Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS.

Published byMaryann Ford Modified over 8 years ago

Similar presentations

Presentation on theme: "1 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS."— Presentation transcript:

1 1 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS

2 2 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources LO1 Describe information technologies that could be used in computer crimes. LO2 Describe basic safeguards in computer and network security. LO3 Explain the major security threats. LO4 Describe security and enforcement measures. LO5 Summarize the guidelines for a comprehensive security system, including business continuity planning. l e a r n i n g o u t c o m e s

3 3 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Risks Associated with Information Technologies Misuses of information technology –Invade users’ privacy –Commit computer crimes Minimize or prevent by: –Installing operating system updates regularly –Using antivirus and antispyware software –Using e-mail security features

4 4 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Spyware and Adware Spyware –Software that secretly gathers information about users while they browse the Web –Can be used maliciously Install antivirus or antispyware software Adware –Form of spyware –Collects information about the user to display advertisements in the Web browser

5 5 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Phishing –Sending fraudulent e-mails that seem to come from legitimate sources Direct e-mail recipients to false Web sites –To capture private information

6 6 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Keystroke Loggers Keystroke loggers –Monitor and record keystrokes –Can be software or hardware devices –Sometimes used by companies to track employees’ use of e-mail and the Internet –Can be used for malicious purposes Some antivirus and antispyware programs protect against software keystroke loggers

7 7 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Sniffing and Spoofing Sniffing –Capturing and recording network traffic –Often used by hackers to intercept information Spoofing –Attempt to gain access to a network by posing as an authorized user to find sensitive information

8 8 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer Crime and Fraud Computer fraud –Unauthorized use of computer data for personal gain Social networking sites –Used for committing computer crime Examples –Denial-of-service attacks –Identity theft –Software piracy –Distributing child pornography –E-mail spamming

9 9 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer Crime and Fraud (cont’d.) –Writing or spreading viruses, worms, Trojan programs, and other malicious code –Stealing files –Changing computer records –Virus hoaxes –Sabotage Company insiders commit most computer crimes

10 10 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer and Network Security: Basic Safeguards Critical for most organizations –Especially in recent years, with hackers becoming more numerous and adept at stealing and altering private information Hackers use a variety of tools to break into computers and networks –Sniffers, password crackers, and rootkits –Journals Phrack and 2600: The Hacker Quarterly

11 11 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer and Network Security: Basic Safeguards (cont’d.) Comprehensive security system –Protects an organization’s resources –Including information and computer and network equipment, e-mails, invoices transferred via electronic data interchange (EDI), new product designs, marketing campaigns, and financial statements Threats: –Include sharing passwords with co-workers, leaving a computer unattended while logged on to the network, or even spilling coffee on a keyboard

12 12 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer and Network Security: Basic Safeguards (cont’d.) Comprehensive security system –Includes hardware, software, procedures, and personnel that collectively protect information resources Confidentiality –System must not allow disclosing information to anyone who isn’t authorized to access it –Secure government agencies –Businesses –E-commerce

13 13 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer and Network Security: Basic Safeguards (cont’d.) Integrity –Ensures the accuracy of information resources in an organization –Financial transactions Availability –Ensures that computers and networks are operating –Authorized users can access the information they need

14 14 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 5.1 The McCumber Cube

15 15 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer and Network Security: Basic Safeguards (cont’d.) Three levels of security –Level 1: front-end servers –Level 2: back-end systems –Level 3: corporate network Fault-tolerant systems –Combination of hardware and software for improving reliability –Uninterruptible power supply (UPS) –Redundant array of independent disks (RAID) –Mirror disks

16 16 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Security Threats: An Overview Some threats can be controlled completely or partially, but some can’t be controlled Categories –Unintentional –Intentional

17 17 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Intentional Threats Viruses Worms Trojan programs Logic bombs Backdoors Blended threats (e.g., worm launched by Trojan) Rootkits Denial-of-service attacks Social engineering

18 18 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Viruses Type of malware Estimating the dollar amount of damage viruses cause can be difficult Usually given names –I Love You, Michelangelo Virus: Consists of self-propagating program code that’s triggered by a specified time or event

19 19 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Viruses (cont’d.) Seriousness of viruses varies Transmitted through a network and e-mail attachments –Bulletin or message boards Virus hoaxes –Can cause as much damage as real viruses Indications of a computer infected by a virus Best measure against viruses –Installing and updating antivirus programs

