Intro to Information Computer Seccurity

Topics: National security, Computer security, Information security Pages: 11 (1155 words) Published: October 14, 2014
CSE 3482

Introduction to Computer Security

Introduction
to Information/Computer
Security
Instructor: N. Vlajic, Winter 2014

Learning Objectives
Upon completion of this material, you should be able to:
• Describe the key security requirements of
confidentiality, integrity and availability (CIA).
• Describe the CNSS security model (McCumber Cube).
• Identify today’s most common threats and attacks
against information.
• Distinguish between different main categories of
malware.

Required Reading
Computer Security, Stallings: Chapter 1
Computer Security, Stallings: Chapter 6

Introduction
• Information Technology – technology
involving development & use of computer
systems & networks for the purpose of
processing & distribution of data




in many organizations, information/data is seen as
the most valuable asset
categories of IT jobs:
 IT administrator - installs, maintains, repairs IT equipment  IT architect - draws up plans for IT systems and how they will be implemented
 IT engineer - develops new or upgrades existing IT equipment (software or hardware)
 IT manager - oversees other IT employees, has authority
to buy technology and plan budgets

Introduction (cont.)
• Information System – entire set of data, software,
hardware, networks, people, procedures and policies
that deal with processing & distribution of information
in an organization


each component has its own strengths, weaknesses,
and its own security requirements

information is
- stored on computer hardware,
- manipulated by software,
- transmitted by communication,
- used by people
- controlled by policies

Introduction (cont.)
• Computer Security vs. Information Security





terms are often used interchangeably, but …
computer security (aka IT security) is mostly concerned
with information in ‘digital form’
information security is concerned with information in
any form it may take: electronic, print, etc.

Information Security
Computer
(IT)
Security

Introduction (cont.)
Security = state of being secure,
free from danger.
• Information Security – practice of defending
digital information from unauthorized







access
use
recording
disruption
modification
destruction, …

C.I.A.

Introduction (cont.)
• Who is responsible for ‘security of information’?
“In the last 20 years, technology has permeated every facet of the business environment. The business place is no longer static – it moves whenever employees travel from office to office, from office to home, from city to city. Since business have become more fluid, …, information security is no longer the sole responsibility of a small dedicated group of

professionals, …, it is now the responsibility of every employee ….”

http://www.businessandleadership.com/fs/img/news/200811/378x/business-traveller.jpg http://www.koolringtones.co.uk/wp-content/uploads/2010/01/mobile-phones.jpg

Introduction (cont.)
Example: Gawker (2010) - importance of good passwords

http://www.forbes.com/sites/firewall/2010/12/13/the-lessons-of-gawkers-security-mess/

C.I.A. of Information Security
• C.I.A. Triangle – 3 key characteristics of information that must be protected by information security:






confidentiality - only authorized parties can view private
information
integrity - information is changed only in a specified and
authorized manner
availability - information is accessible to authorized users whenever needed

C.I.A. of Information Security (cont.)
Example: DATA CONFIDENTIALITY
Student grade – an information asset of
high importance for student.
 In US, release of such information is regulated by Family Educational Rights and Privacy Act (FERPA).
Grade information should only be available to students,
their parents and employees that require this information
to do their job.
 In Canada, the same issue is regulated by Personal
Information Protection and...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Essay on Computer Information System Brief
  • Computer System Information System Paper
  • Intro to Computers Essay
  • computer information Essay
  • computer Essay
  • Alumni: Computer and Information System Information Essay
  • Essay about Intro to Computers
  • Computer Ethics and Information Systems Essay

Become a StudyMode Member

Sign Up - It's Free