Enviar pesquisa
Carregar
E gov security_tut_session_12
•
0 gostou
•
383 visualizações
Mustafa Jarrar
Seguir
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 67
Baixar agora
Baixar para ler offline
Recomendados
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance Guide
Rapid7
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
EnergySec
IRJET- Comparative Study on Network Monitoring Tools
IRJET- Comparative Study on Network Monitoring Tools
IRJET Journal
Event log analyzer by me
Event log analyzer by me
ER Swapnil Raut
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
EnergySec
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-update
Brandon Height
DHS ICS Security Presentation
DHS ICS Security Presentation
guest85a34f
SCADA Security Webinar
SCADA Security Webinar
AVEVA
Recomendados
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance Guide
Rapid7
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
EnergySec
IRJET- Comparative Study on Network Monitoring Tools
IRJET- Comparative Study on Network Monitoring Tools
IRJET Journal
Event log analyzer by me
Event log analyzer by me
ER Swapnil Raut
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
EnergySec
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-update
Brandon Height
DHS ICS Security Presentation
DHS ICS Security Presentation
guest85a34f
SCADA Security Webinar
SCADA Security Webinar
AVEVA
CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data Collection
Sam Bowne
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
CoreTrace Corporation
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Francesco Faenzi
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
EnergySec
Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748
Unanet
Standards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
Digital Bond
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined Networking
Priyanka Aash
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
E gov security_tut_session_9
E gov security_tut_session_9
Mustafa Jarrar
E gov security_tut_session_3
E gov security_tut_session_3
Mustafa Jarrar
E gov security_tut_session_4_lab
E gov security_tut_session_4_lab
Mustafa Jarrar
E gov security_tut_session_0
E gov security_tut_session_0
Mustafa Jarrar
Why Care About Government Security
Why Care About Government Security
Michael Smith
E gov security_tut_session_5
E gov security_tut_session_5
Mustafa Jarrar
E gov security_tut_session_2
E gov security_tut_session_2
Mustafa Jarrar
E-governance-and-Security
E-governance-and-Security
anupriti
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
e-Democracy Conference
Cyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep Badgujar
Vishwadeep Badgujar
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
ForgeRock
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
Government Technology and Services Coalition
OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?
ForgeRock
Mais conteúdo relacionado
Mais procurados
CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data Collection
Sam Bowne
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
CoreTrace Corporation
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Francesco Faenzi
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
EnergySec
Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748
Unanet
Standards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
Digital Bond
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined Networking
Priyanka Aash
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
Mais procurados
(9)
CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data Collection
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Project Forecasting from the Perspective of an EVMA and EIA-748
Project Forecasting from the Perspective of an EVMA and EIA-748
Standards based security for energy utilities
Standards based security for energy utilities
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined Networking
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Destaque
E gov security_tut_session_9
E gov security_tut_session_9
Mustafa Jarrar
E gov security_tut_session_3
E gov security_tut_session_3
Mustafa Jarrar
E gov security_tut_session_4_lab
E gov security_tut_session_4_lab
Mustafa Jarrar
E gov security_tut_session_0
E gov security_tut_session_0
Mustafa Jarrar
Why Care About Government Security
Why Care About Government Security
Michael Smith
E gov security_tut_session_5
E gov security_tut_session_5
Mustafa Jarrar
E gov security_tut_session_2
E gov security_tut_session_2
Mustafa Jarrar
E-governance-and-Security
E-governance-and-Security
anupriti
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
e-Democracy Conference
Cyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep Badgujar
Vishwadeep Badgujar
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
ForgeRock
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
Government Technology and Services Coalition
OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?
ForgeRock
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
ForgeRock
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURE
ForgeRock
InformationSecurity
InformationSecurity
learnt
OIS Architecture Review
OIS Architecture Review
ForgeRock
INFORMATION SECURITY
INFORMATION SECURITY
Ahmed Moussa
Ericsson Networks Software 15B
Ericsson Networks Software 15B
Ericsson
OpenIDM - An Introduction
OpenIDM - An Introduction
ForgeRock
Destaque
(20)
E gov security_tut_session_9
E gov security_tut_session_9
E gov security_tut_session_3
E gov security_tut_session_3
E gov security_tut_session_4_lab
E gov security_tut_session_4_lab
E gov security_tut_session_0
E gov security_tut_session_0
Why Care About Government Security
Why Care About Government Security
E gov security_tut_session_5
E gov security_tut_session_5
E gov security_tut_session_2
E gov security_tut_session_2
E-governance-and-Security
E-governance-and-Security
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
[2011] Next Generation e-Government: Transformation into Open Government - Ol...
