to review and analyze the audit trail to discover and investigate attacks and security compromises.” [from RFC2828.] PalGov © 2011 6
Security Audit Trail • Definition – “A chronological record of system activities that is sufficient to enable the reconstruction and examination of the sequence of environments and activities surrounding or leading to an operation, procedure, or event in a security- relevant transaction from inception to final results” [from RFC2828]. PalGov © 2011 7
Security Audit Architecture PalGov © 2011 8
Distributed Audit Trail Model PalGov © 2011 9
Basic Security Auditing Functions PalGov © 2011 10
Definition of Events • Must define what are auditable events • Common criteria suggests: – Introduction of objects – Deletion of objects – Distribution or revocation of access rights or capabilities – Changes to subject or object security attributes – Policy checks performed by the security software – Use of access rights to bypass a policy check – Use of identification and authentication functions; – Security-related actions taken by an operator/user – Import/export of data from/to removable media PalGov © 2011 11
Implementation Requirements • Decide requirements management • Scope of checks to be agreed and controlled • Checks limited to read-only access to s/w & data • Identified resources for performing the checks • Identify special requirements • Monitor /Log all access • Use DOCUMENT procedures, PalGov © 2011 12
Collected Information • Decide on amount of generated data – Size vs quality • Data items captured may include: – Operating system access (system calls) – Use of system security mechanisms – Auditing software use – Remote access – Events from IDS and firewall systems – System management / operation events – Access to selected applications – Others… PalGov © 2011 13
Audit Trails on System Level • Useful to categorize audit trails • System-level audit trails – See MS System event viewer. PalGov © 2011 14
Application-Level Audit Trails • to detect security violations within an application • to detect flaws in application's system interaction • for critical / sensitive applications, e.g. email, DB – See MS Application event viewer. PalGov © 2011 15
User-Level Audit Trails • Trace activity of individual users over time – To hold user accountable for actions taken – As input to an analysis program that attempts to define normal versus anomalous behavior – See ms system and security event viewers. PalGov © 2011 16
Physical-Level Audit Trails • Generated by physical access controls – E.G. Card-key systems, alarm systems • Sent to central host for analysis / storage • Used in many ministries and organizations in Palestine PalGov © 2011 17
Example 1: Windows Event Log • Each event an entity that describes some interesting occurrence and – Each event record contains: • Numeric id, set of attributes, optional user data – Presented as XML or binary data • Have three types of event logs: – System - system related apps & drivers – Application - user-level apps – Security - windows LSA PalGov © 2011 18
Windows Event Categories • Account logon events • Account management • Directory service access • Logon events • Object access • Policy changes • Privilege use • Process tracking • System events PalGov © 2011 19
Example 1: Windows Event Log Demo • SEE DEMO PalGov © 2011 20
Example 2: UNIX Syslog • UNIX's general-purpose logging mechanism – found on all UNIX / Linux variants – but with variants in facility and log format PalGov © 2011 21
Syslog Service • Basic service provides: – A means of capturing relevant events – A storage facility – A protocol for transmitting syslog messages from other hosts to a central syslog server • Extra add-on features may include: – Robust filtering, log analysis, event response, alternative message formats, log file encryption, database storage, rate limiting PalGov © 2011 22
Syslog Protocol • A transport allowing hosts to send IP event notification messages to syslog servers – Provides a very general message format – Allowing processes / apps to use suitable conventions for their logged events – Can be plain or encrypted PalGov © 2011 23
Unix Syslog Examples Mar 1 06:25:43 server1 sshd[23170]: Accepted publickey for server2 from 172.30.128.115 port 21011 ssh2 Mar 1 07:16:42 server1 sshd[9326]: Accepted password for murugiah from 10.20.30.108 port 1070 ssh2 Mar 1 07:16:53 server1 sshd[22938]: reverse mapping checking getaddrinfo for ip10.165.nist.gov failed - POSSIBLE BREAKIN ATTEMPT! Mar 1 07:26:28 server1 sshd[22572]: Accepted publickey for server2 from 172.30.128.115 port 30606 ssh2 Mar 1 07:28:33 server1 su: BAD SU kPPU to root on /dev/ttyp2 Mar 1 07:28:41 server1 su: kPPU to root on /dev/ttyp2 PalGov © 2011 24
Logging at Application Level • privileged applications have security issues – which system/user-level audit data may not see – a large percentage of reported vulnerabilities – e.g. failure to adequately check input data, application logic errors • hence need to capture detailed behavior • applications can be written to create audit data PalGov © 2011 25
Tutorial 5: Information Security Session 12: Auditing and Wireless Security Session 12 Outline: • Security Auditing • Break • Wireless Security Protocols PalGov © 2011 26
Introduction to Wireless Security Protocols. • Introduction Wireless and Wireless Standards • Authentication and Association • WEP and WPA Security Protocols • Other Wireless Network Security Issues PalGov © 2011 27
Différent Wireless Standards • Used radio frequencies: – 2.4GHZ (b, g, n) – 5GHZ (a, n) • Wi-fi , wireless LAN and IEEE802.11 – Wi-fi: • Industry standard proposed by the wi-fi alliance which implements the (drafts of, slightly modified) IEEE802.11 standards – Wireless LAN: • A general term used for wireless short range, high- speed radio networks – IEEE802.11: • A standard defining a type of wireless connection PalGov © 2011 28
Wireless LAN Standards • IEEE 802.11 • IEEE 802.11a – Original wireless LAN – Up to 54Mbps in the standard 5GHz band – Up to 2Mbps in the 2.4GHz – Security: WEP & WPA band – "Wi-Fi Certified" – Security: WEP & WPA • IEEE 802.11b • IEEE 802.11g – Up to 11Mbps in the 2.4GHz – Up to 54Mbps in the band 2.4GHz band – Security: WEP & WPA – Security: WEP & WPA – "Wi-Fi Certified" – "Wi-Fi Certified" PalGov © 2011 29
Service Set Identifier • SSID – 2-32 byte alphanumeric sequence of characters – Uniquely names a WLAN, – Case sensitive and is – Encoded in plain text. PalGov © 2011 30
Beacons • Beacons – Information frame sent by an AP. – Approximately 50-bytes: • Timestamp • Beacon interval • Capability info • Service set identifier PalGov © 2011 31
Wireless Authentication and Association • Wireless authentication – A means to establish or prove identity to wireless access points – Verifying eligibility of users, devices, or applications. – Only authorized clients are allowed to gain access to the wireless network. • Wireless Association – The binding of a wireless network client to an access point before starting data transfer. PalGov © 2011 32
Wireless Connection Steps and States • Connection Process – First: Authentication Phase • Open System Authentication • Shared Key Authentication – Second: Association Phase • The Connection Process has 3 States: – Authenticated and Associated – Authenticated and Unassociated – Unauthenticated and Unassociated PalGov © 2011 33
System Authentication • Open System Authentication – Default – Authentications based on sending empty / null string SSID – Receiving station, (AP) sends acknowledgment • Closed System – Authentications based only on SSID – Receiving station, (AP) sends acknowledgment PalGov © 2011 34
Shared Key Authentication • Shared Key – IEEE 802.11 Wireless Equivalent Privacy, (WEP). – Authentications based on Text and WEP Keys. – Challenge – Response Scheme PalGov © 2011 35
802.1x and EAP • 802.1x : – a port-level access control protocol, – provides a security framework for IEEE networks, – including Ethernet and wireless networks. • EAP - Extensible Authentication Protocol, – sits inside of PPP's authentication protocol – provides a framework for many authentication methods. PalGov © 2011 36
