SlideShare a Scribd company logo

Chapter 1 a

Download as PPTX, PDF
K
kibrutry
1 of 51
Computer Security and Privacy M.Sc 1st year (SEM II) Department of Computer Science &IT AMIT-AMU Ethiopia By Prof D P Sharma
Computer Security and Privacy 1. Fundamentals of computer security & privacy  Overview,  Evolution (history),  Vulnerabilities,  Countermeasures,  Physical security
Computer Security • Computer Security is a Branch of Computer Technology • It is Information security as applied to computers and networks. • The objectives- Protection of information from  Theft,  Corruption,  Damage from disaster, Definition Security: The prevention and protection of computer assets from unauthorized access, use, alteration, degradation, destruction, and other threats. “ The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tamper [ alter ]or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively.
Privacy • Privacy: The legal rights of the groups/individuals/organizations to be protected against unauthorized intrusion into his personal life/affairs, by direct physical means or by publication of information. • Security or Privacy Threat: Any individual group, act, or object that poses a danger to computer security and privacy is known as threat.
No Tension ?? No Computer No Network No Internet • The most secured manner Either no computers or are those not connected to any Network or Internet and protected from any intrusion
Defining- Computer Security • Computer or Information Technology can be used for productive or destructive purposes • Computer Security  refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. • Computer Security  The provisions and policies adopted to protect information and property from theft, corruption, or natural disaster while allowing the information and property to remain accessible and productive to its intended users.
‘computer security’ Vs ‘computer technology ‘ Computer Security • Preventing unwanted computer behavior • Computer Security and Information Security focuses on hardware risk, software risks, network risks, data theft, identity theft, and the like Computer Technology • Enabling wanted computer behavior.
Common Computer Security Measures • Most computer security measures involve data encryption and passwords. • Data encryption is the translation of data into a form that can not be read without a deciphering mechanism. • A password is a secret word or phrase that gives a user access to a particular program or system.
Computer Security VS Network Security Computer Security • Computer Security is confined to securing the Computer as an individual system. • The provisions and policies adopted to protect information and property from Theft, Corruption, or Natural Disaster while allowing the information and property to remain accessible and productive to its intended users. [ Security at gate, Safe place, Authorization of people, Building] Network security • Network security on the other hand deals with provisions and policies adopted to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network- accessible resources.
Computer Security Domains Security in unwired/ Wired network ? Security from Spams? Security under OS environment? Security of Physical components? Security by firewall ? Security from computer viruses, worms, Trojan horse, logic bombs, ? Security in Distributed Systems /Cloud Computing?
Goals of Computer Security / Information Security • To maintain information Confidentiality • To ensure the Integrity and Reliability of data resources • To ensure the Uninterrupted Availability of data resources and online operations • To reduce the risk of systems and organizations ceasing operations • To ensure Compliance with Policies and Laws regarding security and privacy
Computer Security Goals Integrity Confidentiality Availaibility
Categories of attacks Categories of attacks • Interruption: An attack on availability • Interception: An attack on confidentiality • Modification: An attack on integrity • Fabrication: An attack on authenticity
Categories of Attacks/Threats (W. Stallings) Normal flow of information Interruption Interception Modification Fabrication Source Destination Attack
Types of Vulnerabilities • Physical vulnerabilities (Ex. Buildings) • Natural vulnerabilities (Ex. Earthquake) • Hardware and Software vulnerabilities (Ex. Failures) • Media vulnerabilities (Ex. Disks can be stolen) • Communication vulnerabilities (Ex. Wires can be tapped) • Human vulnerabilities (Ex. Insiders)
Evolution of Computer Security and Privacy Issues and Ethics • Computer security, meaning safeguarding hardware, software and their physical locations, first took shape in World War 2, when the military began using mainframes designed to assist in code breaking. • 1960s- Larry Roberts, hailed as the internet’s founder, designed the ARPANET (Advanced Research Projects Agency Network), which is called the internet’s predecessor. • "worldwide system of interconnected networks and computers“- Internet by Larry
Evolution of Computer Security and Privacy Issues and Ethics • Ethics is derived from Greek word Ethos and morality from Latin word mos and moris. But the meaning of both is same. • In the early 1940s • MIT professor Norbert Wiener during World War II, when he helped to develop an anti-aircraft cannon capable of shooting down fast warplanes. This work resulted in Wiener and his colleagues creating a new field of research that Wiener called cybernetics, the science of information feedback systems. • Wiener published “The Human Use of Human Beings” in 1950, which described a comprehensive foundation that is still the basis for computer Security, ethics research and analysis.
Evolution of Computer Security and Privacy Issues and Ethics • In the mid-1960s • Donn B. Parker, at the time with SRI International in Menlo Park, CA, began examining unethical and illegal uses of computers and documenting examples of computer crime and other unethical computerized activities. • He published "Rules of Ethics in Information Processing" in Communications of the ACM in 1968, and headed the development of the first Code of Professional Conduct for the Association for Computing Machinery, which was adopted by the ACM in 1973. • During the late 1960s, Joseph Weizenbaum, a computer scientist at MIT in Boston, created a computer program that he called ELIZA that he scripted to provide a crude imitation of "a Rogerian psychotherapist engaged in an initial interview with a patient.”
Evolution of Computer Security and Privacy Issues and Ethics • The following topics, identified by Terrell Bynum, are good to use as a basis. • Computers in the Workplace: Computers can pose a threat to jobs as people feel they may be replaced by them. However, the computer industry already has generated a wide variety of new jobs. another workplace concern is health and safety. • Computer Crime: With the proliferation of computer viruses, spyware, phishing and fraud schemes, and hacking activity from every location in the world, computer crime and security are certainly topics of concern when discussing computer ethics. • Privacy and Anonymity: gather; store, search, compare, retrieve, and share personal information • Intellectual Property: One of the more controversial areas of computer ethics concerns the intellectual property rights connected with software ownership. • Professional Responsibility and Globalization: Global business • Global education • Global information flows • Information-rich and information-poor nations • Information interpretation • The gap between rich and poor nations, and between rich and poor citizens in industrialized countries, is very wide.
Evolution Contd… • 1960s Computer security issues limited to physical protection of computers. No networking • 1960s - 70s  New paradigms of Multiuser and Multiprogramming were introduced  Data storage systems like concepts of database and RDBMS were introduced New Concerns arise –  The issue of computer security first arose in the 1970s as individuals began to break into telephone systems.  People and companies started focusing on database processing  What is being done to their privately stored data in large databases
Evolution Contd… • 1980s & 90s  Local Area Network introduced  Internet entered in the world  PCs were popularized  Net based business models like E-commerce, E-government and E-health services started to develop new computerized systems  Malwares like Viruses become majors threats New Concerns –  People and Companies start thinking about their security of computers and stored data  Trust on emails and websites were primarily suspected.  They were worried about their information privacy in networked environment / world
