SlideShare a Scribd company logo

Chapter 2 System Security.pptx

Download as PPTX, PDF
R
RushikeshChikane2

It provides information about Desktop Security, Email Security,Web security,Web Authentication, SSL, SET, Database Security and etc

Technology
1 of 29
Chapter 2 System Security
1: Desktop Security  Introduction:  Desktop is the primary access to the organization’s resources and business applications. It is the gateway to the organization’s highly valuable and confidential information assets.  If the security of the desktop is weak, potential intruders can easily by-pass the confidential information.  For this reason, we require principles of information security confidentiality, integrity and availability – is strictly maintained.
 Some of the ways with which desktop users are continuously communicating  1) Bad password management - Weak password, sharing password, never change password  2) Guest accounts or open accounts  3) Virus and other malicious code attacks  4) Unsolicited email attachments  5) Downloading software from untrusted Internet sites  6) Installing software from untrusted sources  7) Bad desktop management - no anti-virus, outdated virus signature, no backups, no desktop lock, open folder  shares without password
Technology used to support desktop security:  1) Centralized management  2) Password protection  3) Single sign-on (SSO)  a. With SSO, passwords for multiple applications are captured once and permanently stored.  b. Authentication for subsequent access to separate applications is auto-verified.  c. Users just have to log-in into the organization’s network and access to all authorized applications are automatically granted.  d. They don’t have to remember many passwords for all the applications which they require access.  4) Desktop lock  5) Virus detection  6) File encryption  7) Personal firewall
2: email Security- SMIME &PGP  Definition:  Email security refers to the collective measures used to secure the access and content of an email account or service. It allows an individual or organization to protect the overall access to one or more email addresses/accounts.  Spam email you did not ask for and usually do not want, usually used to persuade you to buy something.  Phishing email is used to try to steal your identity; this may be done by asking you to enter details into web page installs software on your computer to gather personal information about you.
There are two ways to encrypt or sign messages. •S/MIME •PGP
Quick E-mail History:  SMTP and RFC 822  only ASCII messages (7-bit)  MIME (Multipurpose Internet Mail Extensions)  content type  Almost any type of information can appear in an email message  transfer encoding  specifies how the message body is encoded into textual form (radix64 is common)  S/MIME: Secure MIME  new content types, like signature, encrypted data
SMIME: •/MIME (Secure/Multipurpose Internet Mail Extensions) is standard for public key encryption and signing of MIME data. •It is essentially used to prove that the email came from the person says it is from.
 S/MIME provides the following cryptographic security services for electronic messaging applications:  Authentication  Message integrity  Non-repudiation of origin (using digital signatures)  Privacy and data security (using encryption).  S/MIME (Secure Multi-Purpose Internet Mail Extensions) is a secure method of sending email that uses the Rivest-Shamir- Adleman (RSA) encryption system.  S/MIME is included in the latest versions of the Web browsers from Microsoft and Netscape.  S/MIME describes how encryption information and a digital certificate can be included as part of the message body.  S/MIME follows the syntax provided in the Public-Key Cryptography Standard format.
PGP  Pretty Good Privacy.  PGP is similar to S/MIME in that both use public key cryptography.  However, with PGP you don't rely on a central authority.  Instead, you create your own private/public key pair using the PGP software.  PGP is actually an implementation of the OpenPGP standard.  OpenPGP defines its own encryption methods and encoding formats.  In, PGP each user is a CA (Certification Authority)
3: Web Security  Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services. At a high level, Web application security draws on the principles of application security but applies them specifically to Internet and Web systems.  Web server security is the protection of information assets that can be accessed from a Web server.  Web sites are unfortunately prone to security risks. And so are any networks to which web servers are connected. Setting aside risks created by employee use or misuse of network resources, your web server and the site it hosts present your most serious sources of security risk.
 Web servers by design open a window between your network and the world. The care taken with server maintenance, web application updates and your web site coding will define the size of that window, limit the kind of information that can pass through it and thus establish the degree of web security you will have.  A Web server is a program that uses HTTP (Hypertext Transfer Protocol) to serve the files that form Web pages to users, in response to their requests, which are forwarded by their computers' HTTP clients. Dedicated computers and appliances may be referred to as Web servers as well
Web Authentication  Web authentication enables data security, identity theft protection and a secure user experience.  The strength of an organization’s Web authentication method should match the value of the information and resources opened for access.  Web-authentication, (also known as Captive Portal), is a simple way to provide secure guest user access to a network.  It is used in a wide range of environments including Wi Fi hot spots, hotels, universities, and business centres.  In basic terms, if the switch detects an unauthorised user web browsing, then irrespective of the IP configuration on their PC, they are re-directed to a Web-authentication login page.
 At this point, the user is required to enter a username and password before they can begin to web browse. The main benefits of this solution come from not requiring additional customer knowledge, software or special configuration.  Users are able to quickly and easily gain access to the network regardless of the type of device or operating system used.
SSL(Secure Socket Layaer)  Why use SSL? To Encrypt Sensitive Information  The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it.  This is important because the information you send on the Internet is passed from computer to computer to get to the destination server.  Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate.  When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to.  This protects it from hackers and identity thieves.
Authentication  In addition to encryption, a proper SSL certificate also provides authentication.  This means you can be sure that you are sending information to the right server and not to a criminal’s server.  Why is this important? The nature of the Internet means that your customers will often be sending information through several computers.  Any of these computers could pretend to be your website and trick your users into sending them personal information.  It is only possible to avoid this by using a proper Public Key Infrastructure (PKI), and getting an SSL Certificate from a trusted SSL provider.
What Is SSL?  SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).  SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely.  Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping.  If an attacker is able to intercept all data being sent between a browser and a web server they can see and use that information.
 SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.
Secure Electronic Transaction (SET)  Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet.  It was supported initially by Mastercard, Visa, Microsoft, Netscape, and others.  With SET, a user is given an electronic wallet (digital certificate) and a transaction is conducted and verified using a combination of digital certificates and digital signatures among the purchaser, a merchant, and the purchaser's bank in a way that ensures privacy and confidentiality.
 Secure Electronic Transaction (SET) was a communications protocol standard for securing credit card transactions over insecure networks, specifically, the Internet.  SET was not itself a payment system, but rather a set of security protocols and formats that enabled users to employ the existing credit card payment infrastructure on an open network in a secure fashion.  However, it failed to gain attraction in the market. VISA now promotes the 3-D Secure scheme.
How it Works  Both cardholders and merchants must register with CA (certificate authority) first, before they can buy or sell on the Internet, which we will talk about later.  Once registration is done, cardholder and merchant can start to do transactions, which involve 9 basic steps in this protocol, which is simplified.  1. Customer browses website and decides on what to purchase  2. Customer sends order and payment information, which includes 2 parts in one message:  a. Purchase Order – this part is for merchant  b. Card Information – this part is for merchant’s bank only.
 1. Merchant forwards card information (part b) to their bank  2. Merchant’s bank checks with Issuer for payment authorization  3. Issuer send authorization to Merchant’s bank  4. Merchant’s bank send authorization to merchant  5. Merchant completes the order and sends confirmation to the customer  6. Merchant captures the transaction from their bank  7. Issuer prints credit card bill (invoice) to customer
4: Database Security  Every company needs places to store institutional knowledge and data.  Frequently that data contains proprietary information  Personally Identifiable Data  Employee HR Data  Financial Data  The security and confidentiality of this data is of critical importance.
 Definition - What does Database Security mean?  Database security refers to the collective measures used to protect and secure a database or database management software from illegitimate use and malicious threats and attacks.
Security Overview  There are four key issues in the security of databases just as with all security systems  Availability  Authenticity  Integrity  Confidentiality  Availability  Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
 Authenticity  Need to ensure that the data has been edited by an authorized source  Need to confirm that users accessing the system are who they say they are  Need to verify that all report requests are from authorized users  Need to verify that any outbound data is going to the expected receiver.  Integrity  Need to verify that any external data has the correct formatting and other metadata  Need to verify that all input data is accurate and verifiable  Need to ensure that data is following the correct work flow rules for your institution/corporation  Need to be able to report on all data changes and who authored them to ensure compliance with corporate rules and privacy laws.
 Confidentiality  Need to ensure that confidential data is only available to correct people  Need to ensure that entire database is security from external and internal system breaches  Need to provide for reporting on who has accessed what data and what they have done with it  Mission critical and Legal sensitive data must be highly security at the potential risk of lost business and litigation

