Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ingredients of Security

Published byAndrew Garry Charles Modified over 9 years ago

Similar presentations

Presentation on theme: "Ingredients of Security"— Presentation transcript:

1 Ingredients of Security
Integrity Security Availability Confidentiality

2 Computer Security Integrity - Is the asset correct? …uncorrupt?
…authentic? Confidentiality - Who can access the asset? Availability - Is the asset accessible?

3 Computer Security What assets need to be secured? Physical
Configuration INFORMATION Identity Privacy Ultimately, it is information that must be secure. -- therefore the term information assurance

4 Integrity Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software implementing the protection mechanisms; and the consistency of the data structures and occurrence of stored data.† attack Spoofing impersonating another person, device or process Relay causing another computer to send out your attack Viruses / Worms infecting transmitted data † Definition from National Information Systems Security

5 Confidentiality Assurance that information is not disclosed to unauthorized persons, processes, or devices.† white hat black hat attack Shoulder Surfing peeking at things others consider private Network Sniffing examining some else’s network transmissions Vulnerability Scanning running software that maliciously analyzes another computing system † Definition from National Information Systems Security

6 Integrity & Confidentiality are important first steps…
Sender Receiver …toward ensuring private communications.

7 Availability Timely, reliable access to data and information services for authorized users.† attack Denial of Service (DoS) results from assets taxed beyond their capacity examples:  extreme levels of network traffic  too many server transactions  all memory or disk space exhausted † Definition from National Information Systems Security

8 Common Attacks  spoofing  playback (replay) attack
 man in the middle attack  dumpster diving  war driving  password cracking  denial of service (DoS) attack  shoulder surfing  buffer overflow  network infrastructure attack  syn flood  network scanning

9 How Systems Fail Proper Access Attack Security System Asset

10 Trust At the root of all security is trust.
You trust that your software is (largely) correct. You trust that messages haven’t been altered. You trust that antivirus software keeps your system free of malware. You trust that no one else has access to your user account. You trust that your keyboard isn’t plugged into a key logger. What don’t you (or shouldn’t you) trust?? Since we obviously can’t trust everything, we need to develop and implement security policy...

Download ppt "Ingredients of Security"

Similar presentations

Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.

Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.

Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

Similar presentations

Ads by Google