200 likes | 369 Views
COMP6005 An Introduction to Computing. Session One: An Introduction to Computing Security Issues. Security Risks. A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability
E N D
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues
Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • May be accidental or deliberate COMP 6005 Computer Fundamentals - Session One: Security Risks
Most Common Type of Risks • Malicious-logic Programs • Viruses • Trojan horses • Worms • Unauthorized access or use • Theft – hardware, software, information • System failure COMP 6005 Computer Fundamentals - Session One: Security Risks
Virus • Program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document (Whatis.com) • Alters the way the computer works without the user’s knowledge or permission • Some take effect as soon as code is executed; others are dormant until circumstances cause code to be executed by the computer • Once infected, can spread throughout the system and may damage files and system COMP 6005 Computer Fundamentals - Session One: Security Risks
Worm • Self-replicating virus that may alter files and resides in memory or on a network duplicating itself • Uses up resources and can shut down computer or network • Typically resends itself as an e-mail attachment or as part of a network message COMP 6005 Computer Fundamentals - Session One: Security Risks
Trojan Horse • Program that hides within another legitimate (harmless) program or data • Also can imitate a harmless program • Non-replicating • Origin comes from Greek mythology on the Trojan War as told by Virgil in the Aeneid COMP 6005 Computer Fundamentals - Session One: Security Risks
Malicious Programs • Malicious programs may be one of either virus, worm or Trojan horse • May also be a combination of 2 or 3 of the above COMP 6005 Computer Fundamentals - Session One: Security Risks
Protecting Against Threats • Antivirus programs • Firewalls • Disabling macros COMP 6005 Computer Fundamentals - Session One: Security Risks
Antivirus • Used to protect against security threats such as viruses; some also protect against worms and Trojan horses • Identifies and removes any virus found in memory, on storage media, or on incoming files • Most popular – McAfee, Norton Antivirus COMP 6005 Computer Fundamentals - Session One: Security Risks
Firewalls • Set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks (Whatis.com) COMP 6005 Computer Fundamentals - Session One: Security Risks
Firewalls • Restrict access to network to outsiders • Restrict employee access to sensitive data (for example, payroll records) • Proxy server • Personal firewalls COMP 6005 Computer Fundamentals - Session One: Security Risks
Assignment • Find an example of each of the following security risks • Virus • Trojan horse • Worm • Be sure to include the source of your findings, as well as outlines on the damage it does and what it affects COMP 6005 Computer Fundamentals - Session One: Security Risks
Unauthorized Access • Use of a computer or network without permission • Crackers • Hackers COMP 6005 Computer Fundamentals - Session One: Security Risks
Cracker • Person who tries to access a computer or network illegally • Bypasses passwords or licenses; intentionally breaches computer security • Breaks into a system by acting as a legitimate user • Typical reasons • Profit • Maliciousness • Altruistic purpose or cause • Challenge • Point out weaknesses in a system COMP 6005 Computer Fundamentals - Session One: Security Risks
Hacker • Originally a complimentary word for programming expert • Nowadays used to refer to someone who tries to break into systems • Technically two different terms! COMP 6005 Computer Fundamentals - Session One: Security Risks
Punishments • Imprisonment • Fines • Community service • Number of years banned from touching a computer • http://www.scsite.com/dc2005/faq COMP 6005 Computer Fundamentals - Session One: Security Risks
Unauthorized Use • Use of computer or data for unapproved or illegal activities • Employee misuse, for example COMP 6005 Computer Fundamentals - Session One: Security Risks
Safeguards • Firewalls • Intrusion detection software • Access controls • Audit trails COMP 6005 Computer Fundamentals - Session One: Security Risks
Further Reading • Chapter 11: Computers and Society, Security, Privacy and Ethics COMP 6005 Computer Fundamentals - Session One: Security Risks
Links • References • http://www.whatis.com • http://www.howstuffworks.com • Discovering Computers 2005 • Of Interest • http://www.scsite.com/dc2005/faq COMP 6005 Computer Fundamentals - Session One: Security Risks