Recommended

IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptxV.V.Vanniaperumal College for Women
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommercepriyanka Garg
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd Iaetsd
 
Network Security
Network SecurityNetwork Security
Network SecurityBeth Hall
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastechAbdulafeez Fasasi
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 

Recommended

IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptxV.V.Vanniaperumal College for Women
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommercepriyanka Garg
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd Iaetsd
 
Network Security
Network SecurityNetwork Security
Network SecurityBeth Hall
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastechAbdulafeez Fasasi
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Security
SecuritySecurity
Securitymajstors
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 
E-Business security
E-Business security E-Business security
E-Business security Surendhranatha Reddy
 
UNIT-3.docx
UNIT-3.docxUNIT-3.docx
UNIT-3.docxCSEA18Arun537
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
E banking security
E banking securityE banking security
E banking securityIman Rahmanian
 
Ledingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersLedingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersMukesh Singh
 
Best Practices to Protect Customer Data Effectively
Best Practices to Protect Customer Data EffectivelyBest Practices to Protect Customer Data Effectively
Best Practices to Protect Customer Data EffectivelyTentacle Cloud
 
Computer Networks 4
Computer Networks 4Computer Networks 4
Computer Networks 4Mr Smith
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password ProtectionNikhil D
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerCheapSSLUSA
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
Multifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxMultifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxgilpinleeanna
 
Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)華穗 徐
 
2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptxRushikeshChikane2
 
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptxRushikeshChikane2
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptxRushikeshChikane2
 
Social Media and Text Analytics
Social Media and Text AnalyticsSocial Media and Text Analytics
Social Media and Text AnalyticsRushikeshChikane2
 

More Related Content

Similar to Chapter 2 System Security.pptx

Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Ledingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersLedingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersMukesh Singh
 
Best Practices to Protect Customer Data Effectively
Best Practices to Protect Customer Data EffectivelyBest Practices to Protect Customer Data Effectively
Best Practices to Protect Customer Data EffectivelyTentacle Cloud
 
Computer Networks 4
Computer Networks 4Computer Networks 4
Computer Networks 4Mr Smith
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password ProtectionNikhil D
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerCheapSSLUSA
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
Multifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxMultifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxgilpinleeanna
 
Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)華穗 徐
 

Similar to Chapter 2 System Security.pptx (18)

Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Security
SecuritySecurity
Security
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-Practices
 
E-Business security
E-Business security E-Business security
E-Business security
 
UNIT-3.docx
UNIT-3.docxUNIT-3.docx
UNIT-3.docx
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
E banking security
E banking securityE banking security
E banking security
 
Ledingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersLedingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for Developers
 
Best Practices to Protect Customer Data Effectively
Best Practices to Protect Customer Data EffectivelyBest Practices to Protect Customer Data Effectively
Best Practices to Protect Customer Data Effectively
 
Computer Networks 4
Computer Networks 4Computer Networks 4
Computer Networks 4
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password Protection
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
Multifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxMultifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docx
 
Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)
 

More from RushikeshChikane2

2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptxRushikeshChikane2
 
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptxRushikeshChikane2
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptxRushikeshChikane2
 
Social Media and Text Analytics
Social Media and Text AnalyticsSocial Media and Text Analytics
Social Media and Text AnalyticsRushikeshChikane2
 
Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptx Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptxRushikeshChikane2
 
Machine Learning Overview.pptx
Machine Learning Overview.pptxMachine Learning Overview.pptx
Machine Learning Overview.pptxRushikeshChikane2
 
Chapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.pptChapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.pptRushikeshChikane2
 
Chapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptxChapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptxRushikeshChikane2
 
Chapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.pptChapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.pptRushikeshChikane2
 
Chapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.pptChapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.pptRushikeshChikane2
 

More from RushikeshChikane2 (10)

2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx2.Introduction to NOSQL (Core concepts).pptx
2.Introduction to NOSQL (Core concepts).pptx
 
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
3.Implementation with NOSQL databases Document Databases (Mongodb).pptx
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptx
 
Social Media and Text Analytics
Social Media and Text AnalyticsSocial Media and Text Analytics
Social Media and Text Analytics
 
Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptx Mining Frequent Patterns, Associations, and.pptx
Mining Frequent Patterns, Associations, and.pptx
 
Machine Learning Overview.pptx
Machine Learning Overview.pptxMachine Learning Overview.pptx
Machine Learning Overview.pptx
 
Chapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.pptChapter 4_Introduction to Patterns.ppt
Chapter 4_Introduction to Patterns.ppt
 
Chapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptxChapter 3_Architectural Styles.pptx
Chapter 3_Architectural Styles.pptx
 
Chapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.pptChapter 2_Software Architecture.ppt
Chapter 2_Software Architecture.ppt
 
Chapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.pptChapter 1_UML Introduction.ppt
Chapter 1_UML Introduction.ppt
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Chapter 2 System Security.pptx

  • 2. 1: Desktop Security  Introduction:  Desktop is the primary access to the organization’s resources and business applications. It is the gateway to the organization’s highly valuable and confidential information assets.  If the security of the desktop is weak, potential intruders can easily by-pass the confidential information.  For this reason, we require principles of information security confidentiality, integrity and availability – is strictly maintained.
  • 3.  Some of the ways with which desktop users are continuously communicating  1) Bad password management - Weak password, sharing password, never change password  2) Guest accounts or open accounts  3) Virus and other malicious code attacks  4) Unsolicited email attachments  5) Downloading software from untrusted Internet sites  6) Installing software from untrusted sources  7) Bad desktop management - no anti-virus, outdated virus signature, no backups, no desktop lock, open folder  shares without password
  • 4. Technology used to support desktop security:  1) Centralized management  2) Password protection  3) Single sign-on (SSO)  a. With SSO, passwords for multiple applications are captured once and permanently stored.  b. Authentication for subsequent access to separate applications is auto-verified.  c. Users just have to log-in into the organization’s network and access to all authorized applications are automatically granted.  d. They don’t have to remember many passwords for all the applications which they require access.  4) Desktop lock  5) Virus detection  6) File encryption  7) Personal firewall
  • 5. 2: email Security- SMIME &PGP  Definition:  Email security refers to the collective measures used to secure the access and content of an email account or service. It allows an individual or organization to protect the overall access to one or more email addresses/accounts.  Spam email you did not ask for and usually do not want, usually used to persuade you to buy something.  Phishing email is used to try to steal your identity; this may be done by asking you to enter details into web page installs software on your computer to gather personal information about you.
  • 6. There are two ways to encrypt or sign messages. •S/MIME •PGP
  • 7. Quick E-mail History:  SMTP and RFC 822  only ASCII messages (7-bit)  MIME (Multipurpose Internet Mail Extensions)  content type  Almost any type of information can appear in an email message  transfer encoding  specifies how the message body is encoded into textual form (radix64 is common)  S/MIME: Secure MIME  new content types, like signature, encrypted data
  • 8. SMIME: •/MIME (Secure/Multipurpose Internet Mail Extensions) is standard for public key encryption and signing of MIME data. •It is essentially used to prove that the email came from the person says it is from.
  • 9.  S/MIME provides the following cryptographic security services for electronic messaging applications:  Authentication  Message integrity  Non-repudiation of origin (using digital signatures)  Privacy and data security (using encryption).  S/MIME (Secure Multi-Purpose Internet Mail Extensions) is a secure method of sending email that uses the Rivest-Shamir- Adleman (RSA) encryption system.  S/MIME is included in the latest versions of the Web browsers from Microsoft and Netscape.  S/MIME describes how encryption information and a digital certificate can be included as part of the message body.  S/MIME follows the syntax provided in the Public-Key Cryptography Standard format.
  • 10.
  • 11. PGP  Pretty Good Privacy.  PGP is similar to S/MIME in that both use public key cryptography.  However, with PGP you don't rely on a central authority.  Instead, you create your own private/public key pair using the PGP software.  PGP is actually an implementation of the OpenPGP standard.  OpenPGP defines its own encryption methods and encoding formats.  In, PGP each user is a CA (Certification Authority)
  • 12.
  • 13. 3: Web Security  Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services. At a high level, Web application security draws on the principles of application security but applies them specifically to Internet and Web systems.  Web server security is the protection of information assets that can be accessed from a Web server.  Web sites are unfortunately prone to security risks. And so are any networks to which web servers are connected. Setting aside risks created by employee use or misuse of network resources, your web server and the site it hosts present your most serious sources of security risk.
  • 14.  Web servers by design open a window between your network and the world. The care taken with server maintenance, web application updates and your web site coding will define the size of that window, limit the kind of information that can pass through it and thus establish the degree of web security you will have.  A Web server is a program that uses HTTP (Hypertext Transfer Protocol) to serve the files that form Web pages to users, in response to their requests, which are forwarded by their computers' HTTP clients. Dedicated computers and appliances may be referred to as Web servers as well
  • 15. Web Authentication  Web authentication enables data security, identity theft protection and a secure user experience.  The strength of an organization’s Web authentication method should match the value of the information and resources opened for access.  Web-authentication, (also known as Captive Portal), is a simple way to provide secure guest user access to a network.  It is used in a wide range of environments including Wi Fi hot spots, hotels, universities, and business centres.  In basic terms, if the switch detects an unauthorised user web browsing, then irrespective of the IP configuration on their PC, they are re-directed to a Web-authentication login page.
