computer security computer security as a principle; computer security in unix for specific;...
Post on 20-Dec-2015
258 views
TRANSCRIPT
Computer Security
• Computer Security as a principle;
• Computer Security in UNIX for specific;
• Conclusion.
Threats to Computer Security
• Errors and Omissions• Employee Sabotage • Loss of Physical and
Infrastructure support • Malicious Hackers•
And More interesting ones……….
• Malicious Code • Foreign Government
Espionage – Industrial Espionage
malicious codes
• Virus: A code segment that replicates by attaching copies of itself to existing executables. The new copy of the virus is executed when a user executes the new host program. The virus may include an additional "payload" that triggers when specific conditions are met. For example, some viruses display a text string on a particular date. There are many types of viruses, including variants, overwriting, resident,
stealth, and polymorphic.
Trojan Horse
• Trojan Horse: A program that performs a desired task, but that also includes unexpected (and undesirable) functions. Consider as an example an editing program for a multiuser system. This program could be modified to randomly delete one of the users' files each time they perform a useful function (editing), but the deletions are unexpected and definitely undesired!
Worm
• A self-replicating program that is self-contained and does not require a host program. The program creates a copy of itself and causes it to execute; no user intervention is required. Worms commonly use network services to propagate to other host systems.
An example of computer security program:
An central computer security program
• How to be effective?
What are remaining...
• Published Mission and Functions Statement
• Long-Term Computer Security Strategy.
• Intraorganizational Liaison and Liaison with External Groups
Five requirements for IHC:
• An understanding of the constituency it will serve;
• an educated constituency;
• a means of centralized communications;
• Expertise in the requisite technologies;
• Links to other groups to assist in incident handling.
Three things to do….
• Improving awareness of the need to protect system resources;
• developing skills and knowledge;
• Building in-depth knowledge.
Comparison of these three factors
awareness Training education
Attribute: “what” “how” “why”
Level: Information Knowledge Insight
Objective: Recognition Skill Understanding
TeachingMethod
Media PracticalInstruction
TheoreticalInstruction
Test measure True/false Problemsolving
Eassay
Impacttermframe
Short-term Intermediate Long-term
References
• Http://csrc.ncsl.nist.gov/nistpubs/800-12
• William Stallings: Operating Systems: Internals and Design Principles, Third Edition. Prentice Hall, 1998.
• Alvare,A. "How Crackers Crack Passwords or What Passwords to Avoid." Proceeding, UNIX Security Workshop II, August 1990
• Artsy,Y.,ed.Newsletter of the IEEE Computer Society Technical Committee on Operating Systems, Winter 1989.
• S. Carl-Mitchell and John S. Quarterman, Building Internet Firewalls. UnixWorld; February, 1992;
• Shabbir J. Safdar. Giving Customers the Tools to Protect Themselves. USENIX Proceedings, UNIX Security Symposium III; September 1992.
And…
• Wietse Venema. TCP Wrapper: Network Monitoring,Access Control and Booby Traps. USENIX Proceedings,UNIX Security Symposium III; September 1992.
• David and Michelle Koblas. SOCKS. USENIX Proceedings, UNIX Security Symposium III; September 1992.
• J. David Thompson and Kate Arndt. A Secure Public Network Access Mechanism. USENIX Proceedings, UNIX Security Symposium III; September 1992.