confidentiality and disclosure
play

Confidentiality and disclosure Mohamed Sayed Saidngar@yahoo.com - PowerPoint PPT Presentation

Confidentiality and disclosure Mohamed Sayed Saidngar@yahoo.com Introduction - Introduction to data security. - Security requirements. - Types of security threats. - Security risks. - Technologies and security solutions. Introduction


  1. Confidentiality and disclosure Mohamed Sayed Saidngar@yahoo.com

  2. Introduction - Introduction to data security. - Security requirements. - Types of security threats. - Security risks. - Technologies and security solutions.

  3. Introduction - Enterprise is a data. - Data security priority of the institution. - Data security is a technique to protect data and services against malicious attacks or natural disasters.

  4. Security and data protection Security and data protection Risks to data The data security and protection of areas Important in computer systems. The definition of data security That the procedures adopted by the Foundation to work on securing the data files and protect them from:

  5. Data Security Risks of unauthorized access Include the arrival of persons from outside the organization or its employees to data files and view or modify illegally. Lost/Corrupt or Data damage The risk of changing the contents of files, delete, or disrupt it so as to prevent access them. These risks and returns to several reasons, including neglect, abuse or sudden failures in the system files infected or infected computers.

  6. Security requirements Authentication, verification of identity The integrity of the data Confidentiality Prevent the recurrence procedure Anti-Replay Provide continuity in the provision of services / Availability

  7. Types of threats Threats of negative The familiarized themselves with the data only without the destruction or alteration. Threats to effective The change, sabotage and modify the data and the exploitation of the communication process.

  8. Security threats • Interception Identity - Breakthrough identity Disguise and Masquerade • To repeat the procedure • Replay Attack • Data interception • Data Modification • Repudiation

  9. Security threats (continued) • Data theft • Macro viruses • Trojan Horses • Stop Service • Privilege misuse • Social Attack

  10. Technologies and security solutions • Continuous power supply • virtual local area networks • Regulation of the / VLAN. • Use of firewalls Firewall. temperature of the ocean • Use of techniques RAID. • Control systems and the • Use of aggregation discovery of. techniques Clustering. • Access control system. • Software control of • Identity verification different systems types of attack. • Antivirus • Awareness and education • Data encryption systems. workers. • Systems and strategic storage and backup.

  11. Continuity of power supply • Power outages lead to disruption of service and distort the data. • Use an uninterrupted power supply UPS. • Use of generating electricity reserves.

  12. Control systems and discover • Conditioning systems. Temperature regulation prevents the servers stopped working due to high heat. Smoke detection system and fire and control. Smoke detection and fire since the start and try to extinguish them and send warning signals and alert. Closed-Circuit Television. Control of personnel and monitoring the external doors Intrusion Detection System. The discovery of irregular parcels and sent to the disclosure rather than direct them to the network.

  13. Access control system • Control access to places where the container of servers and data. • Based on magnetic cards or electronic cards or rely on the footprint. • Allow some workers authorized to deal with the data or servers directly. • Prevents data theft and stop services.

  14. Public key infrastructure PKI • Infrastructure to transfer data over the network securely. • Depend on the secret key and not a secret algorithm. • Whenever a key length greater the more difficult to decode encryption. • Using a pair of keys. • Each Party shall have two keys: a private key and public key. • The public key can be transferred over the network while the private key remains when the sender is not transmitted over the network.

  15. Applications of public key • Data encryption. • Electronic signature. • Verification of identity.

  16. Data Encryption • Provides data confidentiality. • Encrypting the data is by using the public key. • Decrypt the data is using the private key. • The sender requests from the future to send him his public key. • Future General sends his key to the sender. • Sender encrypts data using the public key and sends it to him in the future. • Future data, and lifting the receive encrypted using the private key.

  17. Digitally sign messages • Provide verification of identity and integrity of the data but does not provide confidentiality. • When you sign the message gives rise to the so-called "message digest". • Established "message digest" by the private key of the sender. Lifting the future, "message digest" by the public key of • the sender. • Gets on the future of the sender's public key by a trusted party. • The future generation of "summary" of the message and compares them with the summary generated.

  18. Certificates • Certificates supposed encryption using the public key that the identity of the owner of my husband's keys are located outside of the doubt. • Certificate is a set of data that defines an object as a whole. • The Authority of the certificates of trusted certification after identification by the object. • Certification Authority CA trusted party to the parties interlocutors.

  19. Build a public key

  20. Applications of public key • File systems support encryption of data such as NTFS . • IPSec protocol -Transfer data across the network is encrypted . -Works in accordance with the Protocol TCP / IP . -Useful when the network is connected between the two parties is safe . • Safe transport protocol in the Web SSL -Protocol encapsulates within the last Transfer Protocol . -Depends on identity verification using the public key . -The establishment of a single key to encrypt the data is valid for one session . -Linked to large applications based on Web and the HTTP protocol, which then referred him to HTTPS .

  21. Antivirus • Anti-virus and trojans. • Centralized system to combat viruses.

  22. Firewalls • Firewall is a device that connects a private network and public network and allows access to the services available to the public only. • Must be approved fire walls, interior and exterior.

  23. virtual local area networks VLAN • Virtual network is isolated from the physical network associated with it. • Large network is divided into small parts isolated from each other. • Provide a high level of security between the parts of the network. • Isolate Broadcast and parcel of the type of Multicast. Must check the equipment standard IEEE 802.1Q VLAN.

  24. VLAN

  25. Technical RAID Technique that allows you to restore data and continue to serve in the event of a hard drive crash. Types: Technical mirror or RAID 1. Technical dual tapes with Forums or RAID 5.

  26. Technical RAID 1 • Copy the same data to two disks at the same time. • When a disk crashes continue to work hard the other does not lose data.

  27. Technical RAID 5 • Copy the data to three or more disks. • Disk is dedicated to data storage Forums Parity. • When Disk crashes continue to work and calculated data from the Forums information.

  28. Clustering technology • Compilation two servers or more to operate as one server. • Non-stop service. • Distribute the load on the two servants.

  29. Storage and backup • Store data on storage media permanently rechargeable storage. - Magnetic cylinder CD. - Hard drive storage. • Save across the network. • Save variable data periodically. • Save the settings for the operating system when each new setting. • Develop a strategy for conservation.

  30. Backup strategy • Types of conservation: Vary according to the index to deal with archiving. - Normal: Copy all the files with the abolition of the archive Index. - Incremental: Copy the files ready for archiving only with the abolition of the Archive Index. - Differential: Copy the files ready for archiving only, while maintaining the archive index.

  31. Backup strategy First strategy : Saturday Wednesday Sunday Monday Tuesday Thursday N I I I I I Second strategy: Saturday Sunday Monday Tuesday Wednesday Thursday N D D D D D

  32. Staff education • Explain the concepts of security. - The importance of data. - Data protection. • Explain the concept and the privacy of the account. Confidentiality. - The complexity of the password. - Periodic change of password. • Staff education leads to prevent or reduce the occurrence of intrusions.

  33. Data Security Data Security Systems Institutions put multiple security systems to protect data from damage and intentional or unintentional entry of any person who is not allowed to the computer system. The main ways to put security systems and protection of data in the following: 1. Give the name of the definitions of the user's ( User ID ). 2. Specify a password (User Password).

Recommend


More recommend