  • 16.  At this point, the user is required to enter a username and password before they can begin to web browse. The main benefits of this solution come from not requiring additional customer knowledge, software or special configuration.  Users are able to quickly and easily gain access to the network regardless of the type of device or operating system used.
  • 17. SSL(Secure Socket Layaer)  Why use SSL? To Encrypt Sensitive Information  The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it.  This is important because the information you send on the Internet is passed from computer to computer to get to the destination server.  Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate.  When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to.  This protects it from hackers and identity thieves.
  • 18. Authentication  In addition to encryption, a proper SSL certificate also provides authentication.  This means you can be sure that you are sending information to the right server and not to a criminal’s server.  Why is this important? The nature of the Internet means that your customers will often be sending information through several computers.  Any of these computers could pretend to be your website and trick your users into sending them personal information.  It is only possible to avoid this by using a proper Public Key Infrastructure (PKI), and getting an SSL Certificate from a trusted SSL provider.
  • 19. What Is SSL?  SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).  SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely.  Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping.  If an attacker is able to intercept all data being sent between a browser and a web server they can see and use that information.
  • 20.  SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.
  • 21. Secure Electronic Transaction (SET)  Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet.  It was supported initially by Mastercard, Visa, Microsoft, Netscape, and others.  With SET, a user is given an electronic wallet (digital certificate) and a transaction is conducted and verified using a combination of digital certificates and digital signatures among the purchaser, a merchant, and the purchaser's bank in a way that ensures privacy and confidentiality.
  • 22.  Secure Electronic Transaction (SET) was a communications protocol standard for securing credit card transactions over insecure networks, specifically, the Internet.  SET was not itself a payment system, but rather a set of security protocols and formats that enabled users to employ the existing credit card payment infrastructure on an open network in a secure fashion.  However, it failed to gain attraction in the market. VISA now promotes the 3-D Secure scheme.
  • 23. How it Works  Both cardholders and merchants must register with CA (certificate authority) first, before they can buy or sell on the Internet, which we will talk about later.  Once registration is done, cardholder and merchant can start to do transactions, which involve 9 basic steps in this protocol, which is simplified.  1. Customer browses website and decides on what to purchase  2. Customer sends order and payment information, which includes 2 parts in one message:  a. Purchase Order – this part is for merchant  b. Card Information – this part is for merchant’s bank only.
  • 24.  1. Merchant forwards card information (part b) to their bank  2. Merchant’s bank checks with Issuer for payment authorization  3. Issuer send authorization to Merchant’s bank  4. Merchant’s bank send authorization to merchant  5. Merchant completes the order and sends confirmation to the customer  6. Merchant captures the transaction from their bank  7. Issuer prints credit card bill (invoice) to customer
  • 25. 4: Database Security  Every company needs places to store institutional knowledge and data.  Frequently that data contains proprietary information  Personally Identifiable Data  Employee HR Data  Financial Data  The security and confidentiality of this data is of critical importance.
  • 26.  Definition - What does Database Security mean?  Database security refers to the collective measures used to protect and secure a database or database management software from illegitimate use and malicious threats and attacks.
  • 27. Security Overview  There are four key issues in the security of databases just as with all security systems  Availability  Authenticity  Integrity  Confidentiality  Availability  Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
  • 28.  Authenticity  Need to ensure that the data has been edited by an authorized source  Need to confirm that users accessing the system are who they say they are  Need to verify that all report requests are from authorized users  Need to verify that any outbound data is going to the expected receiver.  Integrity  Need to verify that any external data has the correct formatting and other metadata  Need to verify that all input data is accurate and verifiable  Need to ensure that data is following the correct work flow rules for your institution/corporation  Need to be able to report on all data changes and who authored them to ensure compliance with corporate rules and privacy laws.
  • 29.  Confidentiality  Need to ensure that confidential data is only available to correct people  Need to ensure that entire database is security from external and internal system breaches  Need to provide for reporting on who has accessed what data and what they have done with it  Mission critical and Legal sensitive data must be highly security at the potential risk of lost business and litigation