Cyber security government ppt By Vishwadeep Badgujar
Cyber security government ppt By Vishwadeep Badgujar
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
OPENIDM: DID YOU JUST SAAS ME?
OPENIDM: DID YOU JUST SAAS ME?
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
OPENAM 12.0. THE BEST, NEWEST AND MOST SHINY VERSION. EVER.
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURE
InformationSecurity
InformationSecurity
OIS Architecture Review
OIS Architecture Review
INFORMATION SECURITY
INFORMATION SECURITY
Ericsson Networks Software 15B
Ericsson Networks Software 15B
OpenIDM - An Introduction
OpenIDM - An Introduction
Semelhante a E gov security_tut_session_12
E gov security_tut_session_11
E gov security_tut_session_11
Mustafa Jarrar
session7 Firewalls and VPN
session7 Firewalls and VPN
Mustafa Jarrar
9780840024220 ppt ch10
9780840024220 ppt ch10
Kristin Harrison
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
PLUMgrid
Wc4
Wc4
Said Wali
CH18-CompSec4e.pptx
CH18-CompSec4e.pptx
MuhammadYasirKhan36
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
NASA Open Government Initiative
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
NETWAYS
E gov security_tut_session_1
E gov security_tut_session_1
Mustafa Jarrar
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET Journal
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
RISC-V International
GTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech Day
Zivaro Inc
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Cloud Standards Customer Council
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk
Leveraging Analytics for DevOps
Leveraging Analytics for DevOps
Michael Floyd
Baltimore jan2019 mule4
Baltimore jan2019 mule4
ManjuKumara GH
PROJECT REVIEW of technical vulnerability 1 (3).pptx
PROJECT REVIEW of technical vulnerability 1 (3).pptx
DHANUSH447825
Openstack security presentation 2013
Openstack security presentation 2013
brian_chong
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
Erik Giles
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PROIDEA
Semelhante a E gov security_tut_session_12
(20)
E gov security_tut_session_11
E gov security_tut_session_11
session7 Firewalls and VPN
session7 Firewalls and VPN
9780840024220 ppt ch10
9780840024220 ppt ch10
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
Wc4
Wc4
CH18-CompSec4e.pptx
CH18-CompSec4e.pptx
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
Nagios Conference 2007 | Enterprise Application Monitoring with Nagios by Jam...
E gov security_tut_session_1
E gov security_tut_session_1
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
GTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech Day
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...
Leveraging Analytics for DevOps
Leveraging Analytics for DevOps
Baltimore jan2019 mule4
Baltimore jan2019 mule4
PROJECT REVIEW of technical vulnerability 1 (3).pptx
PROJECT REVIEW of technical vulnerability 1 (3).pptx
Openstack security presentation 2013
Openstack security presentation 2013
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
DO5T17S_T5 Thur 430 GilesE_BR_20151114_012422
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
PLNOG 9: Peter Springl - Next Generation Network Traffic Monitoring and Anoma...
