1 Information Systems CS-507 Lecture 34. 2 Types of Controls Access Controls – Controlling who can access the system. Input Controls – Controls over how.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Advertisements

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Computer Science 101 Data Encryption And Computer Networks.
Cryptography The science of writing in secret code.
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
Risks, Controls and Security Measures
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
14 Systems Analysis and Design in a Changing World, Fourth Edition.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Chapter 10 Boundary Controls. Cryptographic Controls Cryptology is the science of secret codes Cryptography deals with systems for transforming data into.
FACE RECOGNITION BY: TEAM 1 BILL BAKER NADINE BROWN RICK HENNINGS SHOBHANA MISRA SAURABH PETHE.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Applied Cryptography for Network Security
Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,
ENCRYPTION Jo Cromwell Cornelia Bradford. History of Encryption Encryption has been around since antiquity Cryptography began around 2,000 B.C in Egypt.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.
IT in Business Enterprise and Personal Communications Networks Lecture – 07.
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
15 Chapter 15 Design System Interfaces, Controls, and Security Systems Analysis and Design in a Changing World, 5th Edition.
1 12 Systems Analysis and Design in a Changing World, 2 nd Edition, Satzinger, Jackson, & Burd Chapter 12 Designing Systems Interfaces, Controls, and Security.
Encryption Objective 1: Explain data encryption procedures.
Security Mark A. Magumba. Definitions Security implies the minimization of threats and vulnerabilities A security threat is a harmful event or object.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
1 Boundary Control Chapter Materi: Boundary controls:  Cryptographic controls  Access controls  Personal identification numbers  Digital signatures.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Biometrics Stephen Schmidt Brian Miller Devin Reid.
Social and Ethical Issues. Social & Ethical Issues Social and ethical issues arise from the processing of data into information. There are many issues.
Chapter 8 – Network Security Two main topics Cryptographic algorithms and mechanisms Firewalls Chapter may be hard to understand if you don’t have some.
9 Systems Analysis and Design in a Changing World, Fourth Edition.
Biometrics Authentication Technology
Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.
Network Security & Accounting
Pertemuan #9 Security in Practice Kuliah Pengaman Jaringan.
Power Point Project Michael Bennett CST 105Y01 ONLINE Course Editor-Paulette Gannett.
PRESENTATION ON BIOMETRICS
Welcome Topic : Security.
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
Networking Network Classification, by there: 3 Security And Communications software.
Physical security By Ola Abd el-latif Abbass Hassan.
BIOMETRICS.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Network Security Celia Li Computer Science and Engineering York University.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Information Systems Design and Development Security Precautions Computing Science.
Crypto in information security
Controlling Computer-Based Information Systems, Part II
SECURITY in IT ~Shikhar Agarwal.
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Fun gym Cambridge Nationals R001.
Fun gym Cambridge Nationals R001.
Systems Design Chapter 6.
Biometric technology.
Module 2 OBJECTIVE 14: Compare various security mechanisms.
ONLINE SECURE DATA SERVICE
SDLC Phases Systems Design.
Operating Systems Concepts
Presentation transcript:

1 Information Systems CS-507 Lecture 34

2 Types of Controls Access Controls – Controlling who can access the system. Input Controls – Controls over how the data is input to the system. Communication Controls – Controls over the transfer of data over networks. Processing Controls – Controlling the processing of data Database Controls – Securing the most important asset of the organization Output controls – Controlling the privacy of the data.

3 Objectives of the Access Controls The user should be given access to the nature and kind of resources he is entitled to access.

4 Why Access Controls? Widespread deployment of distributed systems has resulted in many users being disbursed physically. e.g. through –Web based systems –Local Area Networks –Wide Area Networks The rapid growth of E-Commerce systems has resulted in substantial work being undertaken to identify and authenticate the parties.

5 Cryptography “The conversion of data into a secret code for transmission over a public network.”

6 Encryption The process of converting data into codes (cryptograms) Encryption Original Data Cipher-text / Encrypted data

7 Decryption The process of decoding the code to arrive at data actually encrypted Decryption Cipher-text / Encrypted data Original Data

8 Clear text – it is the data to be encrypted. Cipher text – it is the code created out of data after encryption The original text, or "plaintext," is converted into a coded equivalent called "cipher text" via an encryption process. Encryption Clear Text Cipher-text / Encrypted data

9 Identification & Authentication What a user remembers – name, birth date, password What a user possesses – badge, plastic card What a user is – personal characteristics

10 Biometrics “Biometrics can be defined as study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits.”

11 Scope of Biometrics Finger print Hand print Voice Print Facial profiling – measuring distance between various points on face Iris/retinal recognition – eye patterns

12 Other Types of Controls In addition to the aforesaid access controls, there may be –Input controls – controls over correct data entry –Communications controls – controls over transporting data safely through local area networks (LAN’s) or wide area networks (WAN’s). –Processing controls – Controls over the integrity of processing instructions being executed by the operating system and application softwares.

13 –Database controls – implemented to maintain the integrity of the database. –Output controls – controls over providing right content to the users. The construction of effective security system should take into account the design and implementation of all the above controls.

14 Operating system – an operating system connecting to a website is at the same time activating concealed link to transfer specified or all information. Application software – a software designed to compute interest at month end may contain unauthorized instruction to transfer pennies or cents or paisas to a particular account.

15 Calculations are accurate and any rounding up or down is adequately explained and carried out Data is processed correctly as expected Control totals reconcile and processing errors are logged, researched and corrected timely Sufficient audit trail to trace from source to output and vice versa

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.