Computer Security and Risks

25,327
-1

Published on

Published in: Technology
6 Comments
16 Likes
Statistics
Notes
No Downloads
Views
Total Views
25,327
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
1,303
Comments
6
Likes
16
Embeds 0
No embeds

No notes for slide

Computer Security and Risks

  1. 1. Computer Security and Risks Introduction to Computer Science 2007-2008
  2. 2. Aims • Describing several types of computer crime • Describing the major security issues that computer users have to face • Describing how it affects to personal privacy • Explaining the relationship between security and computer reliability 4626. Introd to Computer Science
  3. 3. Computer Crime Crime accomplished through computer tech. • widely extended: easiness of computer usage • most of them committed by company insiders • high cost: foresight + repair Current threats • spoofing (or phishing): identity theft 4626. Introd to Computer Science
  4. 4. Software Piracy • Illegal duplication of copyrighted software • Reasons: • price of software • means to create copies How many pirate programs do you have? 4626. Introd to Computer Science
  5. 5. Intellectual Property • Privileges granted over intangible goods with financial value • They are defined over • copyright Authorship rights • commercial secret • patents Industrial property • trademarks • Software is covered by copyright 4626. Introd to Computer Science
  6. 6. Computer Sabotage Use of malware to spoil hardware & software • Trojan horses • Viruses • Worms 4626. Introd to Computer Science
  7. 7. Trojans • hidden inside programs that perform useful tasks • logic bombs: programmed to ‘attack’ in response to a particular event (e.g. time bombs) • solutions • software from reliable sources (avoids) • anti-trojan (detects) • firewall -output- (blocks) 4626. Introd to Computer Science
  8. 8. Viruses • as biological ones • invade programs and use them to reproduce themselves • operative system specific • solution: • use carefully removable media (avoids) • antivirus (detects and cleans) 4626. Introd to Computer Science
  9. 9. Worms • as viruses: use computers to reproduce themselves • autonomous spread through computer networks • solution: • email from confident sources (avoids) • firewall -input- (blocks) • security patches 4626. Introd to Computer Science
  10. 10. Hacking • Discovering and exploiting computer system failures • Reasons: • curiosity • intellectual challenge • Cracking = criminal hacking 4626. Introd to Computer Science
  11. 11. Reducing Risks Information systems have to be protected... • to work properly • to guarantee access to information only to granted users • to guarantee privacy 4626. Introd to Computer Science
  12. 12. Physical Access Restrictions Only authorised staff have access to the equipment Security checks based on… • something you have (card) • something you know (password) • something you do (signature) • something about you (scans) 4626. Introd to Computer Science
  13. 13. How can we protect sensitive information?
  14. 14. 1. protect hw
  15. 15. UPS • uninterruptible power supply • protects data during power failures (minutes) • give users time to switch off the system
  16. 16. Surge protectors • shield computers from power spikes • protect the computer from physical damage 4626. Introd to Computer Science
  17. 17. 2. protect data
  18. 18. Passwords The most common tool, but carefully chosen • which kind of password do you use? • how frequently do you change your passwords? • how many passwords do you use? Never use a word or your b-day!! 4626. Introd to Computer Science
  19. 19. Firewalls • guard against unauthorised access • blocks accessing ports for input and output • by hardware or software
  20. 20. Encryption • keys to code messages and documents • symmetric: common key • asymmetric: public / private keys 4626. Introd to Computer Science
  21. 21. Audit Control SW • Records computer transactions • Auditors can trace and identify suspicious activities 4626. Introd to Computer Science
  22. 22. 2. replicate
  23. 23. Backup Copies • periodic copies of important information • for companies, it is recommended that copies be stored in a different location 4626. Introd to Computer Science
  24. 24. RAID • Redundant Array of Independent Disks • multiple disks as one logical unit • mirroring: data redundancy 4626. Introd to Computer Science

×