Chapter_23_Slides - Chapter 23 Network Security...

Info icon This preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
11/15/2010 1 Chapter 23: Network Security • Introduction to the Drib Introduction to the Drib Policy Development Network Organization • Availability A ti i ti Att k Slide #23-1 Anticipating Attacks Introduction • Goal: apply concepts principles Goal: apply concepts, principles, mechanisms discussed earlier to a particular situation – Focus here is on securing network – Begin with description of company Slide #23-2 – Proceed to define policy – Show how policy drives organization
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
11/15/2010 2 The Drib • Builds and sells dribbles Builds and sells dribbles Developing network infrastructure allowing it to connect to Internet to provide mail, web presence for consumers, suppliers, other partners Slide #23-3 Specific Problems • Internet presence required Internet presence required E-commerce, suppliers, partners Drib developers need access External users cannot access development sites Hostile takeover by competitor in progress – Lawyers corporate officers need access to development Slide #23-4 Lawyers, corporate officers need access to development data Developers cannot have access to some corporate data
Image of page 2
11/15/2010 3 Goals of Security Policy • Data related to company plans to be kept secret Data related to company plans to be kept secret Corporate data such as what new products are being developed is known on a need-to-know basis only When customer supplies data to buy a dribble, only folks who fill the order can access that information Slide #23-5 Company analysts may obtain statistics for planning Lawyers, company officials must approve release of any sensitive data Policy Development • Policy: minimize threat of data being leaked to Policy: minimize threat of data being leaked to unauthorized entities Environment: 3 internal organizations Customer Service Group (CSG) Maintains customer data Interface between clients, other internal organizations Development Group (DG) Slide #23-6 Develops, modifies, maintains products Relies on CSG for customer feedback Corporate Group (CG) Handles patents, lawsuits, etc.
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon