Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore

Slides:



Advertisements
Similar presentations
Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Advertisements

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.
GCSE ICT Networks & Security..
Let’s Talk About Cyber Security
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Crime and Security in the Networked Economy Part 4.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 9: Privacy, Crime, and Security
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Security+ Guide to Network Security Fundamentals
Bruce Schneier Lanette Dowell November 25, Introduction  “It is insufficient to protect ourselves with laws; we need to protect ourselves with.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
FIT3105 Security and Identity Management Lecture 1.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Lecture 11 Reliability and Security in IT infrastructure.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
CYBER CRIME AND SECURITY TRENDS
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Chapter 11 Security and Privacy: Computers and the Internet.
Securing Information Systems
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
Cyber crime & Security Prepared by : Rughani Zarana.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Chapter 9 Security. Copyright © 2003, Addison-Wesley Security The quality or state of being secure Freedom from danger Freedom from fear or anxiety Measures.
 a crime committed on a computer network, esp. the Internet.
C8- Securing Information Systems
Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Chapter 8 Computers and Society, Security, Privacy, and Ethics
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Computer security By Isabelle Cooper.
Topic 5: Basic Security.
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
Chap1: Is there a Security Problem in Computing?.
 Malicious Code  Hacking  Natural Disaster  Theft.
Chapter 7 1Artificial Intelligent. OBJECTIVES Explain why information systems need special protection from destruction, error, and abuse Assess the business.
Security and Ethics Safeguards and Codes of Conduct.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
ESTABLISHING AND MANAGING IT SECURITY Prepared by : Siti Mahani Mahmud Yong Azua Mat Zaliza Azan.
Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American.
ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Security on Peer-to-Peer Networks.
Network System Security - Task 2. Russell Johnston.
Securing Information Systems
Chapter 40 Internet Security.
Securing Information Systems
IT Security  .
Firewalls.
Securing Information Systems
Cyber Crimes Chunlian QU 9/18/2018.
Chapter 10: Privacy, Security, and Ethics
برنامج أمن أنظمة الحاسب
Faculty of Science IT Department By Raz Dara MA.
G061 - Network Security.
Presentation transcript:

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore

Outline of Information Security Introduction Introduction Impact of information Impact of information Need of Information Security. Need of Information Security. Objectives of Information Security. Objectives of Information Security. Areas of Information Security. Areas of Information Security. Types of attackers Types of attackers Why attacks? Why attacks? Methods of Attacking on the Information Methods of Attacking on the Information Methods of Defending the Information Methods of Defending the Information Tips for the Information Security Tips for the Information Security

Introduction Information Security is a complicated area and can be addressed by well-trained and experienced Professionals. Information Security is a complicated area and can be addressed by well-trained and experienced Professionals. “When there is an attack on the system with the help of different threats, it means that our system is working very slowly, damaged and our information are unsecured” is called Information insecurity. This is a very big problem. “When there is an attack on the system with the help of different threats, it means that our system is working very slowly, damaged and our information are unsecured” is called Information insecurity. This is a very big problem. The Information Security is the solution for it. The Information Security is the solution for it.

Importance of Information Our work is based on records (information). Our work is based on records (information). We spend minimum half our day with documents We spend minimum half our day with documents 15% of Rs. spent managing documents. 15% of Rs. spent managing documents. Can’t work without data, record or information Can’t work without data, record or information

Need of Information Security To privacy of our Data/Information To privacy of our Data/Information To safely data saving To safely data saving Theft own Data/Information Theft own Data/Information To avoid bad use of our data To avoid bad use of our data Lack of time Lack of time Lack of money Lack of money Lack of human resources Lack of human resources

Objectives of Data/Inf. Security Objectives of Data/Info. security Integrity Confidentiality Authenticity Availability

Security Areas Basically three areas of security Basically three areas of security 1. Physical security 2. Network security 3. Database Security

Physical Security Keep the servers in locked room with network and power cables snipped off. Keep the servers in locked room with network and power cables snipped off. Security of other hardware and machinery Security of other hardware and machinery

Network Security Network security all entry points to a network should be guarded. Network security all entry points to a network should be guarded. Firewall Modem Internet Switch Scanner Workstation Printer Server Unprotected Network Protected LAN

Database Security Database Integrity Database Integrity User Authentication User Authentication Access Control Access Control Availability Availability

Types of Attackers Hackers Hackers Lone criminals Lone criminals Police Police Malicious insiders Malicious insiders Press/media Press/media Terrorists Terrorists Industrial espionage Industrial espionage National intelligence organizations National intelligence organizations Info warriors Info warriors

Hackers –Attacks for the challenge –Own subculture with names, lingo and rules –Stereotypically young, male and socially –Can have considerable expertise and passion for attacks

Lone criminals –Attack for financial gain –Cause the bulk of computer-related crimes –Usually target a single method for the attack

Malicious insiders –Already inside the system –Knows weaknesses and tendencies of the organization –Very difficult to catch

Press/media –Gather information for a story to sell papers/ commercial time Police –Lines are sometimes crossed when gathering information to pursue a case

T Terrorists –Goal is disruption and damage. –Most have few resources and skilled.