Wired Equivalent Privacy (WEP) • 802.11b standard. • A secret key is shared between stations and an access point. • The secret key is used to encrypt data packets • Uses Integrity check • Logical service is located within the MAC layer. • Provided are : – Confidentiality; – Authentication; – Access control in conjunction with layer management. PalGov © 2011 37
WEP Properties • Reasonably strong (RC4) !!!! (breakable?) • Self-synchronizing, Efficient and May be exportable • Optional PalGov © 2011 38
WEP IV and Secret Keys • 802.11b – 64-bit shared RC4 Key. 24-bit IV plus a 40-bit Secret Key. IV Secret Key 24 - bits 40 - bits PRNG Seed – 128-bit shared RC4 Key. 24/104 – 152-bit shared RC4 Key. 24/128 PalGov © 2011 39
WEP Key Servers • Advantages of Key Servers – Centralized key generation – Centralized key distribution – Ongoing key rotation – Reduced key management overhead. PalGov © 2011 40
WEP Key Weaknesses • Small key size (40 bit) • Simple Key management • Too small IV vectors. 24-bit = 16,777,216 different cipher streams. • Weak ICV algorithm (CRC-32) • Authentication messages can be easily faked. PalGov © 2011 41
IEEE 802.11i and WPA • Overview • IEEE 802.11 task group I: • Specification for robust security – Robust security network (RSN): – Implements only the new mechanisms proposed by the 802.11i – Transitional security network (TSN): – Allows RSN and WEP to cooperate – Generally 802.11i is used to designate both of them • WI-FI – Wireless protected access (WPA) – Adopts a subset of 802.11i specifications – Extensions added PalGov © 2011 42
IEEE 802.11i Features • Separation of security services – Avoids that a security services relies on each other. – Uses different mechanisms • Use of session keys – Master key is never used for encryption • Use of existing standards – Already tested, more robust PalGov © 2011 43
Key usage for IEEE 802.11i • Use of master and temporal keys • WPA Master keys are generated while authentication. • Temporal keys are generated using the master key once the STA is authenticated • Temporal keys are short life keys PalGov © 2011 44
IEEE 802.11i: Security Services A. Authentication: mutual authentication between the STA and the network – Personal: pre-shared keys (WPA-PSK , passwords) – Enterprise: IEEE802.1X (EAP, RADIUS) B. Confidentiality and Data Integrity – Key distribution using EAPOL, 802.1X – TKIP: Temporal Key Integrity Protocol – CCMP: Counter-Mode CBC-MAC Protocol C. Access Control: ensures that only legitimate users access the network – Entirely based on the authentication result – Implemented at the AP » This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 45
Enterprise Authentication • The WPA-PSK is not efficient • Enterprise suite: – 802.1x: allows limiting the access to the network to EAP traffic until the authentication is done – EAP: carries authentication exchanges • EAPOL-Key packets are used to distribute the session keys after successful authentication • Originally designed for dial-up connections – Runs over 802.1x inside a LAN – Runs over RADIUS outside the LAN – RADIUS: the RADIUS server holds the users’ credentials » This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 46
IEEE802.1X, EAP and RADIUS Supplicant Auth Serve This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 47
Extensible Authentication Protocol (EAP) • Extensible Authentication Protocol (RFC2284) • Used between the authentication server (AS) and the supplicant, the authenticator forwards EAP messages • Middle messages are defined for each authentication method – Transport Layer Security (TLS) – Tunneled TLS (TTLS) – Kerberos • Mutual Authentication is possible PalGov © 2011 48
IEEE802.1X for IEEE802.11 • Three involved entities: 1.Supplicant: the STA which needs to have access, initiates the authentication 2.Authenticator: gate controller (AP) 3.Authentication Server (AS): decides whether to grant the supplicant the access or not according to the information transmitted by the authenticator PalGov © 2011 49
EAP and 802.1X • EAP was designed originally for dial-up authentication – Not adapted for LAN • The 802.1X defines EAP over LAN (EAPOL) – EAPOL-Packet: encapsulates EAP packets – EAPOL-Start: allows local authenticators discovering – EAPOL-Key: transports keys after successful authentication – EAPOL-Logoff: sent by the supplicant to disconnect PalGov © 2011 50
RADIUS: Why? • EAPOL can not transport EAP packets over an IP network • A secure channel should be used • EAP over RADIUS (RFC2869:EAP Extensions) • Remote Access Dial-In User Service (RFC2865) • A central authentication server + local authenticators – As in IEEE802.11 – Designed firstly to be used by Internet Service Providers (ISP) PalGov © 2011 51
RADIUS: How? PalGov © 2011 52
Fitting it all together ! Supplicant Auth Serv. PalGov © 2011 53
802.11 Security Protocols 802.11 WPA WPA2 Security WEP 802.11i Perso Enterprise Personal Enterprise Protocols nal 802.1X/ 802.1X/ 802.1X/ Authenticatio PSK EAP/ PSK EAP/ PSK EAP n Radius Radius Radius (O) Data TKIP TKIP CCMP/ CCMP/ WEP CCMP/ Encryption TKIP(O) TKIP(O) TKIP PalGov © 2011 54
Wireless Packet / Data Filtering • Blocking unwanted traffic. • Three basic types of filtering: – SSID Filtering – MAC Address Filtering – Protocol Filtering PalGov © 2011 55
Attacks on WLANs • Some attack methods: – Passive Attacks (Eavesdropping) – Active Attacks • Jamming Attacks • Man-in-the-middle Attacks PalGov © 2011 56
Emerging Security Solutions • WEP Key Management • Wireless VPNs • TKIP • AES • Wireless Gateways • 802.1X and EAP • Policies • Etc… PalGov © 2011 57
Wireless VPN • VPN – Virtual private network. – Private network link carried on a public network – Uses tunnelling – Utilizes encryption techniques PalGov © 2011 58
Roaming • Roaming – ability for a user to function when the serving network is different from their home network. – The process of a client moving from one area or AP to another while maintaining a data link. • Mobile IP – allows users with mobile devices whose IP addresses are associated with one network to stay connected when moving to another network with a different IP. PalGov © 2011 59
Roaming and Mobility PalGov © 2011 60
VPN Use in Roaming • Wireless VPN implemented by two methods: – A centralized VPN server (Hardware/ software) – A distributed set of VPN servers • Can be located in the AP with RADIUS support PalGov © 2011 61
Corporate Security Policy • Develop a wireless security policy – define what is and what is not allowed with wireless technology. • Measure the basic field coverage of the wireless network. • Know the technologies and the users that use the network. • Physical Security PalGov © 2011 62
Corporate Security Policy • Set base lines and perform audits/monitoring of the network. • Harden AP’s, servers, and gateways. • Determine level of security protocols and standards. • Consider using switches, DMZ, RADIUS servers, and VPN. • Update firmware and software. PalGov © 2011 63
Securing WLAN Policies • If possible, put the wireless network behind its own routed interface so you can shut it off if necessary. • Pick a random SSID that gives nothing about your network. • Set your AP to 'Closed Network'. • Set the authentication method to 'Open'. • Have your broadcast keys rotate every few minutes. • Use 802.1X for key management and authentication – Look over the available EAP protocols and decide which is right for your environment. – Set the session to time out every few minutes. PalGov © 2011 64
References 1. Computer Security: Principles and Practice, by William Stallings and Lawrie Brown. Published by Pearson/Prentice Hall, © 2008. ISBN: 0-13-600424-5. 2. Cisco CWNA Course 3. Dr. Hani Ragab Hassen Lecture Notes, Kent University. PalGov © 2011 65
Summary • In this session we discussed the following: – Introduced need for security auditing – Audit model, functions, requirements – Security audit trails – Implementing logging and analysis. – Overview of wireless networking and standards – Wireless security protocols and policies PalGov © 2011 66
Thanks Radwan Tahboub PalGov © 2011 67

