Security Technologies
#1

Presented by,
M.AJAY KUMAR & A.VAMSI KRISHNA

[attachment=10482]
ABSTRACT
“All input is evil until proven otherwise!”so security technology come into play.With the rapid growth of interest in the Internet, network security has become a major concern to companies throughout the world. The fact that the information and tools needed to penetrate the security of corporate networks are widely available has increased that concern.
Because of this increased focus on network security, network administrators often spend more effort protecting their networks than on actual network setup and administration. Tools that probe for system vulnerabilities, such as the Security Administrator Tool for Analyzing Networks (SATAN), and some of the newly available scanning and intrusion detection packages and appliances, assist in these efforts, but these tools only point out areas of weakness and may not provide a means to protect networks from all possible attacks. Thus, as a network administrator, you must constantly try to keep abreast of the large number of security issues confronting you in today's world. This paper describes many of the security issues that arise when connecting a private network. Understand the types of attacks that may be used by hackers to undermine network security.
For decades, technology has transformed almost every aspect of business, from the shop floor to the shop door. While technology was a fundamental enabler, it was often driven from an operational or cost advantage and seen as separate from business itself. The new reality is that technology doesn’t support the business—technology powers the business. IT risks are now business risks and IT opportunities are now business opportunities.
INTRODUCTION
Security is the process of protecting data ( in any form the data may take: electronic, print, or other forms) from unauthorized access, use, disclosure, destruction, modification, or disruption so as not to compromise the confidentiality, integrity, and availability of the information for use by the Enterprise or SMB organization throughout the Security Lifecycle.
Today, information security is a fundamental enabler for business. As business technology provides the ability for enterprises to automate, adapt and accelerate
their business strategy, information security is now essential for safeguarding business continuity. Whether enabling sharing and collaboration with partners, preventing or detecting insider attacks, or defending against vandalism by unseen and random network attackers – information security is a key element in any IT infrastructure.
Security Threats When Connecting to the Internet
When you connect your private network to the Internet, you are physically connecting your network to more than 50,000 unknown networks and all their users. Although such connections open the door to many useful applications and provide great opportunities for information sharing, most private networks contain some information that should not be shared with outside users on the Internet. In addition, not all Internet users are involved inlawful activities. These two statements foreshadow the key questions behind inlawful activities. These two statements foreshadow the key questions behind most security issues on the internet.
common types of attacks
Virus
A virus is a program that propagates itself by infecting other programs on the same computer. Viruses can do serious damage, such as erasing your files or your whole disk, or they may just do silly/annoying things like pop up a window that says "Ha ha you are infected!" True viruses cannot spread to a new computer without human assistance, such as if you trade files with a friend and give him an infected file (such as on a floppy or by an email attachment).
Worm
Like a virus, a worm is also a program that propagates itself. Unlike a virus, however, a worm can spread itself automatically over the network from one computer to the next. Worms are not clever or evil, they just take advantage of automatic file sending and receiving features found on many computers.
Trojan horse
This is a very general term, referring to programs that appear desirable, but actually contain something harmful. The harmful contents could be something simple, for example you may download what looks like a free game, but when you run it, it erases every file in that directory. The trojan's contents could also be a virus or worm, which then spread the damage.
Protecting Confidential Information
Confidential information can reside in two states on a network. It can reside on physical storage media, such as a hard drive or memory, or it can reside in transit across the physical network wire in the form of packets. These two information states present multiple opportunities for attacks from users on your internal network, as well as those users on the Internet. We are primarily concerned with the second state, which involves network security issues. The following are five common methods of attack that present opportunities to compromise the information on your network:
When protecting your information from these attacks, your concern is to prevent the theft, destruction, corruption, and introduction of information that can cause irreparable damage to sensitive and confidential data.
The following describes the common methods of attack and provides examples of how information can be compromised.
VARIOUS SECURITY TECHNOLOGIES
PGP

