CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Introduction.

Slides:



Advertisements
Similar presentations
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Advertisements

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.
Security Controls – What Works
1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
Introducing Computer and Network Security
Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Computer Security: Principles and Practice
Factors to be taken into account when designing ICT Security Policies
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Author: Andy Reedftp://topsurf.co.uk/reed FdSc IT/Computer Networking & IT(e-commerce) Communications Network Management An Introduction to Security.
Storage Security and Management: Security Framework
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Web Site Content Protection Solution. Protecting Web Site Content with.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
INFORMATION SECURITY & RISK MANAGEMENT SZABIST – Spring 2012.
Information Security EDU IT Security Terms EDU
Security in Computer System 491 CS-G(172) By Manesh T
The State of Computer & Data Security in Corporations Independent Survey.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Chap1: Is there a Security Problem in Computing?.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.
T.A 2013/2014. Wake Up Call! Malware hijacks your , sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
CONTROLLING INFORMATION SYSTEMS
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Introduction.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
New EU General Data Protection Regulation Conference 2016 Managing a Data Breach Prevention-Detection-Mitigation By Gerard Joyce Dun Laoghaire Feb 24 th.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Database Security Threats. Database An essential corporate resource Data is a valuable resource Must be strictly controlled, managed and secured May have.
Introduction to Information Security Module 1. Objectives Definitions of information technology and information security Fundamental Security Concepts.
Welcome to the ICT Department Unit 3_5 Security Policies.
CS457 Introduction to Information Security Systems
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Information Security, Theory and Practice.
Issues and Protections
Chapter 1: Introduction
Errors, Fraud, Risk Management, and Internal Controls
Information Security based on International Standard ISO 27001
I have many checklists: how do I get started with cyber security?
Cyber Issues Facing Medical Practice Managers
INFORMATION SYSTEMS SECURITY and CONTROL
Backup and restoration of data, redundancy
Database Security &Threats
Challenges Of Network Security
Presentation transcript:

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Introduction

CIT 380: Securing Computer SystemsSlide #2 CIT 380 within the Curriculum CIT 140CIT 370 CIT 380 Security CIT 484 Network Security CIT 430 Forensics

Information Security Today External Threats Internal Threats Regulations Customer expectations CIT 380: Securing Computer SystemsSlide #3

Misconceptions Hindrance to the smooth operations of the business Expensive – with little benefit Impossible to achieve Fine as long as we have a firewall CIT 380: Securing Computer SystemsSlide #4

Reality Supports and aligns with the business Proactive rather than reactive Solutions-based not just fear-mongering Cost-benefit based –Reduce financial and legal impact of an attack CIT 380: Securing Computer SystemsSlide #5

CIA Triad CIT 380: Securing Computer SystemsSlide #6

Confidentiality Protecting the secrecy and privacy of information. Trade secrets Personally Identifiable Information Wikileaks CIT 380: Securing Computer SystemsSlide #7

Data Breaches Wal-Mart Ohio State University CIT 380: Securing Computer SystemsSlide #8

Integrity Protecting the accuracy of information processing or data from improper modification. Ensuring data is processed correctly Data is not intentionally or accidentally corrupted CIT 380: Securing Computer SystemsSlide #9

CIT 380: Securing Computer SystemsSlide #10 Integrity 2005 Walmart $1.5 million bar code scam. – Stung-in-15-Million-BarCode-Scam/ Stung-in-15-Million-BarCode-Scam/

Availability Ensuring the systems and data can be accessed when required. Opposite of destruction or accidental deletion. Impacted by human error, hardware failures, software bugs, malicious code CIT 380: Securing Computer SystemsSlide #11

CIT 380: Securing Computer SystemsSlide #12 Availability Prevent loss of system access. Denial of service (DoS) attacks common. –Easy to launch, difficult to track down. –Can be just part of another attack

CIT 380: Securing Computer SystemsSlide #13 NSTISSC Security Model

CIT 380: Securing Computer SystemsSlide #14 States of Information 1.Storage Information not currently being accessed. 2.Processing Information currently being used by processor. 3.Transmission Information in transit btw one node and another.

CIT 380: Securing Computer SystemsSlide #15 Security Measures Technology. –Hardware/software used to ensure confidentiality, integrity, or availability. Policy and practice. –Security requirements and activities. Education, training, and awareness. –Understanding of threats and vulnerabilities and how to protect against them.

CIT 380: Securing Computer SystemsSlide #16 What is Security? Security is the prevention of certain types of intentional actions from occuring in a system. –These potential actions are threats. –Threats that are carried out are attacks. –Intentional attacks are carried out by an attacker. –Objects of attacks are assets.

CIT 380: Securing Computer SystemsSlide #17 Goals of Security Prevention –Prevent attackers from violating security policy Detection –Detect attackers’ violation of security policy Recovery –Stop attack, assess and repair damage Survivability –Continue to function correctly even if attack succeeds

Discussion: Medical Records Are these important? –Confidentiality –Integrity –Availability Cost versus Benefit –Cost in money and inconvenience Technology, Policy, Education Solutions CIT 380: Securing Computer SystemsSlide #18

Discussion: Stolen Credit Card What can a merchant do to detect that a card is stolen? What are the cost to the merchant? CIT 380: Securing Computer SystemsSlide #19

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.