Computer Security

Download Report

Transcript Computer Security

Sarvajanik college of engineering
and technology.
Created by:- Keshvi Khambhati (co-m)
Ria Bhatia (co-m)
Meghavi Gandhi (co-m)
Jarul Mehta(co-m)
Topic :- security and information
assurance..
Submitted to:- bhaumik sir ( BE )
What is security and information
assurance???


Information security is as computer
security which is applied to computers
and computer networks.....
Security and information assurance is
the practice of assuring information
and managing risks related to the use,
processing,storage, and transmission
of information or data and the systems
and processes used for those
purposes. It includes protection of
integrity, authenticity,confidentiality of
user data...
Areas where it is used!!!!!!

Computer science

Business and
accounting

Forensic science

Fraud examination
Areas where it is used!!!!!!

It is also used in the fields of
criminology, security
engineering, disaster
recovery , management
science, import-export of
goods.....
Brief introduction about data
protection...
Data protection is legal control over access
to and use of data stored in computers...
Classification of data protection
By making some
changes in default
information..
Methods for data protection….
 Certain methods used
for authentication of the
person(user) operating
the computer….

Facial recognition:- it measures
distances between specific
points on the face.

Finger prints :- measure distance
between specific points on a
fingerprint.

Hand geometry:- measures
length of fingers and length ad
width of hand.

Iris :-measures the colour and
pattern of the iris in the eye.

And some other methods are by
analyzing the signature ,voice ,
retina ,keystrokes, hand vein etc.
How to protect your data???..
1. Back up early and often.
2.Use file-level and share-level security.
3.Password-protect documents.
4.Make use of public key infrastructure.
5.Secure wireless transmission.
6.Protect data with transit with IP
security.
Security analysis...
• Security analysis in computer is the
field that covers all the process and
mechanisms by which computer based
equipment,information and services are
protected from unintended or
unauthorized access, change or
destruction...
• Security analysis in computer is also
known as cybersecurity or IT security
Security Challenges?
People/Organization
Secured
Infrastructure
Policies
Technologies
Processes
Security Requirements
Authentication
 Availability
 Auditing
 Authorization
 Privacy/Confidentiality
 Integrity
 Non-repudiation

Ten Security Domains
Cryptography
Law, Investigations,
and Ethics
Telecommunication &
Network Security
Application/System
Security
Access Control
Security
Domains
Security
Management
Operations
Security
Business Continuation
& Disaster Recovery Planning
Security
Architecture
Physical Security
CIA Triad of security analysis(IS)
ENSURING
THAT DATA
CAN BE
MODIFIED
ONLY BY
APPROPRIATE
MECHANISMS
SECURITY
ANALYSIS
THE DEGREE TO WHICH
AUTHORIZED USERS CAN
ACCESS INFORMATION FOR
LEGITIMATE PURPOSSES
ENSURING THAT
DATA IS
PROTECTED
FROM
UNAUTHORIZED
ACCESS
PREVENTING UNAUTHORIZED
ACCESS
• GUIDELINES FOR PASSWORDS:
•
Easy to remember, hard to guess
•
Don't use family or pet names
•
Don't make it accessible
•
Use combination uppercase/lowercase letters, digits and special
characters
•
Don't leave computer when logged in
•
Don't include in an email
•
Don't use the same passwords in lots of places
Secure software engineering
 Secure software engineering is a
process that helps design and
implement software that protect the
data and resources contained in and
controlled by that software .
Cybercrime Evolution
1986-1995
LANs
 First PC virus
 Motivation :
damage

1995-2003
Internet Era.
 “big
worms”
 Motivation
to Damage

2004+
OS, DB attacks
 spyware,spam
 Motivation:
financial

2006+
Targeted
attacks
Social
engineering
Financial+
political

MICROSOFT SDL AND
WINDOWS
500
Total vulnerabilities disclosed one year after release
400
300
200
100
0
Windows XP
Windows VISTA
OS 1
Before SDL
after SDL
45% reduction in vulnerabilities
OS 3
Microsoft SDL and SQL server
200
160
Total vulnerabilities disclosed
36 months after release
120
80
40
0
SQL Server 2000
SQL Server 2005
Before SDL after SDL
91% reduction in vulnerabilities
competing commercial DB
Infrastructure security
 Infrastructure security means it
includes how to address security issues
across an IT enviorment to ensure each
device is protected from malicious
activity…
Firewall
Infrastructure security:- Firewall
 Firewall :- Firewall provides an effective
means of protection of a local system
or network of systems from network –
based security threats while affording
access to the outside world via LAN’s
and internet.
Firewall:- Design principles
 Firewall is inserted between the
premises network and internet.
 Aims of firewall design
1. To establish a controlled link.
2. To protect the premises network from
internet – based attacks..
3. Provide a single point of contact
between your secure internal network
and untrusted network.
Firewall:- Design goals
All traffic from
inside to
outside should
pass through
firewall.
Only
authorized
traffic should
be allowed to
pass…
Firewall is itself
immune to
penetration.(use of
trusted system with a
secure operating
system)
Types of Firewalls
Types of Firewalls
 Application layer
filtering: It deals with the details of
particular service they are
checking.
 Special purpose code
needed for each
application.
 Easy to log all incoming
and outgoing traffic.
 Email is generally passed
through an applicationlevel filter.
Infrastructure security:-Antivirus
 Antivirus software is a computer
program that detects, prevents, and
takes action to disarm or remove
malicious software programs, such as
viruses and worms. You can help
protect your computer against viruses
by using antivirus software.
How does antivirus works???
 Most antivirus software will offer
to delete or contain (quarantine)
the malicious code. Remember,
the antivirus program runs in the
random access memory (RAM or
memory) of a computer. All
communication from that
computer through TCP/IP is
programmed to be monitored by
the antivirus software, thus when
malicious code is detected it is
stopped before it can damage the
computer. Viruses have patterns
that are matched by the antivirus
software within these
communication layers. Most
viruses do have patterns, but
some don't. That is when the
intelligent engine in the antivirus
software takes over.
Thank you….for
watching it!!!!