Mais de Mustafa Jarrar
Clustering Arabic Tweets for Sentiment Analysis
Clustering Arabic Tweets for Sentiment Analysis
Mustafa Jarrar
Classifying Processes and Basic Formal Ontology
Classifying Processes and Basic Formal Ontology
Mustafa Jarrar
Discrete Mathematics Course Outline
Discrete Mathematics Course Outline
Mustafa Jarrar
Business Process Implementation
Business Process Implementation
Mustafa Jarrar
Business Process Design and Re-engineering
Business Process Design and Re-engineering
Mustafa Jarrar
BPMN 2.0 Analytical Constructs
BPMN 2.0 Analytical Constructs
Mustafa Jarrar
BPMN 2.0 Descriptive Constructs
BPMN 2.0 Descriptive Constructs
Mustafa Jarrar
Introduction to Business Process Management
Introduction to Business Process Management
Mustafa Jarrar
Customer Complaint Ontology
Customer Complaint Ontology
Mustafa Jarrar
Subset, Equality, and Exclusion Rules
Subset, Equality, and Exclusion Rules
Mustafa Jarrar
Schema Modularization in ORM
Schema Modularization in ORM
Mustafa Jarrar
On Computer Science Trends and Priorities in Palestine
On Computer Science Trends and Priorities in Palestine
Mustafa Jarrar
Lessons from Class Recording & Publishing of Eight Online Courses
Lessons from Class Recording & Publishing of Eight Online Courses
Mustafa Jarrar
Presentation curras paper-emnlp2014-final
Presentation curras paper-emnlp2014-final
Mustafa Jarrar
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 Calls
Mustafa Jarrar
Habash: Arabic Natural Language Processing
Habash: Arabic Natural Language Processing
Mustafa Jarrar
Adnan: Introduction to Natural Language Processing
Adnan: Introduction to Natural Language Processing
Mustafa Jarrar
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
Mustafa Jarrar
Bouquet: SIERA Workshop on The Pillars of Horizon2020
Bouquet: SIERA Workshop on The Pillars of Horizon2020
Mustafa Jarrar
Jarrar: Sparql Project
Jarrar: Sparql Project
Mustafa Jarrar
Mais de Mustafa Jarrar
(20)
Clustering Arabic Tweets for Sentiment Analysis
Clustering Arabic Tweets for Sentiment Analysis
Classifying Processes and Basic Formal Ontology
Classifying Processes and Basic Formal Ontology
Discrete Mathematics Course Outline
Discrete Mathematics Course Outline
Business Process Implementation
Business Process Implementation
Business Process Design and Re-engineering
Business Process Design and Re-engineering
BPMN 2.0 Analytical Constructs
BPMN 2.0 Analytical Constructs
BPMN 2.0 Descriptive Constructs
BPMN 2.0 Descriptive Constructs
Introduction to Business Process Management
Introduction to Business Process Management
Customer Complaint Ontology
Customer Complaint Ontology
Subset, Equality, and Exclusion Rules
Subset, Equality, and Exclusion Rules
Schema Modularization in ORM
Schema Modularization in ORM
On Computer Science Trends and Priorities in Palestine
On Computer Science Trends and Priorities in Palestine
Lessons from Class Recording & Publishing of Eight Online Courses
Lessons from Class Recording & Publishing of Eight Online Courses
Presentation curras paper-emnlp2014-final
Presentation curras paper-emnlp2014-final
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 Calls
Habash: Arabic Natural Language Processing
Habash: Arabic Natural Language Processing
Adnan: Introduction to Natural Language Processing
Adnan: Introduction to Natural Language Processing
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
Riestra: How to Design and engineer Competitive Horizon 2020 Proposals
Bouquet: SIERA Workshop on The Pillars of Horizon2020
Bouquet: SIERA Workshop on The Pillars of Horizon2020
Jarrar: Sparql Project
Jarrar: Sparql Project
Último
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Wonjun Hwang
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Zilliz
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
Zilliz
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
RankYa
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Último
(20)
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
E gov security_tut_session_12
1.
أكاديمية الحكومة اإللكترونية
الفلسطينية The Palestinian eGovernment Academy www.egovacademy.ps Security Tutorial Sessions 12 PalGov © 2011 1
2.
About This tutorial is
part of the PalGov project, funded by the TEMPUS IV program of the Commission of the European Communities, grant agreement 511159-TEMPUS-1- 2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.ps Project Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, Palestine Coordinator: Dr. Mustafa Jarrar Birzeit University, P.O.Box 14- Birzeit, Palestine Telfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
3.
© Copyright Notes Everyone
is encouraged to use this material, or part of it, but should properly cite the project (logo and website), and the author of that part. No part of this tutorial may be reproduced or modified in any form or by any means, without prior written permission from the project, who have the full copyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SA This license lets others remix, tweak, and build upon your work non- commercially, as long as they credit you and license their new creations under the identical terms. PalGov © 2011 3
4.
Tutorial 5:
Information Security Session 12: Auditing and Wireless Security Session 12 Outline: • Security Auditing • Break • Wireless Security Protocols PalGov © 2011 4
5.