Pretty Good Privacy is a computer program that provides cryptographic privacy and authentication. It was originally created by Philip Zimmermann in 1991.
PGP and other similar products follow the OpenPGP standard (RFC 4880) for encrypting and decrypting data.
How PGP encryption works
PGP encryption uses public-key cryptography and includes a system which binds the public keys to a user name. The first version of this system was generally known as a web of trust to contrast with the X.509 system which uses a hierarchical approach based on certificate authority and which was added to PGP implementations later. Current versions of PGP encryption include both alternatives through an automated key management server.
Security quality
The cryptographic security of PGP encryption depends on the assumption that the algorithms used are unbreakable by direct cryptanalysis with current equipment and techniques. For instance, in the original version, the RSA algorithm was used to encrypt session keys; RSA's security depends upon the one-way function nature of mathematical integer factoring. New, now unknown, integer factorization techniques might, therefore, make breaking RSA easier than now, or perhaps even trivially easy. However, it is generally presumed by informed observers that this is an intractable problem, and likely to remain so. Likewise, the secret key algorithm used in PGP version 2 was IDEA, which might, at some future time, be found to have a previously unsuspected cryptanalytic flaw. Specific instances of current PGP, or IDEA, insecurities -— if they exist -— are not publicly known. As current versions of PGP have added additional encryption algorithms, the degree of their cryptographic vulnerability varies with the algorithm used. In practice, each of the algorithms in current use is not publicly known to have cryptanalytic weaknesses.
Any agency wanting to read PGP messages would probably use easier means than cryptanalysis, eg. Rubber-hose cryptanalysis, or by installing some form of trojan horse or keystroke logging software/hardware on the target computer to capture encrypted keyrings and their passwords. The FBI have already used this attack against PGP [1] [2] in their investigations. However, it is important to note that any such vulnerabilities apply not just to PGP, but to all encryption software
Trusted Platform Module
In computing, Trusted Platform Module (TPM) is both the name of a published specification detailing a secure cryptoprocessor that can store secured information, as well as the general name of implementations of that specification, often called "TPM chip", "Fritz chip" or "TPM Security Device" (Dell). The TPM specification is the work of the Trusted Computing Group.
Overview
A Trusted Platform Module offers facilities for secure generation of cryptographic keys, the ability to limit the use of cryptographic keys, as well as a hardware random number generator. It also includes capabilities such as remote attestation and sealed storage. Remote attestation creates an nearly unforgeable hash key-summary of the hardware and software. To what extent the software is being summarized is decided by the software that is encrypting the data . This allows a third party to verify that the software has not been changed. Sealing encrypts data in such a way that it may be decrypted only if the TPM release the right decryption key, which it only does if the exact same software is present as when it encrypted the data. Binding encrypts data using the TPM's endorsement key, a unique RSA key burned into the chip during its production, or another trusted key.
VMM
Virtual Machine Manager redirects here. For the virtual machine monitoring application from MicrosoftIn computer science,
a virtual machine (VM) is a software implementation of a machine (computer) that executes programs like a real machine.
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: evil clowns, security technologies, pgp freeware, pgp installer, who is evil in macbeth, pgp atr, pgp inhibitors,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  cryptography and network security full report computer science technology 21 31,172 31-05-2016, 12:17 PM
Last Post: dhanabhagya
  Visual security is feeble for anti-phishing seminar surveyer 5 4,335 18-10-2012, 01:15 PM
Last Post: seminar details
  2G-5G Networks: Evolution of Technologies, Standards, and Deployment computer girl 0 1,252 05-06-2012, 10:48 AM
Last Post: computer girl
  Emerging Trends In Contactless RFID Technologies full report project topics 1 10,236 11-02-2012, 12:06 PM
Last Post: seminar addict
  wireless internet security full report computer science technology 1 5,009 26-01-2012, 10:46 AM
Last Post: seminar addict
  Cryptography and Network Security seminar surveyer 5 4,581 08-08-2011, 09:59 AM
Last Post: seminar addict
  An Overview of Positioning Systems and Technologies seminar class 0 1,232 01-04-2011, 12:49 PM
Last Post: seminar class
  e-voting, security issue seminar class 0 1,825 19-02-2011, 02:24 PM
Last Post: seminar class
  DATA SECURITY IN LOCAL NETWORK USING DISTRIBUTED FIREWALL project report helper 0 1,957 08-10-2010, 11:18 AM
Last Post: project report helper
  Understanding Enterprise Security with Integration and Convergence computer science technology 0 1,234 24-01-2010, 03:23 PM
Last Post: computer science technology

Forum Jump: