11
Computer NetworkComputer NetworkSection - IVSection - IV
Stage II -ICMAPStage II -ICMAP
Outline
Fundamentals Types of Network
(LAN, WAN,MAN,VAN,VPN,Intranet,Extranet) Protocols Network Topologies
(Star, Bus, Ring, Mesh, Hybrid) Network Devices Network Media/Cables Internet Security Risk Security Measures
22Stage II -ICMAPStage II -ICMAP
Computer NetworkComputer Network The connection or two or more computer
systems using a communication channel is called computer network.
Group of connected computer connected through a hub/switch/modem to share information through communication medium is called network.
33Stage II -ICMAPStage II -ICMAP
Centralized Data Processing
Places all hardware, software, and processing in one location
Very inconvenient and inefficient Input data had to be physically transported to
computer Processed material had to be delivered to
users
Return
44Stage II -ICMAPStage II -ICMAP
Distributed Data Processing
Uses computers that are at a distance from central computer
Local computers had access to central computers Some processing done on local computers,
some on central computers
Return
55Stage II -ICMAPStage II -ICMAP
Digital and Analog Transmission
Digital transmission Sends data as distinct pulses, either on or off Similar to how data travels through computer
Analog transmission• Continuous electrical signal in the form of a wave
Called carrier wave
• Many communications media already in place for analog (voice) transmission
Phone lines are most common
66Stage II -ICMAPStage II -ICMAP
Components of Communication System
1. Transmitter 2. Medium 3. Receiver
77Stage II -ICMAPStage II -ICMAP
Asynchronous Transmission
Also called start/stop transmission Start bit transmitted at the beginning of each
group of bits Stop bit sent at end of each group Each group typically consists of one character
Receiving device gets start signal and sets up mechanism to accept the group
Used for low-speed communications
Return
88Stage II -ICMAPStage II -ICMAP
Synchronous Transmission
Large block of characters transmitted Internal clocks of devices synchronized Error-check bits make sure all characters
received Much faster, but equipment is more
expensive
Return
99Stage II -ICMAPStage II -ICMAP
Transmission Mode
1. Simplex 2. Half-Duplex 3. Full-Duplex
1010Stage II -ICMAPStage II -ICMAP
Simplex, Half-Duplex, and Full-Duplex Transmission
Simplex transmission sends data in one direction only
Example: television broadcasting Half-duplex transmission sends data in both
directions, but only one way at a time Example: bank teller sends data about a deposit; after
data received, a confirmation returns Full-duplex transmission allows transmission in
both directions at same time Example: a conversation Typically used for high-speed data communication
1111Stage II -ICMAPStage II -ICMAP
Simplex Communication
Simplex communication is a mode in which data only flows in one direction. Because most modern communications require a two-way interchange of data and information, this mode of transmission is not as popular as it once was.
However, one current usage of simplex communications in business involves certain point-of-sale terminals in which sales data is entered without a corresponding reply.
1212Stage II -ICMAPStage II -ICMAP
Half-Duplex Communication
Half-duplex communication adds an ability for a two-way flow of data between computer terminals. In this directional mode, data travels in two directions, but not simultaneously.
Data can only move in one direction when data is not being received from the other direction. This mode is commonly used for linking computers together over telephone lines.
1313Stage II -ICMAPStage II -ICMAP
Full-Duplex Communication The fastest directional mode of communication
is full-duplex communication. Here, data is transmitted in both directions simultaneously on the same channel. Thus, this type of communication can be thought of as similar to automobile traffic on a two-lane road.
Full-duplex communication is made possible by devices called multiplexers. Full-duplex communication is primarily limited to mainframe computers because of the expensive hardware required to support this directional mode.
