2

Brief Overview of Commercial Issues

 Cryptography
• Web Services Security
• Convergence
• Communications and Information
• Wired/Wireless PKI (Public Key Infrastructure)
• Windows Vista Security: Internet: Protocol versions
• Implementing Enterprise Security Architecture (ESA)
• Intrusion Detection System/Prevention (IDS/IPS):
Cryptography-is the science of encryption and decryption
information to prevent unauthorized access.
Cryptography techniques
It includes techniques such as microdots, merging words
with images and other ways to hide information in storage or
transit.
Today's computer-centric world, cryptography is most often
associated with scrambling plaintext (ordinary text or clear
text) into cipher text (a process called encryption), then back
again (known as decryption).
Individuals who practice this field are known as
cryptographers.
Modern cryptography concerns four objectives:

Confidentiality- The information cannot be understood by

anyone for whom it was unintended.
Integrity-The information cannot be altered in storage or
transit between sender and intended receiver without the
alteration being detected.
Non-repudiation-creator/sender of the information cannot
deny at a later stage their intentions in the creation or
transmission of the information.
Authentication-The sender and receiver can confirm each
other's identity and the origin/destination of the information.
 Types of cryptography
1. Single-key or symmetric-key encryption
 single key for both encryption and decryption of data.
 Less secure than asymmetric but, relative faster
 both sender and receiver need to have the secret key
2.Public-key or asymmetric-key encryption
 public key associated with the creator/sender for
encrypting messages and
 private key that only the originator knows (unless it is
exposed or they decide to share it) for decrypting that
information.
Convergence / Converged Security
Security convergence -is the approach of integrating
cyber security and IT strategies with physical security
measures to increase awareness and strengthen protection
of facilities, people and data in a holistic way.
 Converged Security combines the efforts of
safeguarding physical assets, such as by
limiting access,
installing video surveillance
 using intrusion detection and
protecting digital assets like
•Computers
•Networks and
•Applications .
 Goals for Security Convergence
Develop a stronger security posture:
To eliminate information gaps that attackers can exploit by
improving visibility into all risks, particularly in interlinked
applications.
Increased visibility will enable teams to predict threats
more easily and respond proactively before they escalate.
Improve crisis management: Increasing level and
complexity of security attacks means that organizations face
challenges on many different fronts.
Aim of convergence is to enable security organization
teams to manage crises in a more coordinated way and avoid
the risk of oversight in areas where physical and cyber
security intersect.
 Strengthen business continuity: Security risks are also
business risks.
Any type of breach can affect business continuity and
damage company reputation, which can lead to loss of
revenue and customer confidence.
Increase knowledge transfer: To develop broader skills
in the security team.
Increased communication and knowledge transfer can
help accelerate that process and build well-rounded
security skills.
Improve efficiency and lower costs: Organizations aim
to improve efficiency by eliminating duplication of effort
and reducing the time spent dealing with crises that could
have been avoided through shared intelligence.
Converged teams can also reduce costs by standardizing
on common security tools.
Wireless Public Key Infrastructure
WPKI is a security architecture that provides a secure way
of exchanging information over wireless networks.

PKI is a widely accepted security protocol used to ensure

secure communication over the internet. It works by using a
pair of keys, a public key and a private key, to encrypt and
decrypt data.
public key is shared with anyone who needs to
communicate with the user.
private key is kept secret and used by the user to decrypt
incoming data.
Wireless PKI- is used in a variety of applications,
including secure email, online banking, and e-
commerce.
It is also used in the military and government
organizations to secure classified information.
Wireless PKI provides a high level of security and
can protect against a variety of attacks, including
Eavesdropping,
Data tampering, and
Man-in-the-middle Attacks.
 Information and Communication
Information and communication technology (ICT)
security to protect confidential information from
unauthorized use, modification, loss or release.
The three key elements of an effective ICT security system
include:
Monitoring and controlling access to confidential
information
Safe transmission of data
Secure storage and disposal of data
Monitoring and controlling access to
confidential information
A fundamental principle of protective security is to ensure
access to information that the government holds in trust is on
a need-to-know basis only.
 Safe transmission of data
 Including source data, linkage keys, as well as that
associated with remote or electronic access to integrated
datasets, is a primary consideration for data integration
projects.
 Secure storage and disposal of data
 Measures for the secure storage and disposal of integrated
data are largely the same as for any information being
held in trust
Enterprise Security Architecture (ESA)
A comprehensive blueprint that outlines an
organization’s information security infrastructure,
processes, and policies.
It is designed to provide a systematic approach to the
protection of critical data and assets while responding
to ever-evolving threats and risks.
By integrating security into the enterprise’s overall
architecture, ESA ensures long-term data
confidentiality, integrity, and availability while aligning
with the organization’s goals and objectives.
 ESA is important because it ensures that an
organization’s IT infrastructure operates securely and
maintains
 confidentiality
 Integrity and
 availability of its critical assets.
It reduces the risk of security breaches,
helps maintain regulatory compliance and
optimizes security investments by integrating them into
a coordinated strategy.
ESA life cycle management.
 Intrusion Detection System/Prevention (IDS/IPS)
 It is a network security application that monitors network or
system activities for malicious.
 Both operate network traffic and system activities for
malicious activity
 Intrusion detection is the process of monitoring your
network traffic and analyzing it for signs of possible
intrusions, such as exploit attempts and incidents that may
be imminent threats to your network.
 Intrusion prevention is the process of performing
intrusion detection and then stopping the detected incidents,
typically done by dropping packets or terminating sessions.
 Major functions of intrusion prevention systems are to
identify malicious activity,
 collect information about this activity
 report it and attempt to block or stop it.
 PS typically record information related to observed
events, notify security administrators of important
observed events and produce reports.
How Does an IPS Work?
 An IPS works by analyzing network traffic in real-time
and comparing it against known attack patterns and
signatures.
 When the system detects suspicious traffic, it blocks it
from entering the network..
There are two main types of IPS:
 Network-Based IPS: Installed at the network perimeter
and monitors all traffic that enters and exits the network.
 Host-Based IPS: Installed on individual hosts and
monitors the traffic that goes in and out of that host.
Why Do You Need an IPS?
An IPS is an essential tool for network security.
Protection Against Known and Unknown Threats:
 IPS can block known threats and also detect and block
unknown threats that haven’t been seen before.
Real-Time Protection: IPS can detect and block malicious
traffic in real-time, preventing attacks from doing any
damage.
Compliance Requirements: Many industries have
regulations that require the use of an IPS to protect
sensitive information and prevent data breaches.
 Cost-Effective: IPS is a cost-effective way to protect your
network compared to the cost of dealing with the
aftermath of a security breach.
Increased Network Visibility: IPS provides increased
network visibility, allowing you to see what’s happening
on your network and identify potential security risks.
What are the benefits of IDS/IPS?
Monitors all traffic on the network to identify any known
malicious behavior.
Attacker will try to compromise a network is by
exploiting a vulnerability within a device or within
software.
Identifies those exploit attempts and blocks them before
they successfully compromise any endpoints within the
network.
Both at the network edge and within the data center.