• No results found

9780273716648_pp15.ppt

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "9780273716648_pp15.ppt"

Copied!
26
0
0

Loading.... (view fulltext now)

Download now ( 26 Page )

Full text

(1)

Chapter 15

(2)

Learning objectives

• After this lecture you should be able to:

– understand and assess potential threats to a

computer-based information system;

– propose an overall strategy for ensuring the security of

a computer-based information system;

– identify specific techniques that might be used to

(3)

Management issues

• From a managerial perspective, this lecture

addresses the following areas:

– An understanding of approaches towards information systems security will help managers to develop and implement an overall strategy for security.

– An understanding of the threats to information systems will help in predicting and anticipating acts such as denial of service attacks.

– Knowledge of specific techniques for protecting information systems will help in the development of effective

countermeasures.

(4)

Common threats to information systems

• Accidents

• Natural disasters

• Sabotage (industrial and individual)

• Vandalism

• Theft

(5)

Accidents

Inaccurate data entry. As an example, consider a typical relational database management system, where update

queries are used to change records, tables and reports. If the contents of the query are incorrect, errors might be produced within all of the data manipulated by the query. Although

extreme, significant problems might be caused by adding or removing even a single character to a query.

Attempts to carry out tasks beyond the ability of the employee. In smaller computer-based information systems, a common

cause of accidental damage involves users attempting to install new hardware items or software applications. In the case of

(6)

Accidents (continued)

Failure to comply with procedures for the use of organisational information systems. Where organisational procedures are

unclear or fail to anticipate potential problems, users may often ignore established methods, act on their own initiative or

perform tasks incorrectly.

Failure to carry out backup procedures or verify data backups. In addition to carrying out regular backups of important business data, it is also necessary to verify that any backup copies made are accurate and free from errors.

(7)

Natural disasters

• All information systems are susceptible to

damage caused by natural phenomena, such as

storms, lightning strikes, floods and earthquakes.

• In Japan and the United States, for example,

great care is taken to protect critical information

systems from the effects of earthquakes.

• Although such hazards are of less concern in

much of Europe, properly designed systems will

make allowances for unexpected natural

(8)

Sabotage

• Deliberate deletion of data or applications

Logic bomb

: Sometimes also known as a time bomb,

a logic bomb is a destructive computer program that

activates at a certain time or in reaction to a specific

event.

Back door

: A section of program code that allows a

user to circumvent security procedures in order to gain

full access to an information system.

Data theft

: This can involve stealing sensitive

information or making unauthorised changes to

computer records.

(9)

Unauthorised use

Hacker

: Hackers are often described as

individuals who seek to break into systems as a

test of their abilities. Few hackers attempt to

cause damage to systems that they access and

few are interested in gaining any sort of financial

profit.

Cracker

: A person who gains access to an

information system for malicious reasons is often

termed a cracker rather than a hacker. This is

(10)

Control strategies

• Containment

– Control access to system

• Deterrence

– Penalties for staff or hackers

• Obfuscation

– Hiding or distributing information assets

• Recovery

(11)

Control techniques

• Physical protection uses physical barriers, for example

restricted access to rooms and equipment

• Biometric controls make use of the unique characteristics

of individuals in order to restrict access to sensitive

information or equipment. Scanners that check

fingerprints, voice prints or even retinal patterns are

examples of biometric controls.

• Telecommunication controls – common types include

passwords and user validation routines.

• Failure controls – attempt to limit damage by backup

procedures, for example.

(12)

Control approaches

• Formal security policies

• Passwords

• Encryption

(13)

Passwords

User validation: Checks made to ensure that the user is permitted access to a system. Also known as access control systems, they often involve user names and passwords, but can also include biometric techniques.

• Access to the system can be divided into levels by issuing

different passwords to employees on the basis of their positions and the work they carry out.

• The actions of an employee can be regulated and supervised by monitoring the use of their password.

• If a password is discovered or stolen by an external party, it should be possible to limit any damage arising as a result.

(14)

Backup procedures

Business continuity planning: The process of developing procedures aimed at restoring the normal operation of an information system in the event of an emergency or disaster.

Backup site: This houses a copy of the organisation’s main data processing facilities, including hardware, software and up-to-date data files. In the event of an emergency, processing can be

switched to the backup site almost immediately so that the organisation’s work can continue.

RAID: This stands for ‘redundant array of inexpensive disks’.

(15)

Backup procedures

(16)

Backup procedures

Incremental backup

: Includes only those files

that have changed in some way since the last

backup was made.

(17)

Malware

Malware (malicious software) includes the

following:

(18)

Computer virus

Computer virus

: This is a computer program that

is capable of self-replication, allowing it to spread

from one ‘infected’ machine to another.

