Post on 15-Jan-2015
description
Computer SecurityInternet SecurityPhysical Security
Computer Security
Computer Security
Computer Security
• It refers to protection of a computer and the information stored in it, from the unauthorised users.
Computer Security
• It refers to protection of a computer and the information stored in it, from the unauthorised users.
• Computer security is a branch of computer technology known as information security as applied to computers and networks.
Security Threats
Security Threats
1 Malicious Code and Software
2 Hackers and Crackers
Malicious Code and Software
Malicious Code and Software
• It is a software program that generates threats to the computers and data stored on it.
Malicious Code and Software
• It is a software program that generates threats to the computers and data stored on it.
• This code can be in the form of worms ,logic bombs, viruses, Trojan horses and other type of software.
Malicious Code and Software
Hackers and Crackers
Hackers and Cracker
Hackers and Cracker
Hackers and Cracker
• A hacker is a person who breaks into computers without authorisation. He is actively involved in computer security and are non professional or programmers without formal training.
Malicious Program
Malicious Program
• Any computer program or code that is designed to do harm, can be termed a malicious program. Ex – Virus , Worms , Trojan horse , Logic bomb , Spyware etc.
Virus
Virus
• It is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. Virus has the ability to infect different parts of the computer.
Worms
Worms
Worms
• A computer worm is a self-replicating computer designed to destroy data. Worm program often use network connections to spread from one computer to another computer system. Thus, worms attack systems that are linked through communication lines.
Logic Bomb
Logic Bomb
Logic Bomb
• This is one of the oldest types of programs and it embeds its code into legitimate programs. Like a bomb it explodes all the data when certain conditions are met. This could be either destroying or deletion of certain files on a particular time, and so on. It reacts as a time bomb.
Trojan Horses
Trojan Horses
Trojan Horses
Trojan Horses
• Trojan appears to perform a desirable function but in fact, performs undisclosed, malicious function. These programs enter into a computer through an e-mail or free programs that are download from the internet.
Trojan Horses
• Trojan appears to perform a desirable function but in fact, performs undisclosed, malicious function. These programs enter into a computer through an e-mail or free programs that are download from the internet.
• Once they safely pass into the computer, they may lie inactive from months before they activated or complete control of the computer is given to a hacker.
• It allows unauthorised access to the host machine, giving them ability to save their files on the user’s computer or even to watch the user’s screen and to control the computer.
Antivirus
Antivirus
• It is a software utility which mainly prevents and removes computer viruses, including worms and Trojan horses. It scan the hard disk for viruses and tries to removes them, if found.
Antivirus
Antivirus Protection
Security techniques from hacker and crackers
Security techniques from hacker and crackers
• Cryptography• Captcha
Cryptography
Cryptography
• Cryptography is the process of alternating the original massages to hide their meaning from opponents who might intercept them.
Cryptography
• Cryptography is the process of alternating the original massages to hide their meaning from opponents who might intercept them.
• Cryptography relies upon to basic components an algorithm and key.
• Some of the algorithm are given here. 1 Secret Key Cryptography 2 Public Key cryptography 3 Hash Function 4 Digital Signature
Secret Key Cryptography
Secret Key Cryptography
• A single key is used in SKC for both encryption and decryption of data. In this form of cryptography the key must be known the sender and receiver.
Public Key Cryptography
Public Key Cryptography
• Each person in this techniques gets known as the public and private key. Each person’s public key is publicly known and private key kept secret.
• The sender uses the receiver’s public key to encrypt the message and when receiver receives the encrypted massage , he uses his private key to decrypt the massage.
Hash Function
Hash function
• It is also called massage digests and it is a one way encryption algorithm that does not use any key to encrypt or decrypt the massage.
• It uses a digital fingerprint of a file’s contents, in order to ensure that the file has not been changed by an intruder or any type of virus.
Digital Signature
Digital Signature
• Digital signature uses the public key cryptography technique. It uses two different keys in an algorithm but these are mathematically related to each other. One is for digital signature creation and another key for verifying a digital signature.
Captcha
• It’s full name is “Completely Automated Public Turing test to tell Computers and Humans Apart”.
• In modern computers, a robot or an automated program generates undesired information in the web pages and websites.
• A Captcha is a type of test in computing to make sure that the response is not generated by a computer.
• A Captcha is a program that generates images images that human can understand but a program cannot.
Internet Security
Internet Security
• Internet Security is a branch of information technology known as information security as applied to computers and networks.
OSI Reference Model
• Its full name is Open System Interconnection.
• The International Standards Organization developed in the early 1980 to promote interoperability of network devices.
• It has seven layer.
Seven layer of OSI model
• Application Layer• Presentation Layer• Session Layer• Transport Layer• Network Layer• Data Link Layer• Physical Layer
Security for the OSI Model
Security for the OSI Model
• Authentication• Access Control• Logging and Monitoring• Data Integrity• Data Confidentiality
TCP/IP Reference Model
TCP/IP Reference Model
• TCP/IP is based a four layer reference model.
• It is proposed by ISO(International Standards Organization).
• Layers of TCP/IP model Application Layer Transport Layer Internet Layer Network Interface layer
Security for TCP/IP Model
Security for TCP/IP Model
• Routers :- A router is a network traffic management device designed to forward the packets. It consists of hardware and software to implement the task for forwarding the packets.
• Firewall :- Firewall is a system has been designed to prevent the unauthorized access to or from a private network.
Physical Security
Physical Security
• The connection between physical system and logical systems ensure that, in order to protect logical systems, the hardware which is alive at that time must be physically secured.
• It involves protecting sites from natural and man-made physical threats.
Physical Security Threats
Physical Security Threats
• Weather : floods, fire, snow, ice, heat, cold
• Earth movement : earthquakes, mudslides
• Structural Failure : building collapse• Fire/chemical : explosions, smoke • Energy : loss of power, radiation,
magnetic wave infrastructure • Biological : virus, infections of animal
and insects
Educating Personal
• An organization can educate its staff members on the importance of their physical security through the use of self-paced or formal instructions, security education bulletins , posters, training films and tape or awareness data that drive home the importance of constant vigilence.
Administrative Access Control
• This is an important category of physical access control. It addresses the procedural application of physical controls. There exist different type of physical control devices that make a site more secure.
Physical Security Controls
• This is the next category of the physical access control which includes mechanical and electronic access controls such as gates, doors, keys and combination locks. By physical security, most people understand these types of access control because these devices are the least complicated and expensive.
Technical Controls
• The next category of physical security control is the use of computer hardware and software. Some of the technical security measures are discussed here. A smart card, which is similar to regular payment card, access card, the smart card has many purpose, such as medical identification, travel ticketing identifiction and builiding access control.
The End(Follow me for more updates)