Tutorial 5:
Session 12: Auditing This session will contribute to the following ILOs: • A: Knowledge and Understanding a2: Defines security standards and policies. • B: Intellectual Skills b3: Design end-to-end secure and available systems. • D: General and Transferable Skills d2: Systems configurations. d3: Analysis and identification skills. PalGov © 2011 5
6.
Security Audit • Auditing
used on the security of an organization’s information system (IS) assets. • Definition – “An independent review and examination of a system's records and activities to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures. The basic audit objective is to establish accountability for system entities that initiate or participate in security-relevant events and actions. Thus, means are needed to generate and record a security audit trail and to review and analyze the audit trail to discover and investigate attacks and security compromises.” [from RFC2828.] PalGov © 2011 6
7.
Security Audit Trail •
Definition – “A chronological record of system activities that is sufficient to enable the reconstruction and examination of the sequence of environments and activities surrounding or leading to an operation, procedure, or event in a security- relevant transaction from inception to final results” [from RFC2828]. PalGov © 2011 7
8.
Security Audit Architecture
PalGov © 2011 8
9.
Distributed Audit Trail
Model PalGov © 2011 9
10.
Basic Security Auditing
Functions PalGov © 2011 10
11.
Definition of Events •
Must define what are auditable events • Common criteria suggests: – Introduction of objects – Deletion of objects – Distribution or revocation of access rights or capabilities – Changes to subject or object security attributes – Policy checks performed by the security software – Use of access rights to bypass a policy check – Use of identification and authentication functions; – Security-related actions taken by an operator/user – Import/export of data from/to removable media PalGov © 2011 11
12.
Implementation Requirements • Decide
requirements management • Scope of checks to be agreed and controlled • Checks limited to read-only access to s/w & data • Identified resources for performing the checks • Identify special requirements • Monitor /Log all access • Use DOCUMENT procedures, PalGov © 2011 12
13.
Collected Information • Decide
on amount of generated data – Size vs quality • Data items captured may include: – Operating system access (system calls) – Use of system security mechanisms – Auditing software use – Remote access – Events from IDS and firewall systems – System management / operation events – Access to selected applications – Others… PalGov © 2011 13
14.
Audit Trails on
System Level • Useful to categorize audit trails • System-level audit trails – See MS System event viewer. PalGov © 2011 14
15.
Application-Level Audit Trails •
to detect security violations within an application • to detect flaws in application's system interaction • for critical / sensitive applications, e.g. email, DB – See MS Application event viewer. PalGov © 2011 15
16.
User-Level Audit Trails •
Trace activity of individual users over time – To hold user accountable for actions taken – As input to an analysis program that attempts to define normal versus anomalous behavior – See ms system and security event viewers. PalGov © 2011 16
17.
Physical-Level Audit Trails •
Generated by physical access controls – E.G. Card-key systems, alarm systems • Sent to central host for analysis / storage • Used in many ministries and organizations in Palestine PalGov © 2011 17
18.
Example 1: Windows
Event Log • Each event an entity that describes some interesting occurrence and – Each event record contains: • Numeric id, set of attributes, optional user data – Presented as XML or binary data • Have three types of event logs: – System - system related apps & drivers – Application - user-level apps – Security - windows LSA PalGov © 2011 18
19.
Windows Event Categories •
Account logon events • Account management • Directory service access • Logon events • Object access • Policy changes • Privilege use • Process tracking • System events PalGov © 2011 19
20.
Example 1: Windows
Event Log Demo • SEE DEMO PalGov © 2011 20
21.
Example 2: UNIX
Syslog • UNIX's general-purpose logging mechanism – found on all UNIX / Linux variants – but with variants in facility and log format PalGov © 2011 21
22.
Syslog Service • Basic
service provides: – A means of capturing relevant events – A storage facility – A protocol for transmitting syslog messages from other hosts to a central syslog server • Extra add-on features may include: – Robust filtering, log analysis, event response, alternative message formats, log file encryption, database storage, rate limiting PalGov © 2011 22
23.
Syslog Protocol • A
transport allowing hosts to send IP event notification messages to syslog servers – Provides a very general message format – Allowing processes / apps to use suitable conventions for their logged events – Can be plain or encrypted PalGov © 2011 23
24.
