Security Issues in Information Technology

Slides:



Advertisements
Similar presentations
Chapter 9: Privacy, Crime, and Security
Advertisements

CSA 223 network and web security Chapter one
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Security Awareness: Applying Practical Security in Your World
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
New Data Regulation Law 201 CMR TJX Video.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
3.3 Digital Communication Security. Overview Demonstrate knowledge and understanding of basic network security measures, e.g. passwords, access levels,
Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Types of Electronic Infection
Network Security Jiuqin Wang June, 2000 Security & Operating system To protect the system, we must take security measures at two levels: Physical level:
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
THE NEED FOR NETWORK SECURITY Hunar & Nawzad & Kovan & Abdulla & Aram.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Information Systems Design and Development Security Precautions Computing Science.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Information Management System Ali Saeed Khan 29 th April, 2016.
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
bitdefender virus protection
Chapter 40 Internet Security.
Managing Windows Security
Chapter 15: Security.
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Unit 32 – Networked Systems Security
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
Controlling Computer-Based Information Systems, Part II
Chapter 17 Risks, Security and Disaster Recovery
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Information and Network Security
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.
12: Security The Security Problem Authentication Program Threats
ISNE101 Dr. Ken Cosh Week 13.
INFORMATION SYSTEMS SECURITY and CONTROL
Security.
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Operating System Concepts
Operating System Concepts
Mohammad Alauthman Computer Security Mohammad Alauthman
G061 - Network Security.
Chapter 5 Computer Security
Presentation transcript:

Security Issues in Information Technology Ashima Wadhwa

What is ? SECURITY Dictionary.com says: 1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence. 3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. …etc.

Provide authentication and access control for resources Why do we need ? SECURITY Protect vital information while still allowing access to those who need it Trade secrets, medical records, etc. Provide authentication and access control for resources Guarantee availability of resources

Information Security Services Confidentiality Integrity Authentication Nonrepudiation Access Control Availability

Information Security Services Confidentiality Maintaining the privacy of data Integrity Detecting that the data is not tampered with Authentication Establishing proof of identity Nonrepudiation Ability to prove that the sender actually sent the data Access Control Access to information resources are regulated Availability Computer assets are available to authorized parties when needed Confidentiality Integrity Authentication Ensures that the origin of a message is correctly identified, with an assurance that the identity is not false Nonrepudiation Neither the sender nor the receiver of a message is able to deny the transmission Access Control Availability

Security measures Fire wall Digital Certificate /Signature Encryption Anti virus

Firewall A firewall stops information being changed or stolen It limits entry into a network to authorised users and content Entry can then be controlled by registration and password But employees represent the biggest single threat to networks Employees have access to security procedures and know where important data is stored

Digital Certificates / Signature Use of digital certificates: Secret key (symmetric) encryption (both parties have an identical key known only to them, but not a safe method) Public key (asymmetric) encryption (keys used by sender and receiver are different but related by a numerical code Digital signatures used to create commercial systems using public key encryption often using trusted third parties to send owner identification and copy of public key

Digital Certificates / Signature Digital certificates may include: User identification data Issuing authority identification and digital signature User’s public key Expiry date of certificate Class of certificate Digital identification code for the certificate

ENCRYPTION In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The reverse process, i.e., to make the encrypted information readable again, is referred to as DECRYPTION.

ENCRYPTION: USES Encryption can be used to protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives).  Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering  Encryption is also used to protect data in transit Encryption, by itself, can protect the confidentiality of messages.

Viruses Computer programs that corrupt or delete files Sent as attachments or embedded in other files Worm Can spread itself over a network, doesn’t need to be sent

Types of virus Attaches itself to specific program Transient virus Attaches itself to specific program Is run every time the program is run Resident virus Once loaded operates for duration of computer’s use Logic bomb Triggers when a given condition is met, such as clock on computer matching a specified time Trojan horse Malicious program that hides within a friendly program

  What is an Anti-Virus? Anti-virus is a software (computer program) that scans files or your computer's memory for certain patterns that may indicate an infection. The patterns it looks for are based on the signatures, or fingerprints, of known viruses. Once a virus is detected in the wild, the Anti-Virus companies then release these new patterns for your Anti-virus software to use. These updates come out daily by some vendors. Virus authors are continually releasing new and updated viruses, so it is important that you have the latest definitions installed on your computer.

What is an Anti-Virus? Once you have installed an anti-virus package, you should scan your entire computer periodically. Always leave your Anti-virus software running so it can provide constant protection. Automatic scans- Depending what software you choose, you may be able to configure it to automatically scan specific files or directories and prompt you at set intervals to perform complete scans.

ELEMENTS OF A COMPREHENSIVE SECURITY PROGRAM Principles Have Good Passwords Use Good Antiviral Products Use Good Cryptography Have Good Firewalls Have a Backup System Audit and Monitor Systems and Networks Have Training and Awareness Programs Test Your Security Frequently INTRUSION DETECTION SYSTEM Immediate alerts on security-relevant activities Statistical analyses to establish norms Alerts on variations from norms

Thank You!!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.