Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.

Slides:



Advertisements
Similar presentations
Chapter 14 – Security Engineering
Advertisements

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.
Database Administration and Security Transparencies 1.
System integrity The term system integrity has the following meanings: That condition of a system where in its specified operational and technical parameters.
Information Security Policies and Standards
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Lecture 11 Reliability and Security in IT infrastructure.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 1.
Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Security Architecture
Security and Stability of Root Name Server System Jun Murai (From the panel on Nov. 13 th by Paul Vixie, Mark Kosters, Lars-Johan Liman and Jun Murai)
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.
Information Systems Security Operational Control for Information Security.
Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.
Reliability and Security in Database Servers By Samuel Njoroge.
Software Security and Security Engineering (Part 2)
 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Chapter 2 Securing Network Server and User Workstations.
Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,
Chap1: Is there a Security Problem in Computing?.
Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Integrity Through Mediated Interfaces PI Meeting: July 19-21, 2000 Bob Balzer Teknowledge Legend: Turquoise Changes from July 99.
Chapter 15: Reliability and Security in Database Servers Neyha Amar CS 157B May 6, 2008.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Computer Security By Duncan Hall.
Chapter 5 Managing Multi-user Databases 1. Multi-User Issues Database Administration Concurrency Control Database Security Database Recovery Page 307.
ASP.NET 2.0 Security Alex Mackman CM Group Ltd
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Database Security Threats. Database An essential corporate resource Data is a valuable resource Must be strictly controlled, managed and secured May have.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1.
Privacy & Security at a Public Entity Randy Snyder, CNE Director of Data Processing Warren County Iowa
8 – Protecting Data and Security
Chapter 14 – Resilience Engineering
Securing Network Servers
Design for Security Pepper.
System Management Issues for the Future Real-Time University Environment Tom Board September 22, 2004 Northwestern University Information Technology.
Chapter 5 : Designing Windows Server-Level Security Processes
Software Qualities II.
Controlling Computer-Based Information Systems, Part II
Chapter 13 – Security Engineering
Chapter 13 – Security Engineering
LAND RECORDS INFORMATION SYSTEMS DIVISION
Security Engineering.
Software Qualities.
Managing Multi-user Databases
Computer-Based Processing: Developing an Audit Assessment Approach
Systems Design Chapter 6.
Database Security &Threats
Chapter 13 – Security Engineering
Implementation of security elements in database
PLANNING A SECURE BASELINE INSTALLATION
Albeado - Enabling Smart Energy
ACE – Auditing Control Environment
Presentation transcript:

Figures – Chapter 14

Figure 14.1 System layers where security may be compromised

Figure 14.2 Life-cycle risk analysis

Figure 14.3 Vulnerabilities associated with technology choices

Figure 14.4 A layered protection architecture

Figure 14.5 Distributed assets in an equity trading system

Figure 14.6 Design guidelines for secure systems engineering Security guidelines Base security decisions on an explicit security policy Avoid a single point of failure Fail securely Balance security and usability Log user actions Use redundancy and diversity to reduce risk Validate all inputs Compartmentalize your assets Design for deployment Design for recoverability

Figure 14.7 Software deployment

Figure 14.8 Stages in survivability analysis

Figure 14.9 Survivability analysis in an equity trading system AttackResistanceRecognitionRecovery Unauthorized user places malicious orders Require a dealing password that is different from the login password to place orders. Send copy of order by to authorized user with contact phone number (so that they can detect malicious orders). Maintain user’s order history and check for unusual trading patterns. Provide mechanism to automatically ‘undo’ trades and restore user accounts. Refund users for losses that are due to malicious trading. Insure against consequential losses. Corruption of transactions database Require privileged users to be authorized using a stronger authentication mechanism, such as digital certificates. Maintain read-only copies of transactions for an office on an international server. Periodically compare transactions to check for corruption. Maintain cryptographic checksum with all transaction records to detect corruption. Recover database from backup copies. Provide a mechanism to replay trades from a specified time to re- create the transactions database.