20 20 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Worms Travels from computer to computer in a network –Does not usually erase data Independent programs that can spread themselves without having to be attached to a host program Replicates into a full-blown version that eats up computing resources Well-known worms –Code Red, Melissa, and Sasser

21 21 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Trojan Programs and Logic Bombs Trojan program –Named after the Trojan horse the Greeks used to enter Troy during the Trojan War –Contains code intended to disrupt a computer, network, or Web site –Usually hidden inside a popular program Logic bomb –Type of Trojan program used to release a virus, worm, or other destructive code –Triggered at a certain time or by an event

22 22 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Backdoors and Blended Threats Backdoor –Programming routine built into a system by its author –Enables the author to bypass security and sneak back into the system later to access programs or files –Users aren’t aware a backdoor has been activated Blended threat –Combines the characteristics of several malicious codes with vulnerabilities on public/private networks –Goal is not to just start/transmit an attack, but to spread it –Multi-layer security system can guard from threats

23 23 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Denial-of-Service Attacks Floods a network or server with service requests –Prevent legitimate users’ access to the system Target Internet servers Distributed denial-of-service (DDoS) attack –Hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period –Difficult to trace

24 24 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Social Engineering Using “people skills” to trick others into revealing private information –Takes advantage of the human element of security systems Use the private information they’ve gathered to break into servers and networks and steal data Commonly used social-engineering techniques –“Dumpster diving” and “shoulder surfing”

25 25 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Protecting Against Data Theft and Data Loss Portable storage media –Theft or loss of media –Stealing company data Guidelines to protect against these risks

26 26 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Security Measures and Enforcement: An Overview Biometric security measures Nonbiometric security measures Physical security measures Access controls Virtual private networks Data encryption E-commerce transaction security measures Computer Emergency Response Team

27 27 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Biometric Security Measures Use a physiological element unique to a person Biometric devices and measures –Facial recognition –Fingerprints –Hand geometry –Iris analysis –Palm prints –Retinal scanning –Signature analysis – Vein analysis – Voice recognition

28 28 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 5.2 Examples of Biometric Devices

29 29 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Nonbiometric Security Measures Main security measures: –Callback modems –Firewalls –Intrusion detection systems

30 30 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Callback Modems Verify whether a user’s access is valid by: –Logging the user off –Calling the user back at a predetermined number Useful in organizations with many employees who work off-site

31 31 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Firewalls Combination of hardware and software Acts as a filter or barrier between a private network and external computers or networks Network administrator defines rules for access Examine data passing into or out of a private network –Decide whether to allow the transmission based on users’ IDs, the transmission’s origin and destination, and the transmission’s contents

32 32 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 5.3 Basic Firewall Configuration

33 33 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Firewalls (cont’d.) Possible actions after examining packet –Reject the incoming packet –Send a warning to the network administrator –Send a message to the sender that the attempt failed –Allow the packet to enter (or leave) the private network Main types of firewalls –Packet-filtering firewalls –Application-filtering firewalls –Proxy servers

34 34 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 5.4 Proxy Server

35 35 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Intrusion Detection Systems Protect against both external and internal access Usually placed in front of a firewall Prevent against DoS attacks Monitor network traffic “Prevent, detect, and react” approach Require a lot of processing power and can affect network performance

36 36 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Physical Security Measures Primarily control access to computers and networks Include –Cable shielding –Corner bolts –Electronic trackers –Identification (ID) badges –Proximity-release door openers –Room shielding –Steel encasements

37 37 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Lost and Stolen Laptops Recommendations: –Install cable locks and use biometric measures –Only store confidential data when necessary –Use passwords –Encrypt data –Install security chips

38 38 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Access Controls Terminal resource security –Software feature that erases the screen and signs the user off automatically after a specified length of inactivity Password –Combination of numbers, characters, and symbols that’s entered to allow access to a system –Length and complexity determines its vulnerability to discovery –Guidelines for effective passwords

39 39 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Virtual Private Networks Provides a secure “tunnel” through the Internet –For transmitting messages and data via a private network Remote users have a secure connection to the organization’s network Low cost Slow transmission speeds

40 40 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Data Encryption Transforms data, called plaintext or cleartext, into a scrambled form called ciphertext Rules for encryption determine how simple or complex the transformation process should be –Known as the “encryption algorithm” Protocols –Secure Sockets Layer (SSL) –Transport Layer Security (TLS)

