Module Three

N deals with technical issues outside the scope of

Info icon This preview shows pages 6–8. Sign up to view the full content.

n Deals with technical issues outside the scope of the Orange Book wrt to networks n Redbook interprets the Orange Book n Orange Book – Trusted Computer Security Evaluation Criteria TNI Evaluation Classes D – Minimal protection C – Discretionary protection C1 – Discretionary Security Protection C2 – Controlled Access protection B – Mandatory B1 – Labeled Security B2 – Structured B3- Security Domains Technology Concepts Protocols: is a standard set of rules that determines how computers communicate with each other across networks despite their differences (PC, UNIC, Mac..) Layered architecture: shows how communication should take place n Clarify the general functions of a communication process n To break down complex networking processes into more manageable sublayers n Using industry-standard interfaces enables interoperability n To change the features of one layer without changing all of the code in every layer n Easier troubleshooting
Image of page 6

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

OSI – Open Systems Interconnect Model Layer 7 Application Security : Confidentiality, authentication, data integrity, non- repudiation Technology : gateways Protocols : FTP, SMB, TELNET, TFTP, SMTP, HTTP, NNTP, CDP, GOPHER, SNMP, NDS, AFP, SAP, NCP, SET n Responsible for all application-to- application communications. User information maintained at this layer is user data . Layer 6 Presentation Security : confidentiality, authentication, encryption Technology : gateway Protocols: ASCII, EBCDIC, POSTSCRIPT, JPEG, MPEG, GIF n Responsible for the formatting of the data so that it is suitable for presentation. Responsible for character conversion (ASCII/EBCDIC), Encryption/Decryption, Compression, and Virtual Terminal Emulation. User information maintained at this layer is called messages . Layer 5 Session Security : None Technology : gateways Protocols : Remote Procedure Calls (RPC) and SQL, RADIUS, DNS, ASP n Responsible for the setup of the links, maintaining of the link, and the link tear-down between applications. Layer 4 Transport Security : Confidentiality, authentication, integrity Technology : gateways Protocols : TCP, UDP, SSL, SSH-2, SPX, NetBios, ATP n Responsible for the guaranteed delivery of user information. It is also responsible for error detection, correction, and flow control. User information at this layer is called datagrams . Layer 3 Network Security : confidentiality, authentication, data integrity Technology : virtual circuits (ATM), routers Protocols : IP, IPX, ICMP, OSPF, IGRP, EIGRP, RIP, BOOTP, DHCP, ISIS, ZIP, DDP, X.25 n Responsible for the routing of user data from one node to another through the network including the path selection. Logical addresses are used at this layer. User information maintained at this layer is called packets . Layer 2 Data Link Security : confidentiality, Technology : bridges, switch Protocols : L2F, PPTP, L2TP, PPP, SLIP, ARP, RARP, SLARP, IARP, SNAP, BAP, CHAP, LCP, LZS, MLP, Frame Relay, Annex A, Annex D, HDLC, BPDU, LAPD, ISL, MAC, Ethernet, Token Ring, FDDI n Responsible for the physical addressing of the network via MAC addresses. Ther are two sublevels to the Data-Link layer. MAC and LLC.
Image of page 7
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.
  • Fall '12
  • Hurst
  • IP address, Packet filtering

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern