Академический Документы
Профессиональный Документы
Культура Документы
UNIT - 1
By Shanu Gaharana
LECTURE NO.-1
By Shanu Gaharana
Data
Definitions
Raw facts such as an employees name and number of hours worked in a week, inventory part numbers or sales orders. Information A collection of facts organized in such a way that they have additional value beyond the value of the facts themselves. Information Data $35,000 12 Units $12,000 J. Jones Western Region $100,000 100 Units 35 Units Data Processing
By Shanu Gaharana
Salesperson: J. Jones Sales Territory: Western Region Current Sales: 147 Units = $147,000
Definitions
Information Systems An information system(IS) is typically considered to be a set of interrelated elements or components that collect(input), manipulate(processes), and disseminate (output) data and information and provide a feedback mechanism to meet an objective. Open System Close System
By Shanu Gaharana
HISTORY OF INFORMATION SYSTEMS IS has always played a crucial role in civilization. 1. IS over 500 yrs ago 2. IS in mid eighteenth century 3. IS in 20th centuary
By Shanu Gaharana
By Shanu Gaharana
CHANGING NATURE OF IS There are 4 powerful changes that have altered the business environment are : Globalization Rise of the Information Economy Transformation of the Business Enterprise Emergence of the digital firm
By Shanu Gaharana
LECTURE NO.-2
By Shanu Gaharana
Need of Distributed IS
DS have the following 2 properties :-
1. There are several autonomous computational entities, each of which has its own local memory.
By Shanu Gaharana
Distributed S/m
An integration of system services, presenting a transparent view of a multiple computer system with distributed resources and control A collection of independent computers that appear to the users of the system as a single computer Examples Personal workstations + a pool of processors + single file system Robots on the assembly line + Robots in the parts department A large bank with hundreds of branch offices all over the 13 world
Need of Distributed IS
The widening scope of IS can be summarized as : In 1950s : technical changes 1960s -1970s : managerial controls 1980s 1990s : institutional core activities Today : digital information webs extending beyond the enterprise.
By Shanu Gaharana
By Shanu Gaharana
Radio took 38 years TV took 13 years Once it was open to the General Public, The Internet made to the 50 million person audience mark in just 4 years!!!
http://www.ecommerce.gov/emerging.htm
Released on April 15, 1998
* Delivered to the President and the U.S. Public on April 15, 1998 by Bill Daley, Secretary of Commerce and Chairman of the Information Infrastructure Task Force
By Shanu Gaharana
By Shanu Gaharana
By Shanu Gaharana
LECTURE NO.-3
By Shanu Gaharana
Security threats related to computer crime or abuse include :1. Impersonation 2. Trojan Horse Method 3. Logic Bomb 4. Computer viruses 5. DoS 6. Dial Diddling 7. Salami Technique
By Shanu Gaharana
8. Spoofing 9. Super zapping 10. Scavenging 11. Data Leakage 12. Wiretapping 13. Theft of mobile devices
By Shanu Gaharana
A Threat is an indication of a potential undesirable event. Threat consists of the 4 properties :1. Asset 2. Actor 3. Motive(optional) 4. Access(optional)
By Shanu Gaharana
The major Categories of damages are : Destruction of information &/ or other resource Corruption or modification of information Theft, removal or loss of information and/or other resources. Disclosure of information Interruption of access to important information.
By Shanu Gaharana
There are 5 categories of Logical & Physical assets :1. Information 2. Hardware 3. Software 4. People 5. Systems
By Shanu Gaharana
Another way of grouping the threats is :1. Human actors using n/w access 2. Human actors using physical access 3. System Problems 4. Other Problems
By Shanu Gaharana
GENERIC THREAT PROFILE : Represented by Tree Structures This structure shows Assets, Access, Actors, Motives, and the
possible outcomes.
There should be a suitable method in organization for asset
By Shanu Gaharana
LECTURE NO.-4
By Shanu Gaharana
number, because working with technology outside the office brings many challenges.
By Shanu Gaharana
Proliferation of Mobile & Wireless Devices :Wireless Networks, and the use of mobile devices, are bringing the world a new means of communication and day-to-day business activities.
>As the mobility of workers increases, security issues also increase in number, because working with technology outside the office brings many challenges. > The implementation of these new Wireless devices also brings about new security threats to Information assets.
By Shanu Gaharana
Trends in Mobility : Types of Mobility :1. User Mobility:- refers to a wireless service that lets you be completely mobile
such as in a car, train, etc. 2. Device Mobiliity :- it enables to determine if the IP phone is at its home location or at a roaming location. Uses smaller, battery driven devices
3. Session Mobility :- Issues in data distribution. 4. Service Mobility (Code Mobility):- managing security is a big issue
By Shanu Gaharana
Key Findings for Mobile Computing Security Scenario : With usage experience, awareness of mobile users gets enhanced. People continue to remain the weakest link for laptop security. Wireless connectivity does little to increase burden of managing laptops Laptop experience changes the view of starting a smart handheld pilot There is naivety and/ or neglect in smart handheld security Rules rather than technology keep smart handhelds usage in check
By Shanu Gaharana
By Shanu Gaharana
LECTURE NO. -5
By Shanu Gaharana
By Shanu Gaharana
By Shanu Gaharana
LAPTOP SECURITY
Basic security measures are as following:1. 2. 3. 4. Choose a secure operating s/m and lock it down. Enable a strong BIOS Password. Asset tag or engrave the laptop. Register the laptop with manufacturer.
Physical Security :1. 2. 3. 4. 5. 6. Use a cable or hard-wired lock. Use a docking station. Use personal firewall for your laptop. Lock up all the ports and PCMCIA cards. Use laptop safes Use Motion Sensors & Alarms
By Shanu Gaharana
LAPTOP SECURITY
Protecting Sensitive data :-
- Use NTFS file s/m - Disable the guest account. - Prevent the last logged-in user name from being displayed. - Enable EFS (Encrypting File System). - Backup your data before you leave.
By Shanu Gaharana
Lecture No. - 6
By Shanu Gaharana
INFORMATION CLASSIFICATION
It is a demonstration toward an organizations commitment to security protections. Helps to identify which information is most sensitive or vital. Identify which protections apply to which information.
By Shanu Gaharana
TERMS FOR INFORMATION CLASSIFICATION 1. Unclassified :- neither sensitive nor classified. Public release of this information does not violate confidentiality. 2. Sensitive but unclassified:- minor secret but may not create serious damage if disclosed. Information that may be classified with these labels range from personally identifying information such as passport and Social Security numbers. 3. Confidential:- this information would cause "damage" or be to national security if publicly available 4. Secret:- this information would cause serious damage to national security if publicly available 5. Top Secret :- this information would cause exceptionally serious damage to national security if publicly available
By Shanu Gaharana
By Shanu Gaharana
By Shanu Gaharana
LECTURE NO. 7
By Shanu Gaharana
BASIC PRINCIPLES OF IS
IS plays a crucial role in the modern digital economy. There are basically 3 pillars of Infosec:
By Shanu Gaharana
By Shanu Gaharana
INFORMATION INTEGRITY
Assurance that the data being accessed or read has neither been tampered
with, nor been altered or damaged through a system error, since the time of the last authorized access
By Shanu Gaharana
OTHER TERMS IN IS
Identification Authentication Accountability Authorization Privacy
By Shanu Gaharana
References
http://samer-baydoun.com
By Shanu Gaharana