Recomendados

Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
IRJET- Comparative Study on Network Monitoring Tools
IRJET- Comparative Study on Network Monitoring ToolsIRJET- Comparative Study on Network Monitoring Tools
IRJET- Comparative Study on Network Monitoring ToolsIRJET Journal
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me ER Swapnil Raut
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateZuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateBrandon Height
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 

Recomendados

Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
IRJET- Comparative Study on Network Monitoring Tools
IRJET- Comparative Study on Network Monitoring ToolsIRJET- Comparative Study on Network Monitoring Tools
IRJET- Comparative Study on Network Monitoring ToolsIRJET Journal
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me ER Swapnil Raut
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateZuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateBrandon Height
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionCNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionSam Bowne
 
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesNetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesCoreTrace Corporation
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyFrancesco Faenzi
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748Unanet
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingSecurity Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingPriyanka Aash
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
E gov security_tut_session_9
E gov security_tut_session_9E gov security_tut_session_9
E gov security_tut_session_9Mustafa Jarrar
 
E gov security_tut_session_3
E gov security_tut_session_3E gov security_tut_session_3
E gov security_tut_session_3Mustafa Jarrar
 
E gov security_tut_session_4_lab
E gov security_tut_session_4_labE gov security_tut_session_4_lab
E gov security_tut_session_4_labMustafa Jarrar
 
E gov security_tut_session_0
E gov security_tut_session_0E gov security_tut_session_0
E gov security_tut_session_0Mustafa Jarrar
 
Why Care About Government Security
Why Care About Government SecurityWhy Care About Government Security
Why Care About Government SecurityMichael Smith
 
E gov security_tut_session_5
E gov security_tut_session_5E gov security_tut_session_5
E gov security_tut_session_5Mustafa Jarrar
 
E gov security_tut_session_2
E gov security_tut_session_2E gov security_tut_session_2
E gov security_tut_session_2Mustafa Jarrar
 
E-governance-and-Security
E-governance-and-SecurityE-governance-and-Security
E-governance-and-Securityanupriti
 
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...e-Democracy Conference
 
Cyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep BadgujarCyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep BadgujarVishwadeep Badgujar
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study ForgeRock
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsGovernment Technology and Services Coalition
 
OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?ForgeRock
 

Mais conteúdo relacionado

Mais procurados

CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionCNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionSam Bowne
 
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesNetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesCoreTrace Corporation
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyFrancesco Faenzi
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748Unanet
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingSecurity Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingPriyanka Aash
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 

Mais procurados (9)

CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionCNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data Collection
 
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesNetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
 
Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
 
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingSecurity Advantages of Software-Defined Networking
Security Advantages of Software-Defined Networking
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 

Destaque

E gov security_tut_session_9
E gov security_tut_session_9E gov security_tut_session_9
E gov security_tut_session_9Mustafa Jarrar
 
E gov security_tut_session_3
E gov security_tut_session_3E gov security_tut_session_3
E gov security_tut_session_3Mustafa Jarrar
 
