SlideShare uma empresa Scribd logo

Introduction to Information Security

Transferir como PPTX, PDF
Shreedevi Tharanidharan
Shreedevi Tharanidharan
1 de 24
INTRODUCTION TO INFORMATION SECURITY By Mrs. Sridevi Tharanidharan, M.Sc., M.Phil., King Khalid University, KSA
Introduction  Information Security is a serious topic that needs to be included in the curriculum of every classroom that uses a computer. It is important for teachers, administrators, and technology coordinators to be fluent on this topic in order to protect the integrity of school records, student information, and institution credibility.  But, it is EQUALLY important that the students understand the basics of information security in order to protect themselves, their work, and school environment.  So, now that we all want to include information security as a topic in our classroom...How do we implement these ideas?
What is information security ? The protection of information and its critical elements, including systems and hardware that use, store, and transmit that information Necessary tools: policy, awareness, training, education, technology
Information security ...  Information security is the application of measures to ensure the safety and privacy of data by managing its storage and distribution. Information security has both technical and social implications.  Information security system is the process of protecting the data from unauthorized access, disclosure, destruction or disruption.
What are the threats ? receiver sender Confidentiality: unauthorized disclosure of information Integrity: Authenticity: unauthorized modification of information unauthorized use of service
Security Threats:  Destruction  Disclosure  Modification of data  Denial of service
Elements of Information Security
Confidentiality Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems.  Data should be keep secret. The owner of data has to decide who can only access the data and who can't. Example: Password hacking in online money transaction systems . Prevention: by encrypting the data and by limiting the places where it might appear.
Integrity Integrity means that data cannot be modified undetectably.  Unauthorized persons should not modify the data without owner's permission. Not only modification, they should not remove the data and add the false data. Example: Prevention: message authentication & integrity codes (MAC/MIC), and message digests such as MD5 or SHA-1 hashes.
Availability Ability of the infrastructure to function according to business expectations during its specified time of operation Nobody can disturb the system to make it unusable. Prevention: Backup systems
Authenticity  Computer system to be able to verify the identity of user.
Goals with corresponding threats to them.     Goals Data Confidentiality Data Integrity System Availability Authenticity – – Threats Exposure of data. Tampering with data. Denial of Service. No Authentication.
Types of IT Threats 1. 2. 3. 4. 5. 6. 7. 8. Computer virus Trojan Horses DNS poisoning Password grabbers Network worms Logic Bombs Hijacked home page Password cracker
Types of Attacks 1. SQL Injection 2. Dictionary attack 3. Phishing 4. Cross site scripting (XSS) 5. UI redressing
Security in different aspects:  Data Security  Computer Security  Network Security
Data Security  Data security helps to ensure the privacy of the individuals and the organizations.  Data security is a method of protecting the data from unauthorized use.  It has become an important part of the computer related business around the world.  Data security is very important for the smooth operations in any organization.
Data Security...  One way to avoid the loss of data due to hard disk crash, accidental removal or due to virus attack is to take regular backup of your data on the CD-ROM, hard drives, USB drive or any other medium.  If you have lost your critical data then there are many ways to recover it you just need to find a data recovery specialist in your area.
Computer Security  Every computer is susceptible to different attacks.  It’s the responsibility of the computer user who manages the security of the computer to protect it from these attacks.  Every computer system must have a predefined security measures to protect it from the viruses, spyware, adware, Trojan horses, web worms, internet security threats and hackers’ attacks.  Firewall software provides a security mechanism that protects your computer from the unauthorized access and hackers’ attacks.
Network Security  Network security means the protecting your network from unauthorized use, viruses, spyware and internet threats. Protecting a computer network is the most important responsibility of the persons  who manages the security of the network.
Security mechanisms... to protect the Network  Install up-to –dated antivirus program,  make regular backup of critical data,  use strong firewall program,  keep your system patched,  use strong passwords,  install and configure file encryption program,  place your network server at very secure place and only authorized users should be allowed to enter in the server room.
Basic security measures for Computer 1. Install up-to-dated antivirus program. 2. Use strong passwords. 3. Don’t leave your computer unattended, 4. Enable default firewall settings in Windows XP 5. Keep your operating system up-to-dated. 6. Encrypt your critical files. 7. Take regular backup of your data.
...Basic security measures for Computer 8. Limit the access of users. 9. Increase the security settings in the browsers. 10. Disable annoying startup programs. 11. Install the latest service packs. 12.Regularly scan your computer for vulnerabilities and security holes. 13. Adjust event viewer settings.
Internet Security Threats  There are many known internet threats that can invade any computer that is connected to the internet.  If you have not installed and configured any internet security suite then your computer can host many viruses, spyware and adware. The best safeguard against the internet security threats * To install a internet security software, Install firewall software or hardware, Monitor incoming emails, * Disable scripting features in the email programs, * Disable Java and ActiveX and monitor the activities of the users’ on the internet.
Thank You 

Recomendados

INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Information security
Information securityInformation security
Information securityavinashbalakrishnan2
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 

Recomendados

INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Information security
Information securityInformation security
Information securityavinashbalakrishnan2
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
Network management and security
Network management and securityNetwork management and security
Network management and securityAnkit Bhandari
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to securityMostafa Elgamala
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerabilityA. Shamel
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
Database security
Database securityDatabase security
Database securitySoftware Engineering
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityGareth Davies
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDumindu Pahalawatta
 

Mais conteúdo relacionado

Mais procurados

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
Network management and security
Network management and securityNetwork management and security
Network management and securityAnkit Bhandari
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerabilityA. Shamel
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 

Mais procurados (20)

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
 
Network management and security
Network management and securityNetwork management and security
Network management and security
 
Security threats
Security threatsSecurity threats
Security threats
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Network security
Network securityNetwork security
Network security
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 
Database security
Database securityDatabase security
Database security
 
Cyber security
Cyber securityCyber security
Cyber security
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 

Destaque

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityGareth Davies
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDumindu Pahalawatta
 
Protocol Security Testing best practice
Protocol Security Testing best practiceProtocol Security Testing best practice
Protocol Security Testing best practicegaoliang641
 
Security Testing
Security TestingSecurity Testing
Security TestingQualitest
 
Isms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information SecurityIsms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information Securityanilchip
 
Introduction to information security field
Introduction to information security fieldIntroduction to information security field
Introduction to information security fieldAhmed Musaad
 
Introduction to Information security
Introduction to Information securityIntroduction to Information security
Introduction to Information securityRashad Aliyev
 
Itsa end user 2013
Itsa end user 2013Itsa end user 2013
Itsa end user 2013salleh1n
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness PresentationCristian Mihai
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
 

Destaque (15)

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Protocol Security Testing best practice
Protocol Security Testing best practiceProtocol Security Testing best practice
Protocol Security Testing best practice
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
Isms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information SecurityIsms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information Security
 
User security awareness
User security awarenessUser security awareness
User security awareness
 
Introduction to information security field
Introduction to information security fieldIntroduction to information security field
Introduction to information security field
 
Introduction to Information security
Introduction to Information securityIntroduction to Information security
Introduction to Information security
 
Itsa end user 2013
Itsa end user 2013Itsa end user 2013
Itsa end user 2013
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMS
 
Security Basics - Internet Safety
Security Basics - Internet SafetySecurity Basics - Internet Safety
Security Basics - Internet Safety
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutions
 

Semelhante a Introduction to Information Security

Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptxmuskaangoel15
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challengesLouie Medinaceli
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Jennifer Letterman
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Internet security
Internet security Internet security
Internet security Ayesha Rana
 
Legal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing InformaticsLegal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing InformaticsKimarie Brown
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptxKnownId
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxJanani S
 

Semelhante a Introduction to Information Security (20)

WK8.pptx
WK8.pptxWK8.pptx
WK8.pptx
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challenges
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Chapter 5.pptx
Chapter 5.pptxChapter 5.pptx
Chapter 5.pptx
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
 
Internet security
Internet security Internet security
Internet security
 
Legal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing InformaticsLegal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing Informatics
 
Data security
Data securityData security
Data security
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
 
Data security
Data securityData security
Data security
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
 
Security - Chapter 1.ppt
Security - Chapter 1.pptSecurity - Chapter 1.ppt
Security - Chapter 1.ppt
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 

