Trusting the Trust Budi Rahardjo Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009.

Slides:



Advertisements
Similar presentations
IT Security Assurance Management of Network and User Behavior Budi Rahardjo INDOCISC - ID-CERT -
Advertisements

A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.
SECURITY CHECK Protecting Your System and Yourself Source:
Crime and Security in the Networked Economy Part 4.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Bruce Schneier Lanette Dowell November 25, Introduction  “It is insufficient to protect ourselves with laws; we need to protect ourselves with.
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
FIT3105 Security and Identity Management Lecture 1.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
INTRODUCTION Coined in 1996 by computer hackers. Hackers use to fish the internet hoping to hook users into supplying them the logins, passwords.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Are you safe? Alyssa Caputo & Niki Labella Itech 1101 Dr. Nagel.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
Unit 19 INTERNET SECURITY
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Viruses & Destructive Programs
Computer Security, Ethics and Privacy Chapter 11.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
CYBER CRIME.
Cyber Security Anchorage School District – 7 th grade Internet Safety.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
At a glance…  Introduction  How Biometric Systems Work ?  Popular Biometric Methodologies  Multibiometrics  Applications  Benefits  Demerits 
Computer Crime crime accomplished through knowledge or use of computer technology. Computers are tools – we choose how to use / apply the technology.
What is Computer Security. The Problem There are some bad guys: They are called viruses (or viri)
Get Safe Online Expert advice for everyone In association with.
What is Spam? d min.
13LECTURE NET301 11/23/2015Lect13 NET THE PROBLEM OF NETWORK SECURITY The Internet allows an attacker to attack from anywhere in the world from.
Computer Skills and Applications Computer Security.
Computer Security and Cryptography Partha Dasgupta, Arizona State University.
CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.
CPT 123 Internet Skills Class Notes Internet Security Session B.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
ATM with Biometric Technology Group 7 Priyanka Hulsurkar. Suryadevara Sai Krishna. Adwait Mulye.
Digital Security Jesline James! 9cc. Contents  The CREATORS!!!! =] The CREATORS!!!! =]  What is Digital Security? What is Digital Security?  How does.
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
Computer Security The problem of insecure PCs – and its consequences Why does this problem exist? Solutions – what you can do – what the industry can do.
Insecure PCs virus malware phishing spam spyware botnets DNS spoofing identity theft Trojan horse buffer overflow DoS attack worm keyloggers cross-site.
Technical Implementation: Security Risks
Security Risks Todays Lesson Security Risks Security Precautions
Mark Ryan Professor of Computer Security 25 November 2009
Nick Mothershaw - Experian
What is Computer Security
Cyber Security By: Pratik Gandhi.
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
The Impact Of ICT “Hacking”
by- A.Swetha (13FF1A0401) G.Pradeep (14FF5A0407) B.Gopi (14FF5A0402)
Scams, Identity Theft, and Viruses Kelly & Caitlin
Computer Crime and Security Measures
Prepared By : Binay Tiwari
HOW DO I KEEP MY COMPUTER SAFE?
E-cert (Digital Certificate)
Net301 LECTURE 11 11/23/2015 Lect13 NET301.
CYBERSAFETY & Personal information
COSC-100 (Elements of Computer Science) Prof. Juola
Presentation transcript:

Trusting the Trust Budi Rahardjo Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009

Trust vs. Security [no 100% secure system] march 20092BR - trusting the trust

Security vs. … Convenience Performance Business Requirement

Failing the trust Malicious software; virus, worm, … Malicious users; crackers, attackers, … Fraud; disgruntled employees, … Indentity theft; unauthenticated users, … march 2009BR - trusting the trust4

identity theft [facebook, friendster, … social networks do you trust your “friends”?] march 20095BR - trusting the trust

“On the internet, nobody knows you’re a dog”

Authentication Authentication factors –What you have (card, token) –What you know (password, pin, id) –What you are (biometrics) Electronic transaction requirement –2 factor-authentication

Do you trust your bank? march 20098BR - trusting the trust

[“borrowed” slides on skimmer attached on an ATM machine of a local bank. Sorry, I cannot add the slides here since I don’t know the owner of the slides to ask/acknowledge.] march 20099BR - trusting the trust

Do you trust your e- government? [election jokes, e-gov, e-proc] march BR - trusting the trust

[Examples of bad 2009 election campaign posters are available at march BR - trusting the trust

Can you trust your code ? march BR - trusting the trust

Open Source is better, IF … march BR - trusting the trust

you play with your code [read Ken Thompson, "Reflections on Trusting Trust" ACM, September 1995] march BR - trusting the trust

Reflections on trusting trust Self reproducing code “Learning” program Create trojaned compiler compile a “bug” version when detect a pattern

meaning … skill is important [awareness too] march BR - trusting the trust

Reducing Risks Anti virus, 2 factors authentication, … march 2009BR - trusting the trust17

Reducing Risks But … really … people, process, & technology

Reducing Risks Review periodically by independent, trusted 3 rd party How do you trust your partner?

Thank you for trusting me :) Budi Rahardjo

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.