Security

Computer Crimes
• could reasonably include a wide variety of criminal offenses, activities, or issues
• can be separated into two (2) categories
o crimes facilitated by a computer
o crimes where the computer is the target




Computer Security Issues
1. Bugs or mis-configuration problems.
2. browser-side risks.
3. interception of network data sent from browser to server or vice versa via network eavesdropping.





Aspects of Computer Security
• physical security
• viruses
• malicious logic
• hacking
• internal misuse
• spoofing






Two Categories of Electronic Crime Types 
• crimes in which the computer is the target of the attack
• incidents in which the computer is a means of perpetrating a criminal act




Security Incidents
• The Morris Worm (November, 1988)
• Citibank and Vladimir Levin (June- October, 1994)
• Kevin Mitnick (February, 1995)
• Omega Engineering and Timothy Lloyd (July, 1996)
• Jester and the Worcester Airport (March, 1997)
• Solar Sunrise (February, 1998)
• The Melissa Virus (March, 1999)
• The Love Letter Worm (May, 2000)
• The Code-Red Worm (2001)
• Adil Yahya Zakaria Shakour (August, 2001-May, 2002)
• The Slammer Worm (2003)
• July 2009 cyber attacks
• Shamoon (2012)





Threats to Security
• viruses and worms
• intruders
• insiders
• criminal organizations
• terrorists and information warfare



Security Basics
Computer vs. Network Security
o Computer security focuses on security aspects of systems in isolation.
- e.g. viruses, secure data storage, OS sec u r i ty
o Network security focuses on security of data as it is transmitted between
networked systems.
— e.g. authentication protocols, encryption of transmitted data, firewalls



The CIA of Security
• Confidentiality
• Integrity
• Availability
o Authentication
o Non repudiation



Three Ways an Organization can choose to address the Protection of its Network
• Ignore security issues
• Provide host security
o takes a granular view of security by focusing on protecting each computer and device individually instead of addressing protection of the network as a whole
• Approach security at a network level
o emphasis is placed on controlling access to internal computers from external
entities







Least Privilege
• means that a subject (which may be a user, application, or process) should have only the necessary rights and privileges to perform its task with no additional permissions
• this concept applies to more network security issues than just providing users with specific rights and permissions
• another issue with this concept is the security context in which an application runs



Layered Security

Network security
Network security
Host security
Host security
Audit logs
(Detection)
Access controls
Intrusion detection systems (Detection) Firewall (Prevention)



Diversity of Defense 
• is a concept that complements the idea of various layers of security
• involves making different layers of security dissimilar so that even if
attackers know how to get through a system making up one layer, they may not know how to get through a different type of layer that employs a different system for security




Access Control 

Discretionary Access Control 
o is an access control mechanism in which the owner of an object (such as a file) can decide which other subjects (such as other users) may have access to the object, and what access (read, write, execute) these subjects may have
Mandatory Access Control
o is an access control mechanism in which the security mechanism controls access to all objects (files), and individual subjects (processes or users) cannot change that access





Role-Based Access Control 
o is an access control mechanism in which, instead of the users being assigned specific access permissions for the objects associated with the computer system or network, a set of roles that the user may perform will be assigned to each user