Session 1 – Introduction to Information Security

Slides:



Advertisements
Similar presentations
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Woodland Hills School District Computer Network Acceptable Use Policy.
CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.
Access Control Methodologies
Security Controls – What Works
Security+ Guide to Network Security Fundamentals
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Controls for Information Security
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter
Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.
RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.
Information Security Technological Security Implementation and Privacy Protection.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Information Security Update CTC 18 March 2015 Julianne Tolson.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Introduction to Computer Security1 Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st semester University of.
Today’s Lecture Covers < Chapter 6 - IS Security
MMTK Access control. Session overview Introduction to access control Passwords –Computers –Files –Online spaces and networks Firewalls.
Information Systems Security
ACM 511 Introduction to Computer Networks. Computer Networks.
Networking and Health Information Exchange Unit 9b Privacy, Confidentiality, and Security Issues and Standards.
ITEC 4100, Fall 2007, D Chan Session 1 – Introduction to Information Security.
Component 9 – Networking and Health Information Exchange Unit 9-2 Privacy, Confidentiality, and Security Issues and Standards This material was developed.
Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.
Chapter 2 Securing Network Server and User Workstations.
ICC Module 3 Lesson 5 – IT Security 1 / 4 © 2015 Ph. Janson Information, Computing & Communication Security – Clip 0 – Introduction School of Computer.
Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)
Access Control / Authenticity Michael Sheppard 11/10/10.
Woodland Hills School District Computer Network Acceptable Use Policy.
ITACS L.L.P. Policy And Procedures Group 1. Objective: To establish companywide policy with regards to personal device usage both on and off of the company.
Chapter 1: Security Governance Through Principles and Policies
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
CSE 4482, Fall 2009, D Chan Session 1 – Introduction to Information Security.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
iSecurity Compliance with HIPAA
East Carolina University
Network Security (the Internet Security)
Design for Security Pepper.
Chapter One: Mastering the Basics of Security
Chapter 5 : Designing Windows Server-Level Security Processes
© 2015 Air Force Association
Tim Carter Sales Director Sybase Confidential Propriety.
Tim Carter Sales Director Sybase Confidential Propriety.
ISMS Information Security Management System
County HIPAA Review All Rights Reserved 2002.
Data integrity and security
Information Security Awareness
How to Mitigate the Consequences What are the Countermeasures?
Chapter 1 – Information Security Overview
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Copyright Gupta Consulting, LLC.
Presented by Elizabeth Kunkel Member Service Trainer
PLANNING A SECURE BASELINE INSTALLATION
Mohammad Alauthman Computer Security Mohammad Alauthman
Woodland Hills School District
Presentation transcript:

Session 1 – Introduction to Information Security CSE 4482, Fall 2012, D Chan

Security Objectives Confidentiality (includes privacy) Integrity Availability CSE 4482, Fall 2012, D Chan

Information Security Framework Information security policy (what is important, who are accountable and responsible?) Information security standards (acceptable levels of security in systems development and operation. Information security procedures (how to protect?) CSE 4482, Fall 2012, D Chan

Information Security Framework Information security infrastructure, firewalls, virtual private network etc. Information security software, anti-virus software, access control software, application security etc. Chief information security officer, information security staff. CSE 4482, Fall 2012, D Chan

Information Security Framework Information classification based on sensitivity. Keep in mind the objectives of confidentiality, integrity and availability. Information ownership. CSE 4482, Fall 2012, D Chan

Security Processes Identification Authentication Authorization Logging Monitoring CSE 4482, Fall 2012, D Chan

Common Security Measures Password Two-factor authentication Biometrics Access control lists for granting authorization to information Locks Encryption Anti-virus Usage and rejection reports CSE 4482, Fall 2012, D Chan

Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure) CSE 4482, Fall 2012, D Chan

Passwords Long, at least 8 characters Alphanumeric Hashed (one-way scrambling) System should allow only a few attempts before locking out account CSE 4482, Fall 2012, D Chan

Passwords An 8-letter password is 676 times stronger than a 6-letter password. A 6-character alphanumeric password is 6 times stronger than a 6-letter password. Strength should depend on user’s privilege and locality of system. CSE 4482, Fall 2012, D Chan

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.