Comp4 Unit8a Lecture Slides

Introduction to Information and Computer Science

Security

Lecture a

This material (Comp4_Unit8a) was developed by Oregon Health and Science University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number

IU24OC000015.

SecurityLearning Objectives

• List and describe common security concerns (Lecture a)• Describe safeguards against common security concerns

(Lecture b)• Describe security concerns for wireless networks and

how to address them (Lecture b and c)• List security concerns/regulations for health care

applications (Lecture c)• Describe security safeguards used for health care

applications (Lecture c)

Health IT Workforce Curriculum Version 3.0/Spring 2012

2Introduction to Information and Computer Science Security

Lecture a

Concerns About Security

• Loss, stolen, or compromised data• Identity theft and impersonation• Downtime for businesses

– Loss of revenue• Blackmail

– Threat to disclose medical information



Lecture a

Common Threats to Security• Wikipedia:

– “Malware. . . (malicious software) is . . . designed to infiltrate a computer system without the owner's informed consent.” (Wikipedia, 2007)

• Types of malware include:– Trojans– Viruses– Hoaxes– Worms– Phishing– Macro viruses– Hackers



Lecture a

Trojan Horse• Trojan horse―malware program that usually

impersonates a known good file installed on system by replacing (deleting) \good file Name comes from Greek Trojan Horse myth The Trojan then does its dirty work on certain date,

through user action or on command Trojans can destroy or copy data, install adware, or

install browser toolbar Trojans can record keystrokes and send this to

attacker and scan computer ports



Lecture a

Viruses• A virus is a computer program that can harm a

computer and make it inoperable. Some viruses are only an annoyance. Viruses usually do not replicate (make copies of)

themselves on other computers Removing a virus usually cleans computer Sending a virus via email may replicate virus In 2008, Fun.exe virus spread itself via email

throughout the world and was very difficult to remove as it made many copies of itself on an infected computer



Lecture a

Macro Viruses• Macro viruses usually infect Microsoft Office files

and install themselves when users click files. A macro is a small program, usually written in VBA

(Visual Basic for Applications) Macro viruses spread when users click files in which

the macro virus resides Macro viruses may also delete files, etc. on infected

system



Lecture a

Personal Information Attacks

• Phishing Attempt to trick user into revealing personal

information to attacker so they can impersonate user Pronounced like “fishing”; attacker is fishing for

information about user User may receive email that appears to be from

financial institution, eBay, or Amazon, asking for login to verify transaction.



Lecture a

Personal Information Attacks (continued)

Clicking link in email brings user to Web site that looks like real Web site

No reputable organization will ever ask for this Report attack to organization so they are aware and

can act• Most email software includes ability to monitor for

phishing and move suspected email to non-functional (junk email) folder



Lecture a

Worms• A worm is a program that works to create lots of

network traffic Some worms are not malware as they crawl network

searching for reporting information Most worms replicate themselves, making network

unusable ILOVEYOU worm successfully attacked millions of

computers (users who clicked attachment) in May 2000



Lecture a

False Information• Hoaxes

Hoaxes usually a harmless attempt to convince user of something that is not true

Usually come in form of an email Some hoaxes invite user to send money to someone in another

part of world or ask for contributions to find missing children Use search engine to determine whether email’s message is

true by entering email subject line in search engine Result will usually indicate whether email is hoax



Lecture a

False Information (continued)

• Uncloak hoax Use trusted Internet sites to detect hoaxes Snopes.com - http://www.snopes.com/ Urban Legends Online -

http://urbanlegendsonline.com/ • Never forward email chains without verifying

their source



Lecture a

http://www.snopes.com/

http://www.snopes.com/

http://urbanlegendsonline.com/

http://urbanlegendsonline.com/

How do Hackers Operate?• Packet sniffers can read Internet traffic

• Wireshark―free protocol analyzer software tool that can display unencrypted network traffic on monitor screen.– www.wireshark.org

• Install malware Adware―Continuous ads on screen Spyware―Reports on sites visited

• Guess at user names and passwords Don’t use easy-to-guess passwords Do change default usernames and passwords (wireless

routers)



Lecture a

http://www.wireshark.org/

What is Network Security?• According to Wikipedia:

– “In the field of networking, the specialist area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources.”

• In plain English:– Network security is about rules set up for use of equipment,

software, and data and how to follow these rules– Use of assets revolves around authentication, authorization, and

providing permissions to network assets.• If user can’t prove identity, he or she can’t gain access to network,

equipment, or data.



Lecture a

Authentication• User provides valid username and password

– Referred to as “credential”

• Computer authenticates credentials against user account and password database– If user logs in successfully, user is authenticated!

• If credentials entered match what is in database, user is authenticated– Servers authenticate users using special type of database

known as directory– Directory stores information about all users, user groups,

computers, printers, and so on



Lecture a

Authorization

• Next, authenticated users are authorized• Authorization means that computer indicates

precisely what user can do:– Print files using specified printers– Access specified network drives– View and/or change documents in folders– Use company email

• Actions are usually recorded for audit



Lecture a

Permissions (Windows)

• Authorized objects are associated with permissions– Part of authorizing object is determining permissions

• Permissions determine what object can or cannot do on computer or network

• Two types of permissions typically used:– Sharing: Allows one object to connect to or use

another object over network– NTFS: Determines what one object can or cannot do

to another object• Permissions are a complex topic



Lecture a

Permissions (Windows)

• Sharing and NTFS permissions work together– User creates folder on his computer so his sister can

copy pictures he took– Next, he shares folder and sets his permissions to

“read”– Lastly, he sets NTFS permissions to “read” so that she

can view and copy pictures– Without this configuration, his sister will not be able to

view or copy files from his computer• Non-Windows OS protect devices and files similarly



Lecture a

Permissions Example

• Right-click folder and select Properties from menu

• Pictures folder is shared

• Click Advanced Sharing to configure sharing permissions for this folder

(2011, PD-US)



Lecture a

Permissions Example (continued)• Click Security tab to configure

NTFS permissions• Group or user names are listed in

ACL• Administrators have Full Control

over this folder and its contents– This means that a user who is a

member of the Windows Administrator’s group can do anything to this folder and its contents

– Anything means view, add new files, delete existing files, change existing files, create new sub-folders, etc

(2011, PD-US)



Lecture a

SecuritySummary – Lecture a

• List and describe common security concerns



Lecture a

SecurityReferences – Lecture a

References • Wikipedia. Malware. [Internet]. 2011 Jun [cited 2011 Nov 07]. Available from: http://en.wikipedia.org/wiki/Malware.

Images • Slide 19: Screenshot of a shared folder's properties window. Image source: the creator of this presentation. (2011,

PD-US)• Slide 20: Screen shot of the folder named Picture properties dialog box. Image source: the creator of this

presentation. (2011, PD-US)



Lecture a

http://en.wikipedia.org/wiki/Malware

Comp4 Unit8a Lecture Slides

Documents

Transcript of Comp4 Unit8a Lecture Slides