Unix Syslog Examples Mar
1 06:25:43 server1 sshd[23170]: Accepted publickey for server2 from 172.30.128.115 port 21011 ssh2 Mar 1 07:16:42 server1 sshd[9326]: Accepted password for murugiah from 10.20.30.108 port 1070 ssh2 Mar 1 07:16:53 server1 sshd[22938]: reverse mapping checking getaddrinfo for ip10.165.nist.gov failed - POSSIBLE BREAKIN ATTEMPT! Mar 1 07:26:28 server1 sshd[22572]: Accepted publickey for server2 from 172.30.128.115 port 30606 ssh2 Mar 1 07:28:33 server1 su: BAD SU kPPU to root on /dev/ttyp2 Mar 1 07:28:41 server1 su: kPPU to root on /dev/ttyp2 PalGov © 2011 24
25.
Logging at Application
Level • privileged applications have security issues – which system/user-level audit data may not see – a large percentage of reported vulnerabilities – e.g. failure to adequately check input data, application logic errors • hence need to capture detailed behavior • applications can be written to create audit data PalGov © 2011 25
26.
Tutorial 5:
Information Security Session 12: Auditing and Wireless Security Session 12 Outline: • Security Auditing • Break • Wireless Security Protocols PalGov © 2011 26
27.
Introduction to Wireless
Security Protocols. • Introduction Wireless and Wireless Standards • Authentication and Association • WEP and WPA Security Protocols • Other Wireless Network Security Issues PalGov © 2011 27
28.
Différent Wireless Standards •
Used radio frequencies: – 2.4GHZ (b, g, n) – 5GHZ (a, n) • Wi-fi , wireless LAN and IEEE802.11 – Wi-fi: • Industry standard proposed by the wi-fi alliance which implements the (drafts of, slightly modified) IEEE802.11 standards – Wireless LAN: • A general term used for wireless short range, high- speed radio networks – IEEE802.11: • A standard defining a type of wireless connection PalGov © 2011 28
29.
Wireless LAN Standards •
IEEE 802.11 • IEEE 802.11a – Original wireless LAN – Up to 54Mbps in the standard 5GHz band – Up to 2Mbps in the 2.4GHz – Security: WEP & WPA band – "Wi-Fi Certified" – Security: WEP & WPA • IEEE 802.11b • IEEE 802.11g – Up to 11Mbps in the 2.4GHz – Up to 54Mbps in the band 2.4GHz band – Security: WEP & WPA – Security: WEP & WPA – "Wi-Fi Certified" – "Wi-Fi Certified" PalGov © 2011 29
30.
Service Set Identifier •
SSID – 2-32 byte alphanumeric sequence of characters – Uniquely names a WLAN, – Case sensitive and is – Encoded in plain text. PalGov © 2011 30
31.
Beacons • Beacons
– Information frame sent by an AP. – Approximately 50-bytes: • Timestamp • Beacon interval • Capability info • Service set identifier PalGov © 2011 31
32.
Wireless Authentication and
Association • Wireless authentication – A means to establish or prove identity to wireless access points – Verifying eligibility of users, devices, or applications. – Only authorized clients are allowed to gain access to the wireless network. • Wireless Association – The binding of a wireless network client to an access point before starting data transfer. PalGov © 2011 32
33.
Wireless Connection Steps
and States • Connection Process – First: Authentication Phase • Open System Authentication • Shared Key Authentication – Second: Association Phase • The Connection Process has 3 States: – Authenticated and Associated – Authenticated and Unassociated – Unauthenticated and Unassociated PalGov © 2011 33
34.
System Authentication • Open
System Authentication – Default – Authentications based on sending empty / null string SSID – Receiving station, (AP) sends acknowledgment • Closed System – Authentications based only on SSID – Receiving station, (AP) sends acknowledgment PalGov © 2011 34
35.
Shared Key Authentication •
Shared Key – IEEE 802.11 Wireless Equivalent Privacy, (WEP). – Authentications based on Text and WEP Keys. – Challenge – Response Scheme PalGov © 2011 35
36.
802.1x and EAP •
802.1x : – a port-level access control protocol, – provides a security framework for IEEE networks, – including Ethernet and wireless networks. • EAP - Extensible Authentication Protocol, – sits inside of PPP's authentication protocol – provides a framework for many authentication methods. PalGov © 2011 36
37.
