Tổng quan tong-quan_anninhmang

  • View
    68

  • Download
    3

Embed Size (px)

DESCRIPTION

Tng quan v ANM

Transcript

  • 1. AN NINH MNG Network Security Computer Sciences Div. 2008, Vietnam-Korea Friendship IT College1

2. An Ninh Mng Ni dung 1- Tng quan v an ninh mng 1- Tng quan v an ninh mng 2- K thut m ha 2- K thut m ha 3- Chng thc ngi dng phn quyn s dng 3- Chng thc ngi dng --phn quyn s dng 4- Cc hnh thc v k thut tn cng 4- Cc hnh thc v k thut tn cng 5- M c hi 5- M c hi 6- Cc bin php k thut bo mt v an ton h thng 6- Cc bin php k thut bo mt v an ton h thng 7- Chnh sch bo mt thc thi chnh sch bo mt 7- Chnh sch bo mt --thc thi chnh sch bo mt 2008, Vietnam-Korea Friendship IT College 2 3. An Ninh Mng Lch hc Thi gian Sng:7h30 Chiu: 13h30 T2: Tng quan; KT m ha T3, T4: chng thc phn quyn; tm hiu cc hnh thc k thut tn cng h thng; m c hi T5, T6: Cc bin php k thut m bo an ton h thng; Trin khai chnh sch bo mt T6 (chiu): kim tra kt thc kha hc 2008, Vietnam-Korea Friendship IT College 3 4. TNG QUAN V AN NINH MNG Network Security Overview 2008, Vietnam-Korea Friendship IT College4 5. Ni dung S cn thit phi c an ninh mng Cc yu t m bo an ton thng tin Mi e da an ninh mng (Threat) L hng h thng (Vulnerable) Nguy c h thng (Risk) nh gi nguy c h thng 2008, Vietnam-Korea Friendship IT College 5 6. S cn thit phi c an ninh mng Cc yu t cn bo v Dliu Ti nguyn: con ngi, h thng, ng truyn Danh ting WAN GroupNT Computer Printer 2008, Vietnam-Korea Friendship IT College 6 7. S cn thit phi c an ninh mng Tc hi n doanh nghip Tnkm chi ph Tn km thi gian nh hng n ti nguyn h thng nh hng danh d, uy tn doanh nghip Mt c hi kinh doanh 2008, Vietnam-Korea Friendship IT College 7 8. S cn thit phi c an ninh mng Cn nhc Khnng truy cp v kh nng bo mt h thng t l nghch vi nhau. 2008, Vietnam-Korea Friendship IT College 8 9. Cc yu t m bo an ton thng tin Tnh b mt: Thng tin phi m bo tnh b mt v c s dng ng i tng. Tnh ton vn: Thng tin phi m bo y , nguyn vn v cu trc, khng mu thun Tnh sn sng: Thng tin phi lun sn sng tip cn, phc v theo ng mc ch v ng cch. Tnh chnh xc: Thng tin phi chnh xc, tin cy Tnh khng khc t (chng chi b): Thng tin c th kim chng c ngun gc hoc ngi a tin 2008, Vietnam-Korea Friendship IT College 9 10. Cc mi e da (threat) Cc mi e da (threat) n an ton h thng l cc hnh ng hoc cc s kin/hnh vi c kh nng xm hi n an ton ca mt h thng thng tin Mctiu e da tn cng. i tng e da tn cng (ch th tn cng) Hnh vi e da tn cng 2008, Vietnam-Korea Friendship IT College 10 11. Cc mi e da (threat)-2 Mc tiu e da tn cng (Target): ch yu l cc dch v an ninh (dch v www, dns, ) Kh nng bo mt thng tin: s b e da nu thng tin khng c bo mt Tnh ton vn ca thng tin: e da thay i cu trc thng tin Tnh chnh xc ca thng tin: e da thay i ni dung thng tin Kh nng cung cp dch v ca h thng: lm cho h thng khng th cung cp c dch v (tnh sn sng) Kh nng thng k ti nguyn h thng 2008, Vietnam-Korea Friendship IT College 11 12. Cc mi e da (threat)-3 i tng e da tn cng (Agent) l ch th gy hi n h thng Khnng e da tn cng ca i tng: kh nng truy cp khai thc cc l hng h thng to ra mi e da trc tip S hiu bit ca i tng v mc tiu e da tn cng: user ID, file mt khu, v tr file, a ch mng, ng c tn cng ca i tng: chinh phc, li ch c nhn, c tnh 2008, Vietnam-Korea Friendship IT College 12 13. Cc mi e da (threat)-4 Hnh vi e da tn cng Lidng quyn truy nhp thng tin h thng C tnh hoc v tnh thay i thng tin h thng Truy cp thng tin bt hp php C tnh hoc v tnh ph hy thng tin hoc h thng Nghe ln thng tin n cp phn mm hoc phn cng .. 