Professional Documents
Culture Documents
Aims
Describing several types of computer crime Describing the major security issues that computer users have to face Describing how it affects to personal privacy Explaining the relationship between security and computer reliability
Computer Crime
Crime accomplished through computer tech.
widely extended: easiness of computer usage most of them committed by company insiders high cost: foresight + repair spoong (or phishing): identity theft
4626. Introd to Computer Science
Current threats
Software Piracy
Illegal duplication of copyrighted software Reasons:
Intellectual Property
Privileges granted over intangible goods with nancial value They are dened over
Computer Sabotage
Use of malware to spoil hardware & software
Trojans
hidden inside programs that perform useful tasks logic bombs: programmed to attack in response to a particular event (e.g. time bombs) solutions
software from reliable sources (avoids) anti-trojan (detects) rewall -output- (blocks)
4626. Introd to Computer Science
Viruses
as biological ones invade programs and use them to reproduce themselves operative system specic solution:
Worms
as viruses: use computers to reproduce themselves autonomous spread through computer networks solution:
email from condent sources (avoids) rewall -input- (blocks) security patches
4626. Introd to Computer Science
Hacking
Discovering and exploiting computer system failures Reasons:
Reducing Risks
Information systems have to be protected...
to work properly to guarantee access to information only to granted users to guarantee privacy
something you have (card) something you know (password) something you do (signature) something about you (scans)
1. protect hw
UPS
uninterruptible
power supply
protects data
to switch off the system
Surge protectors
shield computers from power spikes protect the computer from physical damage
2. protect data
Passwords
The most common tool, but carefully chosen
which kind of password do you use? how frequently do you change your passwords? how many passwords do you use?
Firewalls
guard against
unauthorised access input and output
Encryption
keys to code messages and documents symmetric: common key asymmetric: public / private keys
Audit Control SW
Records computer transactions Auditors can trace and identify suspicious activities
2. replicate
Backup Copies
periodic copies of important information for companies, it is recommended that copies be stored in a different location
RAID
Redundant Array of Independent Disks multiple disks as one logical unit mirroring: data redundancy