INATION--SECURITY--CONTROLS.ppt

1、INFORMATION SECURITY CONTROLS,STUDY UNIT 18,PART 5 -TRICKY BITS,Company Logo,INTRODUCTION,Company Logo,Describe the main information security controls and explain how each mitigates risk, including:,Company Logo,LEARNING OBJECTIVES,1,2,3,4,Describe system software controls, and explain how they miti

2、gate risk.,Describe database controls, and explain how they mitigate risk.,Describe internet and e-commerce controls, and explain how they mitigate risk.,Describe network controls, and explain how they mitigate risk.,After completing this unit you should be able to,Company Logo,NETWORK CONTROLS,A ra

3、nge of controls is required to achieve and maintain security in computer networks,Company Logo,the following items should be considered:,Operational responsibility for networks should be separated from computer operations where appropriate. Responsibilities and procedures for the management of remot

4、e equipment, including equipment in user areas, should be established. If necessary, special controls should be established to safeguard the confidentiality and integrity of data passing over public networks, and to protect the connected systems. Special controls may also be required to maintain the

5、 availability the network services and computers connected. Management activities should be closely co-ordinated both to optimize the service to the business and to ensure that controls are consistently applied across the information processing infrastructure.,Company Logo,NETWORK DOMAIN SEGREGATION

6、,Connecting networks might increase the risk of unauthorized access and so the introduction of controls within the network to segregate groups of information services, users and information systems should be considered.,Company Logo,Learning activity 18.1,Review the use of network connections within

7、 your own organization. Where do you use a router, bridge and firewall and what is their purpose? Typical answers may be :,Company Logo,CONNECTION LIMITATIONS,Restrictions on connection times should provide additional security for high-risk terminals or application, as they reduce the window of oppo

8、rtunity for unauthorized access. Examples of such restrictions might include:,Company Logo,This process should cover:,Review of application control and integrity procedures to ensure that they have not been compromised by the operating system changes Ensuring that the annual support plan and budget

9、will cover reviews and system testing resulting from operating system changes Ensuring that appropriate changes are made to the business continuity plans The inventories developed as part of the asset management processes will indicate which machines are capable of being upgraded.,Company Logo,User

10、should be discourages from downloading or installing software patches unless:,Company Logo,Company Logo,Software defaults,Systems are frequently dispatched with security mechanisms set to the unsafe condition by default. The intent is that after the systems are configured and otherwise stable, the a

11、dministrator will reset the controls to the safe condition. However the risk is that in practice, so as not to interfere with running systems, administrator may be reluctant to alter the default setting.,Company Logo,Database security,1,Development of Database Security,Company Logo,Database security

12、,4,Security Challenges,Company Logo,Traditional computing environment Authentication , authorisation and auditing controls were implemented at the server-based operating system level where the initial user log-in took place through some kind of terminal or workstation .These control verified the use

13、rs identity and then defined the degree to which that user had access to computing resources, software application and data .,Development of Database Security,Company Logo,Relational database management systems (RDBMS) RDBMS were introduced to standardize the data held and thus to reduce the inaccur

14、acy and inefficiency of holding (potentially) differing data elements previously stored in different files .The result was a new environment which co-existed with traditional file systems.,Development of Database Security,Company Logo,client/server security challenges,The software application and re

15、lational database will run on two or more different physical computer systems，often with the software application residing on the client and the data in a relational database on the server,Company Logo,client/server security challenges,Database network software facilitates a direct connection of the

16、 user from the workstation to the database ,the user is not required to log-in to the server operating system on which the database resides, thus bypassing the benefits of its security features. In fact ,the user may not even have a user ID set up at the server operating systems level .,Company Logo

17、,client/server security challenges,Unfortunately ,security control are not always easily or effectively implemented on the client system，usually due to weakness in the design of operating system and also the inherent risk of the user being able to physically access the workstation . And also, there

18、are both functional and operational obstacle that to be surmounted to implement sound security at the database level.,Company Logo,The improper modification of data.,The improper release of information from reading data accessed by unauthorized users intentionally or accidentally.,Denial-of-service

19、threats.,Database security categories,1,2,3,Company Logo,Authentication,Authentication is the process by which it is verified that a user or entity requesting access to data or a computer resource is in fact who they represent themselves to be. (It is concerned with the specification of what data an

20、d computer resources the users should be allowed to access and to what degree access should be granted),Company Logo,Authentication,Disadvantage While relational databases provide the ability to prompt a user for a password before allowing access, features to enforce the use of strong passwords are

21、often limited. Some databases do not even provide a simple interface by which the end user can change their own password. They may also lack the ability to detect possible break-ins and automatically disable a user id that may be under attack. If the database does include such a feature, it often la

22、cks the ability to enable it selectively by user ID. Sometimes there is no option but to only generate an alert to the security console instead of disabling the user ID, which can bring down an entire application or the database.,Company Logo,Authentication,To mitigate the risk of a password guessin

23、g attack ,all database passwords need to be frequently changed and well chosen. Strong authentication controls should also include a review of all users accounts and a justification for their existence should be done periodically. Users authorization can be set at the database level by granting priv

