widyatama.lecture.applied networking.iv week05 mobile security 1
TRANSCRIPT
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
1/22
Applied Networking-IV (2231114)
Lecture Week-5
Mobile Security-1
1818--MarMar--1010 WidyatamaWidyatama UniversityUniversity--InformaticsInformatics 11
Lecture by:Lecture by: Djadja.SardjanaDjadja.Sardjana, S.T., M.M., S.T., M.M.www.slideshare.net/djadjawww.slideshare.net/djadja
[email protected]@widyatama.ac.id
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
2/22
Mobile SecurityMobile Security--11
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics 22
MobileSecurity
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
3/22
The New Age of RiskThe New Age of Risk
Ubiquitous internet protocolUbiquitous internet protocol--basedbased
(Almost) everything connects to the Net(Almost) everything connects to the Net
Many vulnerabilities awaiting exploitationMany vulnerabilities awaiting exploitation
Mobility of people / information / devicesMobility of people / information / devices
Cyber crime: real and increasingCyber crime: real and increasing
Terrorist threat: physical now.blendedTerrorist threat: physical now.blendedlater?later?
1818--MarMar--1010 33Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
4/22
Hostile WorldHostile World
99--11, 311, 3--11, 711, 7--7 and other major terror attacks7 and other major terror attacks
Wars and insurgenciesWars and insurgencies
SARS / Bird fluSARS / Bird flu -- global impact of diseaseglobal impact of disease
SE Asia tsunami disasterSE Asia tsunami disaster
Katrina hurricane disaster in USAKatrina hurricane disaster in USA
Tomorrows headlines?Tomorrows headlines?
1818--MarMar--1010 44Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
5/22
Convergence Of Legal, IT,Convergence Of Legal, IT,
AndAnd BusinessBusinessLaws/Regulations Technologies Stakeholders
Web / Internet
Databases
Collaboration
Wireless
Mobile Devices
Customers
Competitors
GovernmentsSuppliers/Partners
Sarbanes-Oxley
GLB/HIPAA/Patriot
EU DataProtect
U.S. Identity TheftLaw(s)?
Pressure mounting on organizations to prove compliance withan increasing array of laws and regulations. This makes
information security much more challenging.
1818--MarMar--1010 55Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
6/22
Joint Ventures Contract Manufacture
Organization CommunityOrganization Community
Hostile Internet Environment
Dissolution of Perimeter
Parts
Contract Design
Customers
UnUn--trustedtrusted
IntranetIntranet
Point defenses
Servicess
Transportation
1818--MarMar--1010 66Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
7/22
Home/RemoteUsers
Business Systems
Current State of Network Security
HR Systems
Research/Development
Legacy Systems
Users
IntranetIntranet
Manufacturing
Labs
Communication/Messaging Systems
Mobile/Wireless
Hackers
Eroding Firewall Perimeter
Strategic PartnersSuppliersVendors
Etc
Hackers
ro ng rewa er me er
1818--MarMar--1010 77Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
8/22
Mobile Viruses on the riseMobile Viruses on the rise
200406-15-04: Cabir A
06-16-04: Cabir B
07-10-2004: WinCE/Dust0101--1010--2005:2005: LascoLasco AA
2005
08-06-2004: Brador
11-19-04: Skulls A
11-29-04: Skull B
12-09-04: Cabir C
12-09-04: Cabir D
12-09-04: Cabir E
12-21-04: Cabir F
0202--0101--2005:2005: Locknut.ALocknut.A
0303--0707--2005:2005: CommwarriorCommwarrior
0303--0404--2005:2005: Dampig.ADampig.A
0303--1818--2005:2005: DreverDrever0404--0404--2005:2005: Mabir.AMabir.A
- -
12-21-04: Skulls C12-21-04: MGDropper
12-26-04: Cabir H
12-26-04: Cabir I
1818--MarMar--1010 88Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
9/22
Wireless Enabled & MobileWireless Enabled & Mobile
AttacksAttacks BlueBlue--jacking, bugging, snarfing, snipingjacking, bugging, snarfing, sniping
ar r v ngar r v ngMalicious Mobile Code (Malicious Mobile Code (Virus, Worms, TrojansVirus, Worms, Trojans))
RFID SniffingRFID SniffingDenial of ServiceDenial of Service
SpywareSpyware
Social EngineeringSocial Engineering
1818--MarMar--1010 99Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
10/22
Securing the Mobile WorkforceSecuring the Mobile Workforce
As the person responsiblefor an organization you
only have control in thisspace
But mobile employeesmove throughout the
1818--MarMar--1010 1010Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
11/22
Effective Security is ComplexEffective Security is Complex Many parts & piecesMany parts & pieces
Complex componentsComplex components
Too few qualified personnelToo few qualified personnel ~.005% of em lo ees~.005% of em lo ees
PKI Manager
Centralized
SecurityPolicy Manager
DigitalSignatureInterface
Other SecurityEntity Manager
Token CardManager
OS SecurityManagement
Tools
CertificateAuthorityInterface
Single Sign-onTools
Lack of standardsLack of standards Protection programs customProtection programs custom
builtbuilt
Failure of weakest link (s)Failure of weakest link (s)
Virus Interception& Correction
VPN Session orTunnel
Manager
Security EventReport
Writer(s)
EncryptionFacilities for
NetworkConnections
Security Policy
Distributor
Cyberwall/Firewall
Rule Base
ConnectionManager and
Logging
Application Proxy
Implementations
Security TrafficEvent Analyzer
ApplicationLogging Facility
VPN IPSec andVPN
ConnectionManager
IntrusionLogging
IntrusionSecurity Event Security IntegrityIntrusion
Network
Host-based
Application-based
Authentication
Cryptography
Anti-Virus
Intrusion Detection
Auditin
Network AccessControl Interceptionand Enforcement
Facility
StatefulInspection
ApplicationInspection
PacketInspection
FrameInspection
SecurityFilter Engine
Real-timeFrame
Management
Detection
Security Management
1818--MarMar--1010 1111Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
12/22
Security Must Make Business SenseSecurity Must Make Business Sense
COST OF SECURITYCOUNTERMEASURES
OPTIMAL LEVEL OF SECURITYAT MINIMUM COST
COST ($)SECURITY
LEVEL
TOTAL COST
COST OF SECURITYBREACHES
0% 100%
1818--MarMar--1010 1212Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
13/22
Next Generation SecurityNext Generation Security
Zones and compartmentsZones and compartments
Extensive use of cryptographyExtensive use of cryptography Identity and access managementIdentity and access management
Opt in for more protectionOpt in for more protection
Essential to enable seamless security !Essential to enable seamless security !
