Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE 4482, Fall 2009, D Chan Session 1 – Introduction to Information Security.

Published byBrice Waters Modified over 8 years ago

Similar presentations

Presentation on theme: "CSE 4482, Fall 2009, D Chan Session 1 – Introduction to Information Security."— Presentation transcript:

1 CSE 4482, Fall 2009, D Chan Session 1 – Introduction to Information Security

2 CSE 4482, Fall 2009, D Chan Security Objectives zConfidentiality (includes privacy) zIntegrity zAvailability

3 CSE 4482, Fall 2009, D Chan Information Security Framework zInformation security policy (what is important, who are accountable and responsible?) zInformation security standards (acceptable levels of security in systems development and operation. zInformation security procedures (how to protect?)

4 CSE 4482, Fall 2009, D Chan Information Security Framework zInformation security infrastructure, firewalls, virtual private network etc. zInformation security software, anti-virus software, access control software, application security etc. zChief information security officer, information security staff.

5 CSE 4482, Fall 2009, D Chan Information Security Framework zInformation classification based on sensitivity. zKeep in mind the objectives of confidentiality, integrity and availability. zInformation ownership.

6 CSE 4482, Fall 2009, D Chan Security Processes zIdentification zAuthentication zAuthorization zLogging zMonitoring

7 CSE 4482, Fall 2009, D Chan Common Security Measures zPassword zTwo-factor authentication zBiometrics zAccess control lists for granting authorization to information zLocks zEncryption zAnti-virus zUsage and rejection reports

8 CSE 4482, Fall 2009, D Chan Passwords zShould not be shared zShould be changed by user zShould be changed frequently and upon compromise (suspected unauthorized disclosure)

9 CSE 4482, Fall 2009, D Chan Passwords zLong, at least 8 characters zAlphanumeric zHashed (one-way scrambling) zSystem should allow only a few attempts before locking out account

10 CSE 4482, Fall 2009, D Chan Passwords zAn 8-letter password is 676 times stronger than a 6-letter password. zA 6-character alphanumeric password is 6 times stronger than a 6-letter password. zStrength should depend on user’s privilege and locality of system.

Download ppt "CSE 4482, Fall 2009, D Chan Session 1 – Introduction to Information Security."

Similar presentations

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Maintaining Security While Using Computers What all of Our Computer Users Need to Know.

Maintaining Security While Using Computers What all of Our Computer Users Need to Know.
Woodland Hills School District Computer Network Acceptable Use Policy.

Woodland Hills School District Computer Network Acceptable Use Policy.
4 Information Security.

4 Information Security.
AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.

AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.
CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.

CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.

Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.
Information Security Awareness April 13, 2003. Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.

Information Security Awareness April 13, Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.

SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
PLEXIA Electronic Medical System

PLEXIA Electronic Medical System
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Similar presentations

Ads by Google