1414Stage II -ICMAPStage II -ICMAP
Network Uses
Electronic mail (e-mail) Facsimile (fax) technology Groupware Teleconferencing Electronic data interchange Electronic fund transfers Computer commuting The Internet
1515Stage II -ICMAPStage II -ICMAP
The Internet
A global network of hundreds of thousands of Computers
Widely considered to be the defining technology of the beginning of this century
Return
1616Stage II -ICMAPStage II -ICMAP
The Internet Service Provider and the Browser
An Internet service provider (ISP) provides the server computer and software to connect to the Internet
Online service, such as America Online, includes Internet access, Internet service, and a browser
When you connect to the Internet, the browser displays a home page
Return
1717Stage II -ICMAPStage II -ICMAP
Uniform Resource Locator (URL)
The complete, unique address of a Web page
Web page URL begins with http• HyperText Transfer Protocol – allows communication
by using links to transfer data between sites Domain name – address of site’s host computer
• Last part of domain name is called a top-level domain• Identifies country or purpose of organization
Return
1818Stage II -ICMAPStage II -ICMAP
Local Area Network (LAN)
Contains printers, servers and computers Systems are close to each other Contained in one office or building Organizations often have several LANS LAN is a number of computers connected to
each other by cable in a single location, usually a single floor of building or all the computers in a small company
1919Stage II -ICMAPStage II -ICMAP
Wide Area Network (WAN)
Set of connecting links between LAN. These links are made over telephone lines leased from various telephone companies
Wide Area Networks (WAN) Two or more LANs connected Over a large geographic area Typically use public or leased lines
• Phone lines• Satellite
The Internet is a WAN
2020Stage II -ICMAPStage II -ICMAP
Difference between LAN & WAN
LAN WAN1. Covers small geographical area
2. Computers are directly connected through physical cable for data transmission
3. LAN card is used for data transmission
4. Data transmission speed is very high
5. Installation and configuration cost is less than WAN
Covers large or wide geographical area
No physical cable or wire is used and data is sent and received through microwave system or satellite.
Modem is used for data transmission
slow
Higher than LAN
2121Stage II -ICMAPStage II -ICMAP
Metropolitan Area Network (MAN)
Metropolitan Area Network (MAN) Large network that connects different
organizations Shares regional resources An example of a regional resource is a An example of a regional resource is a
supercomputer. For example, Pittsburgh has supercomputer. For example, Pittsburgh has the Pittsburgh Super Computing center the Pittsburgh Super Computing center (www.psc.edu). The various colleges in (www.psc.edu). The various colleges in Pittsburgh connect to the center through a Pittsburgh connect to the center through a MAN in Pittsburgh.MAN in Pittsburgh.
2222Stage II -ICMAPStage II -ICMAP
Client/Server Network
Nodes and servers share data roles Nodes are called clients Servers are used to control access
Client requests data from server Server passes only the requested data
Client may perform some processing, but most data processed on server
2323Stage II -ICMAPStage II -ICMAP
Peer to Peer Networks (P2PN)
All nodes are equal Nodes access resources on other nodes Each node controls its own resources Most modern OS allow P2PN All computers have equal status Users share each other’s files, printers, etc. as
needed Common in small offices Networks tend to be slow Kazaa
2424Stage II -ICMAPStage II -ICMAP
Intranets
A private Internet-like network Internal to a certain company Easy to set up Can be linked to the Internet
Users can retrieve information such as benefits information and job openings Submit vacation requests, applications for open
positions, employee handbooks, corporate policies, and other information in a central location
2525Stage II -ICMAPStage II -ICMAP
Extranet
Refer to applications and services that are Intranet based, and use extended, secure access to external users or enterprises. This access is usually accomplished through passwords, user IDs, and other application-level security
2626Stage II -ICMAPStage II -ICMAP
Virtual Private Network
Technology that uses the Internet as a channel for private data communication
Uses tunneling technology Offers many benefits over a private
network Much cheaper than dedicated lines Data is secure Turns remote network administration over to
ISP
2727Stage II -ICMAPStage II -ICMAP
Tunneling Also called encapsulation Transfers data between two similar networks
over an intermediate network Data packets follow Point-to-Point Tunneling Protocol
(PPTP) Data embedded in TCP/IP packets carried by the
Internet Data packets are encoded before encapsulation
When received, they are separated and returned to their original format
Provides security for data packets
Return
2828Stage II -ICMAPStage II -ICMAP
Value-Added Network (VAN) A value-added network (VAN) is a private network provider
(sometimes called a turnkey communications line) that is hired by a company to facilitate electronic data interchange (EDI) or provide other network services.
Before the arrival of the World Wide Web, some companies hired value-added networks to move data from their company to other companies. With the arrival of the World Wide Web, many companies found it more cost-efficient to move their data over the Internet instead of paying the minimum monthly fees and per-character charges found in typical VAN contracts. In response, contemporary value-added network providers now focus on offering EDI translation, encryption, secure e-mail, management reporting, and other extra services for their customers.
