Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01.

Slides:



Advertisements
Similar presentations
Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Advertisements

OCTAVESM Process 4 Create Threat Profiles
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
K. Salah1 Introduction to Security Overview of Computer Security.
The University of Adelaide, School of Computer Science
Is There a Security Problem in Computing? Network Security / G. Steffen1.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:
1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From
Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.
Lecture 1 Page 1 CS 236, Spring 2008 What Are Our Security Goals? Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
Applied Cryptography for Network Security
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul Module 1 Introduction: To Information & Security  Modified by :Ahmad Al Ghoul  Philadelphia.
CPSC 6126 Computer Security Information Assurance.
Security in Computing (C2021) Week-1. Module Syllabus Summary The main topics of study will include: General Security Problems: attacks; computer criminals;
Cryptography and Network Security
DBSQL 7-1 Copyright © Genetic Computer School 2009 Chapter 7 Transaction Management, Database Security and Recovery.
What does “secure” mean? Protecting Valuables
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Security in Computing Chapter 1, Is There a Security Problem in Computing? Summary created by Kirk Scott 1.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
Security Architecture
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
10/17/20151 Computer Security Introduction. 10/17/20152 Introduction What is the goal of Computer Security? A first definition: To prevent or detect unauthorized.
Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.
John Carpenter & lecture & Information Security 2008 Lecture 1: Subject Introduction and Security Fundamentals.
Unit 9 Transaction Processing. Key Concepts Distributed databases and DDBMS Distributed database advantages. Distributed database disadvantages Using.
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Database Security Outline.. Introduction Security requirement Reliability and Integrity Sensitive data Inference Multilevel databases Multilevel security.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Chap1: Is there a Security Problem in Computing?.
Lecture 1 Page 1 CS 236 Online What Are Our Security Goals? CIA Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Introduction to Security CS432 – Security in Computing Copyright © 2005, 2009 by Scott Orr and the Trustees of Indiana University.
Computer Security By Duncan Hall.
Presented by: Dr. Munam Ali Shah
Introduction to Computer Security
1 TMK 264: COMPUTER SECURITY CHAPTER ONE: AN OVERVIEW OF COMPUTER SECURITY.
Is There a Security Problem in Computing?
Overview of Database Security Introduction Security Problems Security Controls Designing Database Security.
Chapter One: Introduction to Information Security.
Operating System (Reference : OS[Silberschatz] + Norton 6e book slides)
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
Lecture 1 Introduction Basic Security Concepts
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
Issues and Protections
Security
Network Security Analysis Name : Waleed Al-Rumaih ID :
CS 450/650 Fundamentals of Integrated Computer Security
Security in Networking
Cryptography and Network Security
How to Mitigate the Consequences What are the Countermeasures?
Computer Security By: Muhammed Anwar.
Mohammad Alauthman Computer Security Mohammad Alauthman
Host and Application Security
Presentation transcript:

Introduction to Security in Computing Computer and Network Security Semester 1, 2011 Lecture #01

What’s about Security  Why to secure something?  Valuable assets to protect  How to secure?  Place in a safe place  Guarding  How strong of protection?  May implement several layers  May be complex locks system  May need multiple parties to grant access

Principle of Adequate Protection Computer items must be protected to a degree consistent with their value

Security in Computing System  Computing System  Collection of  HW  SW  Storage  Data  People

Threats, Controls, and Vulnerabilities  A threat is blocked by control of a vulnerability

System Security Threats

Security Goals

Security Goal: Confidentiality  Only authorized people or system can access protected data  Ensuring the confidentiality can be difficult!  More to concern  Access : a single bit or the whole collection?  Disclose to other parties prohibit?

Security Goal: Integrity  Several meanings  Precise  Accurate  Unmodified  Modified in acceptable way  Consistent  May cover two or more of above properties

Security Goal: Availability  Several properties  Present in a usable form  Enough capacity to meet the service’s needs  Bounded waiting time  Completed services in an acceptable period of time  System is well available if :-  Timely response to a request  Generalized fairly allocate resources  Fault tolerance (graceful cessation instead of crash or abrupt)  Easily to be used  Concurrency is controlled (simultaneous, deadlock management, exclusive access)

Vulnerabilities of Computing System

Some of software modifications  Logic Bomb  Trojan  Virus  Trapdoor  Information Leaks

Security of Data

Computer Criminal  Armatures  Crackers  Career Criminals  Terrorists

Method of Defense  Prevent  Blocking the attack  Closing the vulnerability  Deter  Making the attack harder  Deflect  Making another target more attractive  Detect  Discover real-time or off-line  Recover  From its effects

Multiple Controls

Q&A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.