E gov security_tut_session_4_lab
E gov security_tut_session_4_labE gov security_tut_session_4_lab
E gov security_tut_session_4_labMustafa Jarrar
 
E gov security_tut_session_0
E gov security_tut_session_0E gov security_tut_session_0
E gov security_tut_session_0Mustafa Jarrar
 
Why Care About Government Security
Why Care About Government SecurityWhy Care About Government Security
Why Care About Government SecurityMichael Smith
 
E gov security_tut_session_5
E gov security_tut_session_5E gov security_tut_session_5
E gov security_tut_session_5Mustafa Jarrar
 
E gov security_tut_session_2
E gov security_tut_session_2E gov security_tut_session_2
E gov security_tut_session_2Mustafa Jarrar
 
E-governance-and-Security
E-governance-and-SecurityE-governance-and-Security
E-governance-and-Securityanupriti
 
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...e-Democracy Conference
 
Cyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep BadgujarCyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep BadgujarVishwadeep Badgujar
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study ForgeRock
 
OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?ForgeRock
 
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.ForgeRock
 
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTUREForgeRock
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
OIS Architecture Review
OIS Architecture ReviewOIS Architecture Review
OIS Architecture ReviewForgeRock
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Ericsson Networks Software 15B
Ericsson Networks Software 15BEricsson Networks Software 15B
Ericsson Networks Software 15BEricsson
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An IntroductionForgeRock
 

Destaque (20)

E gov security_tut_session_9
E gov security_tut_session_9E gov security_tut_session_9
E gov security_tut_session_9
 
E gov security_tut_session_3
E gov security_tut_session_3E gov security_tut_session_3
E gov security_tut_session_3
 
E gov security_tut_session_4_lab
E gov security_tut_session_4_labE gov security_tut_session_4_lab
E gov security_tut_session_4_lab
 
E gov security_tut_session_0
E gov security_tut_session_0E gov security_tut_session_0
E gov security_tut_session_0
 
Why Care About Government Security
Why Care About Government SecurityWhy Care About Government Security
Why Care About Government Security
 
E gov security_tut_session_5
E gov security_tut_session_5E gov security_tut_session_5
E gov security_tut_session_5
 
E gov security_tut_session_2
E gov security_tut_session_2E gov security_tut_session_2
E gov security_tut_session_2
 
E-governance-and-Security
E-governance-and-SecurityE-governance-and-Security
E-governance-and-Security
 
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
 
Cyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep BadgujarCyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep Badgujar
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?
 
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
 
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURE
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
OIS Architecture Review
OIS Architecture ReviewOIS Architecture Review
OIS Architecture Review
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Ericsson Networks Software 15B
Ericsson Networks Software 15BEricsson Networks Software 15B
Ericsson Networks Software 15B
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An Introduction
 

Semelhante a E gov security_tut_session_12

E gov security_tut_session_11
E gov security_tut_session_11E gov security_tut_session_11
E gov security_tut_session_11Mustafa Jarrar
 
session7 Firewalls and VPN
session7 Firewalls and VPNsession7 Firewalls and VPN
session7 Firewalls and VPNMustafa Jarrar
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...NETWAYS
 
E gov security_tut_session_1
E gov security_tut_session_1E gov security_tut_session_1
E gov security_tut_session_1Mustafa Jarrar
 
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET Journal
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
GTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech DayGTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech DayZivaro Inc
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...Splunk
 
Leveraging Analytics for DevOps
Leveraging Analytics for DevOpsLeveraging Analytics for DevOps
Leveraging Analytics for DevOpsMichael Floyd
 
Baltimore jan2019 mule4
Baltimore jan2019 mule4Baltimore jan2019 mule4
Baltimore jan2019 mule4ManjuKumara GH
 
PROJECT REVIEW of technical vulnerability 1 (3).pptx
PROJECT REVIEW of technical vulnerability 1 (3).pptxPROJECT REVIEW of technical vulnerability 1 (3).pptx
PROJECT REVIEW of technical vulnerability 1 (3).pptxDHANUSH447825
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013brian_chong
 
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422Erik Giles
 
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...PROIDEA
 

Semelhante a E gov security_tut_session_12 (20)

E gov security_tut_session_11
E gov security_tut_session_11E gov security_tut_session_11
E gov security_tut_session_11
 
session7 Firewalls and VPN
session7 Firewalls and VPNsession7 Firewalls and VPN
session7 Firewalls and VPN
 
9780840024220 ppt ch10
9780840024220 ppt ch109780840024220 ppt ch10
9780840024220 ppt ch10
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
 
Wc4
Wc4Wc4
Wc4
 
CH18-CompSec4e.pptx
CH18-CompSec4e.pptxCH18-CompSec4e.pptx
CH18-CompSec4e.pptx
 
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
 
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
 
E gov security_tut_session_1
E gov security_tut_session_1E gov security_tut_session_1
E gov security_tut_session_1
 
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
GTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech DayGTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech Day
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
 
Leveraging Analytics for DevOps
Leveraging Analytics for DevOpsLeveraging Analytics for DevOps
Leveraging Analytics for DevOps
 
Baltimore jan2019 mule4
Baltimore jan2019 mule4Baltimore jan2019 mule4
Baltimore jan2019 mule4
 
PROJECT REVIEW of technical vulnerability 1 (3).pptx
PROJECT REVIEW of technical vulnerability 1 (3).pptxPROJECT REVIEW of technical vulnerability 1 (3).pptx
PROJECT REVIEW of technical vulnerability 1 (3).pptx
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013
 
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
 
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
 

Mais de Mustafa Jarrar

Clustering Arabic Tweets for Sentiment Analysis
Clustering Arabic Tweets for Sentiment AnalysisClustering Arabic Tweets for Sentiment Analysis
Clustering Arabic Tweets for Sentiment AnalysisMustafa Jarrar
 
Classifying Processes and Basic Formal Ontology
Classifying Processes and Basic Formal OntologyClassifying Processes and Basic Formal Ontology
Classifying Processes and Basic Formal OntologyMustafa Jarrar
 
Discrete Mathematics Course Outline
Discrete Mathematics Course OutlineDiscrete Mathematics Course Outline
Discrete Mathematics Course OutlineMustafa Jarrar
 