1818--MarMar--1010 1313Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
14/22
Legacy Zonee.g. manufacturing
Internet
CollaborativeSystems
Next Generation Design
Secure Zone
SOX CompliantSystems
Personal RegulatedData Systems
Custom Zone
Intranet ZoneSeamless MobilityMOT ISP
General PurposeSystems
Availability Not CriticalSystems
Not subject toRegulation
Systems
High Sensitivity Zone
Trade Secret, Race, age, ethnicity
an one
DMZZone
QZZone
1818--MarMar--1010 1414Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
15/22
Security is a ProcessSecurity is a Process
NotNot a Product!a Product! Security is achieved by the combination ofSecurity is achieved by the combination of
ProcessProcess
TechnologyTechnology Protections Address:Protections Address:
PreventionPrevention
ResponseResponse
RecoveryRecovery
1818--MarMar--1010 1515Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
16/22
Traditional security programs align people, processes andTraditional security programs align people, processes andtechnology to protect enterprise networkstechnology to protect enterprise networks
With seamless mobility, security must now expand to encompass theextended enterprise.
People
PoliciesProcessesQuickTime and a
TIFF (LZW) decompressorare needed to see this picture.
TechnologyRFID CHIP
1818--MarMar--1010 1616Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
17/22
Securing Seamless Mobility:Securing Seamless Mobility:
Wireless/MobilityWireless/Mobility Risk ManagementRisk Management
us nessus ness-- ocuse un ers an ng anocuse un ers an ng anprioritization of risks, vulnerabilities andprioritization of risks, vulnerabilities andcountermeasurescountermeasures
Include technical vulnerabilities as well asInclude technical vulnerabilities as well asother ke elements of the securit ro ramother ke elements of the securit ro ram
Assures most effective use of limitedAssures most effective use of limitedresourcesresources
1818--MarMar--1010 1717Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
18/22
Securing Seamless Mobility:Securing Seamless Mobility:
Network DesignNetwork Design
Build security into wireless network foundationsBuild security into wireless network foundations
Focus on points of connectivity, firewalls, DMZs,Focus on points of connectivity, firewalls, DMZs,
intrusion detection/prevention, VPNs andintrusion detection/prevention, VPNs andencryptionencryption
ax m ze w re ess ne wor ava a y,ax m ze w re ess ne wor ava a y,
operational security and performanceoperational security and performance
Secure devices in a system designed forSecure devices in a system designed for
securitysecurity1818--MarMar--1010 1818Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
19/22
ApproachApproach to Information Securityto Information Security
INTERNAL IT
Confidentiality,Integrity, andAvailability ofMotorola I/T
Assets
Wireless Security
Services
Product Security
Support
development ofmore secure
Motorolaproducts
Services includePROTECTING assets,
DETECTING hostileactivities, RESPONDING toincidents, andRECOVERING to limit
Leverage our
expertise toprovide
customerservices
1818--MarMar--1010 1919Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
20/22
TugasTugas Mobile SecurityMobile Security
1.1. 06060220606022 -- FIRMANSAYH APNET4FIRMANSAYH APNET4
o e ecur yo e ecur y2.2. GentaGenta GemilangGemilang--Mobile SecurityMobile Security
3.3. HillmanHillman NurrachmanNurrachman--MobileMobileSecurity SoftwareSecurity Software
.. -- --0606P020606P02
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics 2020
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
21/22
Conclusion & Final WordsConclusion & Final Words
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics 2121
MobileSecurity
Demo
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week05 Mobile Security 1
22/22
ConclusionConclusion
Threats to organizations are real andThreats to organizations are real and
ncreas ng, seam ess mo y requ resncreas ng, seam ess mo y requ rescareful security planningcareful security planning
Security incidents involving mobile andSecurity incidents involving mobile andwireless environment are increasingwireless environment are increasing
holistic approach that address people,holistic approach that address people,processprocess andand technologytechnology
1818--MarMar--1010 2222Widyatama UniversityWidyatama University--InformaticsInformatics