SlideShare a Scribd company logo

Security Architectures and Models.pptx

Download as PPTX, PDF
R
RushikeshChikane2

It provides information about Operating system Security Environment, Authentication Method,Authorization Password Policy, Vulnerabilities, Antivirus and etc

Technology
1 of 30
S E C U R I T Y A R C H I T E C T U R E S A N D M O D E L S Chapter 1
Operating System Overview  Operating system: collection of programs that allows user to operate computer hardware  Three layers: – Inner layer – Middle layer – Outer layer
 Key functions of an operating system: – Multitasking, multisharing – Computer resource management – Controls the flow of activities – Provides a user interface – Administers user actions and accounts – Runs software utilities and programs – Enforce security measures – Schedules jobs
The Operating System Security Environment
The Components of an Operating System Security Environment  Used as access points to the database  Three components: – Memory – Services – Files
Services  Main component of operating system security environment • Operating system core utilities • Used to gain access to the OS and its features Include – User authentication – Remote access – Administration tasks – Password policies
Files  Common threats: – File permission – File sharing  Files must be protected from unauthorized reading and writing actions  Data resides in files; protecting files protects data  Read, write, and execute privileges
File Transfer  FTP (File Transfer Protocol): – Internet service for transferring files from one computer to another – Transmits usernames and passwords in plaintext – Root account cannot be used with FTP – Anonymous FTP: ability to log on to the FTP server without being authenticated
 Best practices: – Use Secure FTP utility if possible – Make two FTP directories: • One for uploads with write permissions only • One for downloads with read permissions only – Use specific accounts with limited permissions – Log and scan FTP activities – Allow only authorized operators
Sharing Files  Naturally leads to security risks and  threats • Peer-to-peer programs: allow users to share files over the Internet • Reasons for blocking file sharing: – Malicious code – Adware and spyware – Privacy and confidentiality – Pornography – Copyright issues
Memory  Hardware memory available on the system • Can be corrupted by badly written software • Two options: – Stop using the program – Apply a patch (service pack) to fix it • Can harm data integrity • Can potentially exploit data for illegal use
Authentication Methods  Authentication: – Verifies user identity – Permits access to the operating system • Physical authentication: – Allows physical entrance to company property – Magnetic cards and biometric measures • Digital authentication: verifies user identity by digital means
Digital Authentication Mechanism  Digital certificates: digital passport that identifies and verifies holder of certificate • Digital token (security token): – Small electronic device – Displays a number unique to the token holder; used with the holder’s PIN as a password – Uses a different password each time
 Digital card: – Also known as a security card or smart card – Similar to a credit card; uses an electronic circuit instead of a magnetic strip – Stores user identification information • Public Key Infrastructure (PKI): – User keeps a private key – Authentication firm holds a public key – Encrypt and decrypt data using both keys
Authorization  Process that decides whether users are  permitted to perform the functions they  request  • Authorization is not performed until the  user is authenticated  • Deals with privileges and rights
User Administration  Create user accounts  • Set password policies  • Grant privileges to users  • Best practices:  – Use a consistent naming convention  – Always provide a password to an account and force the user to change it at the first logon  – Protect passwords  – Do not use default passwords  – Create a specific file system for users  – Educate users on how to select a password  – Lock non-used accounts  – Grant privileges on a per host basis  – Do not grant privileges to all machines
Password Policies  First line of defense  • Dictionary attack: permutation of words in  dictionary  • Make hard for hackers entering your  systems  • Best password policy:  – Matches your company missions  – Enforced at all level of the organization
 Best practices:  – Password aging  – Password reuse  – Password history  – Password encryption  – Password storage and protection  – Password complexity  – Logon retries  – Single sign-on
Vulnerabilities of Operating Systems  Top vulnerabilities to Windows systems:  – Internet Information Services (IIS)  – Microsoft SQL Server (MSSQL)  – Windows Authentication  – Internet Explorer (IE)  – Windows Remote Access Services  – Microsoft Data Access Components (MDAC)  – Windows Scripting Host (WSH)  – Microsoft Outlook and Outlook Express  – Windows Peer-to-Peer File Sharing (P2P)  – Simple Network Management Protocol (SNMP)
 – BIND Domain Name System  – Remote Procedure Calls (RPC)  – Apache Web Server  – General UNIX authentication accounts with no passwords or weak passwords  – Clear text services
E-mail Security  Tool must widely used by public  • May be the tool must frequently used by  hackers:  – Viruses  – Worms  – Spam  – Others  • Used to send private and confidential  data as well as offensive material
 Used by employees to communicate with:  – Clients  – Colleagues  – Friends  • Recommendations:  – Do not configure e-mail server on the same machine where sensitive data resides  – Do not disclose technical details about the e-mail server
Computer Viruses  Virus  – Stands for Vital Information Resources Under Siege  – Is a destructive computer program written to alter the  way a computer operates  – Is written by individuals to cause damage to computers  and the data stored on them  • Some Examples of virus are  – Disk Killer  – W97M  – Sunday  – Cascade  – Anna Kournikova  – Lovegate
Antivirus Software  Antivirus software  – Is a software to scan the computer for viruses  – Is used to remove the viruses from the computer if  found  • Examples of antivirus software are:  – Quick Heal  – Net Protector  – Avast  – McAfee  – VX2000  – Smartdog
How to Prevent A Virus Attack  Precautions that you can follow to keep your  computer free from viruses are:  – Scan all floppy disks/pen drives before opening or  copying files  – Install at least one antivirus software and run it  regularly  – Update the antivirus software regularly to check for  new viruses  – Make backup copies to minimize damage if virus  attack occur
Hacking  Hackers or Crackers  – Are people who access the computers of others  without their knowledge  – They are intelligent programmers, who have high  knowledge of computer systems and programming  languages
Misusing Personal Information  Chances of the data being intercepted, deleted  or altered by others can happen  – When data is transferred over a large network  – In chat rooms and newsgroups, where people often  reveal personal details in their interaction with others.  People with bad intentions use this information  maliciously
Theft of Information  The different types of crimes and criminals that  the digital world harbours are:  • Software Piracy  – Is the illegal copying, distribution, or use of software  without the permission of its owner  • Cracking  – Cracker  • Break into the computers of other users by means  of a network, either for the challenge or for some  malicious intention  • Take advantage of any breach in security on a  computer and steal vital information or even cause  damage to files and programs
 Stealing Data  – Occurs when data is transferred from one network to  another where there is a risk of the information being  viewed, deleted, or altered by others  – Occurs when Individuals share their information online  or when they buy goods online