• The origin of the term

computer virus

is credited

to Fred Cohen, author of the 1984 book

Computer Viruses: Theories and Experiments

.

However, ‘natural’ computer viruses were

(19)

Impact of computer viruses

• Damage from computer viruses in 2000–2003 in

US:

– The Klez worm resulted in losses of $9 billion.

(20)

Virus security measures

• Unauthorised access to machines and software should be

restricted as far as possible.

• Machines and software should be checked regularly with a

virus detection program.

• All new disks and any software originating from an outside

source should be checked with a virus detection program

before use.

• Floppy disks should be kept write-protected whenever

possible since it is physically impossible for a virus to copy

itself to a write-protected disk.

(21)

Virus terminology

Virus scanner: Intended to detect and safely remove virus programs from a computer system.

Signature: Unique features of a virus such as the unique series of values in its program file or message displayed on screen or hidden text.

Polymorphic virus: Capable of altering its form, so that the ‘standard’ signature of the virus is not present. This means that a virus scanner may not always identify the virus correctly.

Stealth virus: Specifically designed to avoid detection. Such programs are normally written with the intention of defeating common or well-known virus-scanning programs.

(22)

Trojans and worms

Worm

: A small program that moves through a

computer system randomly changing or

overwriting pieces of data as it moves.

Trojan

: A Trojan presents itself as a legitimate

program in order to gain access to a computer

system. Trojans are often used as delivery

(23)

Spyware and adware

Spyware:

Describes a category of software

intended to collect and transmit confidential

information without the knowledge or consent of a

computer user.

Adware

: Describes a type of software that

(24)

Internet-related threats 1

Denial of service (DoS): This is a form of attack on company information systems that involves flooding the company's Internet servers with huge amounts of traffic. Such attacks effectively halt all of the company's Internet activities until the problem is dealt with.

Brand abuse: This describes a wide range of activities, ranging from the sale of counterfeit goods (e.g. software applications) to the exploitation a well-known brand name for commercial gain.

Cybersquatting: The act of registering an Internet domain with the

intention of selling it for profit to an interested party. As an example, the name of a celebrity might be registered and then offered for sale at an extremely high price.

Cyberstalking: This refers to the use of the Internet as a means of harassing another individual. A related activity is known as corporate

stalking, where an organisation uses its resources to harass individuals or business competitors.

(25)

Internet-related threats 2

Online stock fraud

: Most online stock fraud

involves posting false information to the Internet

in order to increase or decrease the values of

stocks.

Social engineering

:

This involves tricking people

into providing information that can be used to

gain access to a computer system.

Phishing:

A relatively new development,

phishing involves attempting to gather

(26)

Managing Internet threats

A range of software applications are now

available to assist other methods of managing

threats:

• Firewalls – software to prevent unauthorised

access to the company

• Intrusion detection software – monitors network to

identify intruders

Figure

Table 15.2 The ‘grandfather, father, son’ backup method

References

Download now ( PPT - 26 Page - 94.00 KB )

Related documents

Student Building 130 Student Building 331 Bloomington, IN Phone: (812)

Reporting. 1990 The Ecosystem Approach in Anthropology: From Concept to Practice. Ann Arbor: University of Michigan Press. 1984a The Ecosystem Concept in

Response. from 27 November to 4 December CPT/Inf (2014) 19

The Lithuanian authorities are invited to consider acceding to the Optional Protocol to the United Nations Convention against Torture (paragraph 8). XII-630 of 3

Health Systems in Transition Vol. 14 No Sweden. Health system review. Anders Anell Anna H Glenngård Sherry Merkur

There are eight government agencies directly involved in the area of health and care and public health: the National Board of Health and Welfare, the Medical Responsibility Board

Reverse Logistics as Source of Competitive Advantages and its Relationship with Total Quality Management

We analyze how companies which have Total Quality Management (TQM) and implanting a Reverse Logistics System (RLS) improve their recovery activities and reusability of materials and

We ve Been Robbed! Why did we pay for the coverage if it does not cover the claim? By George E. Nowack, Jr. Fidelity Insurance

The exclusion of coverage for the dishonest acts of owners, partners, principals of an insured does not apply when a management company is an insured under an

Gilbert Dupont Healthcare Conference

Process Upscaling Biopharma customers Cell Culture Media Process Optimization Validation Services Biosafety Services Analytical Services  Comparability testing

VC6096 Overview September Tom McNeela, Product Manager Mobile Computing Division

Note: Service from the Start programs must be purchased up front or within 30 days of the product purchase.

Metaphors We Learn By: Directed motor action improves word learning

Participants who placed flashcards in metaphor-congruent locations after studying them (left column) remembered the definitions of positive and negative words better than