Wired Equivalent Privacy
(WEP) • 802.11b standard. • A secret key is shared between stations and an access point. • The secret key is used to encrypt data packets • Uses Integrity check • Logical service is located within the MAC layer. • Provided are : – Confidentiality; – Authentication; – Access control in conjunction with layer management. PalGov © 2011 37
38.
WEP Properties • Reasonably
strong (RC4) !!!! (breakable?) • Self-synchronizing, Efficient and May be exportable • Optional PalGov © 2011 38
39.
WEP IV and
Secret Keys • 802.11b – 64-bit shared RC4 Key. 24-bit IV plus a 40-bit Secret Key. IV Secret Key 24 - bits 40 - bits PRNG Seed – 128-bit shared RC4 Key. 24/104 – 152-bit shared RC4 Key. 24/128 PalGov © 2011 39
40.
WEP Key Servers •
Advantages of Key Servers – Centralized key generation – Centralized key distribution – Ongoing key rotation – Reduced key management overhead. PalGov © 2011 40
41.
WEP Key Weaknesses •
Small key size (40 bit) • Simple Key management • Too small IV vectors. 24-bit = 16,777,216 different cipher streams. • Weak ICV algorithm (CRC-32) • Authentication messages can be easily faked. PalGov © 2011 41
42.
IEEE 802.11i and
WPA • Overview • IEEE 802.11 task group I: • Specification for robust security – Robust security network (RSN): – Implements only the new mechanisms proposed by the 802.11i – Transitional security network (TSN): – Allows RSN and WEP to cooperate – Generally 802.11i is used to designate both of them • WI-FI – Wireless protected access (WPA) – Adopts a subset of 802.11i specifications – Extensions added PalGov © 2011 42
43.
IEEE 802.11i Features •
Separation of security services – Avoids that a security services relies on each other. – Uses different mechanisms • Use of session keys – Master key is never used for encryption • Use of existing standards – Already tested, more robust PalGov © 2011 43
44.
Key usage for
IEEE 802.11i • Use of master and temporal keys • WPA Master keys are generated while authentication. • Temporal keys are generated using the master key once the STA is authenticated • Temporal keys are short life keys PalGov © 2011 44
45.
IEEE 802.11i: Security
Services A. Authentication: mutual authentication between the STA and the network – Personal: pre-shared keys (WPA-PSK , passwords) – Enterprise: IEEE802.1X (EAP, RADIUS) B. Confidentiality and Data Integrity – Key distribution using EAPOL, 802.1X – TKIP: Temporal Key Integrity Protocol – CCMP: Counter-Mode CBC-MAC Protocol C. Access Control: ensures that only legitimate users access the network – Entirely based on the authentication result – Implemented at the AP » This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 45
46.
Enterprise Authentication • The
WPA-PSK is not efficient • Enterprise suite: – 802.1x: allows limiting the access to the network to EAP traffic until the authentication is done – EAP: carries authentication exchanges • EAPOL-Key packets are used to distribute the session keys after successful authentication • Originally designed for dial-up connections – Runs over 802.1x inside a LAN – Runs over RADIUS outside the LAN – RADIUS: the RADIUS server holds the users’ credentials » This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 46
47.
IEEE802.1X, EAP and
RADIUS Supplicant Auth Serve This slide is taken from “Hani Ragab Hassen Lecture Notes, Kent University.” PalGov © 2011 47
48.
Extensible Authentication Protocol
(EAP) • Extensible Authentication Protocol (RFC2284) • Used between the authentication server (AS) and the supplicant, the authenticator forwards EAP messages • Middle messages are defined for each authentication method – Transport Layer Security (TLS) – Tunneled TLS (TTLS) – Kerberos • Mutual Authentication is possible PalGov © 2011 48
49.
IEEE802.1X for IEEE802.11 •
Three involved entities: 1.Supplicant: the STA which needs to have access, initiates the authentication 2.Authenticator: gate controller (AP) 3.Authentication Server (AS): decides whether to grant the supplicant the access or not according to the information transmitted by the authenticator PalGov © 2011 49
50.
