Comp4 Unit8a Lecture Slides
-
Upload
health-it-workforce-curriculum-2012 -
Category
Documents
-
view
217 -
download
1
Transcript of Comp4 Unit8a Lecture Slides
Introduction to Information and Computer Science
Security
Lecture a
This material (Comp4_Unit8a) was developed by Oregon Health and Science University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number
IU24OC000015.
SecurityLearning Objectives
• List and describe common security concerns (Lecture a)• Describe safeguards against common security concerns
(Lecture b)• Describe security concerns for wireless networks and
how to address them (Lecture b and c)• List security concerns/regulations for health care
applications (Lecture c)• Describe security safeguards used for health care
applications (Lecture c)
Health IT Workforce Curriculum Version 3.0/Spring 2012
2Introduction to Information and Computer Science Security
Lecture a
Concerns About Security
• Loss, stolen, or compromised data• Identity theft and impersonation• Downtime for businesses
– Loss of revenue• Blackmail
– Threat to disclose medical information
Health IT Workforce Curriculum Version 3.0/Spring 2012
3Introduction to Information and Computer Science Security
Lecture a
Common Threats to Security• Wikipedia:
– “Malware. . . (malicious software) is . . . designed to infiltrate a computer system without the owner's informed consent.” (Wikipedia, 2007)
• Types of malware include:– Trojans– Viruses– Hoaxes– Worms– Phishing– Macro viruses– Hackers
Health IT Workforce Curriculum Version 3.0/Spring 2012
4Introduction to Information and Computer Science Security
Lecture a
Trojan Horse• Trojan horse―malware program that usually
impersonates a known good file installed on system by replacing (deleting) \good file Name comes from Greek Trojan Horse myth The Trojan then does its dirty work on certain date,
through user action or on command Trojans can destroy or copy data, install adware, or
install browser toolbar Trojans can record keystrokes and send this to
attacker and scan computer ports
Health IT Workforce Curriculum Version 3.0/Spring 2012
5Introduction to Information and Computer Science Security
Lecture a
Viruses• A virus is a computer program that can harm a
computer and make it inoperable. Some viruses are only an annoyance. Viruses usually do not replicate (make copies of)
themselves on other computers Removing a virus usually cleans computer Sending a virus via email may replicate virus In 2008, Fun.exe virus spread itself via email
throughout the world and was very difficult to remove as it made many copies of itself on an infected computer
Health IT Workforce Curriculum Version 3.0/Spring 2012
6Introduction to Information and Computer Science Security
Lecture a
Macro Viruses• Macro viruses usually infect Microsoft Office files
and install themselves when users click files. A macro is a small program, usually written in VBA
(Visual Basic for Applications) Macro viruses spread when users click files in which
the macro virus resides Macro viruses may also delete files, etc. on infected
system
Health IT Workforce Curriculum Version 3.0/Spring 2012
7Introduction to Information and Computer Science Security
Lecture a
Personal Information Attacks
• Phishing Attempt to trick user into revealing personal
information to attacker so they can impersonate user Pronounced like “fishing”; attacker is fishing for
information about user User may receive email that appears to be from
financial institution, eBay, or Amazon, asking for login to verify transaction.
Health IT Workforce Curriculum Version 3.0/Spring 2012
8Introduction to Information and Computer Science Security
Lecture a
Personal Information Attacks (continued)
Clicking link in email brings user to Web site that looks like real Web site
No reputable organization will ever ask for this Report attack to organization so they are aware and
can act• Most email software includes ability to monitor for
phishing and move suspected email to non-functional (junk email) folder
Health IT Workforce Curriculum Version 3.0/Spring 2012
9Introduction to Information and Computer Science Security
Lecture a
Worms• A worm is a program that works to create lots of
network traffic Some worms are not malware as they crawl network
searching for reporting information Most worms replicate themselves, making network
unusable ILOVEYOU worm successfully attacked millions of
computers (users who clicked attachment) in May 2000
Health IT Workforce Curriculum Version 3.0/Spring 2012
10Introduction to Information and Computer Science Security
Lecture a
False Information• Hoaxes
Hoaxes usually a harmless attempt to convince user of something that is not true
Usually come in form of an email Some hoaxes invite user to send money to someone in another
part of world or ask for contributions to find missing children Use search engine to determine whether email’s message is
true by entering email subject line in search engine Result will usually indicate whether email is hoax
Health IT Workforce Curriculum Version 3.0/Spring 2012
11Introduction to Information and Computer Science Security
Lecture a
False Information (continued)
• Uncloak hoax Use trusted Internet sites to detect hoaxes Snopes.com - http://www.snopes.com/ Urban Legends Online -
http://urbanlegendsonline.com/ • Never forward email chains without verifying
their source
Health IT Workforce Curriculum Version 3.0/Spring 2012
12Introduction to Information and Computer Science Security
Lecture a
How do Hackers Operate?• Packet sniffers can read Internet traffic
• Wireshark―free protocol analyzer software tool that can display unencrypted network traffic on monitor screen.– www.wireshark.org
• Install malware Adware―Continuous ads on screen Spyware―Reports on sites visited
• Guess at user names and passwords Don’t use easy-to-guess passwords Do change default usernames and passwords (wireless
routers)
Health IT Workforce Curriculum Version 3.0/Spring 2012
13Introduction to Information and Computer Science Security
Lecture a
What is Network Security?• According to Wikipedia:
– “In the field of networking, the specialist area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources.”
