Lectures Notes

Business Informatics & Digital

Transformation
in Basic
Computer Skills
Computer Security
The CIA Triad
 Agenda
• Introduction.
• CIA Triad
• understand the various threats to computer security.
• Policy vs. Mechanism: A Fundamental Distinction in
Security
• Active vs. Passive Attacks
• Mitigating Threats
• Security Goals
 introduction

• Computer security is a critical aspect of our digital world.

• It ensures that information and resources remain
protected from unauthorized access, modification, and
disruption.
• Security, refers to the state of being protected or safe
from harm or danger. It encompasses a wide range of
concepts and practices, depending on the context.
• Valuable resources,vulnerability,threat,attack,attacker
 The Three Pillars of Security
CIA Triad
• This presentation will explore the three fundamental
principles of computer security.
• Confidentiality: Protecting information from
unauthorized access.
• Integrity: Ensuring information is accurate and
complete.
• Availability: Making information accessible when
needed.
 Confidentiality
• What is it Confidentiality ? refers to keeping information
secret and ensuring unauthorized access is restricted. This is
crucial in sensitive fields like government and industry, where
information can be a valuable asset.
• Examples: Military and government institutions restrict access
to classified information.
• Companies protect their proprietary designs from competitors.
• Personnel records are kept confidential by all types of organizations.
• Mechanisms: Access control mechanisms like passwords and
encryption are used to enforce confidentiality. Encryption
scrambles data into an unreadable format, requiring a
cryptographic key for decryption. However, protecting the key
itself becomes another challenge.
 Integrity

• What is it Integrity ? ensures that information and

resources remain trustworthy and unaltered. This includes
both data integrity (the content itself) and origin integrity
(the source of the data).
• Importance: Knowing the source of information helps
assess its accuracy and credibility. This is critical for
making informed decisions and ensuring confidence in
systems.
• Threats: Malicious actors can attempt to modify data or
manipulate its source to compromise the system's
integrity.
 Availability

• What is it Availability ? refers to the ability of

authorized users to access information and
resources whenever needed. An unavailable system
is essentially useless.
• System Design: System design often involves
statistical models of expected usage patterns.
Security measures are implemented to ensure
availability even under such scenarios.
 The CIA Triad in Action
• Imagine a company's financial database.
• Confidentiality ensures that only authorized
employees can access sensitive financial
information.
• Integrity ensures that the data remains accurate
and hasn't been tampered with.
• Availability ensures that authorized employees can
access this information whenever needed for
business purposes.
 understand the various threats to computer
security

• What is a Threat?
• A potential violation of security.
• Doesn't require actual occurrence.
• Requires proactive measures or preparation.
• What are Attacks?
• Actions that exploit vulnerabilities to cause threats.
• Attackers Individuals or entities who execute attacks.
 Common Threat Categories
• Disclosure: Unauthorized access to information.
• Snooping: Passive interception of information.
• Wiretapping: Monitoring network communications.
• Deception: Acceptance of false data.
• Modification: Unauthorized alteration of information.
• Masquerading/Spoofing: Impersonation of one entity by
another.
• Repudiation of Origin: False denial of sending or creating
something.
 Common Threat Categories
• Denial of Receipt
• Definition: A deceptive tactic where one party falsely claims
not to have received information or a product.
• Example: Customer orders a product, pays, receives it, then
falsely claims non-receipt to dispute the transaction.
• Countermeasures:
• Strong authentication and non-repudiation mechanisms
• Secure record-keeping and digital signatures.
 Common Threat Categories
• Delay
• Definition: A temporary disruption of service, often used to
manipulate or deceive.
• Example: Attacker slows down network traffic to a critical system,
causing delays and potential service outages.
• Countermeasures:
• Redundant systems and backup mechanisms
• Network traffic management and prioritization
• Intrusion detection and prevention systems
 Common Threat Categories
• Denial of Service (DoS)
• Definition: A prolonged interruption of service, aimed at
compromising system security.
• Example: Overwhelming a server with traffic, rendering it
unable to respond to legitimate requests.
• Countermeasures:
• Firewalls and intrusion prevention systems
• Rate limiting and traffic shaping
• DDoS mitigation services
 Policy vs. Mechanism: A
Fundamental Distinction in Security
• Defining Policy and Mechanism
• Policy
• A statement of what is allowed and what is not allowed.
• Defines the rules and guidelines for security.
• Mechanism:
• A method, tool, or procedure for enforcing a security policy.
• Implements the policy through technical or non-technical means.
• Example:
• Policy: No student should copy another student's homework or no cheating in the
exam.
• Mechanism: File permissions, password protection, network access controls.
 Active vs. Passive Attacks
• Passive Attacks:
• Eavesdropping and monitoring.
• Difficult to detect and prevent.
• Active Attacks:
• Modification, deletion, or creation of data.
• Can be detected and prevented with security measures.
 Mitigating Threats
• Implement strong security measures:
• Encryption, firewalls, intrusion detection systems, etc.
• User awareness and training.
• Regular security audits and vulnerability assessments.
• Stay updated on the latest threats:
• Follow security news and advisories.
• Keep software and systems patched.
 Goals of Security

• In today's digital world, protecting our systems is crucial.

• A secure system ensures information privacy
(confidentiality), accuracy (integrity), and constant
accessibility (availability).
• We achieve this through three key security strategies:
Prevention, Detection, and Recovery.
 Prevention - Stopping Attacks
Beforehand
• Definition: Prevention aims to stop attacks from happening in
the first place.
• Advantages:
• Highly effective - attacks simply fail.
• Protected resources don't require constant monitoring (ideally).
• Disadvantages:
• Not foolproof - some attacks can still slip through.
• Examples: Passwords, firewalls, access controls.
 Detection - Identifying Threats
in Action
• Definition: Detection focuses on identifying suspicious activity
during or after an attack.
• Advantages:
• Useful when prevention isn't perfect.
• Provides valuable information about attack nature, severity, and impact.
• Disadvantages:
• Doesn't prevent attacks - systems remain vulnerable.
• Requires continuous monitoring for security issues.
• Examples: Intrusion detection systems, log analysis, antivirus software.
 Recovery - Bouncing Back from
Attacks
• Definition: Recovery involves responding to an attack and restoring the
system to a secure state.
• Two forms of Recovery:
1. Stop the attack, assess damage, and repair (e.g., restoring deleted files).
2. Maintain system functionality while under attack (fault tolerance, critical systems).
• Challenges:
• Each attack is unique, making damage assessment difficult.
• Attackers might return, requiring vulnerability identification and patching.
• Importance:Recovery helps minimize downtime and data loss.
 Conclusion

• In today's digital world, protecting our systems is

crucial.
• It encompasses a wide range of concepts and
practices, depending on the context.
• three key security strategies: Prevention, Detection,
and Recovery.