Salient Security Cases • Salient Security Cases  The Federal Bureau of Investigation (FBI) made one of its first arrests related to computer hacking in the early 1980s.  A group of hackers known as the 414s, named after their area code in Milwaukee, Wisconsin, were indicted for attacking 60 different computer systems including the Los Alamos National Laboratory and the Memorial Sloan-Kettering Cancer Center.  Internet Worm (Morris worm )  November 2, 1988 a worm attacked more than 60,000 computers around the USA  The worm attacks computers, and when it has installed itself, it multiplies itself, freezing the computer  It exploited UNIX security holes in Sendmail  A nationwide effort enabled to solve the problem within 12 hours  Robert Morris [ A Professor at the MIT] became the first person to be indicted under the Computer Fraud and Abuse Act.  He was sentenced to three years of probation, 400 hours of community service and a fine of $10,050
Salient Security Cases Contd… • Salient security harms …  NASA shutdown  In 1990, an Australian computer science student was charged for shutting down NASA’s computer system for 24 hours  Digital Equipment Corp. and MCI Communications Corp, Attack  a 25-year-old hacker named Kevin Mitnick began tapping into the e-mail system used by computer security managers. As a result, Mitnick was arrested and sentenced to one year in jail.  Airline computers  In 1998, a major travel agency discovered that someone penetrated its ticketing system and has printed airline tickets illegally  Bank theft  In 1984, a bank manager was able to steal $25 million through un- audited computer transactions
Salient Security Cases Contd… Computer Emergency Response Team  After several criminal cases the Computer Emergency Response Team was established by the U.S. government to research the increasing number of computer security breaches. Three Computer viruses  Along with growth in hacking activity came the spread of computer viruses. Three of the most well known viruses— • Cascade, • Friday the 13th, and • Stoned—all originated in 1987. By 1991, more than 1,000 viruses had been discovered by computer security experts. An attack on AT&T's network caused the firm's long- distance service to temporarily shut down.
Salient Security Cases Contd…  During 1995, computers at the U.S. Department of Defense were attacked roughly 250,000 times.  In 1998, the U.S. Department of Justice created the National Infrastructure Protection Center, charging it with task of safeguarding domestic technology, telecommunications, and transportation systems from unethical hackers.  A 16-year-old Canadian boy operating under the name Mafiaboy, was arrested, and authorities discovered he also had broken into the computer networks at Harvard and Yale Universities.  While on parole, Mafia-boy was prohibited from using the Internet or shopping at stores that sold computers; only when supervised by a teacher at school, could he use a computer?
Salient Security Cases Contd…  Cyber crime and Ethiopia  Employees of a company managed to change their salaries by fraudulently modifying the company’s database  In 1990s Internet password theft Hundreds of dial-up passwords were stolen and sold to other users Many of the owners lost tens of thousands of Birr each  In Africa: Cote d’Ivoire  An employee who has been fired by his company deleted all the data in his company’s computer
Salient Security Cases Contd… Early Efforts • 1960s: Marked as the beginning of true computer security • 1970s: Research and modeling  Identifying security requirements  Formulating security policy models  Defining recommended guidelines and controls  Development of secure systems • European Council adopted a convention on Cyber- crime in 2001. • The World Summit for Information Society considered computer security and privacy as a subject of discussion in 2003 and 2005. • The Ethiopian Penal Code [EPC] of 2005 has articles on data and computer related crimes.
Computer Privacy? Non disclosure of Personal Information by unauthorized persons in unauthenticated means Web privacy can fall under several umbrellas, including your online surfing habits, your passwords and login information and your computer files. Usually, tracking any of this happens through the use of “cookies.” Cookies are small bits of data that are placed on your computer by Web sites. They can help track how often you return, other sites you’ve visited and more. To prevent others from knowing this, cookies can be removed.
Computer Privacy? • Internet is full of potential risk to our privacy and security. • Everyone has an IP address to communicate on the Internet, IP address is like a telephone number or mailing address. Using your IP it is possible to know your country, city, internet provider and even physical address. • While surfing the Internet browsers keep tracks of our Internet activity in order to provide a more pleasant computer and surfing experience. But these history tracks can compromise our privacy and provide an easy way for others to see what web sites you visited, what you have been searching, downloading, viewing, etc.
Computer Security Security by Design / Architecture Secure Operating Systems Secure Coding
Types of Computer Security Contd…  Security by Design ( i.e. Software Design Logic) • The technologies of computer security are Based on Logic. • As security is not necessarily the primary goal of most computer applications, designing a program with security in mind often imposes restrictions on that program's behavior.  There are 4 approaches to Security in Computing; 1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity). 2. Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious branch and path analysis for example). 3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity). 4. Trust no software but enforce a security policy with trustworthy hardware mechanisms.
Types of Computer Security Contd… Security Architecture [ i.e. IT infrastructure Arch.) • Security Architecture can be defined as the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall Information technology architecture. • A countermeasure is an action, process, device, or system that can prevent, or mitigate [lessen] the effects of, threats to a computer, server or network. [ • System's quality attributes, confidentiality, integrity*(validity), av ailability, accountability and assurance [ Real
Contd… • A threat is a potential or actual adverse event that may be malicious or incidental, and that can compromise the assets of an enterprise or the integrity of a computer or network. • Countermeasures can take the form of software, hardware and modes of behavior. Software countermeasures include: • personal firewalls • anti-virus software • pop-up blockers • Spyware detection/removal programs……..
Contd… • The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other hardware countermeasures include: • Biometric authentication systems • Physical restriction of access to computers and peripherals • Intrusion detectors • Alarms. • Behavioral countermeasures include: • Frequent deletion of stored cookies and temporary files from Web browsers • Regular scanning for viruses and other malware • Regular installation of updates and patches for operating systems • Refusing to click on links that appear within e-mail messages • Refraining from opening e-mail messages and attachments from unknown senders • Staying away from questionable Web sites • Regularly backing up data on external media.
Computer security controls Authentication (Password, Cards, Biometrics) (What we know, have, are!) Encryption Auditing Administrative procedures Standards Certifications Physical Security Laws
Types of Computer Security Contd… Secure Operating Systems • Such Ultra-Strong secure operating systems are based on Operating System Kernel Technology that can guarantee that certain security policies are absolutely enforced in an operating environment. • Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. • Operating System Security • Flaws in the operating systems of computers are discovered almost daily
Contd.. Basic Precautions: • Software Updates - Make sure that the software on your computer is regularly updated. We recommend setting your computer to check for software updates automatically. • Firewall - Run a firewall program on your computer. A firewall is a device or program that blocks undesired Internet traffic, including viruses, from accessing your computer. Both Windows and Mac OS X have built-in firewall programs that are easy to set up. By blocking unwanted Internet traffic, a lot of viruses and bugs can be stopped dead in their tracks! • Account Management - Manage the user accounts on your computer, so you can control exactly who can log into your machine. Especially on Windows XP machines, it is easy to accidentally leave your computer wide open to unauthorized users. • Antivirus Software - Use your antivirus software to scan for viruses as files are being launched.
Contd..  Secure coding • In commercial environments, the majority of software subversion vulnerabilities result from a few known kinds of coding defects. Common software defects include: • Buffer overflows, • Integer overflow, and • Code/Command injection. (Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by an attacker to introduce (or "inject") code into a computer program to change the course of execution. The results of a code injection attack can be disastrous. For instance, code injection is used by some computer worms to propagate.)
Contd.. • Code injection can be used to infect operating system files, rendering all antivirus software unable to detect the virus, if they are running on the infected operating system. File hashes stored in Windows, to identify altered Windows files, can also be overwritten so that the System File Checker will report that system files are originals. • Some common languages such as C and C++ are vulnerable to all of these defects . • Other languages, such as Java, are more resistant to some of these defects, but are still prone to code/command injection and other software defects which facilitate subversion.
Physical Security • There are three simple principles to follow: 1.Keep people away • Most large corporations maintain very strict control over who can enter their datacenters. They use card key or keypad systems, log books and human security to limit unauthorized access. • If at all possible, sensitive servers should be kept behind a locked door, not just a door with a lock, and access should be limited to a select set of trustworthy administrators 2. Keep backup away from the datacenter
Contd… 3. Keep them out, and • you can't keep everyone away from them. The next layer of a good physical security plan is to limit what can be done with the computers. • Here's a great security feature that costs nothing: lock your computer when you're walking away from it. In Windows NT, Windows 2000, or Windows XP, you only have to quickly hit Ctrl+Alt+Delete, • Lock the CPU case. Most desktop and tower cases have locking lugs that you can use to keep an intruder from opening the case. • Use a cable-type security lock to keep someone from stealing the whole computer. This is particularly good advice for laptops or small desktops that can easily be hidden inside a backpack or coat. • Configure the BIOS not to boot from the floppy drive. This makes it harder for an intruder to remove passwords and account data from your system's disks. • Consider whether it's worth the expense of using a motion-sensor alarm in the room where the computers located. (Remember, for home offices, security systems that cover the office area are generally deductible business expenses!) • Use the syskey utility (supported in Windows NT 4.0, Windows 2000, and Windows XP) to secure the local accounts database, local copies of EFS encryption keys, and other valuables that you don't want attackers to have.
Contd… 4 Protect your plumbing. • Network cabling, hubs and even the external network interface are extremely vulnerable points in a network. An attacker who can attach to your network can steal data in transit or mount attacks against computers on your network—or on other networks! If at all possible, keep hubs and switches behind looked doors or in locked cabinets, run cabling through walls and ceilings to make it harder to tap, and ensure that your external data connection points are kept locked.
Contd.. • Some Important Physical security measures every organization should take • 1. Lock up the server room • 2. Set up surveillance • A better solution than the log book is an authentication system incorporated into the locking devices, so that a smart card, token, or biometric scan is required to unlock the doors, and a record is made of the identity of each person who enters. • A video surveillance camera, placed in a location that makes it difficult to tamper with or disable (or even to find) but gives a good view of persons entering and leaving should supplement the log book or electronic access system. Surveillance cams can monitor continuously, or they can use motion detection technology to record only when someone is moving about. • They can even be set up to send e-mail or cell phone notification if motion is detected when it shouldn’t be (such as after hours).
Contd.. 3. Make sure the most vulnerable devices are in that locked room 4. Use rack mount servers 5. Don’t forget the workstations connected 6. Keep intruders from opening the case Both servers and workstations should be protected from thieves who can open the case and grab the hard drive. 7. Disable the drives 8. Put CCTV Cameras…….
Vulnerability in Computing • In computer security, vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: • A system susceptibility or flaw itself( fault), • Attacker access to the flaw( fault), and • Attacker capability to exploit the flaw (fault). • Eg Body
Contd.. • To exploit vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface. • Vulnerability management is the cyclical practice of- • identifying, • classifying, • remediating, and • mitigating (lessen).
Defining vulnerability • “A weakness of an asset or group of assets that can be exploited by one or more threats.” • Where an asset is anything that can has value to the organization, its business operations and their continuity, including information resources that support the organization's mission ISO 27005 definition
Contd.. • “A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy” IETF RFC 2828 defined vulnerability “A flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system's security policy.” Many NIST publications define vulnerability in IT contest in different publications
Classification of Vulnerabilities 1. Hardware • Susceptibility to humidity • Susceptibility to dust • susceptibility to soiling • susceptibility to unprotected storage 2. Software • insufficient testing • lack of audit trail 3. Network • unprotected communication lines • insecure network architecture 4. Personnel • inadequate recruiting process • inadequate security awareness 5. Site • area subject to flood • unreliable power source 6. Organizational • lack of regular audits • lack of continuity plans • lack of security
Causes of Vulnerabilities • Complexity: Large, complex systems increase the probability of flaws and unintended access points • Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker has or can find the knowledge and tools to exploit the flaw • Connectivity: More physical connections, privileges, ports, protocols, and services and time each of those are accessible increase vulnerability • Password management flaws: The computer user uses weak passwords that could be discovered by brute force. The computer user stores the password on the computer where a program can access it. Users re-use passwords between many programs and websites. • Fundamental operating system design flaws: The operating system designer chooses to enforce suboptimal policies on user/program management. For example operating systems with policies such as default permit grant every program and every user full access to the entire computer. This operating system flaw allows viruses and malware to execute commands on behalf of the administrator.
Contd… • Internet Website Browsing: Some internet websites may contain harmful Spyware or Adware that can be installed automatically on the computer systems. After visiting those websites, the computer systems become infected and personal information will be collected and passed on to third party individuals. • Software bugs: The programmer leaves an exploitable bug in a software program. The software bug may allow an attacker to misuse an application. • Unchecked user input: The program assumes that all user input is safe. Programs that do not check user input can allow unintended direct execution of commands or SQL statements (known as Buffer overflows, SQL injection or other non-validated inputs). • Not learning from past mistakes: for example most vulnerabilities discovered in IPv4 protocol software were discovered in the new IPv6 implementations • The research has shown that the most vulnerable point in most information systems is the human user, operator, designer, or other human: so humans should be considered in their different roles as asset, threat, information resources. Social engineering is an increasing security concern.

Recommended

Computer Ethics
Computer EthicsComputer Ethics
Computer EthicsKodok Ngorex
 
Chapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityChapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityFizaril Amzari Omar
 
Privacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationPrivacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationHajarul Cikyen
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsRitikaSharma238
 
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usagetushki92
 
Computer security
Computer securityComputer security
Computer securityRoshanMaharjan13
 
IT Ethics
IT EthicsIT Ethics
IT EthicsKeith Putnam
 
COMPUTER ETHICS
COMPUTER ETHICSCOMPUTER ETHICS
COMPUTER ETHICSEi-Dyei Diata
 

Recommended

Computer Ethics
Computer EthicsComputer Ethics
Computer EthicsKodok Ngorex
 
Chapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityChapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityFizaril Amzari Omar
 
Privacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationPrivacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationHajarul Cikyen
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsRitikaSharma238
 
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usagetushki92
 
Computer security
Computer securityComputer security
Computer securityRoshanMaharjan13
 
IT Ethics
IT EthicsIT Ethics
IT EthicsKeith Putnam
 
COMPUTER ETHICS
COMPUTER ETHICSCOMPUTER ETHICS
COMPUTER ETHICSEi-Dyei Diata
 
Computer security privacy and ethics
Computer security privacy and ethicsComputer security privacy and ethics
Computer security privacy and ethicsgeneveve_
 
COMPUTER ETHICS AND SECURITY
COMPUTER ETHICS AND SECURITYCOMPUTER ETHICS AND SECURITY
COMPUTER ETHICS AND SECURITYzenbrowski
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsshashi kiran
 
Computer ethics and crime
Computer ethics and crimeComputer ethics and crime
Computer ethics and crimeMiddle East International School
 
Computer Ethics
Computer EthicsComputer Ethics
Computer EthicsRamki M
 
Discovering Computers: Chapter 11
Discovering Computers: Chapter 11Discovering Computers: Chapter 11
Discovering Computers: Chapter 11Anna Stirling
 
Security issues ethics in education chapter 8
Security issues ethics in education chapter 8Security issues ethics in education chapter 8
Security issues ethics in education chapter 8Theresa Ann Rollins-Fanning
 
Chapter 4 2016
Chapter 4 2016Chapter 4 2016
Chapter 4 2016Fizaril Amzari Omar
 
Mikial Singh Nijjar | Where Is Information Technology Headed?
Mikial Singh Nijjar | Where Is Information Technology Headed?Mikial Singh Nijjar | Where Is Information Technology Headed?
Mikial Singh Nijjar | Where Is Information Technology Headed?Mikial Singh Nijjar
 
Working with ict ethical social and legal issues
Working with ict ethical social and legal issuesWorking with ict ethical social and legal issues
Working with ict ethical social and legal issuesMaher Al Beshlawy
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethicsPreet Hanspal
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsonur karaman
 
Ethical Dilemma/Issues is Cyberworld
Ethical Dilemma/Issues is CyberworldEthical Dilemma/Issues is Cyberworld
Ethical Dilemma/Issues is CyberworldAmae OlFato
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldRownel Cerezo Gagani
 
Ericsson ConsumerLab: Privacy, security and safety online
Ericsson ConsumerLab: Privacy, security and safety onlineEricsson ConsumerLab: Privacy, security and safety online
Ericsson ConsumerLab: Privacy, security and safety onlineEricsson
 
Cyber security and mobile devices
Cyber security and mobile devicesCyber security and mobile devices
Cyber security and mobile devicesUmer Saeed
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal IssuesKak Yong
 
computer ethics
computer ethicscomputer ethics
computer ethicssdrhr
 
Chapter 1-introduction to ict
Chapter 1-introduction to ictChapter 1-introduction to ict
Chapter 1-introduction to ictAten Kecik
 
Software. intranet. e crime
Software. intranet. e crimeSoftware. intranet. e crime
Software. intranet. e crimejuliakad84
 
sc.pptx
sc.pptxsc.pptx
sc.pptxWorknehEdimealem
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.pptabrahamermias1
 

More Related Content

What's hot

Computer security privacy and ethics
Computer security privacy and ethicsComputer security privacy and ethics
Computer security privacy and ethicsgeneveve_
 
COMPUTER ETHICS AND SECURITY
COMPUTER ETHICS AND SECURITYCOMPUTER ETHICS AND SECURITY
COMPUTER ETHICS AND SECURITYzenbrowski
 
Computer Ethics
Computer EthicsComputer Ethics
Computer EthicsRamki M
 
Discovering Computers: Chapter 11
Discovering Computers: Chapter 11Discovering Computers: Chapter 11
Discovering Computers: Chapter 11Anna Stirling
 
Mikial Singh Nijjar | Where Is Information Technology Headed?
Mikial Singh Nijjar | Where Is Information Technology Headed?Mikial Singh Nijjar | Where Is Information Technology Headed?
Mikial Singh Nijjar | Where Is Information Technology Headed?Mikial Singh Nijjar
 
Working with ict ethical social and legal issues
Working with ict ethical social and legal issuesWorking with ict ethical social and legal issues
Working with ict ethical social and legal issuesMaher Al Beshlawy
 
Ethical Dilemma/Issues is Cyberworld
Ethical Dilemma/Issues is CyberworldEthical Dilemma/Issues is Cyberworld
Ethical Dilemma/Issues is CyberworldAmae OlFato
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldRownel Cerezo Gagani
 
Ericsson ConsumerLab: Privacy, security and safety online
Ericsson ConsumerLab: Privacy, security and safety onlineEricsson ConsumerLab: Privacy, security and safety online
Ericsson ConsumerLab: Privacy, security and safety onlineEricsson
 
Cyber security and mobile devices
Cyber security and mobile devicesCyber security and mobile devices
Cyber security and mobile devicesUmer Saeed
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal IssuesKak Yong
 
computer ethics
computer ethicscomputer ethics
computer ethicssdrhr
 
Chapter 1-introduction to ict
Chapter 1-introduction to ictChapter 1-introduction to ict
Chapter 1-introduction to ictAten Kecik
 
Software. intranet. e crime
Software. intranet. e crimeSoftware. intranet. e crime
Software. intranet. e crimejuliakad84
 

