Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

Published byElinor Cobb Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,"— Presentation transcript:

1 1 Class 15 System Security

2 Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access, theft) Intrusion detections system Firewall Encryption Digital certificate Secure Sockets Layer/Transport Layer Security Defenses against internal security threats 2

3 3 Systems Vulnerability Digital data: Can be duplicated/changed without being detected Network-related challenges: Connected to LANs, WANs (Internet) Anyone from inside/outside the organization can attempt to infiltrate information systems Electronic data pros: Integration, universal access vs. security con: Greater risk of unauthorized access, security vulnerability of IS

4 Security Threats - External 4 Data theft Defense: Encryption False identity (spoofing/phishing) Malware (virus, worm) Powerouttage, Natural disaster Defense: Plan, facilities Defense: Cautious user Defense: Anti-virus software, Firewall Sniffing Defense: Intrusion detection system

5 55 Defenses For Malware, defense is Firewall. Placed between internal LANs and external networks Uses rules that dictate what comes in and what goes out. Can be built into operating system. For data theft, defense is Intrusion Detection System. Automatically detects suspicious network traffic

6 6 Defenses: Encryption Encryption = Scrambling of messages to prevent authorized parties to read them. Encryption is a defense against sniffing communications channel. Single key encryption – Sender and receiver use the same private key for encryption and decryption Double key encryption – Sender and Receiver use a combination of a public and a private key: Digital Certificate - public key and a proof of its validity issued by a certificate authority (e.g., VeriSign); licensed annually. Encrypt with Recipient’s Public Key Decrypt with Recipient’s Private Key Digital Certificate Digital Signature can be applied Certificate Authority

7 Communications between client and server on the Internet happen over Secure Socket Layer (SSL) (current name: Transport Layer Security)- Internet protocol for securing data transfer. Negotiations about security, encryption, public key transfers – all happens on SSL/TSL. Supported by operating systems and Web browsers and servers. Wireless networks are more difficult to protect. If you use a wireless LAN at home you are on the Internet as soon as you connect a computer to a router! 7 Defenses on the Internet

8 88 Internal Security Threats & Defenses Theft (stealing data hardware, software) Unauthorized access to data (read, change, delete) Human error (leaving data unprotected, poor & lost passwords, not locking data/hardware/software) Defenses: Physical securing Managing access to data (system administrators) Training, supervision

Download ppt "1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,"

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
-Gunjandeep Singh Khera. C1India (security Features) Digital Signature: The solution includes capturing Digital Signature Authorized and certified by.

-Gunjandeep Singh Khera. C1India (security Features) Digital Signature: The solution includes capturing Digital Signature Authorized and certified by.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Lecture 10 Security and Control.

Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

Similar presentations

Ads by Google