EAP and 802.1X •
EAP was designed originally for dial-up authentication – Not adapted for LAN • The 802.1X defines EAP over LAN (EAPOL) – EAPOL-Packet: encapsulates EAP packets – EAPOL-Start: allows local authenticators discovering – EAPOL-Key: transports keys after successful authentication – EAPOL-Logoff: sent by the supplicant to disconnect PalGov © 2011 50
51.
RADIUS: Why? • EAPOL
can not transport EAP packets over an IP network • A secure channel should be used • EAP over RADIUS (RFC2869:EAP Extensions) • Remote Access Dial-In User Service (RFC2865) • A central authentication server + local authenticators – As in IEEE802.11 – Designed firstly to be used by Internet Service Providers (ISP) PalGov © 2011 51
52.
RADIUS: How?
PalGov © 2011 52
53.
Fitting it all
together ! Supplicant Auth Serv. PalGov © 2011 53
54.
802.11 Security Protocols
802.11 WPA WPA2 Security WEP 802.11i Perso Enterprise Personal Enterprise Protocols nal 802.1X/ 802.1X/ 802.1X/ Authenticatio PSK EAP/ PSK EAP/ PSK EAP n Radius Radius Radius (O) Data TKIP TKIP CCMP/ CCMP/ WEP CCMP/ Encryption TKIP(O) TKIP(O) TKIP PalGov © 2011 54
55.
Wireless Packet /
Data Filtering • Blocking unwanted traffic. • Three basic types of filtering: – SSID Filtering – MAC Address Filtering – Protocol Filtering PalGov © 2011 55
56.
Attacks on WLANs •
Some attack methods: – Passive Attacks (Eavesdropping) – Active Attacks • Jamming Attacks • Man-in-the-middle Attacks PalGov © 2011 56
57.
Emerging Security Solutions •
WEP Key Management • Wireless VPNs • TKIP • AES • Wireless Gateways • 802.1X and EAP • Policies • Etc… PalGov © 2011 57
58.
Wireless VPN • VPN
– Virtual private network. – Private network link carried on a public network – Uses tunnelling – Utilizes encryption techniques PalGov © 2011 58
59.
Roaming • Roaming
– ability for a user to function when the serving network is different from their home network. – The process of a client moving from one area or AP to another while maintaining a data link. • Mobile IP – allows users with mobile devices whose IP addresses are associated with one network to stay connected when moving to another network with a different IP. PalGov © 2011 59
60.
Roaming and Mobility
PalGov © 2011 60
61.
VPN Use in
Roaming • Wireless VPN implemented by two methods: – A centralized VPN server (Hardware/ software) – A distributed set of VPN servers • Can be located in the AP with RADIUS support PalGov © 2011 61
62.
Corporate Security Policy •
Develop a wireless security policy – define what is and what is not allowed with wireless technology. • Measure the basic field coverage of the wireless network. • Know the technologies and the users that use the network. • Physical Security PalGov © 2011 62
63.
Corporate Security Policy •
Set base lines and perform audits/monitoring of the network. • Harden AP’s, servers, and gateways. • Determine level of security protocols and standards. • Consider using switches, DMZ, RADIUS servers, and VPN. • Update firmware and software. PalGov © 2011 63
64.
Securing WLAN Policies •
If possible, put the wireless network behind its own routed interface so you can shut it off if necessary. • Pick a random SSID that gives nothing about your network. • Set your AP to 'Closed Network'. • Set the authentication method to 'Open'. • Have your broadcast keys rotate every few minutes. • Use 802.1X for key management and authentication – Look over the available EAP protocols and decide which is right for your environment. – Set the session to time out every few minutes. PalGov © 2011 64
65.
References 1. Computer Security:
Principles and Practice, by William Stallings and Lawrie Brown. Published by Pearson/Prentice Hall, © 2008. ISBN: 0-13-600424-5. 2. Cisco CWNA Course 3. Dr. Hani Ragab Hassen Lecture Notes, Kent University. PalGov © 2011 65
66.
Summary • In this
session we discussed the following: – Introduced need for security auditing – Audit model, functions, requirements – Security audit trails – Implementing logging and analysis. – Overview of wireless networking and standards – Wireless security protocols and policies PalGov © 2011 66
67.
Thanks
Radwan Tahboub PalGov © 2011 67
Baixar agora