Lecture20 - Thursday June 5 Lab#5 Grading is in progress...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Thursday, June 5 Lab #5 Grading is in progress Check your scores
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Program #2 Due tonight before midnight Questions? Let’s make a deal … The submit site will remain open until midnight Saturday, June 7. 50 points will be “redistributed” Taken from late programs Individual penalty depends on order of lateness Added to on-time  working  programs Individual bonus depends on order of earliness
Background image of page 2
3 Today's Topics Network security Review for final exam Course objectives evaluation
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Security Enormous topic several additional courses Growing problem cost of security  cost of security breaches playing “tag” with attackers
Background image of page 4
5 Security concerns For stand-alone systems, main concern is physical security Networked systems are inherently more vulnerable than  stand-alone systems attackers need not be physically present
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Security threats Unauthorized access to data Unauthorized alteration of data Unauthorized use of resources Interfering with access by authorized users etc.
Background image of page 6
7 Methods of attack Eavesdropping snooping is easy on most networks Masquerading spoof email, etc. Message / data tampering easy at "store and forward" points Denial of service overwhelm a site with requests for service Virus etc.
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Security policies " Secure " is not an absolute term Need to define  security policy  for organization Costs  and  benefits  of security policies must be assessed What is the value of information? Policies must consider  stored information  as well as  transmitted  information . Users must be  educated Security policy is useless if users respond to “phishing”, etc.
Background image of page 8
9 Responsibility and control Accountability how an audit trail is kept Authorization who is responsible for each item and how is responsibility  delegated to others
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 Maintaining security User authorization  based on something you have key card something you know password, secret question something you are fingerprint, retinal scan
Background image of page 10
11 Maintaining security Data integrity Data should be transmitted unchanged Stored data should be "safe" Data availability Authorized users should have access Access should not be interrupted
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Maintaining security Data confidentiality Only authorized users should have access No snooping, wiretapping, etc. Privacy
Background image of page 12
Image of page 13
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 06/28/2009 for the course CS 372 taught by Professor Leviet during the Fall '07 term at Oregon State.

Page1 / 53

Lecture20 - Thursday June 5 Lab#5 Grading is in progress...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online