Trends and Issues Basic Computer Concepts Education  Children are outpacing adults on the technology track. Education plays a major role in guiding.

Slides:

Advertisements

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

Advertisements

Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Access Control Methodologies

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

VM: Chapter 5 Guiding Principles for Software Security.

Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Fundamentals of Computer Security Geetika Sharma Fall 2008.

Security+ Guide to Network Security Fundamentals

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

1 An Overview of Computer Security computer security.

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Web server security Dr Jim Briggs WEBP security1.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Introduction and Security Trends Chapter 1.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

PART THREE E-commerce in Action Norton University E-commerce in Action.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Computer Legislation The need for computer laws Go to Contents.

Computer & Network Security

Cryptography, Authentication and Digital Signatures

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet. System.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

Topic 5: Basic Security.

Information Security in Distributed Systems Distributed Systems1.

Chap1: Is there a Security Problem in Computing?.

Csci5233 computer security & integrity 1 An Overview of Computer Security.

1 Lecture 1: Introduction Outline course’s focus intruder’s capabilities motivation for security worms, viruses, etc. legal and patent issues.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

Lesson 1-Introduction and Security Trends. Background  Terrorists have targeted people and physical structures. – The average citizens are more likely.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

Web Security Introduction to Ethical Hacking, Ethics, and Legality.

Safe’n’Sec IT security solutions for enterprises of any size.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.

Network security Vlasov Illia

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Security+ All-In-One Edition Chapter 1 – General Security Concepts

How to Mitigate the Consequences What are the Countermeasures?

Faculty of Science IT Department By Raz Dara MA.

Computer Security By: Muhammed Anwar.

Chapter # 3 COMPUTER AND INTERNET CRIME

Operating System Concepts

Chapter 14: Protection.

Presentation transcript:

Trends and Issues Basic Computer Concepts Education  Children are outpacing adults on the technology track. Education plays a major role in guiding the children to make use of the best of the computer technology. Current education systems must undergo significant reform to serve the needs of the younger generations. Computers and the Internet can help in making lessons customized and student-centered.

Trends and Issues Basic Computer Concepts Careers and Professional Outlook  Change that involves new and complex technologies are stressful to older and less educated workers. Computer literacy is an advantage on most jobs nowadays. Management supports the use of technology to improve productivity which in many instances mean the elimination of jobs.

Trends and Issues Basic Computer Concepts Security Computer Crimes  could reasonably include a wide variety of criminal offenses, activities, or issues can be separated into two (2) categories: crimes facilitated by a computer crimes where the computer is the target Computer Security Issues  Bugs or misconfiguration problems that allow unauthorized remote users to:  steal confidential documents execute commands on the host machine, allowing them to modify the system gain information about the host machine, allowing them to break into the system launch denial-of-service attacks rendering the machine temporarily unusable

Trends and Issues Basic Computer Concepts Security Computer Security Issues  Browser-side risks including:  active content that crashes the browser, damages the user’s system, breaches the user’s privacy, or merely creates an annoyance the misuse of personal information knowingly or unknowingly provided by the end-user Interception of network data sent from browser to server or vice versa via network eavesdropping

Trends and Issues Basic Computer Concepts Security  Aspects of Computer Security  Physical Security Viruses Malicious Logic Hacking Internal Misuse Spoofing

Trends and Issues Basic Computer Concepts Security  Ethics  the rules and standards governing the conduct of an individual with others copyright - a form of protection provided by law to authors of original works, otherwise known as their intellectual property a copyright owner has the sole right to: – reproduce the material – prepare derivative works based on the material – distribute the copies of the material to the public – perform the work publicly (if applicable) – display the work publicly privacy censorship

Trends and Issues Basic Computer Concepts Security Incidents  There are many different ways to attack computers and networks to take advantage of what has made shopping, banking, investment, and leisure pursuits a simple matter of “dragging and clicking” for many people. Different types of electronic crime fall into two main categories:  Crimes in which the computer was the target of the attack Incidents in which the computer was a means of perpetrating a criminal act

Trends and Issues Basic Computer Concepts Security Incidents  The Morris Worm (November, 1988) Citibank and Vladimir Levin (June-October, 1994) Kevin Mitnick (February, 1995) Omega Engineering and Timothy Lloyd (July, 1996) Jester and the Worcester Airport (March, 1997) Solar Sunrise (February, 1998) The Melissa Virus (March, 1999) The Love Letter Worm (May, 2000) The Code-Red Worm (2001) Adil Yahya Zakaria Shakour (August, 2001-May, 2002) The Slammer Worm (2003)

Trends and Issues Basic Computer Concepts Threats to Security  Viruses and Worms Intruders Insiders Criminal Organizations Terrorists and Information Warfare

Trends and Issues Basic Computer Concepts Security Basics  In some sense, security is concerned with preventing undesired behavior.  An enemy/opponent/hacker/adversary may be actively and maliciously trying to circumvent any protective measures you put in place.  Computer vs. Network Security  Computer security focuses on security aspects of systems in isolation. (e.g. viruses, secure data storage, OS security) Network security focuses on security of data as it is transmitted between networked systems. (e.g. authentication protocols, encryption of transmitted data, firewalls)

Trends and Issues Basic Computer Concepts The CIA of Security  Confidentiality — ensure that only those individuals who have the authority to view a piece of information may do so. Integrity — related to concept but deals with the generation and modification of data. Availability — ensure that the data, or the system itself, is available for use when the authorized user wants it.  Authentication — deals with the desire to ensure that an individual is who they claim to be. Nonrepudiation — deals with the ability to verify that a message has been sent and received and that the sender can be identified and verified.

Trends and Issues Basic Computer Concepts Security Principles  Three ways an organization can choose to address the protection of its networks:  Ignore security issues Provide host security Approach security at a network level  Host Security  takes a granular view of security by focusing on protecting each computer and device individually instead of addressing protection of the network as a whole  Network Security  emphasis is placed on controlling access to internal computers from external entities

Trends and Issues Basic Computer Concepts Least Privilege  Least privilege means that a subject (which may be a user, application, or process) should have only the necessary rights and privileges to perform its task with no additional permissions. The concept of least privilege applies to more network security issues than just providing users with specific rights and permissions. Another issue in least privilege concept is the security context in which an application runs. All applications, scripts, and batch files run in the security context of a specific user on an operating system.

Trends and Issues Basic Computer Concepts Layered Security Network security Host security Audit logs (Detection) Access controls Intrusion detection systems (Detection) Firewall (Prevention) Figure 1. Various Layers of Security

Trends and Issues Basic Computer Concepts Diversity of Defense  Diversity of defense is a concept that complements the idea of various layers of security. It involves making different layers of security dissimilar so that even if attackers know how to get through a system making up one layer, they may not know how to get through a different type of layer that employs a different system for security.

Trends and Issues Basic Computer Concepts Access Control  Discretionary Access Control  an access control mechanism in which the owner of an object (such as a file) can decide which other subjects (such as other users) may have access to the object, and what access (read, write, execute) these subjects may have  Mandatory Access Control  an access control mechanism in which the security mechanism controls access to all objects (files), and individual subjects (processes or users) cannot change that access  Role-Based Access Control  an access control mechanism in which, instead of the users being assigned specific access permissions for the objects associated with the computer system or network, a set of roles that the user may perform will be assigned to each user