2929Stage II -ICMAPStage II -ICMAP
Virtual Area Network (VAN) A virtual area network (VAN) is a network on which users are
enabled to share a more visual sense of community through high band-width connections.
It is something like a metropolitan area network (MAN) or extended local areanetwork (LAN) in which all users can meet over high-bandwidth connections, enabling "face-to-face" online "coffeehouses," remote medical diagnosis and legal consultation, and online corporate or extracorporate workgroups, focus groups, and conferences.
A VAN requires multi-megabyte data flow and can be implemented through the use of Asymmetric Digital Subscriber Line but more likely through the installation of cable modem. Since the high-bandwidth connections imply a common infrastructure, the first VANs are likely to be local or regional. However, a VAN can also be national or international in geographic scope, assuming all users share similar capabilities.
3030Stage II -ICMAPStage II -ICMAP
Baseband & Broadband SignalingBaseband & Broadband Signaling
BasebandBaseband
1)Uses digital signalling1)Uses digital signalling
2)No frequency-division multiplexing2)No frequency-division multiplexing
3)Bi-directional transmission3)Bi-directional transmission
4)Signal travels over short distances4)Signal travels over short distances
BroadbandBroadband
1)Uses analog signalling1)Uses analog signalling
2)Unidirectional transmission2)Unidirectional transmission
3)Frequency-division multiplexing is possible3)Frequency-division multiplexing is possible
4) Any data connection faster than 56 Kbps
4)Signal can travel over long distances before being attenuated4)Signal can travel over long distances before being attenuated3131Stage II -ICMAPStage II -ICMAP
Integrated Systems Digital Network (ISDN)
Special type of telephone circuit Can move data at 128,000 bps Includes two phone lines, so you can talk on
the phone while online• Two data channels each support 64 Kbps
Drawbacks Expensive, especially at installation Not available in all areas
Return
3232Stage II -ICMAPStage II -ICMAP
Digital Subscriber Line (DSL)
Offers speeds up to 30 Mbps Simultaneous use of phone and data Asynchronous DSL
• Different up and download speeds
Drawbacks You must be within three miles of telephone company’s
switching office Costly Not available in all areas
3333Stage II -ICMAPStage II -ICMAP
Network Protocols Protocol - a set of rules for the exchange of data
between a terminal and a computer or two computers Agreement on how data is to be sent and receipt acknowledged Needed to allow computers from different vendors to
communicate Language of the network
Rules of communication Error resolution Defines collision and collision recovery Size of packet Naming rules for computers
3434Stage II -ICMAPStage II -ICMAP
Network Packet and Payload
Packets Pieces of data transmitted over a network Packet header
• Contains control information• Sending and receiving address
Packet payload• Contains actual data
3535Stage II -ICMAPStage II -ICMAP
Protocol Data Units (PDUs)Protocol Data Units (PDUs)
3636Stage II -ICMAPStage II -ICMAP
Network Protocols Transmission Control Protocol/Internet Protocol (TCP/IP)
Most popular protocol Required for Internet access TCP creates and reassembles packets IP handles addressing
• Ensures that packets are routed to their ultimate destination• Machines assigned a name of 4 numbers
IP address
Dynamic Host Configuration Protocol• Simplifies assignment of IP addresses
NetBEUI Network BIOS Extended User Interface Used by Windows to name computers It provides services related to the It provides services related to the session layer of the of the OSI model allowing allowing
applications on separate computers to communicate over a applications on separate computers to communicate over a local area network..
3737Stage II -ICMAPStage II -ICMAP
Network Protocols IPX/SPX
Internet Packet Exchange/Sequenced Packet Exchange Associated with Novell Netware Replaced by TCP/IP
IPX is a IPX is a network layer protocol while SPX is a protocol while SPX is a transport layer protocol . The protocol . The SPX provides connection-oriented services between two nodes on the SPX provides connection-oriented services between two nodes on the network.network.
IPX and SPX both provide connection services similar to IPX and SPX both provide connection services similar to TCP/IP, with the , with the IPX protocol having similarities to IPX protocol having similarities to IP, and SPX having similarities to , and SPX having similarities to TCP..