National Intelligence Organizations To investigation of different cases To investigation of different cases Industrial Espionage To discover a competitors strategic marketing To discover a competitors strategic marketing

Info warriors –Military based group targeting information or networking infrastructures –Lots of resources –Willing to take high risks for short term gain

Why attacks? To publicity To publicity To financial gain To financial gain Jealousness Jealousness To fun To fun To competition with the person of same field To competition with the person of same field

Specific types of attacks Engineering attacks Engineering attacks Physical attacks Physical attacks Environmental attacks Environmental attacks

Engineering attacks Viruses Viruses  String of computer code that attaches to other programs and replicates Worms Worms  Replicates itself to multiple systems  Rarely dangerous, mostly annoying Trojan Horses Trojan Horses  Collects information and sends to known site on the network  Also can allow external takeover of your system

Cont… Attacker Virus Our system colleague

Cont.. –Password sniffing  Collect first parts of data packet and look for login attempts –IP Spoofing  Fake packet to “hijack” a session and gain access -Port scanning -Port scanning  Automated process that looks for open networking ports  Logs positive hits for later exploits

Physical attacks Equipment failure arising from defective components. Equipment failure arising from defective components. Temperature and humidity. Temperature and humidity. Physical destruction of hardware and equipment Physical destruction of hardware and equipment Theft or sabotage. Theft or sabotage.

Environmental Attacks Natural Disasters Natural Disasters Fire, Earthquakes etc. Fire, Earthquakes etc. Man-Made Disasters Man-Made Disasters War, Chemical Leaks etc. War, Chemical Leaks etc.

Methods of Information Security Threats Backups Backups Antivirus Software Antivirus Software Cryptography Cryptography Biometrics Biometrics Honey pots Honey pots Firewalls Firewalls Burglar alarms Burglar alarms

Backups Backups allow us to restore damaged or destroyed data. Backups allow us to restore damaged or destroyed data. We can set up backup servers on the network. We can set up backup servers on the network. Backup media are- Floppy disks, external hard disks, ISP online backup. Backup media are- Floppy disks, external hard disks, ISP online backup.

Antivirus Antivirus is a program that we can install on our computer to detect and remove viruses. Antivirus is a program that we can install on our computer to detect and remove viruses. It is used to scan hard disks, floppy disks, CDs, for viruses and scan messages and individual files, downloads from the Net. It is used to scan hard disks, floppy disks, CDs, for viruses and scan messages and individual files, downloads from the Net.

Cryptography Cryptography is the art of converting info. Into a secret code that can be interpreted only by a person who knows how to decode it. Cryptography is the art of converting info. Into a secret code that can be interpreted only by a person who knows how to decode it. Cipher text Encrypted Decrypted Plain text

Example of Cryptography Original message Sender Original message Receiver Encrypted Decrypted

Bioinformatics The bioinformetics authentication process uses a person’s unique physical characteristics to authentically the identity. The bioinformetics authentication process uses a person’s unique physical characteristics to authentically the identity. Bioinformatics authentication method fingerprint recognition, voice authentication, face recognition, keystroke dynamics and retina. Bioinformatics authentication method fingerprint recognition, voice authentication, face recognition, keystroke dynamics and retina. Fingerprint Retina

Honey pots A honey pots is a tool used for detecting an intrusion attempt. A honey pots is a tool used for detecting an intrusion attempt. A honey pots simulates a vulnerable computer on a network. A honey pots simulates a vulnerable computer on a network. It contains no critical data or application but has enough data to lure an intruder. It contains no critical data or application but has enough data to lure an intruder.

Honey pots Intruder

Firewall A firewall is a tool for the network security that stand between trusted and entrusted networks and inspecting all traffic that flows between them. A firewall is a tool for the network security that stand between trusted and entrusted networks and inspecting all traffic that flows between them. In simple language firewall is a filter machine that monitors the type of traffic that flows in and out of the network. In simple language firewall is a filter machine that monitors the type of traffic that flows in and out of the network.

Private network Firewall Internet Firewall

Burglar alarms Traps set on specific networked objects that go off if accessed Traps set on specific networked objects that go off if accessed

Tips for information Security Use of strong password Use of strong password Adopt a security policy Adopt a security policy Use of anti-virus. Use of anti-virus. Information security officer Information security officer Use of firewalls Use of firewalls Use of bioinformatics Use of bioinformatics Beware to malicious insiders Beware to malicious insiders Security training Security training Use of other security tools Use of other security tools

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.