• In plain English:– Network security is about rules set up for use of equipment,
software, and data and how to follow these rules– Use of assets revolves around authentication, authorization, and
providing permissions to network assets.• If user can’t prove identity, he or she can’t gain access to network,
equipment, or data.
Health IT Workforce Curriculum Version 3.0/Spring 2012
14Introduction to Information and Computer Science Security
Lecture a
Authentication• User provides valid username and password
– Referred to as “credential”
• Computer authenticates credentials against user account and password database– If user logs in successfully, user is authenticated!
• If credentials entered match what is in database, user is authenticated– Servers authenticate users using special type of database
known as directory– Directory stores information about all users, user groups,
computers, printers, and so on
Health IT Workforce Curriculum Version 3.0/Spring 2012
15Introduction to Information and Computer Science Security
Lecture a
Authorization
• Next, authenticated users are authorized• Authorization means that computer indicates
precisely what user can do:– Print files using specified printers– Access specified network drives– View and/or change documents in folders– Use company email
• Actions are usually recorded for audit
Health IT Workforce Curriculum Version 3.0/Spring 2012
16Introduction to Information and Computer Science Security
Lecture a
Permissions (Windows)
• Authorized objects are associated with permissions– Part of authorizing object is determining permissions
• Permissions determine what object can or cannot do on computer or network
• Two types of permissions typically used:– Sharing: Allows one object to connect to or use
another object over network– NTFS: Determines what one object can or cannot do
to another object• Permissions are a complex topic
Health IT Workforce Curriculum Version 3.0/Spring 2012
17Introduction to Information and Computer Science Security
Lecture a
Permissions (Windows)
• Sharing and NTFS permissions work together– User creates folder on his computer so his sister can
copy pictures he took– Next, he shares folder and sets his permissions to
“read”– Lastly, he sets NTFS permissions to “read” so that she
can view and copy pictures– Without this configuration, his sister will not be able to
view or copy files from his computer• Non-Windows OS protect devices and files similarly
Health IT Workforce Curriculum Version 3.0/Spring 2012
18Introduction to Information and Computer Science Security
Lecture a
Permissions Example
• Right-click folder and select Properties from menu
• Pictures folder is shared
• Click Advanced Sharing to configure sharing permissions for this folder
(2011, PD-US)
Health IT Workforce Curriculum Version 3.0/Spring 2012
19Introduction to Information and Computer Science Security
Lecture a
Permissions Example (continued)• Click Security tab to configure
NTFS permissions• Group or user names are listed in
ACL• Administrators have Full Control
over this folder and its contents– This means that a user who is a
member of the Windows Administrator’s group can do anything to this folder and its contents
– Anything means view, add new files, delete existing files, change existing files, create new sub-folders, etc
(2011, PD-US)
Health IT Workforce Curriculum Version 3.0/Spring 2012
20Introduction to Information and Computer Science Security
Lecture a
SecuritySummary – Lecture a
• List and describe common security concerns
Health IT Workforce Curriculum Version 3.0/Spring 2012
21Introduction to Information and Computer Science Security
Lecture a
SecurityReferences – Lecture a
References • Wikipedia. Malware. [Internet]. 2011 Jun [cited 2011 Nov 07]. Available from: http://en.wikipedia.org/wiki/Malware.
Images • Slide 19: Screenshot of a shared folder's properties window. Image source: the creator of this presentation. (2011,
PD-US)• Slide 20: Screen shot of the folder named Picture properties dialog box. Image source: the creator of this
presentation. (2011, PD-US)
Health IT Workforce Curriculum Version 3.0/Spring 2012
22Introduction to Information and Computer Science Security
Lecture a