Computer and Internet Security: Types and Principles, Lecture notes of Information Security and Markup Languages

Download Computer and Internet Security: Types and Principles and more Lecture notes Information Security and Markup Languages in PDF only on Docsity!

INFORMATION SECURITY

Attacks on Computers and Computer Security

Attacks on Computers and Computer

Security:

• (^) Introduction,
• (^) The need for security,
• (^) Security approaches,
• (^) Principles of security,
• (^) Types of Security attacks,
• (^) Security services,
• (^) Security Mechanisms,
• (^) A model for Network Security

Why We Need Information Security?

• (^) our focus is on Internet Security which consists of measures to deter, prevent, detect, and correct security violations that involve the transmission & storage of information

• (^) Challenges in Security? 1.Use of computer with internet

2. Software tools are available freely
3. Importance of information 4.Lack of awareness/ignorance/hesitation

• (^) PROTECTION 1.Unahorized Access by intentionally or unintentionally.

1.1 SECURITY

Introduction

• (^) Information:- Computers, Networks, Internet, Mobile.
• (^) Security:-trying to understand how to protect.
• (^) The various dangers & pitfalls when we use technology.
• (^) The consequences of not setting up the right  Security Policies  Security Framework  Security Technology

Why is Security Required?

• (^) Business & different types of transactions r being conducted to a large extent over Internet.
• (^) Inadequate or improper security mechanism can bring whole business down or play havoc with people’s lives!
• (^) Since Electronic Documents & Messages r now becoming equivalent to proper documents in terms of their legal validity & binding.

Information Security

• (^) Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

• Background

• (^) Throughout history, confidentiality of information has always played a key role in military conflict.
• (^) In Past No or little security.

The Need for Security(Current Scenario)

• (^) Now a days Importance of data was truly realized.  Financial & Personal data
• (^) Therefore various areas in security began to gain prominence.
• (^) Typical Examples of Basic Security Mechanism: Authenticate a User->id, pw Encode->DB->Not Visible to user who do not have the right permission.
• (^) Organization employed their own mechanism.

Information traveling from a client to a server

over the internet.

Some real time attacks

• (^) Russian Attacker Maxim actually manage to intruder into a merchant Internet site & obtained 300, credit card numbers from its DB.
• (^) He then attempted extortion by demanding protection money($100,000) from the merchant.
• (^) The merchant refused to oblige.
• (^) Following this, the attacker published about 25, of the credit card numbers on the internet!
• (^) Some banks reissued all the credit cards at a cost of $20 per card & others forewarned their customers about unusual entries in their statements.

Modern Nature Of Attack

1. Automating Attacks :- Traditional Attack: Produce Coins using machinery & Bring them into circulation. Modern Attack: Steal half a dollar from million accounts in a few minutes time digitally.

2. Privacy Concern :-Every Company are collecting & processing lots of information about us. Without we realizing when & how it is going to be used.
3. Distance does not matter :- Attack Can be launched from the distance. E.g:- In 1995, a Russian hacker broke into Citibank’s computer remotely, stealing $12M. Although the attacker was traced, it was very difficult to get extradited him for the court case.