IPX/SPX was primarily designed for IPX/SPX was primarily designed for local area networks (LANs), and is a (LANs), and is a very efficient protocol for this purpose (typically its performance exceeds very efficient protocol for this purpose (typically its performance exceeds that of TCP/IP on a LAN). TCP/IP has, however, become the that of TCP/IP on a LAN). TCP/IP has, however, become the de factode facto standard protocol. This is in part due to its superior performance over standard protocol. This is in part due to its superior performance over wide area networks and the Internet (which uses TCP/IP exclusively), and and the Internet (which uses TCP/IP exclusively), and also because TCP/IP is a more mature protocol, designed specifically with also because TCP/IP is a more mature protocol, designed specifically with this purpose in mind.this purpose in mind.
3838Stage II -ICMAPStage II -ICMAP
Ethernet - LAN Protocols
Dominant network protocol Uses either bus or star topology Node “listens” to see when the network is
available If two computers transmit at same time,
collision occurs Network detects the collision Each computer waits random amount of time
and retransmitsReturn
3939Stage II -ICMAPStage II -ICMAP
Token Ring - LAN Protocols
Uses ring topology Token (electrical signal) controls which
node can send messages Token circulates among nodes A computer waits for an empty token,
attaches message, and transmits Only one token, so only one device can
access network at a timeReturn
4040Stage II -ICMAPStage II -ICMAP
File Transfer Protocol (FTP)
A protocol for transferring files among computers
Requires FTP Client and FTP Server FTP servers maintain collections of
downloadable files Downloading can often be done anonymously,
without logging in Many FTP servers can be accessed
through Web browserReturn
4141Stage II -ICMAPStage II -ICMAP
Telnet
A protocol that allows remote users to log onto a host computer Users use their own PCs Users log in over the Internet Users’ experience is the same as if they were
sitting at the host computer’s local terminal Remote user typically has to have a user
ID and password
Return
4242Stage II -ICMAPStage II -ICMAP
OSI Model
Open System Interconnection (OSI)
Created by International Organization for Standardization (ISO)
primary model for network communications
4343Stage II -ICMAPStage II -ICMAP
Comparison of OSI and Comparison of OSI and TCP/IPTCP/IP
4444Stage II -ICMAPStage II -ICMAP
Physical LayerPhysical Layer
4545Stage II -ICMAPStage II -ICMAP
Data Link LayerData Link Layer
4646Stage II -ICMAPStage II -ICMAP
Network LayerNetwork Layer
4747Stage II -ICMAPStage II -ICMAP
Transport LayerTransport Layer
4848Stage II -ICMAPStage II -ICMAP
Session LayerSession Layer
4949Stage II -ICMAPStage II -ICMAP
Application LayerApplication Layer
5050Stage II -ICMAPStage II -ICMAP
Network Topology The physical layout of a network i.e.
wires and equipment Choice affects
• Network performance• Network size• Network collision detection
Star Ring Bus Mesh Hybrid
5151Stage II -ICMAPStage II -ICMAP
Bus Topology Also called linear bus
One wire connects all nodes Terminator ends the wires If messages collide with other messages, sending node resends
message Nodes can be added/removed from network without affecting
network Advantages
• Easy to setup• Small amount of wire
Disadvantages• Slow• Easy to crash
5252Stage II -ICMAPStage II -ICMAP
Bus Topology
5353Stage II -ICMAPStage II -ICMAP
Star Topology
All nodes connect to a hub• Packets sent to hub
• Hub sends packet to destination
• Helps prevent collisions among messages Advantages
• Easy to setup One cable can not crash network If a node fails, network does not fail
• Disadvantages One hub crashing downs entire network Uses lots of cable
Most common topology5454Stage II -ICMAPStage II -ICMAP
Star Topology
5555Stage II -ICMAPStage II -ICMAP
Ring Topology Nodes connected in a circle
Tokens used to transmit data• Nodes must wait for token to send
Data messages travel around ring in a single direction Each node checks message to see whether that node is
addressee, If not, message passed to next node Advantages
• Time to send data is known• No data collisions
Disadvantages• Complex software required for token management
• Slow• Lots of cable
5656Stage II -ICMAPStage II -ICMAP
Ring Topology
5757Stage II -ICMAPStage II -ICMAP
Mesh Topology
All computers connected together Internet is a mesh network Advantage
• Data will always be delivered
• Reliable
• Fault Tolerant
• Dedicated Path –Fast transmission
• No Collision Disadvantages
• Lots of cable- Expensive
• Hard to setup
5858Stage II -ICMAPStage II -ICMAP
Mesh Topology
5959Stage II -ICMAPStage II -ICMAP
Hybrid Topology
6060Stage II -ICMAPStage II -ICMAP
Network Hardware
Modem Network Interface Card (NIC) Hub Bridge Switch Router Gateway Amplifier Repeater
6161Stage II -ICMAPStage II -ICMAP
Modem
Converts digital signal to analog and vice versa
Conversion from digital to analog called modulation