2008, Vietnam-Korea Friendship IT College 13 14. Cc mi e da (threat)-5 Phn loi cc mi e da Cmc ch Khng c mc ch T bn ngoi T bn trong 2008, Vietnam-Korea Friendship IT College 14 15. L hng h thng (Vulnerable) L hng h thng lni m i tng tn cng c th khai thc thc hin cc hnh vi tn cng h thng. L hng h thng c th tn ti trong h thng mng hoc trong th tc qun tr mng. L hng lp trnh (back-door) L hng H iu hnh L hng ng dng L hng vt l L hng trong th tc qun l (mt khu, chia s,) 2008, Vietnam-Korea Friendship IT College 15 16. Nguy c h thng (Risk) Nguy c h thng: c hnh thnh bi s kt hp gia l hng h thng v cc mi e da n h thngNguy c = Mi e da + L hng h thng 2008, Vietnam-Korea Friendship IT College 16 17. Nguy c h thng (Risk) Cc cp nguy c Nguyc cao Nguy c trung bnh Nguy c thp 2008, Vietnam-Korea Friendship IT College 17 18. nh gi nguy c h thng Xc nh l hng h thngXc nh cc mi e da n h thngCc bin php an ton h thng hin c 2008, Vietnam-Korea Friendship IT College 18 19. nh gi nguy c h thng (2) Xc nh cc l hng h thng: vic xc nh cc l hng h thng c bt u t cc im truy cp vo h thng nh: - Kt ni mng Internet - Cc im kt ni t xa - Kt ni n cc t chc khc- Cc mi trng truy cp vt l n h thng - Cc im truy cp ngi dng - Cc im truy cp khng dy mi im truy cp, ta phi xc nh c cc thng tin c th truy cp v mc truy cp vo h thng 2008, Vietnam-Korea Friendship IT College 19 20. nh gi nguy c h thng (3) Xc nh cc mi e da yl mt cng vic kh khn v cc mi e da thng khng xut hin r rng (n) Cc hnh thc v k thut tn cng a dng: DoS/DDoS, BackDoor, Trn b m, Virus, Trojan Horse, Worm Social Engineering Thi im tn cng khng bit trc Qui m tn cng khng bit trc 2008, Vietnam-Korea Friendship IT College 20 21. nh gi nguy c h thng (3) Kim tra cc bin php an ninh mng Ccbin php an ninh gm cc loi sau:- Bc tng la - Firewall - Phn mm dit virus - iu khin truy nhp -H thng chng thc (mt khu, sinh trc hc, th nhn dng,)- thc ngi s dng - H thng chnh sch bo mt v t ng v li h thng- M ha d liu - H thng d xm nhp IDS -Cc k thut khc: AD, VPN, NAT 2008, Vietnam-Korea Friendship IT College 21 22. nh gi nguy c h thng (4) Xc nh mc nguy c Saukhi xc nh c cc l hng h thng, cc mi e da v cc bin php an ninh hin c, ta c th xc nh c mc nguy c h thng nh sau: Ti mt im truy cp cho trc vi cc bin php an ninh hin c, xc nh cc tc ng ca cc mi e da n h thng: kh nng bo mt, tnh bo ton d liu, kh nng p ng dch v, kh nng phc hi d liu thng qua im truy cp . 2008, Vietnam-Korea Friendship IT College 22 23. nh gi nguy c h thng (4) Xc nh mc nguy c (tt) Cnc vo 5 tiu ch nh gi (Chi ph, Thi gian, Danh d, Ti nguyn h thng, C hi kinh doanh) ta c th phn nguy c an ton mng mt trong cc mc: cao, trung bnh, thp. Nu h thng kt ni vt l khng an ton th h thng cng mc nguy c cao 2008, Vietnam-Korea Friendship IT College 23 24. Tho lun nh gi nh gi nguy c h thng ti doanh nghip ? Xem xt cc l hng h thng Xem xt cc kh nng tn cng. Xem xt cc bin php an ton h thng 2008, Vietnam-Korea Friendship IT College 24 25. Trantheson@mic.gov.vn H v tn C quan cng tc 1- Hiu bit v an ninh mng/ mng my tnh 2- Cu hnh mng hin ti ca c quan/doanh nghip 3- nh gi bo mt / an ton mng ca c quan/doanh nghip (s b) Xemxt cc l hng mng thng qua cc kt ni n c quan/doanh nghip Cc bin php AN mng hin c 2008, Vietnam-Korea Friendship IT College 25