This chapter discusses online security issues. It notes that while people enjoy different aspects of the internet, most users do not prioritize information security. The document outlines some inherent risks of surfing the internet, as users enter the public arena even from private spaces. It then provides examples of internet services like email, file transfer, remote access and real-time conferencing. Various security threats are defined, such as information theft, unauthorized disclosure, information warfare and accidental data loss. Categories of threats are also defined, including data modification, hacking, cracking, spoofing and sniffing.
2. Brainstorming
People who fall in love with the Internet do so for
different reasons.
Many love the ability to quickly and cheaply keep up with
friends and loved ones via e-mail,
while others love the vast oceans of information or
the rush of playing Internet games.
However, it's likely that most Internet users share one
thing in common as they surf: the last thing on
their minds is information system
security.
3. Brainstorming
How about YOU class?
While that's understandable, it's also a big mistake.
It is important to remember that surfing the Internet
comes with certain inherent risks.
When you log onto the Internet, you step into the
public arena, even if you're surfing from a bedroom.
4. Identify the Internet Services
Electronic mail and news
File transfer
Remote Access to Host
Real time conferencing services
5. Electronic mail and news
Ways for people to exchange information with
each other without requiring an immediate,
interactive response.
6. File transfer
Transmitting files over a computer network or the
Internet.
The simplest way to exchange files between
computers on the Internet.
7. Remote Access to Host
The ability to log onto a network from a distant location.
Eg: Telnet
11. Unauthorised Disclosure
That an organization suspects some of its employees of
leaking confidential information to its competitor.
It is also usually believed that its competitor actually
planted spies within the organization in order to target and
steal new product plan.
12. Information Warfare
The use and management of information in pursuit of a
competitive advantage over an opponent.
17. Hacking
Computer hacking is the practice of modifying
computer hardware and software to accomplish a
goal outside of the creator’s original purpose.
Act of gaining access without legal authorization to a
computer or computer network.
People who engage in computer hacking activities are
often called hackers.
18. Cracking
Activities to breaks into someone else's computer
system, bypasses passwords or licenses in computer
programs.
A cracker can be doing this for profit, maliciously, for
some altruistic purpose or cause, or because the
challenge is there.
19. Spoofing
A method of attacking a computer program, in which
the program is modified so as to appear to be
working normally when in reality it has been
modified with the purpose to circumvent security
mechanisms.
20. Sniffing
Sniffing is the method that a network device, like
the Nintendo DS, uses to identify available wireless
networks in the area.