Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013.

Published byReynold Neal Modified over 9 years ago

Similar presentations

Presentation on theme: "Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013."— Presentation transcript:

1 Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013

2 Total Internet Security A gateway disconnected from the network, inside a safelock 100feet below surface, where the only person who has the keys …died last week.

3 Estimated Losses in Dollars

4 Causes of Incidents

5 Causes of Incidents from the Human Perspective

6 Main Threats

7 Motivation Low Cost of connection (media) Global Reach Exposed Products Implementation of Services Cost Reduction Survey Research and Development of New Products

8 Phases of a Security Project Study Phase Decision Phase Implementation Phase Maintenance Phase

9 Neutrality Curve (Study Phase)

10 Understanding the Neutrality Curve Evaluation of the impact of various scenarios Understanding of the implementation phases Rejection Pilot Immediate Identification of Security Needed Understanding of what really needs protection

11 Possibility Curve (Study Phase)

12 Understanding the Possibility Curve Identify Security Risks (possible atacks) Cost Evaluation Identify Policies and Procedures Define Responsibilities

13 Degree of Security (Decision Phase)

14 Understanding the Degree of Security Precise Identification of Cost Development of Policy Clear Idea of the Applicable Security Model Accessment of Stability

15 Sensitive Segment: Implementation Phase AB

16 Understanding Sensitive Segment Identifies the reference security point Enables the planning of project stages Assess cost for every stage of project Assess lenght of time for implementation Mobilization of local issues/resources Increase of quality of local security

17 Moving the Reference Line (Maintenance)

18 Natural Process Dynamic Nature Involves adaptation and refinement Support for new planning Understanding Line Movement

19 System Service Implementation Vulnerabilities

20 Failure of the OS Architecture Application failure Lack of updates of Sistema Operacional (SPs, patches) Bugs on OS Systems Failure

21 Bugs on application service Failure of application service configuration Weak passwords Access to passwords Visible passwords Permission to privileged accounts Service Failures

22 Lack of content protection Lack of security policy Lack of user group profiles Failure of usability policy Failure in implementing security Implementation Failures

23 DNS Brute force Altered Ping Network Sniffers Java and ActiveX Bugs on SendMail Attack on applications Applications based on ODBC/JDBC Browser failure Web servers Few Known Security Threats

24 Invasion Hacking of content Access to passwords Sabotage Unauthorized Access to e-mail Espionage Financial frauds Analysis of Risks

25 Physical security Logical security Service security Application security Policy and procedures Redundance and contingency Security Project

26 e-Applications should ensure (at data level) Integrity Unicity Auditing Confidentiality Access controls Ensure identity Authorization Criptography Security for E-Commerce

27 To ensure identity of: User / System Client / Server Quality of data By using identifiers By protecting against fraud Criptography Functions

28 Math functions Security key should resist testings The larger the key more exhaustive it is to break it Types: Symmetric Asymmetric How About Algorithms?

29 Symmetric System

30 Asymmetric System

31 Math functions Does not characterize users Key size is limited Possible vulnerability at protocol level Only guarantees servers’ authenticity SSL – Secure Socket Layer

32 Integration Topology: Adding DMZs

33 Change (mix) protocols Implementation of auditable systems Centralization and analysis of logins Individual filters Password controls Encrypted file system Permission controls Monitoring controls Automated management Security Integration (LAN)

34 Solutions can be based on hard or software Centralized security systems Part of security implementation Enables content controls (HTTP/MAIL) Controls allowed services (rule based) Controls the origin and destination of packages Firewall Solution Characteristics

35 Alternatives…

36

Download ppt "Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013."

Similar presentations

Planning and Administering Windows Server® 2008 Servers

Planning and Administering Windows Server® 2008 Servers
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Information Society Security Risks.  Attacks  Origin  Consequences RISKS...

Information Society Security Risks.  Attacks  Origin  Consequences RISKS...
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Chapter 19 Security.

Chapter 19 Security.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

Similar presentations

Ads by Google