ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.
-
Upload
erika-gibson -
Category
Documents
-
view
220 -
download
0
Transcript of ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.
![Page 1: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/1.jpg)
ISNE101Dr. Ken Cosh
Week 14
![Page 2: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/2.jpg)
This Week
Challenges (still) facing Modern IS
Reliability
Security
![Page 3: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/3.jpg)
Reliability
Redundancy is the Key!
Spare components
Components running in parallel
Triple Modular Redundancy
Identify unreliable components and arrange back ups.
UPS
Multiple ISPs
![Page 4: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/4.jpg)
Security
Data stored digitally & transmitted through networks == Greater security threats.
After all digital data can be copied more easily
![Page 5: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/5.jpg)
Security Threats
Unauthorised AccessErrorsViruses/WormsSpyware
TappingSniffingMessage AlterationTheft/Fraud
HackingVandalismDoS attacksTheft/Copy DataHardware/Software
Failure
![Page 6: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/6.jpg)
Malware (Malicious Software):Viruses / Worms / Trojans / Spyware
Virus
Display message -> destroying data
Spread by human action;
i.e. sending infected email, or copying a file
Worms
Don’t need human action;
Copy themselves across network on their own.
Destroy data / Disrupt network
![Page 7: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/7.jpg)
Malware (Malicious Software):Viruses / Worms / Trojans / Spyware
Trojan Horses Software appears benign, but then does something
unexpected Doesn’t replicate (so not a virus), but may facilitate viruses
Spyware Program installs itself and then serves up advertising Keyloggers record all keystrokes – including passwords /
CC numbers etc. Some spyware uses up memory / redirect search
requests / reset browser home page
![Page 8: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/8.jpg)
Hackers & Computer Crime
Objective: to gain unauthorised access
Steal information
System damage
Cybervandalism
Defacing websites
![Page 9: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/9.jpg)
Spoofing / Sniffing
Spoofing Masquerade as someone else
[email protected] Redirect you to similar webpage
www.hsbc.net Sniffing
Eavesdropping on data passed through a networkLegitimately to identify trouble spots / criminal activityBut also to steal information
V. difficult to detect
![Page 10: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/10.jpg)
DoS Attacks
Denial of Service
DDoS – Distributed Denial of Service
Fake communications / requests submitted simultaneously through network to slow it down and prevent legitimate usages.
![Page 11: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/11.jpg)
Identity Theft
Perhaps by Phishing
Asking users for confidential data through fake emails/websites
“Please update your records…”
Or Evil Twins
I could set up a “trustworthy” wifi network connection in a hotel lobby
![Page 12: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/12.jpg)
Countering the Threats
Tight Security Policies
Access Control
Authentication
Password
Biometrics
Firewalls
Anti Virus
Encryption
![Page 13: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/13.jpg)
Security Policies
Access Control Lists (ACL) Limit which users can do what (e.g. update websites)
Signed agreements for service When allowing users onto a network, normally they sign an
agreement, regarding terms of use. Noticeably none at Payap / CMU?
Policies could include, Regular password changes Whether personal use of service is permitted Antivirus updates
Can help against, external attacks, intrusion, virus / worms
![Page 14: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/14.jpg)
Encryption
Encoding the contents of a transmission so it can’t be decrypted on route.
Symmetric-key encryption
Public / Private key encryption
Helps prevent interception.
![Page 15: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/15.jpg)
Symmetric Key Encryption
Both sender and receiver use the same ‘code’ to encrypt and then decrypt a message. If I tell you to move each
character back two in the alphabet, and then send you this message;
Jgnnq Encuu Anyone who intercepts the
message gets nothing, but you are able to decrypt it.
More interesting patterns can be created to increase security. Substitution Transposition
Key:FANCY
Message:eatitnihmexnetmgmedt
![Page 16: ISNE101 Dr. Ken Cosh Week 14. This Week Challenges (still) facing Modern IS Reliability Security.](https://reader035.fdocuments.net/reader035/viewer/2022062516/56649e175503460f94b0294b/html5/thumbnails/16.jpg)
Decoding