Recommended

Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
INFORMATION AND CYBER SECURITY
INFORMATION AND CYBER SECURITYINFORMATION AND CYBER SECURITY
INFORMATION AND CYBER SECURITYNishant Pawar
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.pptmiki304759
 
9 - Security
9 - Security9 - Security
9 - SecurityRaymond Gao
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
23 computer security
23 computer security23 computer security
23 computer securityhafizhanif86
 
Chapter-2 (1).pptx
Chapter-2 (1).pptxChapter-2 (1).pptx
Chapter-2 (1).pptxPaulaRodalynMateo1
 
css ppt.ppt
css ppt.pptcss ppt.ppt
css ppt.pptShivaTyagi26
 

Recommended

Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
INFORMATION AND CYBER SECURITY
INFORMATION AND CYBER SECURITYINFORMATION AND CYBER SECURITY
INFORMATION AND CYBER SECURITYNishant Pawar
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.pptmiki304759
 
9 - Security
9 - Security9 - Security
9 - SecurityRaymond Gao
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
23 computer security
23 computer security23 computer security
23 computer securityhafizhanif86
 
Chapter-2 (1).pptx
Chapter-2 (1).pptxChapter-2 (1).pptx
Chapter-2 (1).pptxPaulaRodalynMateo1
 
css ppt.ppt
css ppt.pptcss ppt.ppt
css ppt.pptShivaTyagi26
 
chapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfchapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfsatonaka3
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyHaa'Meem Mohiyuddin
 
Chap11
Chap11Chap11
Chap11nitin_009
 
Chap11
Chap11Chap11
Chap11Aman Sharma
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdfZeeshanMajeed15
 
Complete notes security
Complete notes securityComplete notes security
Complete notes securityKitkat Emoo
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
Enterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityEnterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityVenkat Alagarsamy
 
Ch14 security
Ch14 securityCh14 security
Ch14 securityWelly Dian Astika
 
Sql securitytesting
Sql securitytestingSql securitytesting
Sql securitytestingThilak Pathirage -Senior IT Gov and Risk Consultant
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis MPhil/MRes/BSc
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
ch15.pdf
ch15.pdfch15.pdf
ch15.pdfSami Mughal
 
Computer Security
Computer SecurityComputer Security
Computer SecurityAkNirojan
 
Thur Venture
Thur VentureThur Venture
Thur VentureSathishkumar Vasudevan
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name BasicsSathishkumar Vasudevan
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name BasicsSathishkumar Vasudevan
 
Regression
RegressionRegression
RegressionSathishkumar Vasudevan
 
Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha VentureSathishkumar Vasudevan
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptHemlata Gangwar
 
2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptxRushikeshChikane2
 
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptxRushikeshChikane2
 

More Related Content

Similar to Security Architectures and Models.pptx

chapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfchapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfsatonaka3
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdfZeeshanMajeed15
 
Complete notes security
Complete notes securityComplete notes security
Complete notes securityKitkat Emoo
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
Enterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityEnterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityVenkat Alagarsamy
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis MPhil/MRes/BSc
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Computer Security
Computer SecurityComputer Security
Computer SecurityAkNirojan
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptHemlata Gangwar
 

Similar to Security Architectures and Models.pptx (20)

chapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfchapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdf
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
Chap11
Chap11Chap11
Chap11
 
Chap11
Chap11Chap11
Chap11
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
 
Complete notes security
Complete notes securityComplete notes security
Complete notes security
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
Enterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityEnterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurity
 
Ch14 security
Ch14 securityCh14 security
Ch14 security
 
Sql securitytesting
Sql securitytestingSql securitytesting
Sql securitytesting
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information security
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
ch15.pdf
ch15.pdfch15.pdf
ch15.pdf
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Thur Venture
Thur VentureThur Venture
Thur Venture
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Regression
RegressionRegression
Regression
 
Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha Venture
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).ppt
 

More from RushikeshChikane2

2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptxRushikeshChikane2
 
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptxRushikeshChikane2
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptxRushikeshChikane2
 
Social Media and Text Analytics
Social Media and Text AnalyticsSocial Media and Text Analytics
Social Media and Text AnalyticsRushikeshChikane2
 
Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptx Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptxRushikeshChikane2
 
Machine Learning Overview.pptx
Machine Learning Overview.pptxMachine Learning Overview.pptx
Machine Learning Overview.pptxRushikeshChikane2
 
Chapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.pptChapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.pptRushikeshChikane2
 
Chapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptxChapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptxRushikeshChikane2
 
Chapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.pptChapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.pptRushikeshChikane2
 
Chapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.pptChapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.pptRushikeshChikane2
 

More from RushikeshChikane2 (10)

2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx
 
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
Social Media and Text Analytics
Social Media and Text AnalyticsSocial Media and Text Analytics
Social Media and Text Analytics
 
Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptx Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptx
 
Machine Learning Overview.pptx
Machine Learning Overview.pptxMachine Learning Overview.pptx
Machine Learning Overview.pptx
 
Chapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.pptChapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.ppt
 
Chapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptxChapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptx
 
Chapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.pptChapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.ppt
 
Chapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.pptChapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.ppt
 