What's hot (20)

Computer security privacy and ethics
Computer security privacy and ethicsComputer security privacy and ethics
Computer security privacy and ethics
 
COMPUTER ETHICS AND SECURITY
COMPUTER ETHICS AND SECURITYCOMPUTER ETHICS AND SECURITY
COMPUTER ETHICS AND SECURITY
 
Computer ethics
Computer ethicsComputer ethics
Computer ethics
 
Computer ethics and crime
Computer ethics and crimeComputer ethics and crime
Computer ethics and crime
 
Computer Ethics
Computer EthicsComputer Ethics
Computer Ethics
 
Discovering Computers: Chapter 11
Discovering Computers: Chapter 11Discovering Computers: Chapter 11
Discovering Computers: Chapter 11
 
Security issues ethics in education chapter 8
Security issues ethics in education chapter 8Security issues ethics in education chapter 8
Security issues ethics in education chapter 8
 
Chapter 4 2016
Chapter 4 2016Chapter 4 2016
Chapter 4 2016
 
Mikial Singh Nijjar | Where Is Information Technology Headed?
Mikial Singh Nijjar | Where Is Information Technology Headed?Mikial Singh Nijjar | Where Is Information Technology Headed?
Mikial Singh Nijjar | Where Is Information Technology Headed?
 
Working with ict ethical social and legal issues
Working with ict ethical social and legal issuesWorking with ict ethical social and legal issues
Working with ict ethical social and legal issues
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethics
 
Computer ethics
Computer ethicsComputer ethics
Computer ethics
 
Ethical Dilemma/Issues is Cyberworld
Ethical Dilemma/Issues is CyberworldEthical Dilemma/Issues is Cyberworld
Ethical Dilemma/Issues is Cyberworld
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorld
 
Ericsson ConsumerLab: Privacy, security and safety online
Ericsson ConsumerLab: Privacy, security and safety onlineEricsson ConsumerLab: Privacy, security and safety online
Ericsson ConsumerLab: Privacy, security and safety online
 
Cyber security and mobile devices
Cyber security and mobile devicesCyber security and mobile devices
Cyber security and mobile devices
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal Issues
 
computer ethics
computer ethicscomputer ethics
computer ethics
 
Chapter 1-introduction to ict
Chapter 1-introduction to ictChapter 1-introduction to ict
Chapter 1-introduction to ict
 
Software. intranet. e crime
Software. intranet. e crimeSoftware. intranet. e crime
Software. intranet. e crime
 

Similar to Chapter 1 a

presentation on hacking
presentation on hackingpresentation on hacking
presentation on hackingAyush Upadhyay
 
Introduction to ethics
Introduction to ethicsIntroduction to ethics
Introduction to ethicsSaqib Raza
 
Topic-2.2_InfoPrivacy-IT-Ethics.pptx
Topic-2.2_InfoPrivacy-IT-Ethics.pptxTopic-2.2_InfoPrivacy-IT-Ethics.pptx
Topic-2.2_InfoPrivacy-IT-Ethics.pptxOxfordRiNorth
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Lecture 8 privacy, security, ergonomics and the environment
Lecture 8 privacy, security, ergonomics and the environment Lecture 8 privacy, security, ergonomics and the environment
Lecture 8 privacy, security, ergonomics and the environment Jenny Coloma
 
02 fundamental aspects of security
02 fundamental aspects of security02 fundamental aspects of security
02 fundamental aspects of securityGemy Chan
 
3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptxssuser84f16f
 
Principles of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docxPrinciples of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docxharrisonhoward80223
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxCUInnovationTeam
 
Orientation 28 sep education purpose only.pptx
Orientation 28 sep education purpose only.pptxOrientation 28 sep education purpose only.pptx
Orientation 28 sep education purpose only.pptx230405
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)Rohana K Amarakoon
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture ACMDLearning
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Cybercrime_PPT.ppt
Cybercrime_PPT.pptCybercrime_PPT.ppt
Cybercrime_PPT.pptJiaJunWang17
 

Similar to Chapter 1 a (20)

sc.pptx
sc.pptxsc.pptx
sc.pptx
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
 
presentation on hacking
presentation on hackingpresentation on hacking
presentation on hacking
 
Introduction to ethics 1
Introduction to ethics 1Introduction to ethics 1
Introduction to ethics 1
 
Introduction to ethics
Introduction to ethicsIntroduction to ethics
Introduction to ethics
 
Topic-2.2_InfoPrivacy-IT-Ethics.pptx
Topic-2.2_InfoPrivacy-IT-Ethics.pptxTopic-2.2_InfoPrivacy-IT-Ethics.pptx
Topic-2.2_InfoPrivacy-IT-Ethics.pptx
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
Lecture 8 privacy, security, ergonomics and the environment
Lecture 8 privacy, security, ergonomics and the environment Lecture 8 privacy, security, ergonomics and the environment
Lecture 8 privacy, security, ergonomics and the environment
 
02 fundamental aspects of security
02 fundamental aspects of security02 fundamental aspects of security
02 fundamental aspects of security
 
3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethics for IT Professionals
Ethics for IT ProfessionalsEthics for IT Professionals
Ethics for IT Professionals
 
Principles of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docxPrinciples of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docx
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
 
Orientation 28 sep education purpose only.pptx
Orientation 28 sep education purpose only.pptxOrientation 28 sep education purpose only.pptx
Orientation 28 sep education purpose only.pptx
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
 