Business Process Implementation
Business Process ImplementationBusiness Process Implementation
Business Process ImplementationMustafa Jarrar
 
Business Process Design and Re-engineering
Business Process Design and Re-engineeringBusiness Process Design and Re-engineering
Business Process Design and Re-engineeringMustafa Jarrar
 
BPMN 2.0 Analytical Constructs
BPMN 2.0 Analytical ConstructsBPMN 2.0 Analytical Constructs
BPMN 2.0 Analytical ConstructsMustafa Jarrar
 
BPMN 2.0 Descriptive Constructs
BPMN 2.0 Descriptive Constructs BPMN 2.0 Descriptive Constructs
BPMN 2.0 Descriptive Constructs Mustafa Jarrar
 
Introduction to Business Process Management
Introduction to Business Process ManagementIntroduction to Business Process Management
Introduction to Business Process ManagementMustafa Jarrar
 
Customer Complaint Ontology
Customer Complaint Ontology Customer Complaint Ontology
Customer Complaint Ontology Mustafa Jarrar
 
Subset, Equality, and Exclusion Rules
Subset, Equality, and Exclusion RulesSubset, Equality, and Exclusion Rules
Subset, Equality, and Exclusion RulesMustafa Jarrar
 
Schema Modularization in ORM
Schema Modularization in ORMSchema Modularization in ORM
Schema Modularization in ORMMustafa Jarrar
 
On Computer Science Trends and Priorities in Palestine
On Computer Science Trends and Priorities in PalestineOn Computer Science Trends and Priorities in Palestine
On Computer Science Trends and Priorities in PalestineMustafa Jarrar
 
Lessons from Class Recording & Publishing of Eight Online Courses
Lessons from Class Recording & Publishing of Eight Online CoursesLessons from Class Recording & Publishing of Eight Online Courses
Lessons from Class Recording & Publishing of Eight Online CoursesMustafa Jarrar
 
Presentation curras paper-emnlp2014-final
Presentation curras paper-emnlp2014-finalPresentation curras paper-emnlp2014-final
Presentation curras paper-emnlp2014-finalMustafa Jarrar
 
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsJarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsMustafa Jarrar
 
Habash: Arabic Natural Language Processing
Habash: Arabic Natural Language ProcessingHabash: Arabic Natural Language Processing
Habash: Arabic Natural Language ProcessingMustafa Jarrar
 
Adnan: Introduction to Natural Language Processing
Adnan: Introduction to Natural Language Processing Adnan: Introduction to Natural Language Processing
Adnan: Introduction to Natural Language Processing Mustafa Jarrar
 
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
Riestra: How to Design and engineer Competitive Horizon 2020 ProposalsRiestra: How to Design and engineer Competitive Horizon 2020 Proposals
Riestra: How to Design and engineer Competitive Horizon 2020 ProposalsMustafa Jarrar
 
Bouquet: SIERA Workshop on The Pillars of Horizon2020
Bouquet: SIERA Workshop on The Pillars of Horizon2020Bouquet: SIERA Workshop on The Pillars of Horizon2020
Bouquet: SIERA Workshop on The Pillars of Horizon2020Mustafa Jarrar
 
Jarrar: Sparql Project
Jarrar: Sparql ProjectJarrar: Sparql Project
Jarrar: Sparql ProjectMustafa Jarrar
 

Mais de Mustafa Jarrar (20)

Clustering Arabic Tweets for Sentiment Analysis
Clustering Arabic Tweets for Sentiment AnalysisClustering Arabic Tweets for Sentiment Analysis
Clustering Arabic Tweets for Sentiment Analysis
 
Classifying Processes and Basic Formal Ontology
Classifying Processes and Basic Formal OntologyClassifying Processes and Basic Formal Ontology
Classifying Processes and Basic Formal Ontology
 
Discrete Mathematics Course Outline
Discrete Mathematics Course OutlineDiscrete Mathematics Course Outline
Discrete Mathematics Course Outline
 
Business Process Implementation
Business Process ImplementationBusiness Process Implementation
Business Process Implementation
 
Business Process Design and Re-engineering
Business Process Design and Re-engineeringBusiness Process Design and Re-engineering
Business Process Design and Re-engineering
 
BPMN 2.0 Analytical Constructs
BPMN 2.0 Analytical ConstructsBPMN 2.0 Analytical Constructs
BPMN 2.0 Analytical Constructs
 
BPMN 2.0 Descriptive Constructs
BPMN 2.0 Descriptive Constructs BPMN 2.0 Descriptive Constructs
BPMN 2.0 Descriptive Constructs
 
Introduction to Business Process Management
Introduction to Business Process ManagementIntroduction to Business Process Management
Introduction to Business Process Management
 
Customer Complaint Ontology
Customer Complaint Ontology Customer Complaint Ontology
Customer Complaint Ontology
 
Subset, Equality, and Exclusion Rules
Subset, Equality, and Exclusion RulesSubset, Equality, and Exclusion Rules
Subset, Equality, and Exclusion Rules
 
Schema Modularization in ORM
Schema Modularization in ORMSchema Modularization in ORM
Schema Modularization in ORM
 
On Computer Science Trends and Priorities in Palestine
On Computer Science Trends and Priorities in PalestineOn Computer Science Trends and Priorities in Palestine
On Computer Science Trends and Priorities in Palestine
 
Lessons from Class Recording & Publishing of Eight Online Courses
Lessons from Class Recording & Publishing of Eight Online CoursesLessons from Class Recording & Publishing of Eight Online Courses
Lessons from Class Recording & Publishing of Eight Online Courses
 
Presentation curras paper-emnlp2014-final
Presentation curras paper-emnlp2014-finalPresentation curras paper-emnlp2014-final
Presentation curras paper-emnlp2014-final
 
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsJarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 Calls
 
Habash: Arabic Natural Language Processing
Habash: Arabic Natural Language ProcessingHabash: Arabic Natural Language Processing
Habash: Arabic Natural Language Processing
 
Adnan: Introduction to Natural Language Processing
Adnan: Introduction to Natural Language Processing Adnan: Introduction to Natural Language Processing
Adnan: Introduction to Natural Language Processing
 
