Module 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.

Similar documents
19.1. Security must consider external environment of the system, and protect it from:

Protection and Security

Language-Based Protection

The Security Problem

Chapter 15: Security. Operating System Concepts 8 th Edition,

Chapter 15: Security. Chapter 15: Security

Background. Demand Paging. Performance of Demand Paging. Page Replacement. Page-Replacement Algorithms. Allocation of Frames.

Chapter 15: Security. Operating System Concepts 9 th Edition

Protection and Security. Sarah Diesburg Operating Systems CS 3430

Security and Authentication

Security. Reading: Chapter 15, [OSC] (except Section 15.9)

Chapter 14: Security. Operating System Concepts Essentials 8 th Edition

SAZ4B/SAE5A Operating System Unit : I - V

Chapter 19 Security. Chapter 19 Security

Protection and Security

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Objectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats

Chapter 10: Security and Ethical Challenges of E-Business

e-commerce Study Guide Test 2. Security Chapter 10

Unit 5. System Security

2. INTRUDER DETECTION SYSTEMS

MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations

Computer Security. Solutions

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security

CERT-In. Indian Computer Emergency Response Team ANTI VIRUS POLICY & BEST PRACTICES

Pre-Assessment Answers-1

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:

Hacking Terminology. Mark R. Adams, CISSP KPMG LLP

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

ISO/IEC Common Criteria. Threat Categories

Define information security Define security as process, not point product.

Security Threats: Network Based Attacks

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks

CHAPTER 8 SECURING INFORMATION SYSTEMS

CHAPTER 8 FIREWALLS. Firewall Design Principles

Firewall Identification: Banner Grabbing

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Management Information Systems (MMBA 6110-SP) Research Paper: Internet Security. Michael S. Pallos April 3, 2002

Securing Information Systems

Malware, , Database Security

Guidelines for Use of IT Devices On Government Network

CS 333 Introduction to Operating Systems Class 19 - Security

CIS 21 Final Study Guide. Final covers ch. 1-20, except for 17. Need to know:

c. Software downloaded from electronic bulletin board systems.

INF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015

Password. authentication through passwords

SSH. Partly a tool, partly an application Features:

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1

A Review Paper on Network Security Attacks and Defences

CIS 700/002 : Special Topics : Protection Mechanisms & Secure Design Principles

SMart esolutions Information Security

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Securing Information Systems

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

BEST PRACTICES FOR PERSONAL Security

Systems and Network Security (NETW-1002)

Network Security Issues and Cryptography

Securing Information Systems

WPA SECURITY (Wi-Fi Protected Access) Presentation. Douglas Cheathem (csc Spring 2007)

Chapter 11: Networks

Security Assessment. Prepared For: Prospect Or Customer Prepared By: Your Company Name

EVALUATING HOW AN OPERATOR HAS EFFECTIVELY IMPLEMENTED CYBER- SECURITY POLICIES TO MANAGE AND ADMINISTER THE SYSTEM. Wurldtech Security Technologies

Lecture III : Communication Security Mechanisms

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Most Common Security Threats (cont.)

MigrationWiz Security Overview

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

User Guide. This user guide explains how to use and update Max Secure Anti Virus Enterprise Client.

SECURING YOUR HOME NETWORK

Sophos Enterprise Console Help. Product version: 5.3

SECURITY & PRIVACY DOCUMENTATION

Overview of Security Principles

Chapter 4. Network Security. Part I

CSE 565 Computer Security Fall 2018

CSE 565 Computer Security Fall 2018

Snort Rules Classification and Interpretation

SE420 Software Quality Assurance

System and Network Security

II.C.4. Policy: Southeastern Technical College Computer Use

EXECUTIVE REPORT 20 / 12 / 2006

Privilege Separation

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Computer Security Policy

0x1A Great Papers in Computer Security

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

POLICY FOR DATA AND INFORMATION SECURITY AT BMC IN LUND. October Table of Contents

IDS: Signature Detection

CS Final Exam

DoS Attacks Malicious Code Attacks Device Hardening Social Engineering The Network Security Wheel

Strategic Infrastructure Security

10EC832: NETWORK SECURITY

Ethical Hacking and Prevention

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

MTA Networking Fundamentals Exam.

ECDL / ICDL IT Security. Syllabus Version 2.0

13. Acceptable Use Policy

How SMART (Secure Malware Alert and Removal Tool) Works

Online Threats. This include human using them!

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Transcription:

Module 20: Security The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption 20.1

The Security Problem Security must consider external environment of the system, and protect it from: unauthorized access. malicious modification or destruction accidental introduction of inconsistency. Easier to protect against accidental than malicious misuse. 20.2

Authentication User identity most often established through passwords, can be considered a special case of either keys or capabilities. Passwords must be kept secret. Frequent change of passwords. Use of non-guessable passwords. Log all invalid access attempts. 20.3

Program Threats Trojan Horse Code segment that misuses its environment. Exploits mechanisms for allowing programs written by users to be executed by other users. Trap Door Specific user identifier or password that circumvents normal security procedures. Could be included in a compiler. 20.4

System Threats Worms use spawn mechanism; standalone program Internet worm Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs. Grappling hook program uploaded main worm program. Viruses fragment of code embedded in a legitimate program. Mainly effect microcomputer systems. Downloading viral programs from public bulletin boards or exchanging floppy disks containing an infection. Safe computing. 20.5

The Morris Internet Worm 20.6

Threat Monitoring Check for suspicious patterns of activity i.e., several incorrect password attempts may signal password guessing. Audit log records the time, user, and type of all accesses to an object; useful for recovery from a violation and developing better security measures. Scan the system periodically for security holes; done when the computer is relatively unused. 20.7

Threat Monitoring (Cont.) Check for: Short or easy-to-guess passwords Unauthorized set-uid programs Unauthorized programs in system directories Unexpected long-running processes Improper directory protections Improper protections on system data files Dangerous entries in the program search path (Trojan horse) Changes to system programs: monitor checksum values 20.8

Network Security Through Domain Separation Via Firewall 20.9

Encryption Encrypt clear text into cipher text. Properties of good encryption technique: Relatively simple for authorized users to incrypt and decrypt data. Encryption scheme depends not on the secrecy of the algorithm but on a parameter of the algorithm called the encryption key. Extremely difficult for an intruder to determine the encryption key. Data Encryption Standard substitutes characters and rearranges their order on the basis of an encryption key provided to authorized users via a secure mechanism. Scheme only as secure as the mechanism. 20.10

Encryption (Cont.) Public-key encryption based on each user having two keys: public key published key used to encrypt data. private key key known only to individual user used to decrypt data. Must be an encryption scheme that can be made public without making it easy to figure out the decryption scheme. Efficient algorithm for testing whether or not a number is prime. No efficient algorithm is know for finding the prime factors of a number. 20.11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback