1

Chapter 8Chapter 8

Securing Information SystemsSecuring Information Systems

OutlineSecurity Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access, theft) Intrusion detections systemFirewallEncryption Disaster recovery planningDigital signature and certificate Secure Sockets Layer (SSL) Access control (user authentication) Securing Wireless Networks (WEP)

2

3

Systems Vulnerability

Digital data

Can be duplicated/changed without being detected

Networks

Connected to LANs, WANS, & the Internet

Anyone from inside/outside the organization can

attempt to infiltrate information systems

Centralized and integrated data – business benefit,

security challenge

Security Threats - External

4

Data theft

Defense: Encryption

False identity(spoofing/phishing)

Malware(virus, worm)

Powerouttage,

Natural disaster

Defense: Plan, facilities

Defense: Cautious user

Defense: Anti-virus software,Firewall

Sniffing

Defense: Intrusion detection system

55

Defenses

Firewall (blocks Malware)

Placed between internal LANs and external networks

Need to write/maintain rules that dictate what

comes in and what goes out.

Part of operating systems

Intrusion Detection Systems (blocks data theft)

Automatically detects suspicious network traffic at

most vulnerable points of network

6

Defenses: EncryptionEncryption with Public & Private Key

Scrambling of messages to prevent un authorized parties to read themSingle key model – Sender and receiver use the same key for encryption and decryptionDouble key model – Sender and Receiver have their public and private keys:

Digital Certificate - public key and a proof of its validity issued by a certificate authority (e.g., VeriSign); licensed annually. Digital Signature – a message encrypted by sender’s private key proving his identity. Both sender and receiver can use it to prove their identity.

Encrypt with Recipient’s Public Key

Decrypt with Recipient’s Private Key

Digital Certificate Digital Certificate

Digital Signaturecan beapplied

Communications between client and server happen over Secure Socket Layer (SSL) (current name: Transport Layer Security)- Internet protocol for securing data transfer.

Supported by operating systems and Web browsers and servers.

Negotiations about security, encryption, public key transfers – all happens on SSL/TSL.

7

Defenses: Encryption

88

Security Threats - Internal

Theft (stealing data hardware, software)

Unauthorized access to data (read, change, delete)

Human error (leaving data unprotected, poor & lost passwords, not locking data/hardware/software)

Defenses:Security measuresManage data access (system administrators)Training, supervision