1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

Slides:



Advertisements
Similar presentations
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Advertisements

Ethics, Privacy and Information Security
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
-Gunjandeep Singh Khera. C1India (security Features) Digital Signature: The solution includes capturing Digital Signature Authorized and certified by.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Chapter 9: Privacy, Crime, and Security
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
IS Network and Telecommunications Risks
Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Chapter 20: Network Security Business Data Communications, 4e.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Securing Information Systems
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
1 Chapter Six IT Networks and Telecommunications Risks.
BUSINESS B1 Information Security.
Internet Security facilities for secure communication.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
C8- Securing Information Systems
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.
Types of Electronic Infection
Review 2 Chapters 7, 8, 9. 2  Define a network and its purpose.  Explain how communications technologies are used in our every day lives.  Understand.
Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research.
Networked Information Systems Network Security. Network Physical Security File server failure can severely affect network users. Server security: Locked.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
Module 11: Designing Security for Network Perimeters.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Chap1: Is there a Security Problem in Computing?.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Part V Electronic Commerce Security Online Security Issues Overview Managing Risk Computer Security Classifications. Security.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
Web Database Security Session 12 & 13 Matakuliah: Web Database Tahun: 2008.
E-Commerce & Bank Security By: Mark Reed COSC 480.
ESTABLISHING AND MANAGING IT SECURITY Prepared by : Siti Mahani Mahmud Yong Azua Mat Zaliza Azan.
Securing Interconnect Networks By: Bryan Roberts.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
Securing Information Systems
Chapter 40 Internet Security.
Securing Information Systems
Lecture 5. Security Threats
Securing Information Systems
Security in Networking
INFORMATION SYSTEMS SECURITY and CONTROL
INTERNET SECURITY.
Presentation transcript:

1 Class 15 System Security

Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access, theft) Intrusion detections system Firewall Encryption Digital certificate Secure Sockets Layer/Transport Layer Security Defenses against internal security threats 2

3 Systems Vulnerability Digital data: Can be duplicated/changed without being detected Network-related challenges: Connected to LANs, WANs (Internet) Anyone from inside/outside the organization can attempt to infiltrate information systems Electronic data pros: Integration, universal access vs. security con: Greater risk of unauthorized access, security vulnerability of IS

Security Threats - External 4 Data theft Defense: Encryption False identity (spoofing/phishing) Malware (virus, worm) Powerouttage, Natural disaster Defense: Plan, facilities Defense: Cautious user Defense: Anti-virus software, Firewall Sniffing Defense: Intrusion detection system

55 Defenses For Malware, defense is Firewall. Placed between internal LANs and external networks Uses rules that dictate what comes in and what goes out. Can be built into operating system. For data theft, defense is Intrusion Detection System. Automatically detects suspicious network traffic

6 Defenses: Encryption Encryption = Scrambling of messages to prevent authorized parties to read them. Encryption is a defense against sniffing communications channel. Single key encryption – Sender and receiver use the same private key for encryption and decryption Double key encryption – Sender and Receiver use a combination of a public and a private key: Digital Certificate - public key and a proof of its validity issued by a certificate authority (e.g., VeriSign); licensed annually. Encrypt with Recipient’s Public Key Decrypt with Recipient’s Private Key Digital Certificate Digital Signature can be applied Certificate Authority

Communications between client and server on the Internet happen over Secure Socket Layer (SSL) (current name: Transport Layer Security)- Internet protocol for securing data transfer. Negotiations about security, encryption, public key transfers – all happens on SSL/TSL. Supported by operating systems and Web browsers and servers. Wireless networks are more difficult to protect. If you use a wireless LAN at home you are on the Internet as soon as you connect a computer to a router! 7 Defenses on the Internet

88 Internal Security Threats & Defenses Theft (stealing data hardware, software) Unauthorized access to data (read, change, delete) Human error (leaving data unprotected, poor & lost passwords, not locking data/hardware/software) Defenses: Physical securing Managing access to data (system administrators) Training, supervision

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.