Ch3 - System Security - OS and Networks

Chapter 3:
System Security I:
Operating Systems and
Networks
IT Auditing, Hall, 3e
© 2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.
Operating Systems
 Perform three main tasks:
◦ translates high-level languages
into the machine-level language
◦ allocates computer resources to
user applications
◦ manages the tasks of job
scheduling and multiprogramming
duplicated, or posted to a publicly accessible website, in whole or in part. Hall, 3e 2
Why OS security is an important internal
control issue?
 If operating system integrity is compromised,
then…
◦ controls within individual accounting applications
may also be circumvented or neutralized.
 Because the OS is common to all users, the
larger the computer facility…
◦ the greater the scale of potential damage.
Requirements for Effective Operating Systems
Performance
 Protect against tampering by users

 Prevent users from tampering with the
programs of other users

 Safeguard users’ applications from
accidental corruption
 Safeguard its own programs from accidental
corruption
 Protect itself from power failures and other
disasters
Operating Systems Security
 Log-On Procedure
◦ first line of defense – user IDs and passwords
 Access Token
◦ contains key information about the user
 Access Control List
◦ defines access privileges of users
 Discretionary Access Control
◦ allows user to grant access to another user
Operating Systems Controls
ACCESS PRIVILEGES
 Audit objectives: verify that access privileges are
consistent with separation of incompatible functions
and organization policies
 Q: Should a cash receipts clerk be granted the right to
access and make changes to A/R file?
 Audit procedures: review or verify…
◦ policies for separating incompatible functions
◦ a sample of user privileges, especially access to data
and programs
◦ security clearance checks of privileged employees
◦ formal acknowledgements to maintain confidentiality
of data
◦ users’ log-on times
PASSWORD CONTROL
 Audit objectives: ensure adequacy and

effectiveness of password policies for
controlling access to the operating system
 Q: What are the most common forms of
contra-security behavior in passwords?
◦ Forgetting passwords and being locked out of
the system
◦ Failing to change password on a frequent basis
◦ The POST-IT Syndrome
◦ Simplistic passwords
PASSWORD CONTROL

◦ passwords required for all users
◦ password instructions for new users
◦ passwords changed regularly
◦ password file for weak passwords
◦ encryption of password file
◦ password standards
◦ account lockout policies
◦ The use of one-time password (OTP)
MALICIOUS & DESTRUCTIVE PROGRAMS
 Audit objectives: verify effectiveness of

procedures to protect against programs
such as malwares (viruses & worms), back
doors, logic bombs, and Trojan horses
◦ training of operations personnel concerning
destructive programs
◦ testing of new software prior to being
implemented
◦ currency of antiviral software and frequency of
upgrades
Virus vs Worm (What’s the difference?)
 Viruses and worms both cause damage and
copy themselves rapidly. The main difference
is how they self-replicate, with viruses
requiring the help of a host and worms acting
independently.
Operating System Controls
AUDIT TRAIL CONTROLS
 Audit objectives: used to (1) detect

unauthorized access, (2) facilitate event
reconstruction, and/or (3) promote
accountability
◦ how long audit trails have been in place

