Sarvajanik college of engineering and technology. Created by:- Keshvi Khambhati (co-m) Ria Bhatia (co-m) Meghavi Gandhi (co-m) Jarul Mehta(co-m) Topic.

Slides:



Advertisements
Similar presentations
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Advertisements

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Building a Successful Security Infrastructure
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Applied Cryptography for Network Security
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
CYBER CRIME AND SECURITY TRENDS
Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.
Prepared by:Nahed AlSalah Data Security 2 Unit 19.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Securing Information Systems
SEC835 Database and Web application security Information Security Architecture.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
What is FORENSICS? Why do we need Network Forensics?
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
C8- Securing Information Systems
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.
Small Business Security Keith Slagle April 24, 2007.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Module 11: Designing Security for Network Perimeters.
Network Security & Accounting
Introduction to Information Security
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Ingredients of Security
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Computer Security By Duncan Hall.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
THE NEED FOR NETWORK SECURITY Hunar & Nawzad & Kovan & Abdulla & Aram.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Information Management System Ali Saeed Khan 29 th April, 2016.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Security Issues in Information Technology
CS457 Introduction to Information Security Systems
Threat Modeling for Cloud Computing
Securing Network Servers
Lecture 8. Cyber Security, Ethics and Trust
Computer Data Security & Privacy
Firewalls.
* Essential Network Security Book Slides.
Security.
Chapter Goals Discuss the CIA triad
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Sarvajanik college of engineering and technology. Created by:- Keshvi Khambhati (co-m) Ria Bhatia (co-m) Meghavi Gandhi (co-m) Jarul Mehta(co-m) Topic :- security and information assurance.. Submitted to:- bhaumik sir ( BE )

What is security and information assurance??? Information security is as computer security which is applied to computers and computer networks..... Information security is as computer security which is applied to computers and computer networks..... Security and information assurance is the practice of assuring information and managing risks related to the use, processing,storage, and transmission of information or data and the systems and processes used for those purposes. It includes protection of integrity, authenticity,confidentiality of user data... Security and information assurance is the practice of assuring information and managing risks related to the use, processing,storage, and transmission of information or data and the systems and processes used for those purposes. It includes protection of integrity, authenticity,confidentiality of user data...

Areas where it is used!!!!!! Computer science Computer science Business and accounting Business and accounting Forensic science Forensic science Fraud examination Fraud examination

Areas where it is used!!!!!! It is also used in the fields of criminology, security engineering, disaster recovery, management science, import-export of goods..... It is also used in the fields of criminology, security engineering, disaster recovery, management science, import-export of goods.....

Brief introduction about data protection... Data protection is legal control over access to and use of data stored in computers...

Classification of data protection By making some changes in default information..

Methods for data protection….  Certain methods used for authentication of the person(user) operating the computer….  Facial recognition:- it measures distances between specific points on the face.  Finger prints :- measure distance between specific points on a fingerprint.  Hand geometry:- measures length of fingers and length ad width of hand.  Iris :-measures the colour and pattern of the iris in the eye.  And some other methods are by analyzing the signature,voice, retina,keystrokes, hand vein etc.

How to protect your data???.. 1. Back up early and often. 2.Use file-level and share-level security. 3.Password-protect documents. 4.Make use of public key infrastructure. 5.Secure wireless transmission. 6.Protect data with transit with IP security.

Security analysis... Security analysis in computer is the field that covers all the process and mechanisms by which computer based equipment,information and services are protected from unintended or unauthorized access, change or destruction... Security analysis in computer is also known as cybersecurity or IT security

People/Organization Technologies Processes Policies Secured Infrastructure Security Challenges?

Security Requirements Authentication Authentication Availability Availability Auditing Auditing Authorization Authorization Privacy/Confidentiality Privacy/Confidentiality Integrity Integrity Non-repudiation Non-repudiation

Security Domains Application/System Security Operations Security Telecommunication & Network Security Physical Security Cryptography Security Architecture Security Management Access Control Law, Investigations, and Ethics Business Continuation & Disaster Recovery Planning Ten Security Domains

CIA Triad of security analysis(IS) SECURITY ANALYSIS ENSURING THAT DATA CAN BE MODIFIED ONLY BY APPROPRIATE MECHANISMS THE DEGREE TO WHICH AUTHORIZED USERS CAN ACCESS INFORMATION FOR LEGITIMATE PURPOSSES ENSURING THAT DATA IS PROTECTED FROM UNAUTHORIZED ACCESS INTIGRITY AVAILABILITY CONFIDENTIALITY

PREVENTING UNAUTHORIZED ACCESS GUIDELINES FOR PASSWORDS: Easy to remember, hard to guess Don't use family or pet names Don't make it accessible Use combination uppercase/lowercase letters, digits and special characters Don't leave computer when logged in Don't include in an Don't use the same passwords in lots of places

Secure software engineering  Secure software engineering is a process that helps design and implement software that protect the data and resources contained in and controlled by that software.

Cybercrime Evolution  LANs  First PC virus  Motivation : damage  Internet Era.  “big worms”  Motivation to Damage  Targeted attacks  Social engineering  Financial+ political  OS, DB attacks  spyware,spam  Motivation: financial

MICROSOFT SDL AND WINDOWS Total vulnerabilities disclosed one year after release Before SDL after SDL 45% reduction in vulnerabilities

Microsoft SDL and SQL server Total vulnerabilities disclosed 36 months after release Before SDL after SDL 91% reduction in vulnerabilities

Infrastructure security  Infrastructure security means it includes how to address security issues across an IT enviorment to ensure each device is protected from malicious activity…

Firewall

Infrastructure security:- Firewall  Firewall :- Firewall provides an effective means of protection of a local system or network of systems from network – based security threats while affording access to the outside world via LAN’s and internet.

Firewall:- Design principles  Firewall is inserted between the premises network and internet.  Aims of firewall design 1. To establish a controlled link. 2.To protect the premises network from internet – based attacks.. 3.Provide a single point of contact between your secure internal network and untrusted network.

Firewall:- Design goals Only authorized traffic should be allowed to pass… Firewall is itself immune to penetration.(use of trusted system with a secure operating system) All traffic from inside to outside should pass through firewall.

Types of Firewalls

 Application layer filtering:-  It deals with the details of particular service they are checking.  Special purpose code needed for each application.  Easy to log all incoming and outgoing traffic.  is generally passed through an application- level filter.

Infrastructure security:-Antivirus  Antivirus software is a computer program that detects, prevents, and takes action to disarm or remove malicious software programs, such as viruses and worms. You can help protect your computer against viruses by using antivirus software.

How does antivirus works???  Most antivirus software will offer to delete or contain (quarantine) the malicious code. Remember, the antivirus program runs in the random access memory (RAM or memory) of a computer. All communication from that computer through TCP/IP is programmed to be monitored by the antivirus software, thus when malicious code is detected it is stopped before it can damage the computer. Viruses have patterns that are matched by the antivirus software within these communication layers. Most viruses do have patterns, but some don't. That is when the intelligent engine in the antivirus software takes over.

Thank you….for watching it!!!!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.