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
Riestra: How to Design and engineer Competitive Horizon 2020 ProposalsRiestra: How to Design and engineer Competitive Horizon 2020 Proposals
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
 
Bouquet: SIERA Workshop on The Pillars of Horizon2020
Bouquet: SIERA Workshop on The Pillars of Horizon2020Bouquet: SIERA Workshop on The Pillars of Horizon2020
Bouquet: SIERA Workshop on The Pillars of Horizon2020
 
Jarrar: Sparql Project
Jarrar: Sparql ProjectJarrar: Sparql Project
Jarrar: Sparql Project
 

Último

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Último (20)

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 

E gov security_tut_session_12

  • 1. ‫أكاديمية الحكومة اإللكترونية الفلسطينية‬ The Palestinian eGovernment Academy www.egovacademy.ps Security Tutorial Sessions 12 PalGov © 2011 1
  • 2. About This tutorial is part of the PalGov project, funded by the TEMPUS IV program of the Commission of the European Communities, grant agreement 511159-TEMPUS-1- 2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.ps Project Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, Palestine Coordinator: Dr. Mustafa Jarrar Birzeit University, P.O.Box 14- Birzeit, Palestine Telfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
  • 3. © Copyright Notes Everyone is encouraged to use this material, or part of it, but should properly cite the project (logo and website), and the author of that part. No part of this tutorial may be reproduced or modified in any form or by any means, without prior written permission from the project, who have the full copyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SA This license lets others remix, tweak, and build upon your work non- commercially, as long as they credit you and license their new creations under the identical terms. PalGov © 2011 3
  • 4. Tutorial 5: Information Security Session 12: Auditing and Wireless Security Session 12 Outline: • Security Auditing • Break • Wireless Security Protocols PalGov © 2011 4
  • 5. Tutorial 5: Session 12: Auditing This session will contribute to the following ILOs: • A: Knowledge and Understanding a2: Defines security standards and policies. • B: Intellectual Skills b3: Design end-to-end secure and available systems. • D: General and Transferable Skills d2: Systems configurations. d3: Analysis and identification skills. PalGov © 2011 5
  • 6. Security Audit • Auditing used on the security of an organization’s information system (IS) assets. • Definition – “An independent review and examination of a system's records and activities to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures. The basic audit objective is to establish accountability for system entities that initiate or participate in security-relevant events and actions. Thus, means are needed to generate and record a security audit trail and to review and analyze the audit trail to discover and investigate attacks and security compromises.” [from RFC2828.] PalGov © 2011 6
  • 7. Security Audit Trail • Definition – “A chronological record of system activities that is sufficient to enable the reconstruction and examination of the sequence of environments and activities surrounding or leading to an operation, procedure, or event in a security- relevant transaction from inception to final results” [from RFC2828]. PalGov © 2011 7
  • 8. Security Audit Architecture PalGov © 2011 8
  • 9. Distributed Audit Trail Model PalGov © 2011 9
  • 10. Basic Security Auditing Functions PalGov © 2011 10
  • 11. Definition of Events • Must define what are auditable events • Common criteria suggests: – Introduction of objects – Deletion of objects – Distribution or revocation of access rights or capabilities – Changes to subject or object security attributes – Policy checks performed by the security software – Use of access rights to bypass a policy check – Use of identification and authentication functions; – Security-related actions taken by an operator/user – Import/export of data from/to removable media PalGov © 2011 11
  • 12. Implementation Requirements • Decide requirements management • Scope of checks to be agreed and controlled • Checks limited to read-only access to s/w & data • Identified resources for performing the checks • Identify special requirements • Monitor /Log all access • Use DOCUMENT procedures, PalGov © 2011 12
  • 13. Collected Information • Decide on amount of generated data – Size vs quality • Data items captured may include: – Operating system access (system calls) – Use of system security mechanisms – Auditing software use – Remote access – Events from IDS and firewall systems – System management / operation events – Access to selected applications – Others… PalGov © 2011 13
  • 14. Audit Trails on System Level • Useful to categorize audit trails • System-level audit trails – See MS System event viewer. PalGov © 2011 14
  • 15. Application-Level Audit Trails • to detect security violations within an application • to detect flaws in application's system interaction • for critical / sensitive applications, e.g. email, DB – See MS Application event viewer. PalGov © 2011 15
  • 16. User-Level Audit Trails • Trace activity of individual users over time – To hold user accountable for actions taken – As input to an analysis program that attempts to define normal versus anomalous behavior – See ms system and security event viewers. PalGov © 2011 16
  • 17. Physical-Level Audit Trails • Generated by physical access controls – E.G. Card-key systems, alarm systems • Sent to central host for analysis / storage • Used in many ministries and organizations in Palestine PalGov © 2011 17
  • 18. Example 1: Windows Event Log • Each event an entity that describes some interesting occurrence and – Each event record contains: • Numeric id, set of attributes, optional user data – Presented as XML or binary data • Have three types of event logs: – System - system related apps & drivers – Application - user-level apps – Security - windows LSA PalGov © 2011 18
  • 19. Windows Event Categories • Account logon events • Account management • Directory service access • Logon events • Object access • Policy changes • Privilege use • Process tracking • System events PalGov © 2011 19
  • 20. Example 1: Windows Event Log Demo • SEE DEMO PalGov © 2011 20
  • 21. Example 2: UNIX Syslog • UNIX's general-purpose logging mechanism – found on all UNIX / Linux variants – but with variants in facility and log format PalGov © 2011 21