◦ archived log files for key indicators
◦ monitoring and reporting of security violations
Auditing Networks
[Computer] Network
A computer network is a set of computers
sharing resources located on or provided by
network nodes. The computers use common
communication protocols over digital
interconnections to communicate with each
other.
Auditing Networks
 Q: What risk does reliance on networks for
business communications pose?
◦ Unauthorized access to confidential information
◦ Exposure to computer hackers, vandals, thieves and
industrial spies both internally and from around the
world
 Q: What are the important considerations of
every network?
◦ Control access to shared resources
◦ Management should constantly seek balance
between increased access and the associated
business risks
Internet and Intranet Risks
 The communications component is a
unique aspect of computer networks:
◦ different than processing (applications) or data
storage (databases)
 Network topologies – configurations of:
◦ communications lines (twisted-pair wires,
coaxial cable, microwaves, fiber optics)
◦ hardware components (modems, multiplexers,
servers, front-end processors)
◦ software (protocols, network control systems)
Intranet Risks
 Intercepting network messages
◦ sniffing: interception of user IDs, passwords,
confidential e-mails, and financial data files
 Accessing corporate databases
◦ connections to central databases increase the
risk that data will be accessible by employees
 Privileged employees (managers & IS
employees)
◦ override privileges may allow unauthorized
access to mission-critical data
 Reluctance to prosecute
◦ fear of negative publicity leads to such
reluctance but encourages criminal behavior
Internet Risks to Consumers
 How serious is the risk?
◦ National Consumer League: Internet fraud rose
by 600% between 1997 and 1998
◦ SEC: e-mail complaints alleging fraud rose from
12 per day in 1997 to 200-300 per day in 1999
 Major areas of concern:
◦ Theft of credit card numbers
◦ Phishing
◦ Theft of passwords
◦ Consumer privacy—cookies
◦ Malwares
◦ Cryptojacking
◦ Iot Attacks
Internet Risks to Businesses
 IP spoofing: masquerading to gain access to a
Web server and/or to perpetrate an unlawful
act without revealing one’s identity
 Denial of service (DOS) attacks: assaulting a
Web server to prevent it from servicing users
◦ particularly devastating to business entities that
cannot receive and process business transactions
 Other malicious programs: viruses, worms,
logic bombs, and Trojan horses pose a threat
to both Internet and Intranet users
Risks from Equipment Failure
 Include:
◦ Disrupting, destroying, or
corrupting transmissions between
senders and receivers
◦ Loss of databases and programs
stored on network servers
IC for Subversive Threats
Firewalls provide security by channeling all
network connections through a control
gateway.
 Network level firewalls
◦ Low cost and low security access control
◦ Do not explicitly authenticate outside users
◦ Filter junk or improperly routed messages
◦ Experienced hackers can easily penetrate the
system
 Application level firewalls
◦ Customizable network security, but expensive
◦ Sophisticated functions such as logging or user
authentication
What is a firewall?
 A firewall is a security device — computer
hardware or software — that can help protect
your network by filtering traffic and blocking
outsiders from gaining unauthorized access
to the private data on your computer.
 Not only does a firewall block unwanted
traffic, it can also help block

malicious software from infecting your
computer.
Dual-Homed Firewall
 Denial-of-service (DOS) attacks
◦ Security software searches for
connections which have been
half-open for a period of time.
 Encryption
◦ Computer program transforms a
clear message into a coded
(cipher) text form using an
algorithm.
Encryption
 The conversion of data into a secret code for
storage and transmission
 The sender uses an encryption algorithm to
convert the original cleartext message into a
coded ciphertext.
 The receiver decodes / decrypts the ciphertext
back into cleartext.
 Encryption algorithms use keys
◦ Typically 56 to 128 bits in length
◦ The more bits in the key the stronger the encryption
method.
 Two general approaches to encryption are private
key and public key encryption.
 Digital signature – electronic authentication
technique to ensure that…
◦ transmitted message originated with the authorized
sender
◦ message was not tampered with after the signature
was applied
 Digital certificate – like an electronic
identification card used with a public key
encryption system
◦ Verifies the authenticity of the message sender
Digital Signature
duplicated, or posted to a publicly accessible website, in whole or in part. 35
 Message sequence numbering – sequence
number used to detect missing messages
 Message transaction log – listing of all
incoming and outgoing messages to detect
the efforts of hackers
 Request-response technique – random
control messages are sent from the sender
to ensure messages are received
 Call-back devices – receiver calls the sender
back at a pre-authorized phone number
before transmission is completed
Auditing Procedures for Subversive Threats
 Review firewall effectiveness in terms of

flexibility, proxy services, filtering,
segregation of systems, audit tools, and
probing for weaknesses.
 Review data encryption security procedures
 Verify encryption by testing
 Review message transaction logs
 Test procedures for preventing
unauthorized calls
IC for Equipment Failure
Line errors are data errors from
communications noise.
 Two techniques to detect and correct
such data errors are:

◦ echo check - the receiver returns the
message to the sender
◦ parity checks - an extra bit is added
onto each byte of data similar to check
digits
Vertical and Horizontal Parity
using Odd Parity
Auditing Procedures for Equipment Failure
 Using a sample of messages from

the transaction log:
◦ examine them for garbled contents
caused by line noise
◦ verify that all corrupted messages
were successfully retransmitted
Electronic Data Interchange
 Electronic data interchange (EDI) uses
computer-to-computer communications
technologies to automate B2B purchases.
 Audit objectives:
1. Transactions are authorized, validated, and in
compliance with the trading partner
agreement.
2. No unauthorized organizations can gain
access to database
3. Authorized trading partners have access only
to approved data.
4. Adequate controls are in place to ensure a
complete audit trail.
Advantages of EDI
 Reduction or elimination of data
entry
 Reduction of errors
 Reduction of paper
 Reduction of paper processing and
postage
 Reduction of inventories (via JIT
systems)
EDI Risks
 Authorization
◦ automated and absence of human

