Albasrah university :

College of Computer Science and Information Technolog

Supervisor: Dr. Haider

Student: Zainab Amer Hashem
One of the most important concepts, and for more than twenty years,
information security has been defined by confidentiality (principle),
integrity, data integrity, and availability (known as the CIA Triad).
(Members of the traditional InfoSec Triad - confidentiality, integrity, and
availability - are referred to interchangeably. In the literature they are
(security features, security characteristics and objectives, basic aspects,
information standards, important information characteristics, and basic
building blocks.) and basic principles of information security. Many
information security professionals firmly believe that accountability
should be added as a basic principle of information security. .

Based on the results of the joint project of the American Institute of

Certified Public Accountants (AICPA) and the Canadian Institute of
Accountants (CICA), the basic principles of information security
(Webtrust) and information systems security (Systrust) were identified as
follows: system protection, information system readiness on the web,
and integration Information system processors, ensuring privacy on the
web, and information system confidentiality.

In 2002, Don Parker proposed an alternative model to the traditional

triad (CIA). Parker's model consists of six components of information
security. The elements are confidentiality, possession, integrity,
authenticity, availability and utility. Parker's hexagram is a topic of debate
among security professionals.

The simplest type of protection is the use of a system to identify the

user's identity, reliability of use, and legality. These means aim to ensure
that the system or network is used by the person authorized to use it.
This group includes:

Passwords of all kinds.

Smart cards used for identification.
Biological means of identification, which depend on the characteristics of
the user related to his or her biological structure.
Encrypted keys can include what are known as electronic locks that
define access areas.
All the technologies that the world has achieved cannot live without
information security. For example, if the banking system did not have
information security, anyone would be able to enter the system, change
his account, and become a millionaire from nothing.

Confidentiality
Confidentiality is the term used to prevent information from being
disclosed to unauthorized persons. For example, using a credit card in
commercial transactions on a network requires entering the credit card
number to be transmitted from the buyer to the merchant and from the
merchant to complete and process transactions on the network. The
system attempts to enforce confidentiality by encrypting the card
number during transmission, by restricting access to the places where the
card number is stored or the sequence of the card number appears (in
databases, file history, backups, and printed receipts), by restricting
access to the places where the number and data are stored. . However, if
the unauthorized party obtains the card number in any way, this is a
violation of the principle of confidentiality in saving and storing data.
Breach of confidentiality takes many forms. Someone spying on a
computer screen to steal login passwords, or seeing confidential data
without its owner knowing, could be a breach of confidentiality. If the
laptop contains sensitive information about company employees, stealing
or selling it could result in a breach of confidentiality. Giving confidential
information via telephone call is a violation of the principle of
confidentiality if the caller is not authorized to receive the information.

Confidentiality is necessary (but not sufficient) to maintain the privacy of

the people whose personal information the systems contain.

Integration (safety)
In the field of information security, integrity means keeping data from
being changed or modified by unauthorized people. When a person,
intentionally or unintentionally, deletes, violates the integrity of or
damages important data files, and is not authorized to do so, this is a
data integrity violation. When a virus infects a computer and modifies or
destroys its data, this is a violation of data integrity. Likewise, when an
(unauthorized) employee is able to modify his salary in the database and
salaries, and when an (unauthorized) user sabotages a website, all of this
is considered a violation. Data integrity violation. Data integrity also
means that changes in data are constant. When a bank customer
withdraws or deposits, this should be reflected in his balance in the bank.
A breach of data integrity is not necessarily the result of an act of
sabotage. For example, an interruption in the system may result in
unintended changes or not save changes that have already been made.
Data availability
Any information system aims to serve its purpose, to have information
available when it is needed. This means that the following system
elements work properly and continuously:
Computer systems used to store and process information.
Security controls used to protect the system.
Communication channels used for access.
Highly confidential systems aiming to ensure continuity of protection at
all times.
Prevent service interruptions due to power outages, hardware failure, or
system upgrades and updates.
Ensure prevention of denial of service attacks.
Risk Management
A comprehensive treatment of the topic of risk management is beyond
the scope of this article. However, it will provide a useful definition of risk
management as well as some basic terms commonly used in the risk
management process.

The following definition of risk management states: “Risk management is

the process of identifying weaknesses and threats directed to the
information resources that the organization or information network uses
to achieve commercial or other objectives, and reducing and minimizing
the weaknesses, if any, in order to reduce risks to an acceptable level.
Based on the value of information resources to the organization.”
There are two things in this definition that may need some clarification.
First, the risk management process is a repetition of ongoing processes
and must be repeated infinitely because the business environment is
constantly changing, and new threats and vulnerabilities appear every
day. Second, the selection of countermeasures (control) used to manage
risks must balance productivity, cost, effectiveness of countermeasures,
asset value and data protection.

