chapter 12 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 12 PowerPoint Presentation
Download Presentation
Chapter 12

Loading in 2 Seconds...

play fullscreen
1 / 33

Chapter 12 - PowerPoint PPT Presentation

  • Uploaded on

Chapter 12. Computer Security and Risks. Topics. On-line Outlaws: Computer Crime Computer Security: Reducing Risks Security, Privacy, Freedom, and Ethics: The Delicate Balance Security and Reliability.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Chapter 12

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
chapter 12

Chapter 12

Computer Security and Risks


On-line Outlaws: Computer Crime

Computer Security: Reducing Risks

Security, Privacy, Freedom, and Ethics: The Delicate Balance

Security and Reliability

“Computers are power, and direct contact with power can bring out the best or worst in a person.”

Former computer criminal turned corporate programmer

on line outlaws computer crime
On-line Outlaws:Computer Crime
  • Computers are used to break laws as well as uphold them
  • Computer crime involves:
    • Theft by computer
    • Software piracy and intellectual property laws
    • Software sabotage
    • Hacking and electronic trespassing
the computer crime dossier
The Computer Crime Dossier
  • Computer crime is defined as any crime accomplished through knowledge or use of computer technology
  • The typical computer criminal is a trusted employee with no criminal record
the computer crime dossier5
The Computer Crime Dossier
  • According to the FBI:
    • Financial losses topped $120 million in 1999
    • More than 60 percentof corporate, university,and government sitesreport at least one break-in per year
theft by computer
Theft by Computer
  • Theft is the most common form of computer crime
  • Computers are usedto steal:
    • Money
    • Goods
    • Information
    • Computer resources
software piracy and intellectual property laws
Software Piracy and Intellectual Property Laws
  • Software piracy is the illegal duplication of copyrighted software
  • Intellectual property includes the results of intellectual activities in the arts, sciences, and industry
software piracy and intellectual property laws8
Software Piracy and Intellectual Property Laws
  • Property laws:
    • Inventions are patented
    • Trade secrets are covered by contract law
    • The expression of intellectual property can be copyrighted
  • Look-and-feel lawsuits can result from mimicking intellectual property
software sabotage
Software Sabotage
  • Trojan horse - performs a useful task while also being secretly destructive; time bombs are an example
  • Virus - spreads by making copies of itself from program to program or disk to disk
  • Worm - a program that travels independently over computer networks, seeking uninfected sites

Sabotage of software can include:

These are referred to as a virus.

software sabotage10
Software Sabotage

How software sabotage works:

software sabotage11
Software Sabotage

Virus detection software locates and removes viruses

  • These programs need to be frequently revised
  • More than 200 new virus appear each month!
hacking and electronic trespassing
Hacking and Electronic Trespassing
  • Hackers are people who enjoyed learning the details of computer systems
  • Hackers (or crackers) refers to people who break into computer systems
  • Webjackershijack Web pages and redirect users to other sites
  • Denial of Service (DOS) attacks bombards servers and web sites with traffic that shuts down the network
hacking and electronic trespassing13

Cliff Stoll discovered an international computer espionage ring because of a .75 cent accounting error.

Hacking and Electronic Trespassing
  • Breaking into other computer systems is called electronic trespassing
  • Electronic crime rings focus on stealing credit card numbers and other valuable information
computer security reducing risks
Computer Security: Reducing Risks
  • Computer crime has led to a need to protect computer systems
  • Computer security attempts to protect computers and the information they contain
  • Computer security protects against unwanted access, damage, modification, or destruction
computer security reducing risks15
Computer Security: Reducing Risks
  • Physical Access Restrictions
  • Passwords
  • Firewalls, Encryptions, and Audits
  • Backups
  • Law, Management, and Ethics

A variety of security techniques are used to protect computer systems

physical access restrictions
Physical Access Restrictions
  • Physical access restrictions are based on:
    • Something you have, such as a key, ID card with photo, or a smart card
    • Something you know, such as a password, an ID number, or a piece of personal history
    • Something you do, such as your signature or your typing speed and error patterns
physical access restrictions17
Physical Access Restrictions
  • Something about you, such as voice print, fingerprints, retinal scans, or other measurements of individual body characteristics (biometrics)

Passwords are the most common tool for restricting access to computer system

  • Effective passwords are:
    • Not real words
    • Not names
    • Changed frequently
    • Kept secret
    • A mix of alphabet letters and numbers
firewalls encryption and audits
Firewalls, Encryption,and Audits

These security systems reduce or prohibit the interception of messages between computers:

  • Firewalls are like gateways with a lock
  • Codes protect transmitted information and take a special key to decode
  • Shields are specially developed machines that prevent unwanted interception
  • The computer serves as a firewall by scanning every message for security risks before allowing it to pass into or out of the LAN
  • To make a message secure from outsiders requires encryption software
  • Encryption software scrambles the sent message using a key
  • A different key is needed to unscramble the received message
audit control software
Audit-Control Software
  • Audit-control software monitors and records computer activity
  • Effective audit-control software forces every user to leave a trail of electronic footprints
backups and other precautions
Backups and Other Precautions
  • The best and most widely used method to recover data is a routine for making regular backups
  • Many computer systemsare backed up at theend of each work day
human security controls laws management and ethics
Human Security Controls:Laws, Management, and Ethics
  • Security measuresprevent crime, but can also pose threats to personal privacy
  • Managers must make employees aware of security issues and risks
security privacy freedom ethics the delicate balance
Security, Privacy, Freedom, & Ethics: The Delicate Balance
  • Active badges can simultaneously improve security and threaten privacy by:
    • identifying who enters a door or logs onto amachine
    • finding an employee’s location or where theyhave been throughout the day

“In this age of advanced technology, thick walls and locked doors cannot guard our privacy or safeguard our personal freedom.”

Lyndon B. Johnson

rules of thumb safe computing
Share with care

Beware of BBS risks

Don’t pirate software

Disinfect regularly

Treat diskettes withcare

Take your password seriously

Lock sensitive data

Use backup systems

Consider encryptionfor Internet activities

Prepare for the worst

Rules of Thumb:Safe Computing
security and reliability
Security and Reliability
  • Computer security involves more than protection from trespassing, sabotage, and other crimes
  • Software errors and hardware glitches account for some of the most important security issues, such as:
    • Bugs and Breakdowns
    • Computers at War
bugs and breakdowns
Bugs and Breakdowns
  • Software bugs do more damage than viruses and computer burglars combined.
  • Facts about software engineering:
    • It is impossible to eliminate all bugs.
    • Even programs that appear to work can contain dangerous bugs.
    • The bigger the system,the bigger the problem.
bugs and breakdowns30
Bugs and Breakdowns
  • Computer breakdowns pose a risk to the public and the incidence doubles every two years.
  • Hardware problems are rare when compared withsoftware failures
computers at war
Computers at War
  • Smart weapons are missiles that use computerized guidance systems to locate their targets.
  • An autonomous system is a complex system that can assume almost complete responsibility for a task without human input.
warfare in the digital domain
Warfare in the Digital Domain
  • The front lines of the future may in cyberspace
  • By attacking computer networks an enemy could conceivably cripple:
  • telecommunications systems
  • power grids
  • banking and financial systems
  • hospitals and medical systems
  • water and gas supplies
  • oil pipelines
  • emergency government services