Download Slide 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
Document related concepts

Malware wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Information security wikipedia , lookup

Mobile security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Unix security wikipedia , lookup

Cyberattack wikipedia , lookup

Computer security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Cybercrime wikipedia , lookup

Transcript 
Chapter 4
The
Internet
And
Security
www.pearsoned.ca/jessup
Robert Riordan, Carleton University
4-1
Learning Objectives
1. Describe the Internet and how it
works
2. Describe the basic Internet
services and the use of the
World Wide Web
3. Explain what is meant by the
term “information systems
security” and describe various
approaches for ensuring
information systems security
Information Systems Today, 2/C/e
4-2
©2008 Pearson Education Canada
History of the Internet
ARPANET (Advanced Research Project Agency Network)
• Created in the 1960s by DARPA (Defense Advance
Research Projects Agency)
• Used by government and universities as a means to
communice for research purposes
NSFNET (National Science Foundation Network)
• Created in 1986 by the National Science Foundation for
connecting research institutions
• Connected to ARPANET and many others (BITNET,
CSNET, etc) to become a major component of the Internet
Internet Support
• Ongoing support comes from many universities, federal
and state governments, and national international
research institutions and industry
Information Systems Today, 2/C/e
4-3
©2008 Pearson Education Canada
Visions of the Internet in the 1960’s
Information Systems Today, 2/C/e
4-4
©2008 Pearson Education Canada
How the Internet Works – Connecting to the Internet
Modem (stands for Modulate/Demodulate)
• A modem converts signals back and forth from digital to
analog for transmission and receipt between computers
• A computer requires a modem to get access to the Internet
Internet Service Provider (ISP)
• These companies provides access to the Internet for a fee
• A computer is connected to an ISP through a modem to
allow Internet access
Network Access Points (NAPs)
• NAP’s connect ISPs together
• They serve as Internet access points for the ISPs and serve
as exchange points for Internet traffic
Internet Backbone
• Collection of main network connections and
telecommunications lines that make up the Internet
Information Systems Today, 2/C/e
4-5
©2008 Pearson Education Canada
How the Internet Works – Shows the Internet Backbone
Information Systems Today, 2/C/e
4-7
©2008 Pearson Education Canada
How the Internet Works – TCP/IP & Routers
TCP/IP Approach
TCP – Transmission Control Protocol
• Breaks information into small chucks called data packets
• Manages the transfer of the packets from computer to computer
• Reassembles data packets into a message at the destination
IP – Internet Protocol
• Controls how data packets are formed
• Addresses each packet with the source and destination address
• A data packet conforming to the IP spec is called an IP datagram
Routers
• Connect one network to another
• Identify each device on a network as unique using IP protocol
• Serve as the “Traffic Cop” directing packets to their destination
Information Systems Today, 2/C/e
4-9
©2008 Pearson Education Canada
How the Internet Works – Connecting Networks
Example: Sending a message from Computer A to D
2
(Router)
Reads IP Address of
packet, routes
message to Network 2
and Computer D
1 (Computer A)
3 (Computer D)
TCP - Breaks message
into data packets
IP - Adds address of
destination Computer D
TCP - Checks
for missing packets,
reassembles message,
discards duplicate
packets
Information Systems Today, 2/C/e
4-10
©2008 Pearson Education Canada
How the Internet Works – Web Addresses & Domains
IP Address
• Each domain is associated
with one or more IP
addresses
• Format: a 32-bit address
written as 4 numbers (from
0-255) separated by periods
Example: 1.160.10.240
Domain
• Identifies the Website (host)
• Comes in many suffixes
such as:
.edu (educational institutions)
.org (organizations; non-profit)
.mil (military)
.net (network organizations)
Example: microsoft.com
(URL) Uniform Resource Locator
• Identifies particular Web pages within a domain
Example: http://www.microsoft.com/security/default.mspx
Information Systems Today, 2/C/e
4-11
©2008 Pearson Education Canada
How the Internet Works – Managing the Internet
Internet Registry
• Central repository of all Internet-related information
• Provides central allocation of all network system identifiers
• Managed by Internet Assigned Numbers Authority (IANA)
Domain Name System (DNS)
• Maintained by the Internet Registry
• Used to associates hosts or domains with IP addresses
• Root DNS database is replicated across the Internet
InterNic Registration Service
• Canadian Internet Registration Authority (CIRA)
• Assigns Internet Domains and IP addresses
• Internet Corp. for Assigned Names and Number (ICANN) has
responsibility for managing IP addresses, domain names, and root
server system management
Information Systems Today, 2/C/e
4-12
©2008 Pearson Education Canada
World Wide Web
Hypertext
• A Web page stored on a Web server
• Contains information and links to
other related information (hyperlinks)
Web Browser
HTML (Hypertext Markup Language)
• A standard method used to specify
the format of Web pages
• Uses codes/tags which stipulate how
the content should appear to the user
Web Browser
• A software program used to locate
and display Web pages
• Includes text, graphics, and
multimedia content
Information Systems Today, 2/C/e
4-13
©2008 Pearson Education Canada
World Wide Web
HTTP (Hypertext Transfer Protocol)
• A protocol used to process user
requests for displaying Web pages
from a Web server
Web Servers
• A special computer that is specifically
designed to store and “serve up”
Web pages
• This machine contains special
hardware and software to perform
its many specialized functions
Information Systems Today, 2/C/e
4-14
©2008 Pearson Education Canada
World Wide Web - Architecture
Information Systems Today, 2/C/e
4-15
©2008 Pearson Education Canada
Current State of the Internet
Internet hosts per 1000 inhabitants
Internet hosts 1991-2007
Numbers in millions
Information Systems Today, 2/C/e
4-16
©2008 Pearson Education Canada
Internet2
Internet Research User Frustration
After 1995, increases in personal and business traffic
began congesting the network primarily used for research
Internet2
University Corporation for Advanced Internet Development
(UCAID) was formed to lead the design and development
of an private high-speed alternative to the public Internet
Abilene network backbone
A new network has been developed connecting IS
researchers by use of GigaPop (Gigabit Point of Presence)
network access points to a high-speed private network
(currently operating at 10Gbps with a goal of 100Gbps)
Information Systems Today, 2/C/e
4-17
©2008 Pearson Education Canada
Internet2
• Mission: Internet2 is a not-for-profit consortium, led by
over 200 US universities, developing and deploying
advanced network applications and technology,
accelerating the creation of tomorrow's Internet.
• Facilitate and coordinate the development, deployment,
operation, and technology transfer of advanced,
network-based applications and network services to
further US leadership in research and higher education
and accelerate the availability of new services and
applications on the Internet.
Information Systems Today, 2/C/e
4-18
©2008 Pearson Education Canada
Internet2
•
•
•
•
Abilene: Internet2 backbone network (IP over
SONET)
A project of the University Corporation for Advanced
Internet Development (UCAID) in collaboration with
various corporate partners
Link Capacity: 13,000 miles of fiber optic cable, with
over 8,000 miles of interior circuits and another
5,000 miles of access circuits
Operates at OC-192 (9.6 gigabits per second) or
about 354,000 times faster than a typical computer
modem.
Information Systems Today, 2/C/e
4-19
©2008 Pearson Education Canada
Internet2
Information Systems Today, 2/C/e
4-20
©2008 Pearson Education Canada
Internet2
• Examples of Applications:
– Grid computing
– Telemedicine
– Astronomy
– Tele-immersion
– Music
– Digital Video
– Tele-Operation of Remote Equipment
– Tele-Presence (Magic)
Information Systems Today, 2/C/e
4-21
©2008 Pearson Education Canada
Changes to the Internet
• Privacy?
– Increased government access to personal
information in the name of security / anti
terrorism measures.
• Paying for bandwidth?
– Big sites Vs personal home pages
– Already exists in the world of cell phones, why
not?
Information Systems Today, 2/C/e
4-22
©2008 Pearson Education Canada
State of IS Security - Security Threats & Technologies
Security Threats
Today we hear about many security breaches that affect
organizations and individuals. Some recently in the news:
• Identity Theft – gaining access to someone’s personal
information allowing them to imitate you (stolen laptop)
• Denial of Service – attacks on websites using zombie
computers that overwhelm the site and shut it down
• Others: Spyware, Spam, Wireless Access, Viruses
Security Technologies
Companies and research organizations continue to develop
and refine technologies to prevent security breaches. Some
Include:
• Firewalls
• Biometrics
• VPN and Encryption
Information Systems Today, 2/C/e
4-23
©2008 Pearson Education Canada
Security Threat: Spyware, Spam, and Cookies
Spyware
Any software that covertly gathers information about a user
through an Internet connection without the user’s knowledge
• Problems: uses memory resources, uses bandwidth, and
can cause system instability
• Prevention: Firewalls and Anti-spyware software
Spam
Electronic junk mail or junk newsgroup postings usually for
purpose of advertising some product and/or service
• Problems: nuisance, wastes time deleting, uses storage
• Prevention: Spam Blocker software
Cookies
A message passed to a browser from a Web server. Used
by legitimate programs to store state and user information
• Problems: can be used to track user activities
• Prevention: browser settings, firewall
Information Systems Today, 2/C/e
4-24
©2008 Pearson Education Canada
Information System Security – Managerial Techniques
Organizational Policies and Procedures
• Acceptable Use Policies – formally document how systems
should be used, for what, and penalties for non-compliance
Backups and Disaster Recovery
• Backups – taking periodic snapshots of critical systems data
and storing in a safe place or system (e.g. backup tape)
• Disaster Recovery Plans – spell out detailed procedures to
be used by the organization to restore access to critical
business systems (e.g. viruses or fire)
• Disaster Recovery – executing Disaster Recovery
procedures using backups to restore the system to the last
backup if it was totally lost
Information Systems Today, 2/C/e
4-25
©2008 Pearson Education Canada
IS Security: Technology
Firewalls
A system of software, hardware or both designed to detect
intrusion and prevent unauthorized access to or from a
private network
Firewall Techniques
• Packet Filter – examine each packet entering and leaving
network and accept/reject based on rules
• Application Level Control – Performs certain security
measures based on a specific application (e.g. file transfer)
• Circuit Level Control – detects certain types of
connections or circuits on either side of the firewall
• Proxy Server – acts as, or appears as, an alternative
server that hides the true network addresses
Information Systems Today, 2/C/e
4-26
©2008 Pearson Education Canada
Security Technology: Biometrics
Biometrics
• A sophisticated authentication
technique used to restrict access
to systems, data and/or facilities
• Uses biological characteristics
to identify individuals such as
fingerprints, retinal patterns in the
eye, etc. that are not easily
counterfeited
• Has great promise in providing
high security
Information Systems Today, 2/C/e
4-27
©2008 Pearson Education Canada
Security Threat: Viruses
Viruses
Programs that can attack a computer and/or a network and
delete information, disable software, use up system
resources, etc.
Prevention Steps:
AntiVirus software: Install this software which is designed
to block all known viruses and offers automatic or manual
updates to virus patterns to block future viruses
No Disk Sharing – Viruses can be transferred to clean
computers by inserting disks containing infected files
Delete Suspicious Email Messages – Do not open
suspicious e-mail messages…Delete Only!
Report Viruses – If you get a virus, report it to you network
administrator immediately!
Information Systems Today, 2/C/e
4-28
©2008 Pearson Education Canada
Computer Crimes
Computer Crime
The act of using a computer to commit an illegal act. The
broad definition of computer crime can include the
following:
• Targeting a computer while committing an offense
(e.g gaining entry to a computer system in order to
cause damage to the computer or the data it contains)
• Using a computer to commit and offense
(e.g. stealing credit card numbers from a company
database)
• Using computers to support criminal activity
(e.g. drug dealer using computers to store records of
illegal transactions)
Information Systems Today, 2/C/e
4-29
©2008 Pearson Education Canada
Computer Crimes and the Impact on Organizations
Information Systems Today, 2/C/e
4-30
©2008 Pearson Education Canada
Computer Crime – Unauthorized Access
Unauthorized Access
A person gaining entry
to a computer system
for which they have no
authority to use such
access
THIS IS A
COMPUTER CRIME!
Information Systems Today, 2/C/e
4-31
©2008 Pearson Education Canada
Computer Crime – Unauthorized Access Trends
Information Systems Today, 2/C/e
4-32
©2008 Pearson Education Canada
Computer Crimes – Who Commits Them?
Unauthorized Access
1998 Survey of
1600 companies by
PricewaterhouseCoopers
82% come from
inside the
organization
(employees)
Information Systems Today, 2/C/e
4-33
©2008 Pearson Education Canada
Computer Crimes – Who Commits Them?
Unauthorized Access
2004 Survey by
Computer Security Institute
Information Systems Today, 2/C/e
4-34
©2008 Pearson Education Canada
Computer Crime – Various Types 1st Half
Information Systems Today, 2/C/e
4-35
©2008 Pearson Education Canada
Computer Crime – Various Types 2nd Half
Information Systems Today, 2/C/e
4-36
©2008 Pearson Education Canada
Computer Crimes - Hacking and Cracking
Hackers
A term to describe unauthorized access to computers
based entirely on a curiosity to learn as much as
possible about computers. It was originally used to
describe MIT students in the 1960s that gained access to
mainframes. It was later used universally used for gaining
unauthorized access for any reason
Crackers
A term to describe those who break into computer
systems with the intention of doing damage or
committing crimes. This term was created because of
protests by true hackers
Information Systems Today, 2/C/e
4-37
©2008 Pearson Education Canada
Computer Crimes – Cracker (Humorous)
Information Systems Today, 2/C/e
4-38
©2008 Pearson Education Canada
Computer Crime – Software Piracy
Software Piracy
This practice of buying one copy and making multiple
copies for personal and commercial use, or for resale
is illegal in most countries while others offer weak or
nonexistent protections. This has become and
international problem as shown below
Information Systems Today, 2/C/e
4-39
©2008 Pearson Education Canada
Destructive Code that Replicates
Viruses
These programs disrupt the normal function of a computer
system through harmless pranks or by destroying files
on the infected computer. They come in several types:
• Boot Sector – attaches to the section of a hard disk or
floppy disk that boots a computer.
• File Infector – attach themselves to certain file types such
as .doc, .exe, etc.
• Combination – viruses can change types between boot
sector and file infector to fool antivirus programs
• Attachment – released from an e-mail when an attachment
is launched. Can also send themselves your address book
Worms
This destructive code also replicates and spreads through
networked computers but does damage by clogging up
memory to slow the computer versus destroying files
Information Systems Today, 2/C/e
4-40
©2008 Pearson Education Canada
Computer Crimes – Destructive Code
Information Systems Today, 2/C/e
4-41
©2008 Pearson Education Canada
Destructive Code that Doesn’t Replicates
Trojan Horses
These programs do not replicate but can do damage
as they run hidden programs on the infected
computer that appears to be running normally (i.e. a
game program that creates an account on the
unsuspecting user’s computer for unauthorized access)
Logic or Time Bombs
A variation of a Trojan Horse that also do not replicate
and are hidden but are designed to lie in wait for a
triggering operation. (i.e. a disgruntled employee that
sets a program to go off after they leave the company)
• Time Bombs – are set off by dates (e.g. a birthday)
• Logic Bombs – are set off by certain operations (e.g.
a certain password)
Information Systems Today, 2/C/e
4-42
©2008 Pearson Education Canada
Cyberwar and Cyberterrorism
Cyberwar
An organized attempt by a country’s military to disrupt
or destroy the information and communications
systems of another country. Common targets include:
• Command and control systems
• Intelligence collection and distribution systems
• Information processing and distribution
systems
• Tactical communication systems
• Troop and weapon positioning systems
• Friend-or-Foe identification systems
• Smart weapons systems
Information Systems Today, 2/C/e
4-43
©2008 Pearson Education Canada
Cyberwar and Cyberterrorism
A denial-of-service attack (DoS attack) or distributed
denial-of-service attack (DDoS attack):
• an attempt to make a computer resource unavailable
to its intended users.
• motives for, and targets of a DoS attack may vary
• generally consists of the concerted efforts of a
person or people to prevent an Internet site or
service from functioning efficiently or at all,
temporarily or indefinitely.
• perpetrators of DoS attacks typically target sites
or services hosted on high-profile web servers
such as banks, credit card payment gateways, and
even root nameservers.
Information Systems Today, 2/C/e
4-44
©2008 Pearson Education Canada
Cyberwar and Cyberterrorism
Cyber Terrorism
The use of computer and networking technologies
against persons or property to intimidate or coerce
governments, civilians, or any segment of society in order
to attain political, religious, or ideological goals
Responses to the Threat
At greatest risk are those that depend highly on
computers and networking infrastructure (i.e.
governments, utilities, transportation providers, etc.)
Responses include:
• Improved intelligence gathering techniques
• Improved cross-government cooperation
• Providing incentives for industry security investment
Information Systems Today, 2/C/e
4-45
©2008 Pearson Education Canada
Related documents
Slide 1 - Fullfrontalanatomy.com
Slide 1 - Fullfrontalanatomy.com
Elementary and Intermediate Algebra 6e
Elementary and Intermediate Algebra 6e
CHAPTER 2 Power Politics
CHAPTER 2 Power Politics
x - Cloudfront.net
x - Cloudfront.net
Slide 2
Slide 2
Econ_OnlineLectureNotes_ch3_s2
Econ_OnlineLectureNotes_ch3_s2
P. 64 looking Inside cells
P. 64 looking Inside cells
Chapter 9
Chapter 9
Beginning Algebra Early Graphing
Beginning Algebra Early Graphing
Blood Ch. 7 The Functions of the Circulatory System
Blood Ch. 7 The Functions of the Circulatory System
Groups Within Society
Groups Within Society
Medical Sociology
Medical Sociology
Socialization - Bakersfield College
Socialization - Bakersfield College
Slide 1
Slide 1
keegan_gm7_inpp t_02 GE version
keegan_gm7_inpp t_02 GE version
Deviance_and_Social_Control
Deviance_and_Social_Control
Richard J. Gerrig, Ph.D. and Philip Zimbardo, Ph.D.
Richard J. Gerrig, Ph.D. and Philip Zimbardo, Ph.D.
Presentation Outline
Presentation Outline
Part I: Introduction
Part I: Introduction