Risk is the possibility that something bad will happen causing harm to an
information asset (or loss of the asset). A vulnerability is a weakness that
can be used to compromise or cause damage to an information asset.
Threat Any action (man-made or act of nature) that has the potential to
cause harm.

The possibility that a threat will be used by exposure to harm causes

danger. When not a threat, use weakness to inflict harm, because of its
effect. In the context of information security, the impact is a loss of
availability, integrity, confidentiality, and possibly other losses (lost
income, loss of life and loss of real property). It should be noted that it is
not possible to identify all risks, nor is it possible to eliminate all risks. The
remaining risk is called residual risk.

risk assessment
Security policy.
Information security regulation,
asset management.
Human resources security.
Physical environmental security.
Communications and operations management,
Access control.
Acquiring, developing and maintaining information systems, or what is
called modernization,
Information security incident management.
Business continuity management
Regulatory compliance.
Risk Management
The risk management process consists of:

Identifying assets and estimating their value. Includes: personnel,

buildings, hardware, software, data (electronic, print, etc.), and supplies.
Conduct a threat assessment. These include: acts of nature, acts of war,
accidents and harmful acts coming from within or outside the
organization.
.Perform a vulnerability assessment, and for each vulnerability, calculate
the probability that it is exploitable. Evaluate policies, procedures,
standards, training, physical security, quality control and technical
security.
In consideration of the impact of all this, it would be a danger to all
assets. Use qualitative analysis or quantitative analysis.
.Identify, select and apply appropriate controls. Provide a proportionate
response. Consider productivity, cost effectiveness, and asset value.
Evaluate the effectiveness of control measures. Ensure the necessary
controls are in place for cost-effective protection without noticeable loss
in productivity.
At any given risk, executive management can choose to accept the risk
based on the relative decline in value of the assets, the relatively low
frequency of occurrence, and the relative decline impact on the business.
Or, leadership may choose to mitigate the risks by identifying and
implementing appropriate control measures to reduce the risks. In some
cases, the risk can be transferred to another insurance business by
purchasing or securitizing it to another business. The reality of some risks
may be arguable. In such cases, leadership may choose to deny the risks.
This in itself is a potential danger
Information security threats
A virus is a small program written in one of the computer languages that
causes damage to the computer and the information on the computer,
meaning that it focuses on three properties: concealment, multiplication,
and causing harm.

Sources of the virus

The sources of the virus lie in anonymous emails, suspicious Internet
pages, copies of counterfeit programs, the use of undocumented
programs, as well as the exchange of storage devices without prior
scanning, such as disks and flash memory, and sending files within the
local network. The virus has three influential properties:

Replication: The process of multiplying the virus occurs when the virus is
attached to a file. Here, the number of operations that take place
increases to millions, which causes slowness in work or the computer
stops working.
Stealth: The virus must be hidden so that it is not exposed and becomes
ineffective. In order to hide, it uses several methods, including, for
example, reducing the size of the virus so that it can successfully hide in
memory or another file.
Causing harm: The harm caused by the virus may range from merely
emitting a musical sound or erasing all of your stored information. Other
examples of causing harm include deleting some system files, shutting
down the computer on its own when accessing the Internet, for example,
or canceling the program written in the BIOS.
DoS attack
This type of service in which the hacker or attacker performs special
actions that lead to the disruption of devices that provide the server
service in networks.

Attacking the transmitted information

It is the interception of information when it is sent from one party to
another, and this interaction often occurs during the exchange of
messages over networks:

Internet
Networks that use the public telephone network
Total control attack
In this type, the hacker takes complete control of the victim’s device and
controls all his files as if they were on his own device, and the hacker can
monitor the victim completely. The attack occurs after the hacker places
a small file on the victim's device (via email or any other means) or by
exploiting vulnerabilities in operating systems.

Disinformation attack
In which the hacker impersonates a public website. A hacker can also
impersonate a trusted user to obtain unauthorized information.

Direct access to connection cables

The attacker gains direct access to the wiring harness and spies on the
information being passed around. But it is a difficult attack and requires
special equipment.
Methods and tools to protect information:
Physical insurance for devices and equipment.
Install a powerful antivirus and update it periodically.
Installing and updating intrusion detection systems.
Installing network monitoring systems to alert about security
vulnerabilities.
Create a backup policy.
Use strong systems to encrypt transmitted information.
Support for uninterruptible devices.
Spreading education and security awareness.
Sources:
"About - IOC.exchange"
https://ar.m.wikipedia.org/wiki/%D8%A3%D9%85%D9%86_%D8%A7%D9
%84%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA#cite_r
ef-32679152b8e02d7928bbc928e1cf0201c2f02815_1-0
https://web.archive.org/web/20191216202214/https://archive.org/detai
ls/codebook00simo/page/289