THREATS INVOLVED IN INFORMATION SYSTEMSBy : VIPUL SHARMA CHRISTOPHER KEELOR SIDDHANT JAIN
SYSTEM VULNERABILITY & ABUSEWHY SYSTEMS ARE VULNERABLE ?
HACKERS & VIRUSESTHINGS THAT CREATE CONCERN FOR BUILDERS & USERSSYSTEM QUALITY PROBLEMS
THREATS TO INFORMATION SYSTEMSHARDWARE FAILUREFIRESOFTWARE FAILUREELECTRICAL PROBLEMSPERSONNEL ACTIONSUSER ERRORSACCESS PENETRATIONPROGRAM CHANGETHEFT OF DATASERVICES EQUIPMENT TELECOMMUNICATIONS PROBLEMS*
VULNERABILITIESRADIATION: Allows recorders, bugs to tap systemCROSSTALK: Can garble dataHARDWARE: Improper connections, failure of protection circuitsSOFTWARE: Failure of protection features, access control, bounds controlFILES: Subject to theft, copying, unauthorized access*
VULNERABILITIESUSER: Identification, authentication, subtle software modificationPROGRAMMER: Disables protective features; reveals protective measuresMAINTENANCE STAFF: Disables hardware devices; uses stand-alone utilitiesOPERATOR: Doesnt notify supervisor, reveals protective measures*
HACKERS & COMPUTER VIRUSESHACKER: Person gains access to computer for profit, criminal mischief, personal pleasureCOMPUTER VIRUS: Rogue program; difficult to detect; spreads rapidly; destroys data; disrupts processing & memory*
COMMON COMPUTER VIRUSESCONCEPT, MELISSA: Word documents, e-mail. Deletes filesFORM: Makes clicking sound, corrupts dataEXPLORE.EXE: Attached to e-mail, tries to e-mail to others, destroys filesMONKEY: Windows wont runCHERNOBYL: Erases hard drive, ROM BIOSJUNKIE: Infects files, boot sector, memory conflicts*
ANTIVIRUS SOFTWARESOFTWARE TO DETECTELIMINATE VIRUSESADVANCED VERSIONS RUN IN MEMORY TO PROTECT PROCESSING, GUARD AGAINST VIRUSES ON DISKS, AND ON INCOMING NETWORK FILES*
CONCERNS FOR BUILDERS & USERSDISASTERBREACH OF SECURITYERRORS*
DISASTERLOSS OF HARDWARESOFTWAREDATA BY FIREPOWER FAILUREFLOOD OR OTHER CALAMITY
SYSTEM QUALITY PROBLEMSSOFTWARE & DATABUGS: Program code defects or errorsMAINTENANCE: Modifying a system in production use; can take up to 50% of analysts timeDATA QUALITY PROBLEMS: Finding, correcting errors; costly; tedious*
SECURITY AND THE INTERNETENCRYPTION: Coding & scrambling messages to deny unauthorized accessAUTHENTICATION: Ability to identify another partyMESSAGE INTEGRITYDIGITAL SIGNATUREDIGITAL CERTIFICATE*
PUBLIC KEY ENCRYPTIONSECURITY AND THE INTERNET
SECURITY AND THE INTERNETDIGITAL WALLET: Software stores credit card, electronic cash, owner ID, address for e-commerce transactionsSECURE ELECTRONIC TRANSACTION: Standard for securing credit card transactions on Internet*
SECURITY AND THE INTERNETCREDIT CARD-SET: Protocol for payment securityELECTRONIC CASH: Digital currencyELECTRONIC CHECK: Encrypted digital signatureSMART CARD: Chip stores e-cashELECTRONIC BILL PAYMENT: Electronic funds transfer*ELECTRONIC PAYMENT SYSTEMS
THANK YOU