12/01/1999Joe Lewis - Xcert International Inc. Who’s Peeking at Your Files? A Guide to Personal Data Security.

Slides:



Advertisements
Similar presentations
3. Protection of Information Assets (25%)
Advertisements

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Digital Certificate Installation & User Guide For Class-2 Certificates.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Web 101 Third Edition by Wendy G. Lehnert & Richard L. Kopec Modified by.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Summary of Encryption.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Security Jonathan Calazan December 12, 2005.
FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Threats to I.T Internet security By Cameron Mundy.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Unit 19 INTERNET SECURITY
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
Masud Hasan Secue VS Hushmail Project 2.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
BUSINESS B1 Information Security.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 
Staying Safe Online Keep your Information Secure.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
PGP ENCRYPTION Prepared by Noel Kigaraba. Introduction This presentation explains the basic information about PGP encryption software. It discusses the.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Types of Electronic Infection
Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
The Internet 8th Edition Tutorial 3 Using Web-Based Services for Communication and Collaboration.
Internet Security and Your Computer Welcome to Boot Camp.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Digital Signatures and Digital Certificates Monil Adhikari.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Any criminal action perpetrated primarily through the use of a computer.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
Information Systems Design and Development Security Precautions Computing Science.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Pertemuan #12 Pretty Good Privacy (Pretty Good Privacy) Kuliah Pengaman Jaringan.
Internet Safety.
Windows Tutorial 5 Protecting Your Computer
Secure HTTP (HTTPS) Pat Morin COMP 2405.
IT Security  .
Unit 4 IT Security.
Lesson 3 Safe Computing.
12. Encryption on the Internet
An Installation Guide of PGP on Windows 2000
HOW DO I KEEP MY COMPUTER SAFE?
Security.
ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.
Presentation transcript:

12/01/1999Joe Lewis - Xcert International Inc. Who’s Peeking at Your Files? A Guide to Personal Data Security

Some Possible Threats Interception Spoofing Web Data Interception Network & Volume Invasion Marketing Data / Spam & Junk Mail Viruses, Worms, Trojan Horses Password Cracking

More Possible Threats Mail bomb Denial of Service (DoS) Piracy of Intellectual Property

Interception Methods Script Monitor –Running a script on a server that receives traffic, monitoring s for certain keywords or number patterns. (I.E. “bomb + president” or credit card number patterns) Account Emulation –Stealing someone’s user id and password to gain access to their account. Defenses Digital Certificates –Digital certificates authenticate you as the sender and are extremely difficult to forge. Allows very strong encryption of communications. PGP –“Pretty Good Privacy” allows strong encryption of your text. Can be incorporated easily into any text oriented program.

Standard Encryption Text is encrypted and sent by the originator Ciphertext is decrypted by recipient Same key is used for encryption and decryption If key is intercepted or deciphered, encryption becomes useless –This is how WWII was won...

Strong Cryptography “There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files. This book is about the latter.” -- Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C. 40 bit cryptography is considered weak. This can be intercepted and deciphered in seconds using today’s tools. By contrast, 128 bit cryptography is considered technically infeasable to crack. Most banks require a 128 bit browser for online banking.

Dual Key Cryptography Key pair is generated - public and private key. Public key is sent to server and exchanged with others Private key is guarded by the user

Dual Keys Continued Encrypted message is generated using recipients public key and your private key. Only the intended recipient with the corresponding private key will be able to decrypt. NSA hates this to be in the hands of the general public… but you have the right to privacy.

What is a Digital Certificate? Acts as a virtual signature Very hard to forge Can be used for encryption or authentication Resides in the Browser/ Client/OS Free digital certificates are available PGP Freeware is available (X.509)

What is PGP? Created by Phil Zimmerman –PGP is now a subsidiary of Network Associates Secures and files Based on “Public Key” Cryptography Users whom have never met can exchange encrypted documents. Freeware

How To Encrypt a Message (1) This will describe how to encrypt a message using Digital Certificates with Netscape Communicator. Obtain and install a certificate using the step by step instructions at the issuing website. Clicking on the Security button in Netscape Communicator opens the Security Window below:

How To Encrypt a Message (2) Users must exchange “public keys”. Can be done via LDAP directory or exchange. An that has a digital certificate attached will display this icon in Communicator. You can click on the icon to examine the cert. Certs ed to you are automatically added to Communicator’s database. You can search for certificates on public directories (LDAP) directly from within Communicator

How To Encrypt a Message (3) Once keys have been exchanged, address an to the other party. Click on the Security button and select the option for encrypting message. That’s it!

Spoofing Happens when someone impersonates an user, sending messages that appear to be from the victim’s address. Spoofing can be prevented by using your Digital Certificate or PGP to “Digitally Sign” your message. Even Certificates can be spoofed, although difficult. Check the “Certificate Fingerprint” of the message to be sure it’s authentic. Certificate Fingerprint:E4:58:C8:8F:B5:90:4C:AC:AB:79:9C:6A:32:0C:3E:4E

Shopping Securely You should never input sensitive info such as Credit Card numbers into a non- secure website. Make sure website is certified by a trusted Certificate Authority (CA) List of default trusted CA’s in Communicator

How to Shop Securely When you enter a secure site, Communicator’s Security icon will change as shown: Click on the Security button to examine which CA asserts that this site is safe. Note: Attempting to enter a secure site that is not signed by a valid or default CA will result in a cautionary error message.

Hacking In to Your Computer DSL and Cable internet access means round the clock connections of home and small business computers to the Internet. Greatly increases the chance of attack. Physical access is always a danger, too. Hackers can gain access to your personal files, Quicken data, etc.

Stopping Hackers Set up a personal/home firewall. Encrypt your sensitive files!!! –PGP, all platforms. –Mac OS 9 Built-In Encryption Feature Don’t give out your passwords to anyone! Use difficult passwords - not simple dictionary style words.

Password Strength Simple words out of a dictionary make bad passwords. Use mixed upper and lower case characters. Use non-alphanumeric characters such as: Avoid sharing passwords, even with friends and family.

Password Strength Examples Using a simple passphrase such as “coffee” is simple to hack, takes about 40 minutes to break. Using random alphanumerics is significantly more difficult: A passphrase such as “bR1a9Az” takes about 22 years to crack. Using the full range of the keyboard with truly random characters is totally infeasible to crack. A passphrase like “,ThX1pD<V+” would take 3.8 x 10 8 years to crack.

Key Strength Comparison Most browsers ship with a default of 40 bit encryption capabilities. You must upgrade to a 128 bit encryption capable browser for most online banking.

Strong Encryption Browsers Netscape Communicator is freely available for all platforms with 128 bit encryption capability and full features. 128 bit capable version of Microsoft Internet Explorer is available for Windows and Macintosh. (Mac version has limited features.) You may have to install additional plug ins to get 128 bit capabilities out of MSIE.

Viruses Computer viruses are 100% man made. Can be transmitted via , disk, network, etc… Most are harmless experiments. Some are intended to wreak havoc on individuals and networks.

Virus Protection Get a virus protection package and install it on your computer. Check the vendor’s website for downloadable updates and alerts on new viruses. Don’t open or attachments from unknown sources.

Thanks for Coming! For further information, contact: Joe Lewis

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.