Conversion from analog to digital called demodulation
Measured in bits per second (bps) Fastest current modems transmit
at 56,000 bpsReturn
6262Stage II -ICMAPStage II -ICMAP
Network Interface Cards (NIC)
Ethernet Card /Network Adapters Network adapter
Connects each computer to wiring in the network Handles sending, receiving, and error checking of transmitted
data
Connects node to the media
6363Stage II -ICMAPStage II -ICMAP
Hubs
Center of a star network
All nodes receive transmitted packets
Slow and insecure Active Hub –
Amplification Passive Hub – no
amplification
6464Stage II -ICMAPStage II -ICMAP
Bridge
Connects two or more LANs together Packets sent to remote LAN cross
• Other packets do not cross Segments the network on MAC addresses
Bridge allows connection of similar networks (those using the same protocol)
6565Stage II -ICMAPStage II -ICMAP
Switches
Replacement for hubs Only intended node
receives transmission Fast Secure Keep track of MAC
Addresses Intelligent Device
6666Stage II -ICMAPStage II -ICMAP
Routers
Router Connects two or more
LANs, WANs together Packets sent to remote
LAN cross Connect internal
networks to the Internet Selection of best
available path and path forwarding
Need configured before installation
6767Stage II -ICMAPStage II -ICMAP
Gateway
Connects two dissimilar networks Primary function is converting protocol among
networks i.e. protocol translation
6868Stage II -ICMAPStage II -ICMAP
Amplifier
An Amplifier is an electronic device that increases the voltage , current , or power of a signal . Amplifiers are used in wireless communications and broadcasting, and in audio equipment of all kinds.
6969Stage II -ICMAPStage II -ICMAP
Repeater
In digital communication systems, a repeater is a device that receives a digital signal on an electromagnetic or optical transmission medium and regenerates the signal along the next leg of the medium. 7070Stage II -ICMAPStage II -ICMAP
Types of Communications Media
Unshielded /Shielded Twisted pairs
Coaxial cables Fiber optics
7171Stage II -ICMAPStage II -ICMAP
Twisted-Pair
Two wires twisted around each other to reduce electrical interference
Inexpensive Already in place (for telephone systems) Susceptible to electrical interference and noise -
anything causes signal distortion Most common LAN cable + telephone systems May be shielded from interference Speeds range from 1 Mbps to 1,000 Mbps
Return
7272Stage II -ICMAPStage II -ICMAP
Unshielded and Shielded TPUnshielded and Shielded TP
Unshielded Twisted Pair (UTP)Unshielded Twisted Pair (UTP) Ordinary telephone wireOrdinary telephone wire
CheapestCheapest
Easiest to installEasiest to install
Suffers from external EM interferenceSuffers from external EM interference
Shielded Twisted Pair (STP)Shielded Twisted Pair (STP) Metal braid or sheathing that reduces interferenceMetal braid or sheathing that reduces interference
More expensiveMore expensive
Harder to handle (thick, heavy)Harder to handle (thick, heavy)
7373Stage II -ICMAPStage II -ICMAP
Coaxial Cable A center conductor wire surrounded by layer of insulation and
metallic sheath Commonly used to connect to cable TV Higher bandwidth and less susceptibility to noise than twisted pair Shielded from interference Speeds up to 10 Mbps
Television distributionTelevision distribution
Antenna to TVAntenna to TV
Cable TVCable TV
Long distance telephone transmissionLong distance telephone transmission
Can carry 10,000 voice calls simultaneouslCan carry 10,000 voice calls simultaneouslyyReturn
7474Stage II -ICMAPStage II -ICMAP
Fiber Optic Use light instead of electricity to
send data Much higher bandwidth than
coaxial cable Immune to electrical
interference Materials cheaper than coaxial,
but installation costs high
Very secure Hard to work with Speeds up to
100 Gbps(billion bits per billion bits per secondsecond)
7575Stage II -ICMAPStage II -ICMAP
Computer Crime
Hacker – someone who attempts to gain access to computer systems illegally Originally referred to as someone with a high
degree of computer expertise Social engineering – a tongue-in-cheek term
for con artist actions• Persuade people to give away password information
7676Stage II -ICMAPStage II -ICMAP
Methods Computer Criminals Use
Bomb Data diddling Denial of service attac
ks Piggybacking Salami technique
Scavenging Trapdoor Trojan horse Zapping Worm Virus Spamming Cookies
7777Stage II -ICMAPStage II -ICMAP
Bomb
Causes a program to trigger damage under certain conditions Usually set to go off at a later date
Sometimes planted in commercial software Shareware is more prone to having a bomb
planted in it
Return
7878Stage II -ICMAPStage II -ICMAP
Data Diddling
Refers to changing data before or as it enters the system
Auditors must verify accuracy of the source data as well as the processing that occurs
Return
7979Stage II -ICMAPStage II -ICMAP
Denial of Service(DOS) Attack
Hackers bombard a site with more requests than it can possibly handle Prevents legitimate users from accessing the
