set302 - C. Ding - COMP4631 - L02 ¡ Introduction to...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: C. Ding - COMP4631 - L02 ¡ Introduction to Computer Security Cunsheng Ding HKUST, Hong Kong, CHINA cding@cs.ust.hk C. Ding - COMP4631 - L02 ¡ • A brief introduction to computer security • A theoretical framework of computer security • References on computer security Outline of this Lecture C. Ding - COMP4631 - L02 ¡ A Brief Introduction of Computer Security C. Ding - COMP4631 - L02 ¡ • Sources of threats to computer security • Computer security aspects • Potential Solutions Agenda of this Part C. Ding - COMP4631 - L02 ¡ Sources of Threats to Computer Security • Attackers on a computer system may be insiders or outsiders. • Is outside threat more serious than inside threat? C. Ding - COMP4631 - L02 ¡ Sources of Threats: Internal versus External • Is outside threat more serious than insider threat? – While the threat from outsiders is indeed as great as generally believed, the malicious insider with approved access to the system is an even greater threat! C. Ding - COMP4631 - L02 ¡ Sources of Threats to Computer Security • Various surveys, with results of order: – human error • For example, system administrator and users compromised password incidentally. – disgruntled (discontented) employees – dishonest employees – outsider access C. Ding - COMP4631 - L02 ¡ Insider Threat to Computer Security (1) • Unauthorized entry into any compartmented computer system. • Unauthorized searching/browsing through classified computer libraries. • Unauthorized modification, destruction, manipulation, or denial of access to information residing on a computer system. C. Ding - COMP4631 - L02 ¡ Insider Threat to Computer Security (2) • Storing or processing classified information on any system not explicitly approved for classified processing. • Attempting to circumvent or defeat security or auditing systems, without prior authorization from the system administrator. • Any other willful violation of rules for the secure operation of your computer network. C. Ding - COMP4631 - L02 ¡¢ Outsider Threat to Computer Security (1) In addition to foreign intelligence services, your computer network is at risk from many other types of outsiders. • Freelance information brokers. • Foreign or domestic competitors. • Military services from adversary nations who are developing the capability to use the Internet as a military weapon. C. Ding - COMP4631 - L02 ¡¡ Outsider Threat to Computer Security (2) • Terrorist organizations for which organized hacking offers the potential for low cost, low risk, but high gain actions. • Crime syndicates and drug cartels. • Hobbyist hackers who penetrate your system for sport or to do malicious damage....
View Full Document

Page1 / 47

set302 - C. Ding - COMP4631 - L02 ¡ Introduction to...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online