Basic Computer Security computer security 1 Outline Nature of computer security Information security, computer security and cyber security Security components Security threats and breaches Computer security measures computer security 2 Some differences between traditional security and soft information security Information can be stolen - but you still have it Confidential information may be copied and sold - but the theft might not be detected The criminals may be on the other side of the world 3 Computer security protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). Cyber security vs information security Cyber security – protecting information and data from outside sources on the Internet. – provide protection for networks, servers, intranets and computer systems. Information/data security – protecting information and information systems from unauthorized use, access, modification or removal computer security 5 Security Components Confidentiality: The assets are accessible only by authorized parties. – Keeping data and resources hidden Integrity: The assets are modified only by authorized parties, and only in authorized ways. – Data integrity (integrity) – Origin integrity (authentication) Availability: Assets are accessible to authorized parties. – Enabling access to data and resources computer security 6 Scope of Computer Security Characteristics of Computer Intrusion A computing system: a collection of hardware, software, data, and people that an organization uses to do computing tasks Any piece of the computing system can become the target of a computing crime. The weakest point is the most serious vulnerability. The principles of easiest penetration computer security 8 Security Breaches - Terminology Exposure – a form of possible loss or harm Vulnerability – a weakness in the system Attack Threats – Human attacks, natural disasters, errors Control – a protective measure Assets – h/w, s/w, data computer security 9 Types of Security Breaches Disclosure: unauthorized access to info – Snooping Deception: acceptance of false data – Modification, spoofing, repudiation of origin, denial of receipt Disruption: prevention of correct operation – Modification, man-in-the-middle attack Usurpation: unauthorized control of some part of the system (usurp: take by force or without right) – Modification, spoofing, delay, denial of service computer security 10 Vulnerabilities and Attacks system resource vulnerabilities may – be corrupted (loss of integrity) – become leaky (loss of confidentiality) – become unavailable (loss of availability) attacks are threats carried out and may be – passive – active – insider – outsider Computing System Vulnerabilities Hardware vulnerabilities Software vulnerabilities Data vulnerabilities Human vulnerabilities computer security 12 Software Vulnerabilities Destroyed (deleted) software Stolen (pirated) software Altered (but still run) software – Logic bomb – Trojan horse – Virus – Trapdoor – Information leaks computer security 13 Examples of computer system threats Malware: – Hostile, intrusive, or annoying software or program code ("malicious" + "software“) – Includes computer viruses, worms, trojan horses, bots, spyware, adware, etc – Software is considered malware based on the intent of the creator rather than any particular features Examples of computer system threats Internet bot: – also known as web robots, are automated internet applications controlled by software agents – These bots interact with network services intended for people, carrying out monotonous tasks and behaving in a humanlike manner (i.e. computer game bot) – Bots can gather information, reply to queries, provide entertainment, and serve commercial purposes. – Botnet - a network of "zombie" computers used to do automated tasks such as spamming or reversing spamming Examples of computer system threats Adware: – Advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. – Adware is software integrated into or bundled with a program, typically as a way to recover programming development costs through advertising income Examples of computer system threats Spyware: – A broad category of software designed to intercept or take partial control of a computer's operation without the informed consent of that machine's owner or legitimate user – In simpler terms, spyware is a type of program that watches what users do with their computer and then sends that information over the internet Examples of computer system threats Spam: – Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages – Spam media includes: • e-mail spam (most widely recognized form) • instant messaging spam • Usenet newsgroup spam • Web search engine spam • spam in blogs • mobile phone messaging spam Examples of computer system threats Phishing: – A criminal activity using social engineering techniques. – An attempt to acquire sensitive data, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. – Typically carried out using email or an instant message Other Exposed Assets Storage media Networks Access Key people computer security 20 Countermeasures means used to deal with security attacks – prevent – detect – recover may result in new vulnerabilities will have residual vulnerability goal is to minimize risk given constraints Goals of Security Prevention – Prevent attackers from violating security policy Detection – Detect attackers’ violation of security policy Recovery – Stop attack, assess and repair damage – Continue to function correctly even if attack succeeds computer security 22 Methods of Defense Encryption Software controls Hardware controls Policies Physical controls computer security 23 Encryption At the heart of all security methods Confidentiality of data Some protocols rely on encryption to ensure availability of resources. Encryption does not solve all computer security problems. computer security 24 Software controls Internal program controls Operating System controls Development controls Anti-virus Firewalls Virtual private networks Software controls are usually the 1st aspects of computer security that come to mind. computer security 25 Policies and Mechanisms Policy says what is, and is not, allowed – This defines “security” for the site/system/etc. Mechanisms enforce policies Mechanisms can be simple but effective – Example: frequent changes of passwords, external back up, cloud computing Composition of policies – If policies conflict, discrepancies may create security vulnerabilities Legal and ethical controls – E.g. copyright policies computer security 26 Physical control Restricting physical access to infrastructure – e.g. locking, biometrics, smart cards, and wireless-enabled keycards, motion detectors Surveillance of infrastructure Environmental controls – e.g. Air conditioning, cleanliness, waterproofing computer security 27 Cloud storage/back up of course work Use cloud storage/back up for all school work OneDrive – 5GB Free – https://onedrive.live.com/about/en-us/ Drop Box – 5GB Free – https://www.dropbox.com/help/account/create -account Google Drive – 15GB Free – https://drive.google.com/ 28