Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 28: User Security

Published bySigvald Sletten Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 28: User Security"— Presentation transcript:

1 Chapter 28: User Security
Dr. Wayne Summers Department of Computer Science Columbus State University

2 Policy U1 - Only users have access to their accounts
U2 - No other user can read / change a file without the owner’s permission U3 - Users shall protect the integrity, confidentiality, and availability of their files U4 - Users shall be aware of all commands that they enter, or that are entered on their behalf

3 Access Passwords Generate random passwords where possible
Keep passwords secure Use proactive password checking program Login Procedure Trusted hosts Leaving System Screen locking program

4 Files and Devices Files File Permissions on Creation (use templates)
Group Access (default deny) File Deletion (aliases, persistence) Devices Writeable Devices Smart Terminals Monitors and Window Systems

5 Processes Copying & Moving Files (different permissions)
Accidentally Overwriting Files (confirmation) Encryption, Cryptographic Keys, and Passwords .netrc file for ftp Start-up Settings (trust start-up info) Limited Privileges Malicious Logic search path: should include only trusted directories

6 Electronic Communications
Automated Electronic Mail Processing Execution of attachments Failure to Check Certificates Sending unexpected content Attachments to

Download ppt "Chapter 28: User Security"

Similar presentations

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #25-1 Chapter 25: User Security Policy Access Files, devices Processes Electronic.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #25-1 Chapter 25: User Security Policy Access Files, devices Processes Electronic.
HIPAA Security.

HIPAA Security.
File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
June 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #28-1 Chapter 28: User Security Policy Access Files, devices Processes Electronic.

June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #28-1 Chapter 28: User Security Policy Access Files, devices Processes Electronic.
The Internet. Telnet Telnet means using your computer as a terminal. All commands you type are sent to the host computer you are connected to and executed.

The Internet. Telnet Telnet means using your computer as a terminal. All commands you type are sent to the host computer you are connected to and executed.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.
By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.

By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.
Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.

Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.

Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Confidential Document.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Confidential Document.
CPSC203 Introduction to Computers Lab 69 By Jie Gao.

CPSC203 Introduction to Computers Lab 69 By Jie Gao.
Week #7 Objectives: Secure Windows 7 Desktop

Week #7 Objectives: Secure Windows 7 Desktop
Controlling Files Richard Newman based on Smith “Elementary Information Security”

Controlling Files Richard Newman based on Smith “Elementary Information Security”
© Wiley Inc. 2006. All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
10.1 Silberschatz, Galvin and Gagne ©2005 Operating System Principles 10.4 File System Mounting A file system must be mounted before it can be accessed.

10.1 Silberschatz, Galvin and Gagne ©2005 Operating System Principles 10.4 File System Mounting A file system must be mounted before it can be accessed.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. PUBLIC PUBLIC - 5058-CO900G L03 - Design, Implement, and Manage FactoryTalk Security.

Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. PUBLIC PUBLIC CO900G L03 - Design, Implement, and Manage FactoryTalk Security.
Module 7 Planning and Deploying Messaging Compliance.

Module 7 Planning and Deploying Messaging Compliance.
Chapter 2 Securing Network Server and User Workstations.

Chapter 2 Securing Network Server and User Workstations.

Similar presentations

Ads by Google