Network security
Network securityNetwork security
Network security
 
Cybercrime_PPT.ppt
Cybercrime_PPT.pptCybercrime_PPT.ppt
Cybercrime_PPT.ppt
 
Hacking
Hacking Hacking
Hacking
 

Chapter 1 a

  • 1. Computer Security and Privacy M.Sc 1st year (SEM II) Department of Computer Science &IT AMIT-AMU Ethiopia By Prof D P Sharma
  • 2. Computer Security and Privacy 1. Fundamentals of computer security & privacy  Overview,  Evolution (history),  Vulnerabilities,  Countermeasures,  Physical security
  • 3. Computer Security • Computer Security is a Branch of Computer Technology • It is Information security as applied to computers and networks. • The objectives- Protection of information from  Theft,  Corruption,  Damage from disaster, Definition Security: The prevention and protection of computer assets from unauthorized access, use, alteration, degradation, destruction, and other threats. “ The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tamper [ alter ]or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively.
  • 4. Privacy • Privacy: The legal rights of the groups/individuals/organizations to be protected against unauthorized intrusion into his personal life/affairs, by direct physical means or by publication of information. • Security or Privacy Threat: Any individual group, act, or object that poses a danger to computer security and privacy is known as threat.
  • 5. No Tension ?? No Computer No Network No Internet • The most secured manner Either no computers or are those not connected to any Network or Internet and protected from any intrusion
  • 6. Defining- Computer Security • Computer or Information Technology can be used for productive or destructive purposes • Computer Security  refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. • Computer Security  The provisions and policies adopted to protect information and property from theft, corruption, or natural disaster while allowing the information and property to remain accessible and productive to its intended users.
  • 7. ‘computer security’ Vs ‘computer technology ‘ Computer Security • Preventing unwanted computer behavior • Computer Security and Information Security focuses on hardware risk, software risks, network risks, data theft, identity theft, and the like Computer Technology • Enabling wanted computer behavior.
  • 8. Common Computer Security Measures • Most computer security measures involve data encryption and passwords. • Data encryption is the translation of data into a form that can not be read without a deciphering mechanism. • A password is a secret word or phrase that gives a user access to a particular program or system.
  • 9. Computer Security VS Network Security Computer Security • Computer Security is confined to securing the Computer as an individual system. • The provisions and policies adopted to protect information and property from Theft, Corruption, or Natural Disaster while allowing the information and property to remain accessible and productive to its intended users. [ Security at gate, Safe place, Authorization of people, Building] Network security • Network security on the other hand deals with provisions and policies adopted to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network- accessible resources.
  • 10. Computer Security Domains Security in unwired/ Wired network ? Security from Spams? Security under OS environment? Security of Physical components? Security by firewall ? Security from computer viruses, worms, Trojan horse, logic bombs, ? Security in Distributed Systems /Cloud Computing?
  • 11. Goals of Computer Security / Information Security • To maintain information Confidentiality • To ensure the Integrity and Reliability of data resources • To ensure the Uninterrupted Availability of data resources and online operations • To reduce the risk of systems and organizations ceasing operations • To ensure Compliance with Policies and Laws regarding security and privacy
  • 13. Categories of attacks Categories of attacks • Interruption: An attack on availability • Interception: An attack on confidentiality • Modification: An attack on integrity • Fabrication: An attack on authenticity
  • 14. Categories of Attacks/Threats (W. Stallings) Normal flow of information Interruption Interception Modification Fabrication Source Destination Attack
  • 15. Types of Vulnerabilities • Physical vulnerabilities (Ex. Buildings) • Natural vulnerabilities (Ex. Earthquake) • Hardware and Software vulnerabilities (Ex. Failures) • Media vulnerabilities (Ex. Disks can be stolen) • Communication vulnerabilities (Ex. Wires can be tapped) • Human vulnerabilities (Ex. Insiders)
  • 16. Evolution of Computer Security and Privacy Issues and Ethics • Computer security, meaning safeguarding hardware, software and their physical locations, first took shape in World War 2, when the military began using mainframes designed to assist in code breaking. • 1960s- Larry Roberts, hailed as the internet’s founder, designed the ARPANET (Advanced Research Projects Agency Network), which is called the internet’s predecessor. • "worldwide system of interconnected networks and computers“- Internet by Larry
  • 17. Evolution of Computer Security and Privacy Issues and Ethics • Ethics is derived from Greek word Ethos and morality from Latin word mos and moris. But the meaning of both is same. • In the early 1940s • MIT professor Norbert Wiener during World War II, when he helped to develop an anti-aircraft cannon capable of shooting down fast warplanes. This work resulted in Wiener and his colleagues creating a new field of research that Wiener called cybernetics, the science of information feedback systems. • Wiener published “The Human Use of Human Beings” in 1950, which described a comprehensive foundation that is still the basis for computer Security, ethics research and analysis.
  • 18. Evolution of Computer Security and Privacy Issues and Ethics • In the mid-1960s • Donn B. Parker, at the time with SRI International in Menlo Park, CA, began examining unethical and illegal uses of computers and documenting examples of computer crime and other unethical computerized activities. • He published "Rules of Ethics in Information Processing" in Communications of the ACM in 1968, and headed the development of the first Code of Professional Conduct for the Association for Computing Machinery, which was adopted by the ACM in 1973. • During the late 1960s, Joseph Weizenbaum, a computer scientist at MIT in Boston, created a computer program that he called ELIZA that he scripted to provide a crude imitation of "a Rogerian psychotherapist engaged in an initial interview with a patient.”
  • 19. Evolution of Computer Security and Privacy Issues and Ethics • The following topics, identified by Terrell Bynum, are good to use as a basis. • Computers in the Workplace: Computers can pose a threat to jobs as people feel they may be replaced by them. However, the computer industry already has generated a wide variety of new jobs. another workplace concern is health and safety. • Computer Crime: With the proliferation of computer viruses, spyware, phishing and fraud schemes, and hacking activity from every location in the world, computer crime and security are certainly topics of concern when discussing computer ethics. • Privacy and Anonymity: gather; store, search, compare, retrieve, and share personal information • Intellectual Property: One of the more controversial areas of computer ethics concerns the intellectual property rights connected with software ownership. • Professional Responsibility and Globalization: Global business • Global education • Global information flows • Information-rich and information-poor nations • Information interpretation • The gap between rich and poor nations, and between rich and poor citizens in industrialized countries, is very wide.
  • 20. Evolution Contd… • 1960s Computer security issues limited to physical protection of computers. No networking • 1960s - 70s  New paradigms of Multiuser and Multiprogramming were introduced  Data storage systems like concepts of database and RDBMS were introduced New Concerns arise –  The issue of computer security first arose in the 1970s as individuals began to break into telephone systems.  People and companies started focusing on database processing  What is being done to their privately stored data in large databases
  • 21. Evolution Contd… • 1980s & 90s  Local Area Network introduced  Internet entered in the world  PCs were popularized  Net based business models like E-commerce, E-government and E-health services started to develop new computerized systems  Malwares like Viruses become majors threats New Concerns –  People and Companies start thinking about their security of computers and stored data  Trust on emails and websites were primarily suspected.  They were worried about their information privacy in networked environment / world
