Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Issues in Information Technology

Published byBethanie Ball Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Issues in Information Technology"— Presentation transcript:

1 Security Issues in Information Technology
Ashima Wadhwa

2 What is ? SECURITY Dictionary.com says:
1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence. 3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. …etc.

3 Provide authentication and access control for resources
Why do we need ? SECURITY Protect vital information while still allowing access to those who need it Trade secrets, medical records, etc. Provide authentication and access control for resources Guarantee availability of resources

4 Information Security Services
Confidentiality Integrity Authentication Nonrepudiation Access Control Availability

5 Information Security Services
Confidentiality Maintaining the privacy of data Integrity Detecting that the data is not tampered with Authentication Establishing proof of identity Nonrepudiation Ability to prove that the sender actually sent the data Access Control Access to information resources are regulated Availability Computer assets are available to authorized parties when needed Confidentiality Integrity Authentication Ensures that the origin of a message is correctly identified, with an assurance that the identity is not false Nonrepudiation Neither the sender nor the receiver of a message is able to deny the transmission Access Control Availability

6 Security measures Fire wall Digital Certificate /Signature Encryption
Anti virus

7 Firewall A firewall stops information being changed or stolen
It limits entry into a network to authorised users and content Entry can then be controlled by registration and password But employees represent the biggest single threat to networks Employees have access to security procedures and know where important data is stored

8 Digital Certificates / Signature
Use of digital certificates: Secret key (symmetric) encryption (both parties have an identical key known only to them, but not a safe method) Public key (asymmetric) encryption (keys used by sender and receiver are different but related by a numerical code Digital signatures used to create commercial systems using public key encryption often using trusted third parties to send owner identification and copy of public key

9 Digital Certificates / Signature
Digital certificates may include: User identification data Issuing authority identification and digital signature User’s public key Expiry date of certificate Class of certificate Digital identification code for the certificate

10 ENCRYPTION In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The reverse process, i.e., to make the encrypted information readable again, is referred to as DECRYPTION.

11 ENCRYPTION: USES Encryption can be used to protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives).  Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering  Encryption is also used to protect data in transit Encryption, by itself, can protect the confidentiality of messages.

12 Viruses Computer programs that corrupt or delete files
Sent as attachments or embedded in other files Worm Can spread itself over a network, doesn’t need to be sent

13 Types of virus Attaches itself to specific program
Transient virus Attaches itself to specific program Is run every time the program is run Resident virus Once loaded operates for duration of computer’s use Logic bomb Triggers when a given condition is met, such as clock on computer matching a specified time Trojan horse Malicious program that hides within a friendly program

14   What is an Anti-Virus? Anti-virus is a software (computer program) that scans files or your computer's memory for certain patterns that may indicate an infection. The patterns it looks for are based on the signatures, or fingerprints, of known viruses. Once a virus is detected in the wild, the Anti-Virus companies then release these new patterns for your Anti-virus software to use. These updates come out daily by some vendors. Virus authors are continually releasing new and updated viruses, so it is important that you have the latest definitions installed on your computer.

15 What is an Anti-Virus? Once you have installed an anti-virus package, you should scan your entire computer periodically. Always leave your Anti-virus software running so it can provide constant protection. Automatic scans- Depending what software you choose, you may be able to configure it to automatically scan specific files or directories and prompt you at set intervals to perform complete scans.

16 ELEMENTS OF A COMPREHENSIVE SECURITY PROGRAM
Principles Have Good Passwords Use Good Antiviral Products Use Good Cryptography Have Good Firewalls Have a Backup System Audit and Monitor Systems and Networks Have Training and Awareness Programs Test Your Security Frequently INTRUSION DETECTION SYSTEM Immediate alerts on security-relevant activities Statistical analyses to establish norms Alerts on variations from norms

17 Thank You!!

Download ppt "Security Issues in Information Technology"

Similar presentations

Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.

Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.

CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.

Similar presentations

Ads by Google