Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Define a computer systemDefine a computer system –web server, cable box, ATM, etc. Security policy (a set of desired goals) varies in.

Published byJessie Wade Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Security Define a computer systemDefine a computer system –web server, cable box, ATM, etc. Security policy (a set of desired goals) varies in."— Presentation transcript:

1 Computer Security Define a computer systemDefine a computer system –web server, cable box, ATM, etc. Security policy (a set of desired goals) varies in each computer systemSecurity policy (a set of desired goals) varies in each computer system Security mechanisms = tools that make sure that the desired goals are metSecurity mechanisms = tools that make sure that the desired goals are met Vulnerabilities = weaknesses in the system that leave it open to attacks (threats)Vulnerabilities = weaknesses in the system that leave it open to attacks (threats) Countermeasure or safeguard is designed to eliminate the weaknessesCountermeasure or safeguard is designed to eliminate the weaknesses

2 Security Goals ConfidentialityConfidentiality –Assets of the computer system should not be accessible by unauthorized parties IntegrityIntegrity –Assets of the computer system should not be modified by unauthorized parties AvailabilityAvailability –Assets should be available to authorized users

3 Security Mechanisms User awarenessUser awareness Physical protectionPhysical protection –Locks and keys –Paper shredding CryptographyCryptography Access control e.g. user rights in Unix systemsAccess control e.g. user rights in Unix systems Auditing: Activity recordingAuditing: Activity recording

4 Principles Principle of least privilegePrinciple of least privilege Minimize amount of trusted componentsMinimize amount of trusted components Do not aim for perfectionDo not aim for perfection Any idea?Any idea?

5 Physical Security Natural risksNatural risks –Power shortage –Fire, Flood –Communication interruption –Operator error Electromagnetic radiationElectromagnetic radiation –CRT signals can be picked up from afar –Communication cables can be tapped

6 Physical Security (2) Malicious attacksMalicious attacks –Masquerading (e.g. use forged ID, pretend to be a repairman) –Piggy-backing –Lock-picking –Visual/auditory access –Dumpster diving –Reading deleted information from magnetic media * Physical protection is at the foundation of computer and network security

7 Software Protection and Piracy Choose at least 1 method of software protection techniques and research on how to counter itChoose at least 1 method of software protection techniques and research on how to counter it Reports must be typed only. No written submission will be accepted.Reports must be typed only. No written submission will be accepted. Acceptable formats: hardcopy onlyAcceptable formats: hardcopy only Delivery method: by person onlyDelivery method: by person only Due date: next classDue date: next class

Download ppt "Computer Security Define a computer systemDefine a computer system –web server, cable box, ATM, etc. Security policy (a set of desired goals) varies in."

Similar presentations

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 © 2002 Carnegie.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.

Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Information Security Policies and Standards

Information Security Policies and Standards
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.

Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Similar presentations

Ads by Google