  • 22. Salient Security Cases • Salient Security Cases  The Federal Bureau of Investigation (FBI) made one of its first arrests related to computer hacking in the early 1980s.  A group of hackers known as the 414s, named after their area code in Milwaukee, Wisconsin, were indicted for attacking 60 different computer systems including the Los Alamos National Laboratory and the Memorial Sloan-Kettering Cancer Center.  Internet Worm (Morris worm )  November 2, 1988 a worm attacked more than 60,000 computers around the USA  The worm attacks computers, and when it has installed itself, it multiplies itself, freezing the computer  It exploited UNIX security holes in Sendmail  A nationwide effort enabled to solve the problem within 12 hours  Robert Morris [ A Professor at the MIT] became the first person to be indicted under the Computer Fraud and Abuse Act.  He was sentenced to three years of probation, 400 hours of community service and a fine of $10,050
  • 23. Salient Security Cases Contd… • Salient security harms …  NASA shutdown  In 1990, an Australian computer science student was charged for shutting down NASA’s computer system for 24 hours  Digital Equipment Corp. and MCI Communications Corp, Attack  a 25-year-old hacker named Kevin Mitnick began tapping into the e-mail system used by computer security managers. As a result, Mitnick was arrested and sentenced to one year in jail.  Airline computers  In 1998, a major travel agency discovered that someone penetrated its ticketing system and has printed airline tickets illegally  Bank theft  In 1984, a bank manager was able to steal $25 million through un- audited computer transactions
  • 24. Salient Security Cases Contd… Computer Emergency Response Team  After several criminal cases the Computer Emergency Response Team was established by the U.S. government to research the increasing number of computer security breaches. Three Computer viruses  Along with growth in hacking activity came the spread of computer viruses. Three of the most well known viruses— • Cascade, • Friday the 13th, and • Stoned—all originated in 1987. By 1991, more than 1,000 viruses had been discovered by computer security experts. An attack on AT&T's network caused the firm's long- distance service to temporarily shut down.
  • 25. Salient Security Cases Contd…  During 1995, computers at the U.S. Department of Defense were attacked roughly 250,000 times.  In 1998, the U.S. Department of Justice created the National Infrastructure Protection Center, charging it with task of safeguarding domestic technology, telecommunications, and transportation systems from unethical hackers.  A 16-year-old Canadian boy operating under the name Mafiaboy, was arrested, and authorities discovered he also had broken into the computer networks at Harvard and Yale Universities.  While on parole, Mafia-boy was prohibited from using the Internet or shopping at stores that sold computers; only when supervised by a teacher at school, could he use a computer?
  • 26. Salient Security Cases Contd…  Cyber crime and Ethiopia  Employees of a company managed to change their salaries by fraudulently modifying the company’s database  In 1990s Internet password theft Hundreds of dial-up passwords were stolen and sold to other users Many of the owners lost tens of thousands of Birr each  In Africa: Cote d’Ivoire  An employee who has been fired by his company deleted all the data in his company’s computer
  • 27. Salient Security Cases Contd… Early Efforts • 1960s: Marked as the beginning of true computer security • 1970s: Research and modeling  Identifying security requirements  Formulating security policy models  Defining recommended guidelines and controls  Development of secure systems • European Council adopted a convention on Cyber- crime in 2001. • The World Summit for Information Society considered computer security and privacy as a subject of discussion in 2003 and 2005. • The Ethiopian Penal Code [EPC] of 2005 has articles on data and computer related crimes.
  • 28. Computer Privacy? Non disclosure of Personal Information by unauthorized persons in unauthenticated means Web privacy can fall under several umbrellas, including your online surfing habits, your passwords and login information and your computer files. Usually, tracking any of this happens through the use of “cookies.” Cookies are small bits of data that are placed on your computer by Web sites. They can help track how often you return, other sites you’ve visited and more. To prevent others from knowing this, cookies can be removed.
  • 29. Computer Privacy? • Internet is full of potential risk to our privacy and security. • Everyone has an IP address to communicate on the Internet, IP address is like a telephone number or mailing address. Using your IP it is possible to know your country, city, internet provider and even physical address. • While surfing the Internet browsers keep tracks of our Internet activity in order to provide a more pleasant computer and surfing experience. But these history tracks can compromise our privacy and provide an easy way for others to see what web sites you visited, what you have been searching, downloading, viewing, etc.
  • 30. Computer Security Security by Design / Architecture Secure Operating Systems Secure Coding
  • 31. Types of Computer Security Contd…  Security by Design ( i.e. Software Design Logic) • The technologies of computer security are Based on Logic. • As security is not necessarily the primary goal of most computer applications, designing a program with security in mind often imposes restrictions on that program's behavior.  There are 4 approaches to Security in Computing; 1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity). 2. Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious branch and path analysis for example). 3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity). 4. Trust no software but enforce a security policy with trustworthy hardware mechanisms.
  • 32. Types of Computer Security Contd… Security Architecture [ i.e. IT infrastructure Arch.) • Security Architecture can be defined as the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall Information technology architecture. • A countermeasure is an action, process, device, or system that can prevent, or mitigate [lessen] the effects of, threats to a computer, server or network. [ • System's quality attributes, confidentiality, integrity*(validity), av ailability, accountability and assurance [ Real
  • 33. Contd… • A threat is a potential or actual adverse event that may be malicious or incidental, and that can compromise the assets of an enterprise or the integrity of a computer or network. • Countermeasures can take the form of software, hardware and modes of behavior. Software countermeasures include: • personal firewalls • anti-virus software • pop-up blockers • Spyware detection/removal programs……..
  • 34. Contd… • The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other hardware countermeasures include: • Biometric authentication systems • Physical restriction of access to computers and peripherals • Intrusion detectors • Alarms. • Behavioral countermeasures include: • Frequent deletion of stored cookies and temporary files from Web browsers • Regular scanning for viruses and other malware • Regular installation of updates and patches for operating systems • Refusing to click on links that appear within e-mail messages • Refraining from opening e-mail messages and attachments from unknown senders • Staying away from questionable Web sites • Regularly backing up data on external media.
  • 35. Computer security controls Authentication (Password, Cards, Biometrics) (What we know, have, are!) Encryption Auditing Administrative procedures Standards Certifications Physical Security Laws
  • 36. Types of Computer Security Contd… Secure Operating Systems • Such Ultra-Strong secure operating systems are based on Operating System Kernel Technology that can guarantee that certain security policies are absolutely enforced in an operating environment. • Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. • Operating System Security • Flaws in the operating systems of computers are discovered almost daily
  • 37. Contd.. Basic Precautions: • Software Updates - Make sure that the software on your computer is regularly updated. We recommend setting your computer to check for software updates automatically. • Firewall - Run a firewall program on your computer. A firewall is a device or program that blocks undesired Internet traffic, including viruses, from accessing your computer. Both Windows and Mac OS X have built-in firewall programs that are easy to set up. By blocking unwanted Internet traffic, a lot of viruses and bugs can be stopped dead in their tracks! • Account Management - Manage the user accounts on your computer, so you can control exactly who can log into your machine. Especially on Windows XP machines, it is easy to accidentally leave your computer wide open to unauthorized users. • Antivirus Software - Use your antivirus software to scan for viruses as files are being launched.
