Computer fundamentals Computer fundamentals Security www Assignment Point
- Slides: 21
Computer fundamentals Computer fundamentals Security www. Assignment. Point. com
Objectives Computer fundamentals Computer fundamentals • Cover the fundamental issues in Computer, Data and Network Security www. Assignment. Point. com
Computer fundamentals Computer fundamentals • Discuss – Overview of computer security – Introduction to cryptography www. Assignment. Point. com
Information Systems Security Computer fundamentals Computer fundamentals • Deals with. . ØSecurity of end systems Examples: Operating system, files in a host, records, databases, accounting information, logs, etc. ØSecurity of information in transit over a network Examples: e-commerce transactions, online banking, confidential e-mails, file transfers, record transfers, authorization messages, etc. www. Assignment. Point. com
Principles of computer security Computer fundamentals Computer fundamentals • Principle of easiest penetration: An intruder must be expected to use any available means of penetration. The penetration may not necessarily be by the most obvious means, nor is it necessarily the one against which the most solid defense has been installed. • Principle of adequate protection: Computer items must be protected only until they lost their value. www. Assignment. Point. com
Some terminologies Computer fundamentals Computer fundamentals • Threat Ø Set of circumstances that has the potential to cause loss or harm • Vulnerability Ø a weakness in the security system(in procedures, design and implementation) • Control Ø Some protective measures www. Assignment. Point. com
Computer fundamentals Computer fundamentals “A threat is blocked by control of vulnerabilities” www. Assignment. Point. com
Types of threats Computer fundamentals Computer fundamentals • Interception v Un-authorized party gained access to an asset. • For example, v Illegal copying of program or data. v Wiretapping to obtain data in a network. www. Assignment. Point. com
Types of threats Computer fundamentals Computer fundamentals • Interruption – an asset of the system become lost, unavailable or unusable. For example, • Hardware failure • Operating system malfunction • Erasure of a program or data file www. Assignment. Point. com
Types of threats Computer fundamentals Computer fundamentals • Modification: Not only an-authorized access, but tampers with an asset. For example, Ø Alteration of data www. Assignment. Point. com
Types of threats Computer fundamentals Computer fundamentals • Fabrication: – Addition of imaginary in information to a system by an un authorized party. For example, Ø addition of a record to an existing database www. Assignment. Point. com
MOM Computer fundamentals Computer fundamentals • What does an attacker have? ü Method—sufficient skill, tools and knowledge to initiate an attack ü Opportunity– Time and access to accomplish the attack ü Motive– Why he wants to do that? Must have a reason. www. Assignment. Point. com
Security goals(CIA) Computer fundamentals Computer fundamentals • Confidentiality: Ø Keeping data and resources secret or hidden. (secrecy or privacy) Ø Only authorized party can access information. Ø access does not mean write but allows to read, view or print information. www. Assignment. Point. com
Security goals(CIA) Computer fundamentals Computer fundamentals q Integrity: v Assets can be modified only by authorized parties or only in authorized ways. v Modification includes writing, deleting, creating, changing etc. q Availability: v Ensuring authorized access to data and resources when desired www. Assignment. Point. com
Security goals(additional) Computer fundamentals Computer fundamentals • Authenticity : Ø ensures that the sender of a message is correctly identified, with an assurance that the identity is not false. • Non-repudiation: Ø ensures that neither the sender nor the receiver of a message can deny afterwards that it was not he, who send or receive the message. Ø So, Non-repudiation services provide unforgivable evidence that a specific action has occurred www. Assignment. Point. com
Vulnerabilities Computer fundamentals Computer fundamentals • Always look for the vulnerabilities that can be the obstacles to reach the security goals • Exist in all three major categories of system resources… – Hardware vulnerabilities – Software vulnerabilities – Data vulnerabilities www. Assignment. Point. com
Hardware vulnerabilities Computer fundamentals Computer fundamentals • Hardware always exposed • Very easy to occurs Examples. . Ø add/remove devices Ø physically drenched with water Ø dust and ash from cigarette smoke Ø voluntary machine slaughter www. Assignment. Point. com
Software vulnerabilities Computer fundamentals Computer fundamentals • Software can be replaced, destroys maliciously, changed, modified, deleted, because of its vulnerabilities. Example—In a banking software, monthly interest on an account is calculated as $14. 5467. But, software credits it as $14. 54 and ignores $. 0067. what can be the result if an attacker modifies this software? www. Assignment. Point. com
Software vulnerabilities Computer fundamentals Computer fundamentals q Software deletion: Ø Easy to delete Ø Accidental erasure of a file q Software modification : Ø modifications cause software to fail or do unintended task Ø Various categories of software modification includes Logic bomb, Trojan horse, virus, trapdoor etc. q Software theft : Ø piracy www. Assignment. Point. com
Data vulnerabilities Computer fundamentals Computer fundamentals • Confidentiality • Integrity • Availability www. Assignment. Point. com
What is cyber law? Computer fundamentals Computer fundamentals • Cyber law encompasses a wide legal issues related to the communications technology, property, privacy, freedom jurisdiction. variety of political and Internet and other including intellectual of expression, and www. Assignment. Point. com
- Security guide to network security fundamentals
- Security guide to network security fundamentals
- Security guide to network security fundamentals
- Security private
- Computer security fundamentals 4th edition
- Mta security practice test
- Security fundamentals
- Hindustan unilever mission and vision
- Www assignment
- Point assignment clustering
- Welcome to my presentation
- Assignment point.com
- Www.assignment
- Assignment point
- Total quality management assignment
- Www.assignmentpoint.com
- Assignment point.com
- Assignment point.com
- Assignment point.com
- Assignment point
- Assignment point.com
- Assignment point.com