Recently uploaded

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 

Security Architectures and Models.pptx

  • 1. S E C U R I T Y A R C H I T E C T U R E S A N D M O D E L S Chapter 1
  • 2. Operating System Overview  Operating system: collection of programs that allows user to operate computer hardware  Three layers: – Inner layer – Middle layer – Outer layer
  • 3.
  • 4.  Key functions of an operating system: – Multitasking, multisharing – Computer resource management – Controls the flow of activities – Provides a user interface – Administers user actions and accounts – Runs software utilities and programs – Enforce security measures – Schedules jobs
  • 5. The Operating System Security Environment
  • 6. The Components of an Operating System Security Environment  Used as access points to the database  Three components: – Memory – Services – Files
  • 7. Services  Main component of operating system security environment • Operating system core utilities • Used to gain access to the OS and its features Include – User authentication – Remote access – Administration tasks – Password policies
  • 8. Files  Common threats: – File permission – File sharing  Files must be protected from unauthorized reading and writing actions  Data resides in files; protecting files protects data  Read, write, and execute privileges
  • 9. File Transfer  FTP (File Transfer Protocol): – Internet service for transferring files from one computer to another – Transmits usernames and passwords in plaintext – Root account cannot be used with FTP – Anonymous FTP: ability to log on to the FTP server without being authenticated
  • 10.  Best practices: – Use Secure FTP utility if possible – Make two FTP directories: • One for uploads with write permissions only • One for downloads with read permissions only – Use specific accounts with limited permissions – Log and scan FTP activities – Allow only authorized operators
  • 11. Sharing Files  Naturally leads to security risks and  threats • Peer-to-peer programs: allow users to share files over the Internet • Reasons for blocking file sharing: – Malicious code – Adware and spyware – Privacy and confidentiality – Pornography – Copyright issues
  • 12. Memory  Hardware memory available on the system • Can be corrupted by badly written software • Two options: – Stop using the program – Apply a patch (service pack) to fix it • Can harm data integrity • Can potentially exploit data for illegal use
  • 13. Authentication Methods  Authentication: – Verifies user identity – Permits access to the operating system • Physical authentication: – Allows physical entrance to company property – Magnetic cards and biometric measures • Digital authentication: verifies user identity by digital means
  • 14. Digital Authentication Mechanism  Digital certificates: digital passport that identifies and verifies holder of certificate • Digital token (security token): – Small electronic device – Displays a number unique to the token holder; used with the holder’s PIN as a password – Uses a different password each time
  • 15.  Digital card: – Also known as a security card or smart card – Similar to a credit card; uses an electronic circuit instead of a magnetic strip – Stores user identification information • Public Key Infrastructure (PKI): – User keeps a private key – Authentication firm holds a public key – Encrypt and decrypt data using both keys
  • 16. Authorization  Process that decides whether users are  permitted to perform the functions they  request  • Authorization is not performed until the  user is authenticated  • Deals with privileges and rights
  • 17. User Administration  Create user accounts  • Set password policies  • Grant privileges to users  • Best practices:  – Use a consistent naming convention  – Always provide a password to an account and force the user to change it at the first logon  – Protect passwords  – Do not use default passwords  – Create a specific file system for users  – Educate users on how to select a password  – Lock non-used accounts  – Grant privileges on a per host basis  – Do not grant privileges to all machines
  • 18. Password Policies  First line of defense  • Dictionary attack: permutation of words in  dictionary  • Make hard for hackers entering your  systems  • Best password policy:  – Matches your company missions  – Enforced at all level of the organization
  • 19.  Best practices:  – Password aging  – Password reuse  – Password history  – Password encryption  – Password storage and protection  – Password complexity  – Logon retries  – Single sign-on
  • 20. Vulnerabilities of Operating Systems  Top vulnerabilities to Windows systems:  – Internet Information Services (IIS)  – Microsoft SQL Server (MSSQL)  – Windows Authentication  – Internet Explorer (IE)  – Windows Remote Access Services  – Microsoft Data Access Components (MDAC)  – Windows Scripting Host (WSH)  – Microsoft Outlook and Outlook Express  – Windows Peer-to-Peer File Sharing (P2P)  – Simple Network Management Protocol (SNMP)
  • 21.  – BIND Domain Name System  – Remote Procedure Calls (RPC)  – Apache Web Server  – General UNIX authentication accounts with no passwords or weak passwords  – Clear text services
  • 22. E-mail Security  Tool must widely used by public  • May be the tool must frequently used by  hackers:  – Viruses  – Worms  – Spam  – Others  • Used to send private and confidential  data as well as offensive material
  • 23.  Used by employees to communicate with:  – Clients  – Colleagues  – Friends  • Recommendations:  – Do not configure e-mail server on the same machine where sensitive data resides  – Do not disclose technical details about the e-mail server
  • 24. Computer Viruses  Virus  – Stands for Vital Information Resources Under Siege  – Is a destructive computer program written to alter the  way a computer operates  – Is written by individuals to cause damage to computers  and the data stored on them  • Some Examples of virus are  – Disk Killer  – W97M  – Sunday  – Cascade  – Anna Kournikova  – Lovegate
  • 25. Antivirus Software  Antivirus software  – Is a software to scan the computer for viruses  – Is used to remove the viruses from the computer if  found  • Examples of antivirus software are:  – Quick Heal  – Net Protector  – Avast  – McAfee  – VX2000  – Smartdog
  • 26. How to Prevent A Virus Attack  Precautions that you can follow to keep your  computer free from viruses are:  – Scan all floppy disks/pen drives before opening or  copying files  – Install at least one antivirus software and run it  regularly  – Update the antivirus software regularly to check for  new viruses  – Make backup copies to minimize damage if virus  attack occur
  • 27. Hacking  Hackers or Crackers  – Are people who access the computers of others  without their knowledge  – They are intelligent programmers, who have high  knowledge of computer systems and programming  languages
  • 28. Misusing Personal Information  Chances of the data being intercepted, deleted  or altered by others can happen  – When data is transferred over a large network  – In chat rooms and newsgroups, where people often  reveal personal details in their interaction with others.  People with bad intentions use this information  maliciously
  • 29. Theft of Information  The different types of crimes and criminals that  the digital world harbours are:  • Software Piracy  – Is the illegal copying, distribution, or use of software  without the permission of its owner  • Cracking  – Cracker  • Break into the computers of other users by means  of a network, either for the challenge or for some  malicious intention  • Take advantage of any breach in security on a  computer and steal vital information or even cause  damage to files and programs
  • 30.  Stealing Data  – Occurs when data is transferred from one network to  another where there is a risk of the information being  viewed, deleted, or altered by others  – Occurs when Individuals share their information online  or when they buy goods online