  • 38. Contd..  Secure coding • In commercial environments, the majority of software subversion vulnerabilities result from a few known kinds of coding defects. Common software defects include: • Buffer overflows, • Integer overflow, and • Code/Command injection. (Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by an attacker to introduce (or "inject") code into a computer program to change the course of execution. The results of a code injection attack can be disastrous. For instance, code injection is used by some computer worms to propagate.)
  • 39. Contd.. • Code injection can be used to infect operating system files, rendering all antivirus software unable to detect the virus, if they are running on the infected operating system. File hashes stored in Windows, to identify altered Windows files, can also be overwritten so that the System File Checker will report that system files are originals. • Some common languages such as C and C++ are vulnerable to all of these defects . • Other languages, such as Java, are more resistant to some of these defects, but are still prone to code/command injection and other software defects which facilitate subversion.
  • 40. Physical Security • There are three simple principles to follow: 1.Keep people away • Most large corporations maintain very strict control over who can enter their datacenters. They use card key or keypad systems, log books and human security to limit unauthorized access. • If at all possible, sensitive servers should be kept behind a locked door, not just a door with a lock, and access should be limited to a select set of trustworthy administrators 2. Keep backup away from the datacenter
  • 41. Contd… 3. Keep them out, and • you can't keep everyone away from them. The next layer of a good physical security plan is to limit what can be done with the computers. • Here's a great security feature that costs nothing: lock your computer when you're walking away from it. In Windows NT, Windows 2000, or Windows XP, you only have to quickly hit Ctrl+Alt+Delete, • Lock the CPU case. Most desktop and tower cases have locking lugs that you can use to keep an intruder from opening the case. • Use a cable-type security lock to keep someone from stealing the whole computer. This is particularly good advice for laptops or small desktops that can easily be hidden inside a backpack or coat. • Configure the BIOS not to boot from the floppy drive. This makes it harder for an intruder to remove passwords and account data from your system's disks. • Consider whether it's worth the expense of using a motion-sensor alarm in the room where the computers located. (Remember, for home offices, security systems that cover the office area are generally deductible business expenses!) • Use the syskey utility (supported in Windows NT 4.0, Windows 2000, and Windows XP) to secure the local accounts database, local copies of EFS encryption keys, and other valuables that you don't want attackers to have.
  • 42. Contd… 4 Protect your plumbing. • Network cabling, hubs and even the external network interface are extremely vulnerable points in a network. An attacker who can attach to your network can steal data in transit or mount attacks against computers on your network—or on other networks! If at all possible, keep hubs and switches behind looked doors or in locked cabinets, run cabling through walls and ceilings to make it harder to tap, and ensure that your external data connection points are kept locked.
  • 43. Contd.. • Some Important Physical security measures every organization should take • 1. Lock up the server room • 2. Set up surveillance • A better solution than the log book is an authentication system incorporated into the locking devices, so that a smart card, token, or biometric scan is required to unlock the doors, and a record is made of the identity of each person who enters. • A video surveillance camera, placed in a location that makes it difficult to tamper with or disable (or even to find) but gives a good view of persons entering and leaving should supplement the log book or electronic access system. Surveillance cams can monitor continuously, or they can use motion detection technology to record only when someone is moving about. • They can even be set up to send e-mail or cell phone notification if motion is detected when it shouldn’t be (such as after hours).
  • 44. Contd.. 3. Make sure the most vulnerable devices are in that locked room 4. Use rack mount servers 5. Don’t forget the workstations connected 6. Keep intruders from opening the case Both servers and workstations should be protected from thieves who can open the case and grab the hard drive. 7. Disable the drives 8. Put CCTV Cameras…….
  • 45. Vulnerability in Computing • In computer security, vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: • A system susceptibility or flaw itself( fault), • Attacker access to the flaw( fault), and • Attacker capability to exploit the flaw (fault). • Eg Body
  • 46. Contd.. • To exploit vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface. • Vulnerability management is the cyclical practice of- • identifying, • classifying, • remediating, and • mitigating (lessen).
  • 47. Defining vulnerability • “A weakness of an asset or group of assets that can be exploited by one or more threats.” • Where an asset is anything that can has value to the organization, its business operations and their continuity, including information resources that support the organization's mission ISO 27005 definition
  • 48. Contd.. • “A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy” IETF RFC 2828 defined vulnerability “A flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system's security policy.” Many NIST publications define vulnerability in IT contest in different publications
  • 49. Classification of Vulnerabilities 1. Hardware • Susceptibility to humidity • Susceptibility to dust • susceptibility to soiling • susceptibility to unprotected storage 2. Software • insufficient testing • lack of audit trail 3. Network • unprotected communication lines • insecure network architecture 4. Personnel • inadequate recruiting process • inadequate security awareness 5. Site • area subject to flood • unreliable power source 6. Organizational • lack of regular audits • lack of continuity plans • lack of security
  • 50. Causes of Vulnerabilities • Complexity: Large, complex systems increase the probability of flaws and unintended access points • Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker has or can find the knowledge and tools to exploit the flaw • Connectivity: More physical connections, privileges, ports, protocols, and services and time each of those are accessible increase vulnerability • Password management flaws: The computer user uses weak passwords that could be discovered by brute force. The computer user stores the password on the computer where a program can access it. Users re-use passwords between many programs and websites. • Fundamental operating system design flaws: The operating system designer chooses to enforce suboptimal policies on user/program management. For example operating systems with policies such as default permit grant every program and every user full access to the entire computer. This operating system flaw allows viruses and malware to execute commands on behalf of the administrator.
  • 51. Contd… • Internet Website Browsing: Some internet websites may contain harmful Spyware or Adware that can be installed automatically on the computer systems. After visiting those websites, the computer systems become infected and personal information will be collected and passed on to third party individuals. • Software bugs: The programmer leaves an exploitable bug in a software program. The software bug may allow an attacker to misuse an application. • Unchecked user input: The program assumes that all user input is safe. Programs that do not check user input can allow unintended direct execution of commands or SQL statements (known as Buffer overflows, SQL injection or other non-validated inputs). • Not learning from past mistakes: for example most vulnerabilities discovered in IPv4 protocol software were discovered in the new IPv6 implementations • The research has shown that the most vulnerable point in most information systems is the human user, operator, designer, or other human: so humans should be considered in their different roles as asset, threat, information resources. Social engineering is an increasing security concern.