Electronic security


Published on

There are three types of intruders who can dampen the company’s electronic system and they are hackers, freakers and crackers.
Banks, insurance companies, consultants, textile business are some of the major types of organizations who fall victim to such mal-practices. The intruders have a well-thought out system to attack the organization. They gain access to user’s accounts, use the victim’s system as a platform to attack other sites. Companies can save themselves from this serious threat if they follow certain basic tip such as using the latest version of the browser, installing SSL, ensuring that ISP has a security system and they should shop with familiar companies.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Electronic security

  1. 1. Electronic Security
  2. 2. Classification of IntrudersHackersHackers Crackers Crackers Intruders type Freakers Freakers
  3. 3. Victimised Firms• Banks • Government contractors• Financial companies • Government agencies• Insurance companies • Hospitals• Brokerage houses • Medical laboratories• Consultants • Utility companies• Network Service • Universities Providers• Textile Business• Wholesale/Retail traders
  4. 4. Attacking Methods• Gaining access to user’s account• Gaining privileged access• Using the victim‘s system as a platform for attacks on other • A significant loss of credibility or sites. market opportunity.• Duration of the accomplishment : • A buisness no longer able to• Manually in less than 45 seconds complete.• With automation, the time is still • Legal liability and less. • Loss of life• By the attack varies :• A minnor loss of time in recovering from the problem .• A decrease in productivity.
  5. 5. Three basic security concepts• Confidentiality• Integrity and• Availability
  6. 6. Concepts relating to the people who use the information are :• Authentication• Authorisation• Non-repudiation
  7. 7. Classification of Incidents• Probe • Exploitation of trust• Scan • Root compromise• Account compromise • Destruction or• Packet sniffer Alteration of• Denial of service configuration information • Malicious code • Internet infrastructure attack
  8. 8. Relationship between SSL & ISO Reference Model User Application SSL ProtocolISO Reference Distributed Data SourcesModel Plain Data Stream Application Layer SSL Handshake Protocol Presentation Layer Encrypted Data Packets SSL Record Protocol Session Layer Network Independent messages Transport Layer Network Layer Link Layer Physical Layer Physical connection to network hardware Data Network
  9. 9. Ten Practical Tips to Secure E-Commerce - 1• Use latest version of the browser• Install SSL• Ensure ISP has a security system• Look for signs of trust• Shop with familiar companies• Look for easy to find security information & a privacy statement
  10. 10. Ten Practical Tips to Secure E-Commerce - 2• Pay by credit card• Keep a record• Look for information about ‘cookies’ and• Find out what information the site collects you
  11. 11. Security Tools - 1• Secure transport stacks• Kerberos• Secure transactions over the Internet• UNIX Security• Password Security Systems
  12. 12. Security Tools - 2• Electronic Mail SMTP PEM PGP• Server security• Trusting Binaries
  13. 13. Kerberos Authentication Process -1 CredentialsA Ticket for theserverA temporaryencryption keyThe session key
  14. 14. Kerebos - 2 LimitationsVulnerability ofpasswordsNeed forsynchronised clocksWeak assurancesagainst repudiation
  15. 15. UNIX Security• User passwords• File access• Directory access• File encryption and• Security on passwords files
  16. 16. Biometrics• Fingerprints• Signature Dynamics• Voice verification• Keystroke Dynamics• Facial Features
  17. 17. E- MAIL Advantageso Send message in no time anywhere in the worldo For getting on & staying on the Interneto Can be handled by a variety of programso Easy and inexpensiveo Increasingly used for both internal & external corporateso E-mail to fax & fax to e-mail is possible
  18. 18. “Like” us on Facebook:  p // /http://www.facebook.com/welearnindia “Follow” us on Twitter:http://twitter.com/WeLearnIndiahttp://twitter com/WeLearnIndiaWatch informative videos on Youtube: http://www.youtube.com/WelingkarDLP