Download presentation
Presentation is loading. Please wait.
Published byElwin Robertson Modified over 9 years ago
1
Computers and Security by Calder Jones
2
What is Computer Security Computer Security is the protection of computing systems and the data that they store or access
3
Early history - 1950’s ➔ Development of the Tempest Security Standard ➔ Organization of the U.S. Communications Security Board
4
1960’s ➔ 1967 Spring Joint Computer Conference ◆ First comprehensive computer security presentation ➔ 1967 Defense Advanced Research Projects Agency (DARPA) established
5
History 1970-1977 ➔ 1970 Tiger Teams ➔ 1973 Robert Metcalfe warns the ARPANET working group that it is far too easy to gain access to the network ➔ 1977 Abraham A. Ribicoff introduces the federal computer systems protection act which defines “computer crimes” and recommends penalties for them
6
Condensed History 1977-1988 ➔ 1983 The Orange Book ➔ 1986 The first pc virus “The Brain” is created ➔ 1988 Morris Worm ◆ crashes 600 of the 60,000 computer linked to the internet ◆ Robert Tappan Morris is the first person convicted by a jury under the Computer Fraud and Abuse Act
7
Condensed History 1988-2000 ➔ 1996 hackers find web tools that allow them to take remote control of computers on the internet ➔ 2000 new computer worms spread across the internet
8
Condensed History 2000 - Present Day ➔ Many new viruses and malware appear as the internet explodes in popularity ➔ New exploits found in smartphones ➔ Security researchers publish a guide to hacking automobiles
9
Problems ➔ Finding new ways to secure a system encourages hackers to find new ways to break in
10
Goals of hackers ➔ STRIDE ◆ Spoofing ◆ Tampering ◆ Repudiation ◆ Information disclosure ◆ Denial of service ◆ Elevation of Privilege
11
Spoofing ➔ Attempting to gain access to a system by using a false identity CounterMeasures ➔ Use strong authentication ➔ Do not store secrets (i.e. passwords) in plain text
12
Tampering Unauthorized modification of data CounterMeasures ➔ Use data hashing and signing ➔ Use digital signatures ➔ Use strong authorization ➔ Use tamper-resistant protocols across communication links
13
Repudiation The ability of users to deny that they performed specific actions or transactions. CounterMeasure ➔ Create secure audit trails ➔ Use digital signatures
14
Information disclosure Unwanted exposure of private data. CounterMeasures ➔ Use strong authorization ➔ Use Strong encryption ➔ Secure communication links with protocols that provide message confidentiality
15
Denial of service The process of making a system or application unavailable CounterMeasures ➔ Use resource and bandwidth throttling techniques ➔ Validate and filter input
16
Elevation of privilege When a user with limited privileges assumes the identity of a privileged user to gain privileged access to an application CounterMeasures ➔ Follow the principle of least privilege
17
Current and Future issues ➔ Hackers gain more avenues for entry the more we become connected with technology (i.e. homes,cars,personal devices) ➔ Keeping the Cloud secure
18
Sources "Chapter 2 Â Threats and Countermeasures." Threats and Countermeasures. Microsoft, n.d. Web. 31 Jan. 2016. "Computer Security Threats: A Brief History - Power More." Power More Computer Security Threats A Brief History Comments. N.p., 28 Aug. 2014. Web. 31 Jan. 2016. Gasser, Morrie. Building a Secure Computer System. New York: Van Nostrand Reinhold, 1988. Web. Hirose, Shoichi. "Security Analysis of DRBG Using HMAC in NIST SP 800-90." Information Security Applications Lecture Notes in Computer Science (n.d.): 278-91. Web. "Timeline: The U.S. Government and Cybersecurity." Washington Post. The Washington Post, n.d. Web. 31 Jan. 2016.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.