Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack.

Published bySusan Dickerson Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack."— Presentation transcript:

1 1 Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack

2 Course Road Map ISQS 5231 Business Impacts Making Case for IT IT and Strategy IT and Organization Extending the Enterprise Networked Infrastructure and Operations Internetworking Infrastructure Diverse IT Infrastructures Reliable and Secure IT Services Leadership Issues Management IT Functions Managing IT Projects Management IT Outsourcing

3 3 Network Elements – LAN LAN Topologies

4 Packet Switching

5 5 Chapter 6: Assuring Reliable and Secure IT Services  Reliability through redundancy  Tradeoff – complexity and cost  IS Security and Control  Malicious threats (download) – New Architecture for Intra- Domain Network by Huang and Cao et al. (2006)

6 6 Chapter 6: Assuring Reliable and Secure IT Services Managing Infrastructure Risk

7 7 Chapter 6: Assuring Reliable and Secure IT Services Availability – Serial Processing

8 8 Chapter 6: Assuring Reliable and Secure IT Services

9 9 Availability – Parallel Processing (Reliability = 1 – Probability of failure)

10 10 Chapter 6: Assuring Reliable and Secure IT Services

11 Telecommunications networks vulnerabilities Why Systems Are Vulnerable?

12 Hacker: An outside person who has penetrated a computer system, usually with no criminal intent. Cracker: A malicious hacker. Social engineering: Getting around security systems by tricking computer users into revealing sensitive information or gaining unauthorized access privileges. Cybercrimes: Illegal activities executed on the Internet. Identify theft: A criminal (the identity thief) poses as someone else. Cyberwar: War in which a country’s information systems could be paralyzed from a massive attack by destructive software. Virus: Software that can attach itself to (“infect”) other computer programs without the owner of the program being aware of the infection. Type of computer crimes and criminals Why Systems Are Vulnerable?

13 MethodDefinition VirusSecret instructions inserted into programs (or data) that are innocently ordinary tasks. The secret instructions may destroy or alter data as well as spread within or between computer systems WormA program that replicates itself and penetrates a valid computer system. It may spread within a network, penetrating all connected computers. Trojan horseAn illegal program, contained within another program, that ‘’sleep' until some specific event occurs then triggers the illegal program to be activated and cause damage. Salami slicingA program designed to siphon off small amounts of money from a number of larger transactions, so the quantity taken is not readily apparent. Super zappingA method of using a utility ‘’zap’’ program that can bypass controls to modify programs or data Trap doorA technique that allows for breaking into a program code, making it possible to insert additional instructions. Logic bombAn instruction that triggers a delayed malicious act Denial of servicesToo many requests for service, which crashes the site SnifferA program that searches for passwords or content in packet of data as they pass through the Internet SpoofingFaking an e-mail address or web-page to trick users to provide information instructions Password crackerA password that tries to guess passwords (can be very successful) War diallingPrograms that automatically dial thousands of telephone numbers in an attempt to identify one authorized to make a connection with a modem, then one can use that connection to break into databases and systems Back doorsInvaders to a system create several entry points, even if you discover and close one, they can still get in through others Malicious appletsSmall Java programs that misuse your computer resource, modify your file, send fake e-mail, etc Security Treats IS Security and Control

14  Firewall screening technologies Firewall  Static packet filtering  Network address translation  Application proxy filtering  Intrusion detection systems  Scanning software  Monitoring software Protecting the Digital Firm

15  Encryption  Authentication  Message integrity  Digital signatures  Digital certificates  Public key infrastructure (PKI) Security and Electronic Commerce

16 Article Discussion (Team DIY – Take Home)  The Myth of Secure Computing (Austin and Darby, 2003, HBR)  Why senior executives often ignore the digital security issue?  According to the authors, what are the major treats to digital security? Explain each of them.  How to mitigate the risks in digital security? What is the bottom-line? 16

17 Public key encryption (in a nutshell) IS Security and Control

18 Digital certificates IS Security and Control

19 19 Chapter 6: Assuring Reliable and Secure IT Services Taxonomy of Networking Attacks Adopted from Huang and Cao et al. {Communications of ACM, 49 (11), 2006}

20 20 Chapter 6: Assuring Reliable and Secure IT Services Secure framework Adopted from Huang and Cao et al. {Communications of ACM, 49 (11), 2006}

Download ppt "1 Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack."

Similar presentations

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Chapter 18: Computer and Network Security Threats

Chapter 18: Computer and Network Security Threats
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Lecturer: Fadwa Tlaelan

Lecturer: Fadwa Tlaelan
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Unit 18 Data Security 1.

Unit 18 Data Security 1.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.

 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Chapter 121 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005.

Chapter 121 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.

Similar presentations

Ads by Google