intervention
 Access
◦ need to access EDI partner’s files

 Audit trail
◦ paperless and transparent

(automatic) transactions
EDI Controls
 Authorization
◦ use of passwords and value added
networks (VAN) to ensure valid partner
 Access
◦ software to specify what can be
accessed and at what level
 Audit trail
◦ control log records the transaction’s
flow through each phase of the
transaction processing
EDI System
EDI System using Transaction
Control Log for Audit Trail
Auditing Procedures for EDI
 Tests of Authorization and Validation Controls
◦ Review procedures for verifying trading partner
identification codes
◦ Review agreements with VAN
◦ Review trading partner files
 Tests of Access Controls
◦ Verify limited access to vendor and customer files
◦ Verify limited access of vendors to database
◦ Test EDI controls by simulation
 Tests of Audit Trail Controls
◦ Verify existence of transaction logs
◦ Review a sample of transactions
Personal Computer Systems
 PC operating systems
 PC systems risks & controls
 In general:
 Relatively simple to operate and program
 Controlled and operated by end users
 Interactive data processing vs. batch
 Commercial applications vs. custom
 Often used to access data on mainframe or
network
 Allows users to develop their own applications
 Operating Systems:
 Are located on the PC (decentralized)
 O/S family dictates applications (e.g.,
Windows)
Personal Computer Systems
 Controls
 Risk assessment
 Inherent weaknesses
 Weak access control
 Inadequate segregation of duties
 Multilevel password control – multifaceted access
control
 Risk of physical loss
 Laptops, etc. can “walk off”
 Risk of data loss
 Easy for multiple users to access data
 End user can steal, destroy, manipulate
 Inadequate backup procedures
 Local backups on appropriate medium
 Dual hard drives on PC
 External/removable hard drive on PC
IC Personal Computer Systems
 Risk associated with virus infection

 Policy of obtaining software
 Policy for use of anti-virus software
 Verify no unauthorized software on PCs
 Risk of improper SDLC procedures

 Use of commercial software
 Formal software selection procedures
Audit Objectives: Personal
Computer Systems
 Verify controls are in place to protect data, programs,
and computers from unauthorized access, manipulation,
destruction, and theft
 Verify that adequate supervision and operating
procedures exist to compensate for lack of segregation
between the duties of users, programmers, and operators
 Verify that backup procedures are in place to prevent
data and program loss due to system failures, errors
 Verify that systems selection and acquisition procedures
produce applications that are high quality, and protected
from unauthorized changes
 Verify the system is free from viruses and adequately
protected to minimize the risk of becoming infected with
a virus or similar object
Audit Procedures: Personal
Computer Systems
 Verify that microcomputers and their files are
physically controlled
 Verify from organizational charts, job
descriptions, and observation that the
programmers of applications performing
financially significant functions do not also
operate those systems.
 Confirm that reports of processed transactions,
listings of updated accounts, and control totals
are prepared, distributed, and reconciled by
appropriate management at regular and timely
intervals.
Audit Procedures: Personal
Computer Systems
 Determine that multilevel password control
or multifaceted access control is used to
limit access to data and applications, where
applicable.
 Verify that the drives are removed and
stored in a secure location when not in use,
where applicable.
 Verify that backup procedures are being
followed.
 Verify that application source code is
physically secured (such as in a locked
safe) and that only the compiled version is
stored on the microcomputer.
 Review systems selection and acquisition
controls
 Review virus control techniques.
Appendix
Internet Technologies
Internet Technologies
 Packet switching
◦ messages are divided into small packets
◦ each packet of the message takes a different routes
 Virtual private network (VPN)
◦ a private network within a public network
 Extranets
◦ a password controlled network for private users
 World Wide Web
◦ an Internet facility that links users locally and globally
 Internet addresses
◦ e-mail address
◦ URL address
◦ IP address
Protocol Functions…
 facilitate the physical connection
between the network devices.
 synchronize the transfer of data
between physical devices.

 provide a basis for error checking and
measuring network performance.

