Security - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

Security

Description:

data is modified by unauthorized party. Availability ... DES-weak. RSA-better. CNet News article on encryption. Decentralized Computing. Questions? ... – PowerPoint PPT presentation

Number of Views:49
Avg rating:3.0/5.0
Slides: 9
Provided by: pcl9
Category:
Tags: cnet | security

less

Transcript and Presenter's Notes

Title: Security


1
Security
  • MIS 171 Web Technologies and Innovation
  • Paul F. Clay, Ph.D.

2
Categories of Threats
  • Technical
  • Behavioral
  • Unauthorized disclosure
  • Denial of Service
  • Spoofing Phishing
  • Email or site pretending to be someone else
  • Sniffing
  • Eavesdropping on network traffic
  • Viruses Spyware
  • Acts of God
  • User error
  • Fraud
  • Enron, WorldCom
  • Retaliation
  • Cox comm. ex.
  • Multiple user access
  • work stations
  • Accidental loss
  • lack of training
  • Password Cascade

3
Threats to Security
S source D destination U unauthorized party
  • Secrecy
  • data is disclosed to authorized personnel
  • Integrity
  • data is modified by unauthorized party
  • Availability
  • data assets are available to authorized party

S
D
Interception
U
S
D
Modification
U
S
D
Interruption
4
Legal Requirements
  • HIPAA-Health Insurance Portability and
    Accountability Act (1996)
  • Maintain records 6 years
  • Ensures confidentiality of health care records
  • Penalties for breach of privacy or unauthorized
    disclosure by email or unauthorized network
    access

5
Legal Requirements (part2)
  • Gramm-Leach-Bliley Act(1999)
  • Requires financial institutions to ensure
    security and confidentiality of customer data
  • Security during storage and transmission
  • Sarbanes-Oxley Act (2002)
  • CEO and CFO of all publicly traded companies it
    the US must certify the accuracy of their
    financial reports
  • Maintain all records for 7 years
  • Requires the creation of internal controls to
    ensure that all reports reflect accurate and
    complete data
  • IS used for the creation, storage and
    transmission of data and reports

6
Types of Encryption
  • Private Key
  • Data Encryption Standard (DES) est. 1975
  • Symmetric Key One key used to encrypt and
    decrypt the same message
  • Public Key
  • RSA (Rivest, Shamir Adleman) est. 1977
  • Asymmetric Key Two different but linked keys
    used to encrypt and decrypt the same message
  • RSA Vid

7
Encryption and Bit Strength
  • Bit Strength Matters
  • Encryption Algorithms Matter
  • WEP (Wired Equivalent Privacy) - very weak
  • DES-weak
  • RSA-better
  • CNet News article on encryption

8
Decentralized Computing
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com