Upload
jerome-york
View
233
Download
0
Tags:
Embed Size (px)
Citation preview
B.A. (Mahayana Studies)000-209 Introduction to Computer Science
November 2005 - March 2006
9. Safety and Security
What are the main safety and security issues when using computers? How can data/files be kept safe?
000-209 Intro to CS. 9/Secure 2
Overview
1. Hardware Reliability 2. Backing up your Data 3. Computer Viruses 4. Keeping Data Safe 5. Internet Security
000-209 Intro to CS. 9/Secure 3
The reliability of a computer component is measured in MTBF (mean time between failures). hardware is tested in a laboratory number of failures is divided by total hours of
observation
It’s better to plan for a hardware failure than hope one doesn’t happen.
1. Hardware Reliability
000-209 Intro to CS. 9/Secure 4
Downtime - time when a computer is not functioning.
Hardware redundancy (maintaining extra equipment) is a popular safeguard used by e-commerce sites.
Hardware Failure
000-209 Intro to CS. 9/Secure 5
A power failure is a complete loss of power to the computer system. data stored in RAM will be lost
A power spike is a brief increase in power less than one-millionth of a second
A power surge lasts a little longer
Surges and spikes can damage computers.
Power Supply Problems
000-209 Intro to CS. 9/Secure 6
A UPS (uninterruptible power supply) is the best protection against power failures, surges, and spikes.
A UPS contains a batterythat keeps your computerrunning for several minutesduring a power failure
Uninterruptible Power Supply
000-209 Intro to CS. 9/Secure 7
A surge strip can protect your computer and other devices from power spikes and surges. does not contain a battery
Surge protector vs. Power strips
continued
000-209 Intro to CS. 9/Secure 8
Don’t mistake a power strip for a surge strip a power strip provides multiple outlets but cannot
protect your computer from power spikes and surges
000-209 Intro to CS. 9/Secure 9
Copying files, or the contents of am entire disk, provides the best security for your data.
Backup tips: scan for viruses before backing up make frequent backups (once a day/week) check the backups store backups away from your computer
2. Backing up your Data
000-209 Intro to CS. 9/Secure 10
Consider capacity, speed, and reliability.
What to Use for Backups
000-209 Intro to CS. 9/Secure 11
Backup Software
Norton Ghost 9.0Simply Safe Backup (free)
http://www.simplysafebackup.com/
000-209 Intro to CS. 9/Secure 12
Types of Backups
Full backup copy all the files safe but can take a long time
Differential backup copy the files that have changed since the last full backup takes less time but more complex
Incremental backup copy the files that have changed since the last backup
000-209 Intro to CS. 9/Secure 13
A computer virus is a program that attaches itself to a file, duplicates itself, and spreads to other files.
3. Computer Viruses
000-209 Intro to CS. 9/Secure 14
The following signs might mean that your computer has a virus: displays a rude, embarrassing message unusual visual or sound effects difficulty saving files files mysteriously disappear the computer works very slowly applications increase in size for no reason
Virus Warning Signs
000-209 Intro to CS. 9/Secure 15
A boot sector virus infects the system files that your computer uses.
A macro virus infects a macro. Macros are tiny programs used in word
documents, databases, spreadsheets, and many other large applications
Virus Types
000-209 Intro to CS. 9/Secure 16
Macro viruses are the most common.
Most Popular Virus Types
000-209 Intro to CS. 9/Secure 17
Do not get files from high risk sources Use anti-virus software
Computer Protection
000-209 Intro to CS. 9/Secure 18
Don't: E-mail any attachments from your machine Ignore it, hoping it will go away
Do: tell your system administrator remove it using anti-virus software keep anti-virus software updated
When a Virus Hits...
000-209 Intro to CS. 9/Secure 19
Anti-virus software
avast! 4 Home Edition (free)http://www.avast.com/
Norton AntiVirus 2005
000-209 Intro to CS. 9/Secure 20
Anti-virus software checks for a virus signature – a unique series of bytes that identifies a known virus inside another program.
Hackers keep making new viruses, with new signatures, so anti-virus software needs to be updated regularly. usually automatically via the Internet
Virus Detection Methods
000-209 Intro to CS. 9/Secure 21
A Trojan horse is a computer program that appears to do something good/useful while actually doing something bad. not a virus, but may carry a virus does not duplicate itself
Example: a free game available for download from an unknown Web site it really deletes files once it is started
A Trojan Horse
000-209 Intro to CS. 9/Secure 22
A time bomb is a program that stays in your system undetected until it is triggered by a certain event in time. e.g. on "Friday 13th" it deletes all your files usually carried as a virus or in a Trojan horse
A Logic bomb is a program triggered by changes to your files. e.g. every new Word file is deleted
Bombs
000-209 Intro to CS. 9/Secure 23
A software worm is a program designed to enter a computer system through security holes in the computer network.
Worms
000-209 Intro to CS. 9/Secure 24
Good habits: save files frequently when you are working on them backup files frequently use anti-virus software do not open documents with unknown macros
4. Keeping Data Safe
000-209 Intro to CS. 9/Secure 25
Acceptable use policy - rules that specify how a computer system should be used determined by management used by large organizations makes users aware of limits and penalties provides framework for legal action
Acceptable Use Policy
000-209 Intro to CS. 9/Secure 26
User rights - rules that limit directories and files that each user can access. erase rights create rights write rights read rights file find rights
User Rights
000-209 Intro to CS. 9/Secure 27
Keep data backups in a locked room, away from the main computing area.
Offices with computers should be locked when there is no one around.
Computers can be chained to their desks.
Restrict Physical Access
000-209 Intro to CS. 9/Secure 28
Personal identification help identify authorized users: identity badges user IDs and passwords biometrics
Personal IDs
000-209 Intro to CS. 9/Secure 29
Fingerprint scanners canconfirm your identityin less than two seconds.
Biometric Example
000-209 Intro to CS. 9/Secure 30
Scramble information so it cannot be understood until it is decrypted.
Encryption
000-209 Intro to CS. 9/Secure 31
Many Internet security problems are due to ActiveX controls developed by Microsoft to extend the power of
Internet Explorer
ActiveX controls can be part of Web pages downloaded by Internet Explorer
5. Internet Security and ActiveX
continued
000-209 Intro to CS. 9/Secure 32
ActiveX controls has full access to your computer. hackers can use ActiveX controls to cause havoc
Digital certificates identify the author of an ActiveX control controls with digital certificates should be safe, if you
trust the certificate!
Internet Explorer can be configured to reject all ActiveX controls that do not come with certificates.
000-209 Intro to CS. 9/Secure 33
Most e-commerce sites provide a secure channel for transmitting credit card data.
SSL (Secure Socket Layers) uses encryption to establish a secure connection. SSL pages start with https instead of http.
S-HTTP encrypts data one message at a time.
Electronic Commerce Security
continued
000-209 Intro to CS. 9/Secure 34
Encrypted messages ensure that credit card numbers cannot be intercepted between a computer and an e-commerce site.
During securetransactions, Internet Explorerdisplays a lockicon and Netscape Navigator displaysa key icon.