 promote compatibility among network
devices.
 promote network designs that are
flexible, expandable, and cost-effective.
Internet Protocols
 Transfer Control Protocol/Internet Protocol
(TCP/IP) - controls how individual packets of
data are formatted, transmitted, and received
 Hypertext Transfer Protocol (HTTP) - controls
web browsers
 File Transfer Protocol (FTP) - used to transfer
files across the internet
 Simple Network Mail Protocol (SNMP) - e-
mail
 Secure Sockets Layer (SSL) and Secure
Electronic Transmission (SET) - encryption
schemes
Local Area Networks (LAN)
 A federation of computers located close together
(on the same floor or in the same building)
linked together to share data and hardware
 The physical connection of workstations to the
LAN is achieved through a network interface card
(NIC) which fits into a PC’s expansion slot and
contains the circuitry necessary for inter-node
communications.
 A server is used to store the network operating
system, application programs, and data to be
shared.
LAN Files
File Server
Node
Node
LAN
Node Printer Server
Printer
Node
duplicated, or posted to a publicly accessible website, in whole or in part. Hall, 3e
59
Wide Area Network (WAN)
 A WAN is a network that is dispersed over
a wider geographic area than a LAN. It
typically requires the use of:
◦ gateways to connect different types of
LANs
◦ bridges to connect same-type LANs
 WANs may use common carrier facilities,
such as telephone lines, or they may use a
Value Added Network (VAN).
WAN
Bridge
LAN
LAN
Gateway
Gateway
LAN
WAN
Star Topology
 A network of IPUs with a large central
computer (the host)
 The host computer has direct
connections to smaller computers,

typically desktop or laptop PCs.
 This topology is popular for
mainframe computing.
 All communications must go through
the host computer, except for local

computing.
Star Network
Topeka St. Louis
Local Data Local Data
Kansas
City Central Data
POS
POS
Dallas
Tulsa
Local Data
POS
Local Data
POS
POS
Hierarchical Topology
 A host computer is connected to several
levels of subordinate smaller computers
in a master-slave relationship.
Corporate Production
Level Planning System
Production
Regional Scheduling
Regional
Level System Sales System
Sales Sales Sales

Warehouse Warehouse Production Production Local Processing Processing
Processing
System System System System Level System System
System
Ring Topology
 This configuration eliminates the central
site. All nodes in this configuration are
of equal status (peers).
 Responsibility for managing
communications is distributed among

the nodes.
 Common resources that are shared by
all nodes can be centralized and

managed by a file server that is also a
node.
Ring Topology
Figure 12-10
Bus Topology
 The nodes are all connected to a
common cable - the bus.
 Communications and file transfers
between workstations are controlled

by a server.
 It is generally less costly to install
than a ring topology.
Bus Topology
Client-Server Topology
 This configuration distributes the
processing between the user’s (client’s)
computer and the central file server.
 Both types of computers are part of the
network, but each is assigned

functions that it best performs.
 This approach reduces data
communications traffic, thus reducing

queues and increasing response time.
Client-Server Topology
Network Control Objectives
 establish a communications session
between the sender and the receiver
 manage the flow of data across the
network
 detect errors in data caused by line
failure or signal degeneration

 detect and resolve data collisions
between competing nodes
Pooling Method of Controlling Data Collisions
Token-Passing Approach to Controlling Data
Collisions
Carrier Sensing
 A random access technique that detects collisions
when they occur
 This technique is widely used--found on Ethernets.
 The node wishing to transmit listens to the line to
determine if in use. If it is, it waits a pre-specified
time to transmit.
 Collisions occur when nodes listen, hear no
transmissions, and then simultaneously transmit.
Data collides and the nodes are instructed to hang
up and try again.
 Disadvantage: The line may not be used optimally
when multiple nodes are trying to transmit
simultaneously.

Ch3 - System Security - OS and Networks

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ch3 - System Security - OS and Networks

Uploaded by

Copyright:

Available Formats

Chapter 3:

 Protect against tampering by users

programs of other users

 Audit objectives: ensure adequacy and

 Audit procedures: review or verify…

 Audit objectives: verify effectiveness of

 Audit objectives: used to (1) detect

◦ how long audit trails have been in place

traffic, it can also help block

 Review firewall effectiveness in terms of

such data errors are:

 Using a sample of messages from

◦ automated and absence of human

◦ need to access EDI partner’s files

◦ paperless and transparent

 Risk associated with virus infection

 Risk of improper SDLC procedures

between physical devices.

measuring network performance.

flexible, expandable, and cost-effective.

Node Printer Server

connections to smaller computers,

the host computer, except for local

Local Data Local Data

Sales Sales Sales

communications is distributed among

all nodes can be centralized and

between workstations are controlled

than a ring topology.

network, but each is assigned

communications traffic, thus reducing

failure or signal degeneration

between competing nodes

You might also like