Introduction to Information Security

  • 1. INTRODUCTION TO INFORMATION SECURITY By Mrs. Sridevi Tharanidharan, M.Sc., M.Phil., King Khalid University, KSA
  • 2. Introduction  Information Security is a serious topic that needs to be included in the curriculum of every classroom that uses a computer. It is important for teachers, administrators, and technology coordinators to be fluent on this topic in order to protect the integrity of school records, student information, and institution credibility.  But, it is EQUALLY important that the students understand the basics of information security in order to protect themselves, their work, and school environment.  So, now that we all want to include information security as a topic in our classroom...How do we implement these ideas?
  • 3. What is information security ? The protection of information and its critical elements, including systems and hardware that use, store, and transmit that information Necessary tools: policy, awareness, training, education, technology
  • 4. Information security ...  Information security is the application of measures to ensure the safety and privacy of data by managing its storage and distribution. Information security has both technical and social implications.  Information security system is the process of protecting the data from unauthorized access, disclosure, destruction or disruption.
  • 5. What are the threats ? receiver sender Confidentiality: unauthorized disclosure of information Integrity: Authenticity: unauthorized modification of information unauthorized use of service
  • 6. Security Threats:  Destruction  Disclosure  Modification of data  Denial of service
  • 8. Confidentiality Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems.  Data should be keep secret. The owner of data has to decide who can only access the data and who can't. Example: Password hacking in online money transaction systems . Prevention: by encrypting the data and by limiting the places where it might appear.
  • 9. Integrity Integrity means that data cannot be modified undetectably.  Unauthorized persons should not modify the data without owner's permission. Not only modification, they should not remove the data and add the false data. Example: Prevention: message authentication & integrity codes (MAC/MIC), and message digests such as MD5 or SHA-1 hashes.
  • 10. Availability Ability of the infrastructure to function according to business expectations during its specified time of operation Nobody can disturb the system to make it unusable. Prevention: Backup systems
  • 11. Authenticity  Computer system to be able to verify the identity of user.
  • 12. Goals with corresponding threats to them.     Goals Data Confidentiality Data Integrity System Availability Authenticity – – Threats Exposure of data. Tampering with data. Denial of Service. No Authentication.
  • 13. Types of IT Threats 1. 2. 3. 4. 5. 6. 7. 8. Computer virus Trojan Horses DNS poisoning Password grabbers Network worms Logic Bombs Hijacked home page Password cracker
  • 14. Types of Attacks 1. SQL Injection 2. Dictionary attack 3. Phishing 4. Cross site scripting (XSS) 5. UI redressing
  • 15. Security in different aspects:  Data Security  Computer Security  Network Security
  • 16. Data Security  Data security helps to ensure the privacy of the individuals and the organizations.  Data security is a method of protecting the data from unauthorized use.  It has become an important part of the computer related business around the world.  Data security is very important for the smooth operations in any organization.
  • 17. Data Security...  One way to avoid the loss of data due to hard disk crash, accidental removal or due to virus attack is to take regular backup of your data on the CD-ROM, hard drives, USB drive or any other medium.  If you have lost your critical data then there are many ways to recover it you just need to find a data recovery specialist in your area.
  • 18. Computer Security  Every computer is susceptible to different attacks.  It’s the responsibility of the computer user who manages the security of the computer to protect it from these attacks.  Every computer system must have a predefined security measures to protect it from the viruses, spyware, adware, Trojan horses, web worms, internet security threats and hackers’ attacks.  Firewall software provides a security mechanism that protects your computer from the unauthorized access and hackers’ attacks.
  • 19. Network Security  Network security means the protecting your network from unauthorized use, viruses, spyware and internet threats. Protecting a computer network is the most important responsibility of the persons  who manages the security of the network.
  • 20. Security mechanisms... to protect the Network  Install up-to –dated antivirus program,  make regular backup of critical data,  use strong firewall program,  keep your system patched,  use strong passwords,  install and configure file encryption program,  place your network server at very secure place and only authorized users should be allowed to enter in the server room.
  • 21. Basic security measures for Computer 1. Install up-to-dated antivirus program. 2. Use strong passwords. 3. Don’t leave your computer unattended, 4. Enable default firewall settings in Windows XP 5. Keep your operating system up-to-dated. 6. Encrypt your critical files. 7. Take regular backup of your data.
  • 22. ...Basic security measures for Computer 8. Limit the access of users. 9. Increase the security settings in the browsers. 10. Disable annoying startup programs. 11. Install the latest service packs. 12.Regularly scan your computer for vulnerabilities and security holes. 13. Adjust event viewer settings.
  • 23. Internet Security Threats  There are many known internet threats that can invade any computer that is connected to the internet.  If you have not installed and configured any internet security suite then your computer can host many viruses, spyware and adware. The best safeguard against the internet security threats * To install a internet security software, Install firewall software or hardware, Monitor incoming emails, * Disable scripting features in the email programs, * Disable Java and ActiveX and monitor the activities of the users’ on the internet.