  • 22. Syslog Service • Basic service provides: – A means of capturing relevant events – A storage facility – A protocol for transmitting syslog messages from other hosts to a central syslog server • Extra add-on features may include: – Robust filtering, log analysis, event response, alternative message formats, log file encryption, database storage, rate limiting PalGov © 2011 22
  • 23. Syslog Protocol • A transport allowing hosts to send IP event notification messages to syslog servers – Provides a very general message format – Allowing processes / apps to use suitable conventions for their logged events – Can be plain or encrypted PalGov © 2011 23
  • 24. Unix Syslog Examples Mar 1 06:25:43 server1 sshd[23170]: Accepted publickey for server2 from 172.30.128.115 port 21011 ssh2 Mar 1 07:16:42 server1 sshd[9326]: Accepted password for murugiah from 10.20.30.108 port 1070 ssh2 Mar 1 07:16:53 server1 sshd[22938]: reverse mapping checking getaddrinfo for ip10.165.nist.gov failed - POSSIBLE BREAKIN ATTEMPT! Mar 1 07:26:28 server1 sshd[22572]: Accepted publickey for server2 from 172.30.128.115 port 30606 ssh2 Mar 1 07:28:33 server1 su: BAD SU kPPU to root on /dev/ttyp2 Mar 1 07:28:41 server1 su: kPPU to root on /dev/ttyp2 PalGov © 2011 24
  • 25. Logging at Application Level • privileged applications have security issues – which system/user-level audit data may not see – a large percentage of reported vulnerabilities – e.g. failure to adequately check input data, application logic errors • hence need to capture detailed behavior • applications can be written to create audit data PalGov © 2011 25
  • 26. Tutorial 5: Information Security Session 12: Auditing and Wireless Security Session 12 Outline: • Security Auditing • Break • Wireless Security Protocols PalGov © 2011 26
  • 27. Introduction to Wireless Security Protocols. • Introduction Wireless and Wireless Standards • Authentication and Association • WEP and WPA Security Protocols • Other Wireless Network Security Issues PalGov © 2011 27
  • 28. Différent Wireless Standards • Used radio frequencies: – 2.4GHZ (b, g, n) – 5GHZ (a, n) • Wi-fi , wireless LAN and IEEE802.11 – Wi-fi: • Industry standard proposed by the wi-fi alliance which implements the (drafts of, slightly modified) IEEE802.11 standards – Wireless LAN: • A general term used for wireless short range, high- speed radio networks – IEEE802.11: • A standard defining a type of wireless connection PalGov © 2011 28
  • 29. Wireless LAN Standards • IEEE 802.11 • IEEE 802.11a – Original wireless LAN – Up to 54Mbps in the standard 5GHz band – Up to 2Mbps in the 2.4GHz – Security: WEP & WPA band – "Wi-Fi Certified" – Security: WEP & WPA • IEEE 802.11b • IEEE 802.11g – Up to 11Mbps in the 2.4GHz – Up to 54Mbps in the band 2.4GHz band – Security: WEP & WPA – Security: WEP & WPA – "Wi-Fi Certified" – "Wi-Fi Certified" PalGov © 2011 29
  • 30. Service Set Identifier • SSID – 2-32 byte alphanumeric sequence of characters – Uniquely names a WLAN, – Case sensitive and is – Encoded in plain text. PalGov © 2011 30
  • 31. Beacons • Beacons – Information frame sent by an AP. – Approximately 50-bytes: • Timestamp • Beacon interval • Capability info • Service set identifier PalGov © 2011 31
  • 32. Wireless Authentication and Association • Wireless authentication – A means to establish or prove identity to wireless access points – Verifying eligibility of users, devices, or applications. – Only authorized clients are allowed to gain access to the wireless network. • Wireless Association – The binding of a wireless network client to an access point before starting data transfer. PalGov © 2011 32
  • 33. Wireless Connection Steps and States • Connection Process – First: Authentication Phase • Open System Authentication • Shared Key Authentication – Second: Association Phase • The Connection Process has 3 States: – Authenticated and Associated – Authenticated and Unassociated – Unauthenticated and Unassociated PalGov © 2011 33
  • 34. System Authentication • Open System Authentication – Default – Authentications based on sending empty / null string SSID – Receiving station, (AP) sends acknowledgment • Closed System – Authentications based only on SSID – Receiving station, (AP) sends acknowledgment PalGov © 2011 34
  • 35. Shared Key Authentication • Shared Key – IEEE 802.11 Wireless Equivalent Privacy, (WEP). – Authentications based on Text and WEP Keys. – Challenge – Response Scheme PalGov © 2011 35
  • 36. 802.1x and EAP • 802.1x : – a port-level access control protocol, – provides a security framework for IEEE networks, – including Ethernet and wireless networks. • EAP - Extensible Authentication Protocol, – sits inside of PPP's authentication protocol – provides a framework for many authentication methods. PalGov © 2011 36
  • 37. Wired Equivalent Privacy (WEP) • 802.11b standard. • A secret key is shared between stations and an access point. • The secret key is used to encrypt data packets • Uses Integrity check • Logical service is located within the MAC layer. • Provided are : – Confidentiality; – Authentication; – Access control in conjunction with layer management. PalGov © 2011 37
  • 38. WEP Properties • Reasonably strong (RC4) !!!! (breakable?) • Self-synchronizing, Efficient and May be exportable • Optional PalGov © 2011 38
  • 39. WEP IV and Secret Keys • 802.11b – 64-bit shared RC4 Key. 24-bit IV plus a 40-bit Secret Key. IV Secret Key 24 - bits 40 - bits PRNG Seed – 128-bit shared RC4 Key. 24/104 – 152-bit shared RC4 Key. 24/128 PalGov © 2011 39
  • 40. WEP Key Servers • Advantages of Key Servers – Centralized key generation – Centralized key distribution – Ongoing key rotation – Reduced key management overhead. PalGov © 2011 40
  • 41. WEP Key Weaknesses • Small key size (40 bit) • Simple Key management • Too small IV vectors. 24-bit = 16,777,216 different cipher streams. • Weak ICV algorithm (CRC-32) • Authentication messages can be easily faked. PalGov © 2011 41
  • 42. IEEE 802.11i and WPA • Overview • IEEE 802.11 task group I: • Specification for robust security – Robust security network (RSN): – Implements only the new mechanisms proposed by the 802.11i – Transitional security network (TSN): – Allows RSN and WEP to cooperate – Generally 802.11i is used to designate both of them • WI-FI – Wireless protected access (WPA) – Adopts a subset of 802.11i specifications – Extensions added PalGov © 2011 42
  • 43. IEEE 802.11i Features • Separation of security services – Avoids that a security services relies on each other. – Uses different mechanisms • Use of session keys – Master key is never used for encryption • Use of existing standards – Already tested, more robust PalGov © 2011 43