24、ileges and roles to the database user ID and by setting a appropriate access controls on specific database objects such as tables.,Company Logo,Access control,Access to specific data elements should be limited to authorized users only.,Company Logo,Reviewing audit trails,reviewing patterns of access

25、,Supporting strong authentication and authorization controls , audit trails act as a deterrent and assist in detecting possible security breaches or intrusions, by :,identifying attempts to bypass system controls,Company Logo,Hot Tip,Auditing should provide a database security officer with a managea

26、ble set of data that can be analysed to detect whether the system is intact and working effectively and , if appropriate , where in the security scheme violations have taken place and by whom.,Company Logo,audit trails allow for the detection of security breaches-often referred to as intrusion detec

27、tion-and also help to ensure data integrity . audit trails must be detailed enough to reveal such items as the before and after values on changes made to data,Company Logo,Database auditing is an essential requirement for security . organizations should define their auditing strategy based on their

28、knowledge of the application or database activity . it is not , however , necessary to audit everything , as specific auditing will better highlight any problems.,Company Logo,Audit policy,1,2,3,An audit policy is a statement of high-level rules , goals and practices that describe how the organizati

29、on collects , manages and protects its audit data,The audit policy can help to delineate which audit options are to used : part , some ,or all of the time .,the audit policy may vary depending on the level of risk and the perceived threats.,Company Logo,three key issues that should be included withi

30、n an audit database policy,Company Logo,Electronic commerce security,electronic commerce can involve the use of electronic data interchange (EDI), e-mail and online transactions across public networks such as the internet . electronic commerce is vulnerable to a number of network threats , which may

31、 result in fraudulent activity , contract dispute , and disclosure or modification of information .,Company Logo,Security considerations for electronic commerce should include the following:,Company Logo,Company Logo,Company Logo,the person authorizing the transaction,a second signatory if over a ce

32、rtain prescribed value,the sender,For EDI transactions , particularly those involving the transfer or movement of money , it may be appropriate to have a number of authorized users , such users could include:,1,2,3,4,the person raising the transaction,Company Logo,EDI systems covering order handing

33、need to be able to handle message sequencing to prevent the re-transmission or receipt of the same message multiple times . in addition there will need to be a process to cope with repudiation where the sender or receiver denies knowledge of the message . this can be handled by the use of digital ce

34、rtificates.,Company Logo,Who carries the risk for any fraudulent transactions?,The organization,Company Logo,Message authentication,Message authentication is used to detect unauthorized changes to , or corruption of , the contents of a transmitted electronic message . it can be implemented in hardwa

35、re or software as appropriate. Message authentication should be considered for applications where there is a security requirement to protect the integrity of the message content .,Company Logo,Message authentication may also need to be supplemented by other controls such as :,Sequencing-Message have

36、 some form of sequence number control.,Non-repudiation-There needs to be some form of proof of origination or delivery to ensure that the sender, or receiver, cannot claim that they have no knowledge of the message .,Company Logo,SECURE ELECTIONIC TRANSACTION (SET),The secure electronic transaction

37、protocol was launched in 1996 as a common technical standard designed to meet these needs and to protect payment card purchase over the internet .it provides secure support for all popular and emerging internet payment methods ,including credit , debit and chip cards, and its adoption is driven by S

38、ET Co , an organization established and supported by MasterCard and Visa.,Company Logo,SECURITY OF E-MAIL,Its security risks include:,1.vulerability of message to unauthorized access or modification or denial of service .,2.vulnerability to error such as incorrect addressing or misdirect ,and the ge

39、neral reliability and availability of the service,3.impact of a change of communication media on business processes, including the effect of increased speed of dispatch or the effect of sending formal messages from person to person rather than company to company.,Company Logo,Its security risks incl

40、ude:,4.legal considerations ,such as the potential need for proof of origin, dispatch, delivery and acceptance.,5.implicatios of publishing externally accessible staff lists,6.cintrolling remote user access to electronic mail accounts,Company Logo,A number of process and policies need tobe put in pl

41、ace to protect the organization. these could include:,1.disclaimer notices on all e-mail to indicate that the sender speaks for him/ herself rather than the or the organization .,2.making users aware of the type of material that can be disclosed using electronic transmission,3.a statement that e-mai

42、ls are the property of the organization and right is reserved to inspect them without notice,4.a statement that the e-mail system is not there for private purposes.,5.checking attachments received by e-mail before they are allowed into the organization.,Company Logo,FIREWALL,A firewall is a speciall

43、y configured device providing a controllable means of connecting one or more networks.,A firewall offers two basic configurations :,1.deny all where nothing is allowed through unless the firewall is deliberately configured to accept it,2.accept all where everything is accepted and only those things

44、expressly denied are not allowed to pass,Company Logo,DE-MILITARISED ZONE,In order to maintain a fully secure environment ,there should be a e-militarised zone behind the firewall. this network will contain all the tools for ensuring that the internal network is only used for authorized staff.,Company Logo,1、virus scanner to scan incoming files and electronic mail attachments,2、hostile applet scanner to prevent ActiveX or Java applets from damaging internal systems,3、remote authentication software to u acc