Uploaded by Tuchifarangalah

Basic Computer Security (2)

advertisement
Basic Computer
Security
computer security
1
Outline
Nature of computer security
 Information security, computer security
and cyber security
 Security components
 Security threats and breaches
 Computer security measures

computer security
2
Some differences between traditional
security and soft information security
Information can be stolen - but you still
have it
 Confidential information may be copied
and sold - but the theft might not be
detected
 The criminals may be on the other side
of the world

3
Computer security
protection afforded to an automated
information system in order to attain the
applicable objectives of preserving the
integrity, availability and confidentiality
of information system resources
(includes hardware, software, firmware,
information/data, and
telecommunications).
Cyber security vs information
security

Cyber security
– protecting information and data from
outside sources on the Internet.
– provide protection for networks, servers,
intranets and computer systems.

Information/data security
– protecting information and information
systems from unauthorized use, access,
modification or removal
computer security
5
Security Components

Confidentiality: The assets are accessible only
by authorized parties.
– Keeping data and resources hidden

Integrity: The assets are modified only by
authorized parties, and only in authorized ways.
– Data integrity (integrity)
– Origin integrity (authentication)

Availability: Assets are accessible to authorized
parties.
– Enabling access to data and resources
computer security
6
Scope of Computer Security
Characteristics of Computer
Intrusion

A computing system: a collection of
hardware, software, data, and people that an
organization uses to do computing tasks
 Any piece of the computing system can
become the target of a computing crime.
 The weakest point is the most serious
vulnerability.
 The principles of easiest penetration
computer security
8
Security Breaches
- Terminology

Exposure
– a form of possible loss or harm

Vulnerability
– a weakness in the system

Attack
 Threats
– Human attacks, natural disasters, errors
 Control – a protective measure

Assets – h/w, s/w, data
computer security
9
Types of Security Breaches

Disclosure: unauthorized access to info
– Snooping

Deception: acceptance of false data
– Modification, spoofing, repudiation of origin, denial
of receipt

Disruption: prevention of correct operation
– Modification, man-in-the-middle attack

Usurpation: unauthorized control of some part of
the system (usurp: take by force or without right)
– Modification, spoofing, delay, denial of service
computer security
10
Vulnerabilities and Attacks

system resource vulnerabilities may
– be corrupted (loss of integrity)
– become leaky (loss of confidentiality)
– become unavailable (loss of availability)

attacks are threats carried out and may be
– passive
– active
– insider
– outsider
Computing System
Vulnerabilities
Hardware vulnerabilities
 Software vulnerabilities
 Data vulnerabilities
 Human vulnerabilities

computer security
12
Software Vulnerabilities
Destroyed (deleted) software
 Stolen (pirated) software
 Altered (but still run) software

– Logic bomb
– Trojan horse
– Virus
– Trapdoor
– Information leaks
computer security
13
Examples of computer system
threats
Malware:
– Hostile, intrusive, or annoying software or program
code ("malicious" + "software“)
– Includes computer viruses, worms, trojan horses,
bots, spyware, adware, etc
– Software is considered malware based on the
intent of the creator rather than any particular
features
Examples of computer system
threats
Internet bot:
– also known as web robots, are automated
internet applications controlled by software agents
– These bots interact with network services intended
for people, carrying out monotonous tasks and
behaving in a humanlike manner (i.e. computer
game bot)
– Bots can gather information, reply to queries,
provide entertainment, and serve commercial
purposes.
– Botnet - a network of "zombie" computers used to
do automated tasks such as spamming or
reversing spamming
Examples of computer system
threats
Adware:
– Advertising-supported software is any software
package which automatically plays, displays, or
downloads advertising material to a computer after
the software is installed on it or while the
application is being used.
– Adware is software integrated into or bundled with
a program, typically as a way to recover
programming development costs through
advertising income
Examples of computer system
threats
Spyware:
– A broad category of software designed to intercept
or take partial control of a computer's operation
without the informed consent of that machine's
owner or legitimate user
– In simpler terms, spyware is a type of program that
watches what users do with their computer and
then sends that information over the internet
Examples of computer system
threats
Spam:
– Spamming is the abuse of electronic messaging
systems to send unsolicited, undesired bulk
messages
– Spam media includes:
• e-mail spam (most widely recognized form)
• instant messaging spam
• Usenet newsgroup spam
• Web search engine spam
• spam in blogs
• mobile phone messaging spam
Examples of computer system
threats
Phishing:
– A criminal activity using social engineering
techniques.
– An attempt to acquire sensitive data, such as
passwords and credit card details, by
masquerading as a trustworthy person or business
in an electronic communication.
– Typically carried out using email or an instant
message
Other Exposed Assets
Storage media
 Networks
 Access
 Key people

computer security
20
Countermeasures

means used to deal with security
attacks
– prevent
– detect
– recover
may result in new vulnerabilities
 will have residual vulnerability
 goal is to minimize risk given constraints

Goals of Security

Prevention
– Prevent attackers from violating security
policy

Detection
– Detect attackers’ violation of security policy

Recovery
– Stop attack, assess and repair damage
– Continue to function correctly even if attack
succeeds
computer security
22
Methods of Defense
Encryption
 Software controls
 Hardware controls
 Policies
 Physical controls

computer security
23
Encryption
At the heart of all security methods
 Confidentiality of data
 Some protocols rely on encryption to
ensure availability of resources.
 Encryption does not solve all computer
security problems.

computer security
24
Software controls
Internal program controls
 Operating System controls
 Development controls
 Anti-virus
 Firewalls
 Virtual private networks
 Software controls are usually the 1st
aspects of computer security that come
to mind.

computer security
25
Policies and Mechanisms

Policy says what is, and is not, allowed
– This defines “security” for the site/system/etc.

Mechanisms enforce policies
 Mechanisms can be simple but effective
– Example: frequent changes of passwords,
external back up, cloud computing

Composition of policies
– If policies conflict, discrepancies may create
security vulnerabilities

Legal and ethical controls
– E.g. copyright policies
computer security
26
Physical control
Restricting physical access to
infrastructure – e.g. locking, biometrics,
smart cards, and wireless-enabled
keycards, motion detectors
 Surveillance of infrastructure
 Environmental controls – e.g. Air
conditioning, cleanliness, waterproofing

computer security
27
Cloud storage/back up of course
work
Use cloud storage/back up for all school
work
 OneDrive – 5GB Free

– https://onedrive.live.com/about/en-us/

Drop Box – 5GB Free
– https://www.dropbox.com/help/account/create
-account

Google Drive – 15GB Free
– https://drive.google.com/
28
Download