site Hackers can cause attacks to come from
many different sites simultaneously
Return
8080Stage II -ICMAPStage II -ICMAP
Piggybacking
An illicit user “rides” into the system on the back of an authorized user If the user does not exit the system properly,
the intruder can continue where the original user has left off
Always log out of any system you log into
Return
8181Stage II -ICMAPStage II -ICMAP
Scavenging
Searching company trash cans and dumpsters for lists of information Thieves will search garbage and recycling
bins of individuals looking for bank account numbers, credit card numbers, etc.
Return
8282Stage II -ICMAPStage II -ICMAP
Trapdoor
An illicit program left within a completed legitimate program Allows subsequent unauthorized and
unknown entry by the perpetrator to make changes to the program
Salami Technique An embezzlement technique where small
“slices” of money are funneled into accountsReturn
8383Stage II -ICMAPStage II -ICMAP
Trojan Horse
Involves illegal instructions placed in the middle of a legitimate program Program does something useful, but the
Trojan horse instructions do something destructive in the background
Return
8484Stage II -ICMAPStage II -ICMAP
Worm
A program that transfers itself from computer to computer
self-replicating computer program.self-replicating computer program. Plants itself as a separate file on the target
computer’s disks
Return
8585Stage II -ICMAPStage II -ICMAP
Virus A set of illicit instructions that passes itself on to
other files Transmitting a virus Can cause tremendous damage to computer and data
Antivirus software Detects virus signature Scans hard disk every time you boot the computer
Viruses tend to show up on free software or software downloaded from the Internet
Often distributed as e-mail attachments Do not open e-mail attachments without scanning them or if you
do not know the person sending the e-mail
Return
8686Stage II -ICMAPStage II -ICMAP
Spamming
Mass advertising via e-mail Can overflow your e-mail inbox Bogs down your e-mail server, increasing the
cost of e-mail service Zapping
Refers to a variety of software designed to bypass all security systems
Return
8787Stage II -ICMAPStage II -ICMAP
Cookies A small text file stored on your hard drive File is sent back to the server each time you visit that
site Web sites can easily collect information when a user just
visits the site Web sites use cookies to store your preferences
Stores preferences, allowing Web site to be customized Stores passwords, allowing you to visit multiple pages within the
site without logging in to each one Tracks surfing habits, targeting you for specific types of
advertisements
Return
8888Stage II -ICMAPStage II -ICMAP
Computer Forensics
Uncovering computer-stored information suitable for use as evidence in courts of law
Some experts are available for hire, but most are on the staffs of police departments and law firms
8989Stage II -ICMAPStage II -ICMAP
Security: Playing It Safe
Security – a system of safeguards Protects system and data from deliberate or
accidental damage Protects system and data from unauthorized
access• Controlling Access
Biometric Devices
• Encryption• Firewall• Digital Signature
9090Stage II -ICMAPStage II -ICMAP
Controlling Access
Four means of controlling who has access to the computer What you have What you know What you do What you are
9191Stage II -ICMAPStage II -ICMAP
What You Have
Requires you to have some device to gain access to the computer Badge, key, or card to give you physical
access to the computer room or a locked terminal
Debit card with a magnetic strip gives you access to your bank account at an ATM
Active badge broadcasts your location by sending out radio signals
Return
9292Stage II -ICMAPStage II -ICMAP
What You Know & Do
What You Know Requires you to know something to gain
access Password and login name give you access to
computer system What You Do
Software can verify scanned and online signatures
Return
9393Stage II -ICMAPStage II -ICMAP
What You Are
Uses biometrics – the science of measuring body characteristics
Uses fingerprinting, voice pattern, retinal scan, etc. to identify a person
Can combine fingerprinting and reading a smart card to authenticate
Return
9494Stage II -ICMAPStage II -ICMAP
Biometric Devices
BiometricsBiometrics refers to methods for uniquely refers to methods for uniquely recognizing humans based upon one or more recognizing humans based upon one or more intrinsic physical or behavioral traits. In intrinsic physical or behavioral traits. In information technology, in particular, biometrics information technology, in particular, biometrics is used as a form of identity access is used as a form of identity access management and access control. It is also used management and access control. It is also used to identify individuals in groups that are under to identify individuals in groups that are under surveillance.surveillance.