  • 44. Key usage for IEEE 802.11i • Use of master and temporal keys • WPA Master keys are generated while authentication. • Temporal keys are generated using the master key once the STA is authenticated • Temporal keys are short life keys PalGov © 2011 44
  • 45. IEEE 802.11i: Security Services A. Authentication: mutual authentication between the STA and the network – Personal: pre-shared keys (WPA-PSK , passwords) – Enterprise: IEEE802.1X (EAP, RADIUS) B. Confidentiality and Data Integrity – Key distribution using EAPOL, 802.1X – TKIP: Temporal Key Integrity Protocol – CCMP: Counter-Mode CBC-MAC Protocol C. Access Control: ensures that only legitimate users access the network – Entirely based on the authentication result – Implemented at the AP » This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 45
  • 46. Enterprise Authentication • The WPA-PSK is not efficient • Enterprise suite: – 802.1x: allows limiting the access to the network to EAP traffic until the authentication is done – EAP: carries authentication exchanges • EAPOL-Key packets are used to distribute the session keys after successful authentication • Originally designed for dial-up connections – Runs over 802.1x inside a LAN – Runs over RADIUS outside the LAN – RADIUS: the RADIUS server holds the users’ credentials » This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 46
  • 47. IEEE802.1X, EAP and RADIUS Supplicant Auth Serve This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 47
  • 48. Extensible Authentication Protocol (EAP) • Extensible Authentication Protocol (RFC2284) • Used between the authentication server (AS) and the supplicant, the authenticator forwards EAP messages • Middle messages are defined for each authentication method – Transport Layer Security (TLS) – Tunneled TLS (TTLS) – Kerberos • Mutual Authentication is possible PalGov © 2011 48
  • 49. IEEE802.1X for IEEE802.11 • Three involved entities: 1.Supplicant: the STA which needs to have access, initiates the authentication 2.Authenticator: gate controller (AP) 3.Authentication Server (AS): decides whether to grant the supplicant the access or not according to the information transmitted by the authenticator PalGov © 2011 49
  • 50. EAP and 802.1X • EAP was designed originally for dial-up authentication – Not adapted for LAN • The 802.1X defines EAP over LAN (EAPOL) – EAPOL-Packet: encapsulates EAP packets – EAPOL-Start: allows local authenticators discovering – EAPOL-Key: transports keys after successful authentication – EAPOL-Logoff: sent by the supplicant to disconnect PalGov © 2011 50
  • 51. RADIUS: Why? • EAPOL can not transport EAP packets over an IP network • A secure channel should be used • EAP over RADIUS (RFC2869:EAP Extensions) • Remote Access Dial-In User Service (RFC2865) • A central authentication server + local authenticators – As in IEEE802.11 – Designed firstly to be used by Internet Service Providers (ISP) PalGov © 2011 51
  • 52. RADIUS: How? PalGov © 2011 52
  • 53. Fitting it all together ! Supplicant Auth Serv. PalGov © 2011 53
  • 54. 802.11 Security Protocols 802.11 WPA WPA2 Security WEP 802.11i Perso Enterprise Personal Enterprise Protocols nal 802.1X/ 802.1X/ 802.1X/ Authenticatio PSK EAP/ PSK EAP/ PSK EAP n Radius Radius Radius (O) Data TKIP TKIP CCMP/ CCMP/ WEP CCMP/ Encryption TKIP(O) TKIP(O) TKIP PalGov © 2011 54
  • 55. Wireless Packet / Data Filtering • Blocking unwanted traffic. • Three basic types of filtering: – SSID Filtering – MAC Address Filtering – Protocol Filtering PalGov © 2011 55
  • 56. Attacks on WLANs • Some attack methods: – Passive Attacks (Eavesdropping) – Active Attacks • Jamming Attacks • Man-in-the-middle Attacks PalGov © 2011 56
  • 57. Emerging Security Solutions • WEP Key Management • Wireless VPNs • TKIP • AES • Wireless Gateways • 802.1X and EAP • Policies • Etc… PalGov © 2011 57
  • 58. Wireless VPN • VPN – Virtual private network. – Private network link carried on a public network – Uses tunnelling – Utilizes encryption techniques PalGov © 2011 58
  • 59. Roaming • Roaming – ability for a user to function when the serving network is different from their home network. – The process of a client moving from one area or AP to another while maintaining a data link. • Mobile IP – allows users with mobile devices whose IP addresses are associated with one network to stay connected when moving to another network with a different IP. PalGov © 2011 59
  • 60. Roaming and Mobility PalGov © 2011 60
  • 61. VPN Use in Roaming • Wireless VPN implemented by two methods: – A centralized VPN server (Hardware/ software) – A distributed set of VPN servers • Can be located in the AP with RADIUS support PalGov © 2011 61
  • 62. Corporate Security Policy • Develop a wireless security policy – define what is and what is not allowed with wireless technology. • Measure the basic field coverage of the wireless network. • Know the technologies and the users that use the network. • Physical Security PalGov © 2011 62
  • 63. Corporate Security Policy • Set base lines and perform audits/monitoring of the network. • Harden AP’s, servers, and gateways. • Determine level of security protocols and standards. • Consider using switches, DMZ, RADIUS servers, and VPN. • Update firmware and software. PalGov © 2011 63
  • 64. Securing WLAN Policies • If possible, put the wireless network behind its own routed interface so you can shut it off if necessary. • Pick a random SSID that gives nothing about your network. • Set your AP to 'Closed Network'. • Set the authentication method to 'Open'. • Have your broadcast keys rotate every few minutes. • Use 802.1X for key management and authentication – Look over the available EAP protocols and decide which is right for your environment. – Set the session to time out every few minutes. PalGov © 2011 64
  • 65. References 1. Computer Security: Principles and Practice, by William Stallings and Lawrie Brown. Published by Pearson/Prentice Hall, © 2008. ISBN: 0-13-600424-5. 2. Cisco CWNA Course 3. Dr. Hani Ragab Hassen Lecture Notes, Kent University. PalGov © 2011 65
  • 66. Summary • In this session we discussed the following: – Introduced need for security auditing – Audit model, functions, requirements – Security audit trails – Implementing logging and analysis. – Overview of wireless networking and standards – Wireless security protocols and policies PalGov © 2011 66
  • 67. Thanks Radwan Tahboub PalGov © 2011 67