Computer Security Define a computer systemDefine a computer system –web server, cable box, ATM, etc. Security policy (a set of desired goals) varies in.

Slides:



Advertisements
Similar presentations
Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.
CSA 223 network and web security Chapter one
Information Security Policies and Standards
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,
Session 3 – Information Security Policies
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Program Objective Security Basics
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Module 02: 1 Introduction to Computer Security and Information Assurance Objectives Recognize that physical security and cyber security are related Recognize.
Evolving IT Framework Standards (Compliance and IT)
Chapter 4.  Can technology alone provide the best security for your organization?
Cryptography and Network Security
Chapter 13 Processing Controls. Operating System Integrity Operating system -- the set of programs implemented in software/hardware that permits sharing.
What does “secure” mean? Protecting Valuables
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
Protection & Security Introduction to Operating Systems: Module 16.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Information Systems Security Operations Security Domain #9.
Network security Network security. Look at the surroundings before you leap.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
Information Security What is Information Security?
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Chap1: Is there a Security Problem in Computing?.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Ingredients of Security
Module 2: Designing Network Security
Introduction to Security Dr. John P. Abraham Professor UTPA.
Computer Security By Duncan Hall.
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
Module 7: Designing Security for Accounts and Services.
Security Principles.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Welcome to the ICT Department Unit 3_5 Security Policies.
Securing Information Systems
Slide Template for Module 4 Data Storage, Backup, and Security
CS 395: Topics in Computer Security
CS 450/650 Fundamentals of Integrated Computer Security
Understand Core Security Principles
Chapter 19: Building Systems with Assurance
INFORMATION SYSTEMS SECURITY and CONTROL
Objectives Telecommunications and Network Physical and Personnel
Chapter 1 Key Security Terms.
CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com
CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com
Presentation transcript:

Computer Security Define a computer systemDefine a computer system –web server, cable box, ATM, etc. Security policy (a set of desired goals) varies in each computer systemSecurity policy (a set of desired goals) varies in each computer system Security mechanisms = tools that make sure that the desired goals are metSecurity mechanisms = tools that make sure that the desired goals are met Vulnerabilities = weaknesses in the system that leave it open to attacks (threats)Vulnerabilities = weaknesses in the system that leave it open to attacks (threats) Countermeasure or safeguard is designed to eliminate the weaknessesCountermeasure or safeguard is designed to eliminate the weaknesses

Security Goals ConfidentialityConfidentiality –Assets of the computer system should not be accessible by unauthorized parties IntegrityIntegrity –Assets of the computer system should not be modified by unauthorized parties AvailabilityAvailability –Assets should be available to authorized users

Security Mechanisms User awarenessUser awareness Physical protectionPhysical protection –Locks and keys –Paper shredding CryptographyCryptography Access control e.g. user rights in Unix systemsAccess control e.g. user rights in Unix systems Auditing: Activity recordingAuditing: Activity recording

Principles Principle of least privilegePrinciple of least privilege Minimize amount of trusted componentsMinimize amount of trusted components Do not aim for perfectionDo not aim for perfection Any idea?Any idea?

Physical Security Natural risksNatural risks –Power shortage –Fire, Flood –Communication interruption –Operator error Electromagnetic radiationElectromagnetic radiation –CRT signals can be picked up from afar –Communication cables can be tapped

Physical Security (2) Malicious attacksMalicious attacks –Masquerading (e.g. use forged ID, pretend to be a repairman) –Piggy-backing –Lock-picking –Visual/auditory access –Dumpster diving –Reading deleted information from magnetic media * Physical protection is at the foundation of computer and network security

Software Protection and Piracy Choose at least 1 method of software protection techniques and research on how to counter itChoose at least 1 method of software protection techniques and research on how to counter it Reports must be typed only. No written submission will be accepted.Reports must be typed only. No written submission will be accepted. Acceptable formats: hardcopy onlyAcceptable formats: hardcopy only Delivery method: by person onlyDelivery method: by person only Due date: next classDue date: next class

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.