Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Class 1

Published byJoella Sanders Modified over 6 years ago

Similar presentations

Presentation on theme: "Computer Security Class 1"— Presentation transcript:

1 Computer Security Class 1
S.Abinash Department of Computer Science SIET

2 Department of Computer Science
Computer Security Department of Computer Science S.Abinash

3 Critical Infrastructure Areas
… telecommunications, electrical power systems, gas and oil, banking and finance, transportation, water supply systems, government services and emergency services. S.Abinash

4 Threat Spectrum S.Abinash

5 Cyberterrorism The Internet Black Tigers conducted a successful "denial of service" attack on servers of Sri Lankan government embassies Italian sympathizers of the Mexican Zapatista rebels attacked web pages of Mexican financial institutions. Rise of “Hack-tivism” Freeh, Testimony before Senate, 2000. S.Abinash

6 Threats to Personal Privacy
Buying and selling confidential information from Social Security files. Browsing IRS files. Buying and selling bank account name lists. A Princeton University student stole ~1800 credit card numbers, customer names, and user passwords from an e-commerce site. House Ways and Means Committee, 102nd Congress, , Washington Post, S. Barr, 2 Aug. 1993 (4) Freeh, Testimoney 2000 S.Abinash

7 Identity Theft “The theft of computer hard drives from TriWest Healthcare Alliance could turn into one of the largest identity thefts on record if the information is misused, the Federal Trade Commission said.” S.Abinash

8 What is „Security?” You Will Never Own a Perfectly Secure System. You Will Never Own a Perfectly Secure System. You Will Never Own a Perfectly Secure System. S.Abinash

9 Well … Maybe If You Do This:
(even then there are standards) S.Abinash

10 “Secure” Computer System
To decide whether a computer system is “secure”, you must first decide what “secure” means to you, then identify the threats you care about. Virus Identity Theft Denial of Service Espionage Stolen Customer Data Modified Databases Cyberterrorism Equipment S.Abinash

11 Confidentiality, Integrity, Availability (CIA)
Pillars of Security: Confidentiality, Integrity, Availability (CIA) Confidentiality: Who is authorized? Integrity: Is the data „good?” Availability: Can access data whenever need it? Confidentiality Integrity Availability S The first of the current issues deals with the concepts of Confidentiality, Integrity, and Availability. What are these terms and what are the computer security implications? Confidentiality - Assurance that information is not disclosed to unauthorized entities or processes. (Who do you want to see your information?) Integrity - Ensures that data continues to be a proper representation of information and that information processing resources continue to perform the correct operations. (Is what you put in, what you get out?) Availability - Goal of ensuring that information and information processing resources remain readily accessible to authorized users. (Do you get the Information when you want it?) S = Secure S.Abinash

12 Balancing CIA Need to balance CIA
Sensitive Data Biographical Payroll Health Confidentiality Integrity Availability Packet Switch File Server Bridge Gateway Other Networks Need to balance CIA Ex: Disconnect computer from Internet to increase confidentiality (availability suffers, integrity suffers due to lost updates) Ex: Have extensive data checks by different people/systems to increase integrity (confidentiality suffers as more people see data, availability suffers due to locks on data under verification) In addition to all the rules and regulations, policies and procedures and the related system specific documentation, there are some current computer security issues of which you as the Executive should be made aware. S.Abinash

13 Continued – Class 2

Download ppt "Computer Security Class 1"

Similar presentations

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.
Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Protecting the Confidentiality of Social Security Numbers Business Procedures Memorandum 66 Revised November 1, 2006 The University of Texas System.

Protecting the Confidentiality of Social Security Numbers Business Procedures Memorandum 66 Revised November 1, 2006 The University of Texas System.
2012, Team-Tiger- Northwestern McCormick MSIT 2013 Confidential 1 ©2011, Cognizant Northwestern McCormick MSIT- 2013 October 20 th, 2012 Information Security.

2012, Team-Tiger- Northwestern McCormick MSIT 2013 Confidential 1 ©2011, Cognizant Northwestern McCormick MSIT October 20 th, 2012 Information Security.
Using Your Knowledge – Security Threats

Using Your Knowledge – Security Threats
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
CS 5950/6030 Network Security Class 1 (W, 8/31/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.

CS 5950/6030 Network Security Class 1 (W, 8/31/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared.
INFO498 Information Security Fall 2004 Lesson 1 Barbara Endicott-Popovsky INFO498.

INFO498 Information Security Fall 2004 Lesson 1 Barbara Endicott-Popovsky INFO498.
Andrew Schroeder Networking Aspects of Cloud Computing.

Andrew Schroeder Networking Aspects of Cloud Computing.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
Securing Information in the Higher Education Office.

Securing Information in the Higher Education Office.
Texas House of Representatives Committee on Criminal Jurisprudence Testimony of Randall S. James Banking Commissioner Texas Department of Banking August.

Texas House of Representatives Committee on Criminal Jurisprudence Testimony of Randall S. James Banking Commissioner Texas Department of Banking August.
An Educational Computer Based Training Program CBTCBT.

An Educational Computer Based Training Program CBTCBT.

Similar presentations

Ads by Google