41 41 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 5.7 Using Encryption

42 42 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Data Encryption (cont’d.) Key size –Between 32 and 168 bits Main types of encryption –Asymmetric also called “public key encryption” –Symmetric

43 43 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources E-commerce Transaction Security Measures Three factors are critical for security: –Authentication –Confirmation –Nonrepudiation Transaction security –Confidentiality –Authentication –Integrity –Nonrepudiation of origin –Nonrepudiation of receipt

44 44 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Computer Emergency Response Team Developed by the Defense Advanced Research Projects Agency Focuses on security breaches and DoS attacks Offers guidelines on handling and preventing these incidents Cyber Incident Response Capability (CIRC) –http://www.doecirc.energy.gov/aboutus.html

45 45 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Guidelines for a Comprehensive Security System Train employees Guidelines and steps involved –People –Procedures –Equipment and technology

46 46 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Business Continuity Planning Outlines procedures for keeping an organization operational Prepare for disaster Plan steps for resuming normal operations as soon as possible

47 47 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Summary Impact of IT tools on privacy –Use of IT tools to commit computer crimes Basic safeguards, fault-tolerant systems –Intentional security threats Biometric, nonbiometric, and physical security measures; access controls, firewalls, intrusion detection systems Establish comprehensive security system and business continuity plan

48 48 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning DATA COMMUNICATION: DELIVERING INFORMATION ANYWHERE AND ANYTIME CHAPTER 6 Hossein BIDGOLI MIS

49 49 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 6 Data Communication: Delivering Information Anywhere and Anytime LO1 Describe major applications of a data communication system. LO2 Explain the major components of a data communication system. LO3 Describe the major types of processing configurations. LO4 Explain the three types of networks. LO5 Describe the main network topologies. l e a r n i n g o u t c o m e s

50 50 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning LO6 Explain important networking concepts, such as bandwidth, routing, routers, and the client/server model. LO7 Describe wireless and mobile technologies and networks. LO8 Discuss the importance of wireless security and the techniques used. LO9 Summarize the convergence phenomenon and its applications for business and personal use. l e a r n i n g o u t c o m e s (cont’d.) Chapter 6 Data Communication: Delivering Information Anywhere and Anytime

51 51 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Defining Data Communication Data communication –Electronic transfer of data from one location to another –Enables an information system to deliver information –Improves the flexibility of data collection and transmission –Basis of virtual organizations –Provides e-collaboration

52 52 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Why Managers Need to Know About Data Communication Separating an organization’s core functions from the data communication systems that enable and support them is difficult Enhances decision makers’ efficiency and effectiveness Enables organizations to use e-mail and electronic file transfer to improve efficiency and productivity Ways data communication technologies affect the workplace

53 53 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Why Managers Need to Know About Data Communication (cont’d.) Managers need a clear understanding of: –The basics of data communication and networking –The Internet, intranets, and extranets –Wired and wireless networks –Network security issues and measures –Organizational and social effects of data communication –Globalization issues –Applications of data communication systems

54 54 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Basic Components of a Data Communication System Bandwidth –Amount of data that can be transferred from one point to another in a certain time period Attenuation –Loss of power in a signal as it travels from the sending device to the receiving device Broadband data transmission –Multiple pieces of data are sent simultaneously to increase the transmission rate

55 55 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Basic Concepts in a Data Communication System (cont’d.) Narrowband –Voice-grade transmission channel capable of transmitting a maximum of 56,000 bps, so only a limited amount of information can be transferred Protocols –Rules that govern data communication, including error detection, message length, and transmission speed

56 56 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Sender and Receiver Devices Device can be one of the following: –“Thin client” –Smart terminal –Intelligent terminal –Netbook –Minicomputers, mainframes, and supercomputers –Smartphones, mobile phones, MP3 players, PDAs, game consoles

57 57 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Modems Modem (short for “modulator-demodulator”) –Device that connects a user to the Internet –Not required for all Internet connections Types –Dial-up (analog) –Digital subscriber line (DSL) –Cable

58 58 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Communication Media Communication media –Also called channels –Connect sender and receiver devices Conducted media –Provide a physical path along which signals are transmitted –Include twisted-pair cable, coaxial cable, and fiber optics

59 59 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 6.1 Types of Communication Media

