Security of Information System - PowerPoint PPT Presentation

About This Presentation
Title:

Security of Information System

Description:

Security of Information System User s Attack Inside of Organization Martin HANZAL martin_at_sodatsw.cz SODAT software, Sedlakova 33, BRNO, CZ Introduction Attackers ... – PowerPoint PPT presentation

Number of Views:75
Avg rating:3.0/5.0
Slides: 14
Provided by: Martin1012
Category:

less

Transcript and Presenter's Notes

Title: Security of Information System


1
Security of Information System
  • Users Attack Inside of Organization

Martin HANZAL martin_at_sodatsw.cz
SODAT software, Sedlakova 33, BRNO, CZ
2
Introduction
  • Attackers
  • The Protective Mechanisms in Current OS
  • The Model of Client and Server
  • Data Leakage from Information System
  • A New Protective Method - Firmwall

3
Attackers
  • The outside of organization
  • hacker from Internet
  • Inside the organization
  • employee of the organization

4
Employee of Organization
  • Employee is trustworthy
  • Employee works with the sensitive data
  • Employee can copy the data to new place outside
    of the organization
  • Copied data is still accessible for employee
    after his leaving the organization
  • More than 60 of the organization was attacked at
    least one

5
The Protective Mechanisms
  • users training
  • users authentication
  • access control
  • cryptography
  • audit

6
Client and Server
7
The Access of Application to Data Files
8
A New Protective Method Firmwall
  • Work with data without any possibilities of
    copying them to another target place
  • Protected area
  • Privileged application
  • All stored data in protected area is
    transparently encrypted

9
A New Protective Method Firmwall
10
Exchanging Data Between Applications in Firmwall
11
Firmwall in practice - AreaGuard
  • MS-WINDOWS NT/2000 environment
  • Effective way of protecting an organizations
    data
  • It monitors all access of each process to a file
    system
  • Transparently encrypt and decrypt data in
    protected area

12
Conclusion
  • Nobody can exclude this possibility
  • Data protection in a technical way
  • Confidentiality and loyalty of employees is not
    suitable for data protection

13
Thank you for your attention
Write a Comment
User Comments (0)
About PowerShow.com