Sunday, February 28, 2010

Security Measures

There are 6 types of security measures which are :
1. Data backup
2. Cryptography
3. Antivirus
4. Anti-Spyware
5. Firewall
6. Human aspects.


Data backup

Data backup is a program of file duplication. Backups of data applications are necessary so that they can be recovered in case of an emergency.Depending on the importance of the information, daily, weekly or biweekly backups from a hard disk can be performed


Cryptography

Cryptography is a process of hiding information by altering the actual information into differentrepresentation. Almost all cryptosystem depend on a key such as a password like the numbers or a phase that can be used to encrypt or decrypt a message. The traditional type of cryptosystem used on a computer network is called a symmetric secret key system. With this approach, the sender and the recipient use the same key, and they have to keep the share key a secret from anyone else.


Antivirus

User should install an Antivirus program and update it frequently.

An Antivirus program protects a computer against viruses by identifying and removing any computer viruses found in the computer memory, on storage media or incoming e-mail files.

Identifying virus:

v Two techniques are use to identify the virus:

a) Virus signature – also called a virus definition. It is a specific pattern of the virus code.

b) Inoculating a program file – the Antivirus program records information such as the file size and file creation date in a separate inculcation file. The Antivirus program then uses this information to detect if a virus tampers with the data describing the inoculated program file.

v If an Antivirus program identifies an infected file, it attempts to remove its virus, worm or Trojan horse. If the Antivirus program cannot remove the infection, it often quarantines the infected file. Quarantine is a separate area of a hard disk that holds the infected file until the infection can be removed. This step ensures other files will not become infected.


Antispyware

Spyware is a program placed on a computer without the user’s knowledge. It secretly collects information about the user. The Spyware program communicates information to the outside source. An Anti-Spyware application program sometimes called tracking for threat or a Spybot is used to remove Spyware.

Among the popular Anti-Spyware programs are:

a. Spybot Search and destroy

b. Ad-aware

c. Spyware Blaster


Firewall

Firewall is a piece of hardware or software which functions in a networked environment to prevent some communications forbidden by the security policy.

The purpose of a firewall is to keep bad thing outside a protected firewall implement a security policy. It might permit limited access from in or outside the network perimeters or from certain users or for certain activity.

There are three types of firewall

a. Screening routers

i. Simplest

ii. Sees only addresses and service protocol type

iii. Screen based on connection rules.

b. Proxy gateway

v Complex

v Sees full text of communication

v Screen based on behaviour proxies

c. Guard

v Most complex

v Sees full text of communication

v Screens based on interpretation of message content.


Human Aspect

Human aspects refer to the user and also the intruder of a computer system.

It is one of the hardest aspects to give protection to. The most common problem is the lack of achieving a good information security procedure. There are three ways to protect computer from human aspect threat:

a. Organisation Self Awareness

i. Organisations need to be aware of the people they work with.

ii. Some threat also come from within the organization and not just from the outside.

b. Organisational User Self Awareness

v Provide employee with adequate training and the importance of security and control.

v Even a very high-tech protection system could not protect the system against incompetent users.

c. Individual User Self Awareness

v Threat often comes in beautiful offers and packages.

v Do not download or install software from unreliable sources.

v Do not expose important information to strangers.

Hacker & Theft

Hacker

1. Hacking is a source of threat to security in computer. It is defined as unauthorized access to the computer system by a hacker.

2. Hackers are persons who learn about the computer systems in detail. They wrote program referred to as hacks. Hackers may use a modem or cable to hack the targeted computers.

3. Kevin Mitnick is the most notorious hacker ever caught. He had stolen millions of dollars worth of software and credit card information on the net. He used new identities and cleverly concealed his locations. He spent 5 years in jail for his hacking activity.


Theft

  1. Two types of computer theft:

a. Computer is used to steal money, goods, information and resources.

b. Actual stealing of computer, especially notebook and PDA. (This type of stealing causes loss of the expensive item and also the valuable information.)

  1. Three approaches to prevent theft

a) Prevent access by using locks, smart card application and password activation

b) Prevent portability of your computer by restricting all hardware from physically being moved to other places.

c) Detect and guard all exits and record any hardware (such as disk or CD) before being transported


DIFFERENCES BETWEEN WORM & VIRUS

Worm

Virus

Operates through the network.

Spreads through any medium. (Usually copied programs or data files)

Spreads copies of itself as a standalone program.

Spread copies of itself as a program that attaches to other program.

Security Threats

Malicious code

  1. Malicious code is also known as a rouge program. It is a threat to computing assets by causing undesired effects in the programmer’s part. The effect is caused by an agent, with the intention to cause damage.The agent for malicious code is the writer of the code or any person who causes its distributions. There are various kinds of malicious code. They include :

a. Virus
b. Trojan Horse
c. Logic Bomb
d. Trapdoor / Backdoor
e. Worm

o virus

§ Virus is a program that can pass on the malicious code to other non-infected programs by modifying them.

§ To infect a computer, the virus needs to attaches itself to the program, usually files with .doc (document), .xls (spread sheet), .exe (executable file) extensions.

§ It will then destroy or co-exists with the program.

§ Once the infected file is open, the virus will copy itself into that particular system and perform its functions.

§ Eventually, it can overtake the entire computing system and spread to other connected systems.


o Trojan Horse

§ A program which can perform useful but unexpected actions.

§ Must be installed by users or intruders before it can affect the system’s assets.

§ An example of a Trojan horse is the login script that request for users’ login ID and password.

§ The user will then successfully pass the login process, but the Trojan horse will keep a copy of the information to be use for malicious purposes.


o Logic bomb

§ Logic bomb is a malicious code that goes off when a specific condition occurs.

§ An example of a logic bomb is the time bomb. It goes off and causes threats at a specified time or date.


o Trapdoor or backdoor

§ A feature in a program that

allows someone to access the program and use it with special privileges.


o Worm

§ A program that copies and spreads itself through a network.

§ Primary differences between worms and viruses.



Computer Security

Definition of computer security

  1. Computer security means protecting our computer systems and the information they contain against unwanted access, damage, destruction or modification.
  2. We need to protect our computer from any intruder such as hackers, crackers and script kiddies.
  3. We do not want strangers to read our email, use our computer to attack other systems, send forged e-mail from our computer, or examine personal information stored on our computer such as financial statements.

Types of computer security :

1. Hardware Security
2. Software Security
3. Network Security


Hardware security

1. Hardware security refers to security measures used to protect the hardware specifically the computer and its related documents.

2. The examples of security measures used to protect the hardware include PC-locks, keyboard-lock, smart cards and biometric devices.

3. Besides these Cyber Laws, there are three other Cyber Laws being drafted


Software and data security

  1. Software and data security refers to the security measures used to protect the software and the loss of data files.
  2. Examples of security measures used to protect the software are activation code and serial number.
  3. An example of security measure used to protect the loss of data files is the disaster recovery plan method.
  4. The idea of this plan is to stored data, program and other important documents in a safe place that will not be affected by any major destruction.

Network security

  1. The transfer of data through network has become a common practice and the need to implement network security has become significant.
  2. Network security refers to security measures used to protect the network system.
  3. One example of network security measures is firewall. With firewall, network resources can be protected from the outsiders.


Saturday, February 13, 2010

Example of Ethics and Law breaking

Unethical:

1. using the office computer to do personal things

2. reading your friend’s e-mail without his or her permission

3. plagiarising and using materials from the Internet for your class assignment without giving credit to the original author.


Law breaking:

1. sending a computer virus via e-mail

2. hacking into your school’s database to change your examination results.

3. selling pirated software in a night market