60 60 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Communication Media (cont’d.) Radiated media –Use an antenna for transmitting data through air or water –Some media based on “line of sight” –Include broadcast radio, terrestrial microwave, and satellite Types –Point-to-point –Multipoint system

61 61 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Processing Configurations Data communication systems can be used in several different configurations Over the past 60 years, three types of processing configurations have emerged: –Centralized –Decentralized –Distributed

62 62 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Centralized Processing Centralized processing system –Processing is done at one central computer Advantage –Being able to exercise tight control on system operations and applications Disadvantage –Lack of responsiveness to users’ needs Not commonly used

63 63 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Decentralized Processing Decentralized processing –Each user, department, or division has its own computer for performing processing Advantage –More responsive to users Disadvantages –Lack of coordination –High costs –Duplication of efforts

64 64 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Distributed Processing Distributed processing –Centralized control and decentralized operations Advantages –Accessing unused processing power is possible –Computer power can be added or removed –Distance and location aren’t limiting –More compatible with organizational growth –Fault tolerance –Resources can be shared to reduce costs –Reliability is improved –More responsive to user needs

65 65 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Distributed Processing (cont’d.) Disadvantages –More security and privacy challenges –Incompatibility between equipment –More challenging network management

66 66 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Open Systems Interconnection Model Seven-layer architecture for defining how data is transmitted Layers: –Application –Presentation –Session –Transport –Network –Data link –Physical

67 67 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Types of Networks Three major types of networks: –Local area networks, wide area networks, and metropolitan area networks Network interface card (NIC) –Hardware component that enables computers to communicate over a network Common types of local area networks: –Ethernet and token ring Network operating system (NOS) must be installed

68 68 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Local Area Networks Connects workstations and peripheral devices that are in close proximity Limited geographical area Data transfer speed varies from 100 Mbps to 10 Gbps Used most often to share resources Key terms: –Ethernet and Ethernet cable

69 69 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Wide Area Networks Span several cities, states, or even countries Owned by different parties Data transfer speed: 28.8 Kbps to 155 Mbps Use many different communication media Can connect to other networks

70 70 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Metropolitan Area Networks Communication for multiple organizations in a city and sometimes nearby cities Data transfer speed varies from 34 Mbps to 155 Mbps

71 71 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 6.4 Metropolitan Area Network

72 72 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Network Topologies Represents a network’s physical layout Five common topologies –Star –Ring –Bus –Hierarchical –Mesh

73 73 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Star Topology Central computer and a series of nodes Advantages –Cable layouts are easy to modify –Centralized control makes detecting problems easier –Nodes can be added to the network easily –Better for handling heavy but short bursts of traffic Disadvantages –Single point of potential failure –Increased cost due to many cables

74 74 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Ring Topology Each computer manages its own connectivity Each node is connected to two other nodes –Upstream neighbor and downstream neighbor Transmission in one direction Implementations –Token ring –Fiber Distributed Data Interface (FDDI) Needs less cable than star Handles heavy short bursts well

75 75 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Bus Topology Connects nodes along a network segment –Ends of the cable aren’t connected –Terminator absorbs signal at each end A node failure has no effect on any other node

76 76 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Bus Topology (cont’d.) Advantages –Easy to extend –Very reliable –Wiring layout is simple and uses the least amount of cable of any topology –Best for handling steady (even) traffic Disadvantages –Fault diagnosis is difficult –Bus cable can be a bottleneck when network traffic is heavy

77 77 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Hierarchical Topology Combines computers with different processing strengths in different organizational levels Traditional mainframe networks Controller –Hardware and software device that controls data transfer from a computer to a peripheral device Multiplexer –Hardware device that allows several nodes to share one communication channel

78 78 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Hierarchical Topology (cont’d.) Advantages –Network control –Lower costs Disadvantages –Expansion may be a problem –Traffic congestion at root and higher-level nodes

79 79 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Mesh Topology Every node is connected to every other node Advantages –Highly reliable Disadvantages –Costly –Difficult to maintain –Difficult to expand

80 80 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Major Networking Concepts Important networking concepts –Protocols –TCP/IP –Routing –Routers –Client/server model

81 81 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Protocols Agreed-on methods and rules that electronic devices use to exchange information Deal with hardware connections Control data transmission and file transfers Specify the format of message packets Multiple protocol support is important

82 82 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Transmission Control Protocol/Internet Protocol Industry-standard suite of communication protocols Main advantage is that it enables interoperability Originally intended for Internet communication Major protocols in the TCP/IP suite: –Transmission Control Protocol (TCP) Operates at the OSI model’s Transport layer –Internet Protocol (IP) Operates at the OSI model’s Network layer

83 83 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Routing Packet –Collection of binary digits, including message data and control characters for formatting and transmitting –Sent from computer to computer over a network Routing –Process of deciding which path data takes –Decisions made using routing table –Centralized routing –Distributed routing

84 84 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Routers Network connection device containing software Connects network systems and controls traffic flow between them Must use a common routing protocol Operates at network layer Performs the same functions as a bridge –More sophisticated device Chooses the best possible path for packets Static and dynamic routers

85 85 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Client/Server Model Software runs on the local computer (the client) –Communicates with the remote server to request information or services Server –Remote computer on the network that provides information or services in response to client requests Basic client/server communication Advantage: scalability Three levels of logic: presentation, application, and data management

86 86 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Two-Tier Architecture Client communicates directly with the server Presentation logic is always on the client Data management logic is on the server Application logic located on either or both Effective in small workgroups

87 87 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 6.7 A Two-Tier Client/Server Architecture

88 88 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources N-Tier Architectures Balance the workload between client and server Removes application processing from both the client and server –Places it on a middle-tier server Three-tier –Most common n-tier architecture Advantages: –Improved network performance Disadvantage –Network management more challenging

89 89 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 6.8 An N-Tier Architecture

90 90 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Wireless and Mobile Networks Wireless network –Uses wireless instead of wired technology Mobile network –Network operating on a radio frequency (RF), consisting of radio cells served by a base station Advantages –Mobility, flexibility, ease of installation, and low cost Disadvantages –Limited throughput and range, in-building penetration problems, vulnerability to frequency noise, and security

91 91 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Wireless Technologies Groups –Wireless LANs –Wireless WANs

92 92 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Mobile Networks Three part architecture –Base stations –Mobile telephone switching offices (MTSOs) –Mobile communication devices Technologies –Time Division Multiple Access (TDMA) –Code Division Multiple Access (CDMA)

93 93 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Exhibit 6.11 Mobile Network Architecture

94 94 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Wireless Security Especially important in a wireless network Access point (AP): part of a WLAN that connects it to other networks Finding WLANs is an easy task Techniques –SSID (Service Set Identifier) –WEP (Wired Equivalent Privacy) –EAP (Extensible Authentication Protocol) –WPA (Wi-Fi Protected Access) –WPA2 or 802.11i

95 95 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Convergence of Voice, Video, and Data Convergence –Integrating voice, video, and data so that multimedia information can be used for decision making Convergence required network upgrades Common applications: –E-commerce –Entertainment –Video and computer conferencing –Consumer applications Telepresence: Real-life communication experience

96 96 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning Chapter 5 Protecting Information Resources Summary Data communication systems: –Basic components –Processing configurations –Types of networks –Network topologies –Important networking concepts Wireless and mobile networks Future trends in data communication: –Convergence and telepresence

Download ppt "1 MIS, Chapter 5 ©2013 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS."

Similar presentations

1 MIS, Chapter 5 ©2011 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS.

1 MIS, Chapter 5 ©2011 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Chapter VI Data Communication: Delivering Information Anywhere and Anytime By: AP CHEN P. JOVER BSIT - III.

Chapter VI Data Communication: Delivering Information Anywhere and Anytime By: AP CHEN P. JOVER BSIT - III.
MIS PROTECTING INFORMATION RESOURCES Biometrics Identity theft

MIS PROTECTING INFORMATION RESOURCES Biometrics Identity theft
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Communications and Networks

Communications and Networks
99 CHAPTER COMMUNICATIONS AND NETWORKS. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 9-2 Competencies Discuss connectivity, the wireless.

99 CHAPTER COMMUNICATIONS AND NETWORKS. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 9-2 Competencies Discuss connectivity, the wireless.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.

1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.
Copyright ©2016 Cengage Learning. All Rights Reserved

Copyright ©2016 Cengage Learning. All Rights Reserved
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
A Guide to major network components

A Guide to major network components
PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS Biometrics Identity theft Mary Stewart.

PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS Biometrics Identity theft Mary Stewart.

Similar presentations

Ads by Google