Unauthorized access Theft and fraud o Malware Viruses are malware malicious

Unauthorized access theft and fraud o malware viruses

This preview shows page 8 - 10 out of 10 pages.

Unauthorized access Theft and fraud o Malware Viruses are malware (malicious software) that are designed to replicate themselves so as to infect increasing number of computing systems Spyware are malware that are specifically designed to track activity of users on computing systems Some are called “keyloggers.” They can record every keystroke o Denial-of-service (DOS) attacks Are carried out to intentionally block a service such as a bank’s web site from its legitimate users Usually achieved by flooding the target system o FIRST VIRUS FOUND WAS CALLED “Brian.A” Lecture 22 Security goals o Confidentiality involves making sure that information or data can only be accessed by individuals authorized to access them o Integrity involves making sure that the data are consistent and complete o Availability involves ensuring that system and/or data are available when they are needed o Authentication is basically making sure that the parties involved are who they say they are, and the transactions, data, or communications are genuine o Non-repudiation refers to making sure one cannot renege on their obligations, for example by denying that they entered into a transaction with a web merchant Security controls o Preventive controls stop or limit the security threat from happening in the first place (anti-virus scans)
Image of page 8
o Corrective controls repair damages after a security problem has occurred (anti-virus quarantine) o Detective controls find or discover where and when security threats occurred (audit logs) User profiles o Levels of identification Possession is when an individual owns a form of identification Knowledge is when an individual needs to know something to gain access Traits requires recognition of physical or behavioral human characteristics Biometrics o Fingerprint o Facial o Iris/retina o DNA Cryptography – provides techniques for assuring the security of information as it flows through a communication channel. It may be used for sending secret or private messages o Encryption – the process of encoding messages before they enter a communication channel such that, while in transit, the message cannot be decode without special information o Symmetric cryptography/symmetric encryption o Asymmetric cryptography o Public key – widely known and used to encrypt messages Asymmetric cryptography o Private key – known only to the receiver and used by the receiver to decrypt o Certificate authority – a third party that certifies the ownership of a public key by a named subject SSL/TLS o Secure Socket Layer/Transport Layer Security are protocols that allows for secure communication between two computers What is a worm?
Image of page 9
Image of page 10

You've reached the end of your free preview.

Want to read all 10 pages?

  • Spring '16
  • IP address, World Wide Web, primary key, Information retrieval tools

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture