GROUP 5 PROTECTION AND SECURITY Leader: Trapa, Adrian Merck Members: Bedrejo, Kathleen Cabanit, Zharina Mae Mangubat, Grethyl Ann Candila, Joshua 01 PROTECTION & SECURITY What is Protection? What is Security? Here’s what you want to know about Protection Here’s what you want to know about Security - It involves guarding a user's data and programs against interference by other authorized users of the system. - It involves guarding of a user's data and programs against interference by external entities, e.g. unauthorized persons. FACETS TO PROTECTION OF INFORMATION There are two facets to protection of information; Secrecy: Implies that only authorized users should be able to access information. Privacy: Implies that information should be used only for the purpose(s) for which it is intended and shared. OS focuses on guaranteeing secrecy of information, and leaves the issue of privacy to the users and their processes. 02 GOALS OF PROTECTION AND PRINCIPLES OF PROTECTION Goals of Protection ● To prevent malicious misuse of the system by users or programs ● To ensure that each shared resource is used only in accordance with system policies. ● To ensure that errant programs cause the minimal amount of damage possible. PRINCIPLE OF PROTECTION ● Programs, user and systems must be given just enough privilege to perform their task. ● Each user is given their own account, and has only enough privilege to modify their own files. SECURITY COMPANY 03 SECURITY AND PROTECTION: POLICIES AND MECHANISM SECURITY POLICIES AND MECHANISM SECURITY POLICY Specify whether a person can become a user of the system. This function is performed by the system administrator. SECURITY MECHANISM OS security mechanism refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. PROTECTION POLICIES AND MECHANISM PROTECTION POLICY Specify whether a user can access a specific file. The owner of a file performs this function while creating it. PROTECTION MECHANISM Refers to a mechanism which controls the access of programs, processes, or users to the resources defined by a computer system. 04 SECURITY ATTRIBUTES AND SECURITY THREATS SECURITY ATTRIBUTES Security is traditionally defined by the three attributes namely : CONFIDENTIALITY: It is the prevention of unauthorized modification of information or resources. INTEGRITY: It is the prevention of unauthorized. AVAILABILITY: It is the prevention of unauthorized withholding of information or resources. SECURITY THREATS Direct : This is any direct attack on your specific systems, whether from outside hackers or from disgruntled insiders. Indirect : This is general random attack, most commonly computer viruses, computer worms or Trojan horses. REASONS FOR TAKING SECURITY MEASURES ● ● ● ● ● To prevent loss of data To prevent corruption of data To prevent compromise of data To prevent theft of data To prevent sabotage 05 THREATS TO PROTECTION AND SECURITY Threats to Protection and Security A threat is a program that is malicious in nature and leads to harmful effects for the system. Threats to Protection and Security Virus Viruses are generally small snippets of code embedded in a system. They are very dangerous and can corrupt files, destroy data, crash systems etc. Threats to Protection and Security Common types of Computer viruses: ● ● ● ● ● ● ● ● File-infecting Virus Macro Virus Browser Hijacker Web Scripting Virus Boot Sector Virus Polymorphic Virus Resident Virus Multipartite Virus Threats to Protection and Security Trojan Horse A trojan horse can secretly access the login details of a system. Then a malicious user can use these to enter the system as a harmless being and wreak havoc. Threats to Protection and Security Common types of Trojan horses: ● ● ● ● ● ● Remote Access Trojans Data Sending Trojans Destructive Trojans Proxy Trojans FTP Trojans Security software disabler Trojans Threats to Protection and Security Trap door A trap door is a security breach that may be present in a system without the knowledge of the users. It can be exploited to harm the data or files in a system by malicious people. Threats to Protection and Security Worm A worm can destroy a system by using its resources to extreme levels. It can generate multiple copies which claim all the resources and don't allow any other processes to access them. Threats to Protection and Security Worm Common types of Computer worm: ● ● ● ● ● Email Worms Instant Messaging Worms Internet Worms IRC Worms File sharing Worms Threats to Protection and Security Denial of Service These type of attacks do not allow the legitimate users to access a system. It overwhelms the system with requests so it is overwhelmed and cannot work properly for other user. Threats to Protection and Security Denial of Service Common types of Computer DoS: ● Buffer overflow attacks ● ICMP flood ● SYN flood 06 PROTECTION AND SECURITY METHOD Protection and Security Methods Chart Authentication Protection and 1 Username/Password 2 User Key/ User Card 3 User Attribute Identification 1 Random Numbers 2 Secret Key Security Methods One Time Password AUTHENTIFICATION This deals with identifying each user in the system and making sure they are who they claim to be. The operating system makes sure that all the users are authenticated before they access the system. USERNAME/PASSWORD Each user has a distinct username and password combination and they need to enter it correctly before they can access the system. USER KEY/ USER CARD The users need to punch a card into the card slot or use they individual key on a keypad to access the system. USER ATTRIBUTE IDENTIFICATION Different user attribute identifications that can be used are fingerprint, eye retina etc. These are unique for each user and are compared with the existing samples in the database. The user can only access the system if there is a match. ONE TIME PASSWORD One-time passwords provide additional security along with normal authentication. In One-Time Password system, a unique password is required every time user tries to login into the system. Once a one-time password is used, then it cannot be used again. One-time password are implemented in various ways. RANDOM NUMBERS The system can ask for numbers that correspond to alphabets that are pre arranged. This combination can be changed each time a login is required. ENTER PASSWORD SECRET KEY A hardware device can create a secret key related to the user id for login. This key can change each time. ENCRYPTION ENCRYPTION A common method of protecting information transmitted over unreliable links. Basic encryption mechanism is as follows: • The information is encrypted from its initial form (clear text) to an internal form (cipher text). • The cipher text can be stored or transmitted. • The receiver decrypts the cipher text back to clear text. TWO COMMON TECHNIQUE SECRET KEY PUBLIC KEY SYMMETRIC ENCRYPTION A symmetric key is one that may be used to encrypt and decode data. This implies that in order to decrypt information, the same key that was used to encrypt it must be utilized. In practice, the keys represent a shared secret shared by two or more people that may be utilized to maintain a confidential information link. ASYMMETRIC ENCRYPTION Asymmetric encryption, on the other hand, was created to solve the inherent issue of symmetric encryption: the need of sharing a single encryption key around that is used both for encrypting and decrypting data.