Biometric Devices read personal characteristics and Biometric Devices read personal characteristics and attributes (voice ,face, retina etc) to authenticate aattributes (voice ,face, retina etc) to authenticate a
before allowing him to use the computerbefore allowing him to use the computer9595Stage II -ICMAPStage II -ICMAP
Encryption
Scrambling data so that it can only be read by a computer with the appropriate key
Encryption key converts the message into an unreadable form
Message can be decrypted only by someone with the proper key
Private key encryption – senders and receivers share the same key
Public key encryption – encryption software generates the key
Return
9696Stage II -ICMAPStage II -ICMAP
Firewall
A combination of hardware and software that sits between an organization’s network and the Internet
All traffic between the two goes through the firewall
Protects the organization from unauthorized access
Can prevent internal users from accessing inappropriate Internet sites
Return
9797Stage II -ICMAPStage II -ICMAP
Digital Signature
An electronic signature that can be used to authenticate An electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a the identity of the sender of a message or the signer of a document, and possibly to ensure that the original document, and possibly to ensure that the original content of the message or document that has been sent content of the message or document that has been sent is unchanged. is unchanged.
The ability to ensure that the original signed message The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it arrived means that the sender cannot easily repudiate it later.later.
A A Digital CertificatDigital Certificate contains the digital signature of the e contains the digital signature of the certificate-issuing authority so that anyone can verify that certificate-issuing authority so that anyone can verify that the certificate is real.the certificate is real.
9898Stage II -ICMAPStage II -ICMAP
Bluetooth
Uses radio waves to connect mobile devices. A wireless protocol for exchanging data over A wireless protocol for exchanging data over
short distances from fixed and mobile devices, short distances from fixed and mobile devices, creating personal area networks (PANs). It can creating personal area networks (PANs). It can connect several devices, overcoming problems connect several devices, overcoming problems of synchronization.of synchronization.
A short-range radio technology aimed at A short-range radio technology aimed at simplifying communications among Internet simplifying communications among Internet devices and between devices and the Internet.devices and between devices and the Internet.
9999Stage II -ICMAPStage II -ICMAP
WAP(Wireless ireless AApplication pplication PProtocolrotocol)
A secure specification that allows users to access A secure specification that allows users to access information instantly via handheld wireless devices such information instantly via handheld wireless devices such as mobile phones, pagers, two-way radios, smart as mobile phones, pagers, two-way radios, smart phones.phones.
Supports most wireless networks i.e.CDMA, GSM,. Supports most wireless networks i.e.CDMA, GSM,. WAP is supported by all operating systems. WAP is supported by all operating systems. WAPs that use displays and access the Internet run what WAPs that use displays and access the Internet run what
are called micro browsers--browsers with small file sizes are called micro browsers--browsers with small file sizes that can accommodate the low memory constraints of that can accommodate the low memory constraints of handheld devices and the low-bandwidth constraints of a handheld devices and the low-bandwidth constraints of a wireless-handheld network. wireless-handheld network.
100100Stage II -ICMAPStage II -ICMAP