Académique Documents
Professionnel Documents
Culture Documents
11/8/2004
General Items:
Tests?
Lab?
Need to come to class
Have a quiz / no books / use notes
Challenge / 80 /
Talk to me!
Reading Materials:
Miscellaneous:
F.Farahmand
1 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
The Internet
Wide open to everyone with no central authority
Carries many important information (private and proprietary)
Potential risks:
- Interceptions
- Attacking sources
2 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
o Could be harmless and just for fun! altering the normal operation
of the computer
o Damaging the operating system (boot code)
o Damaging other existing programs
- Examples:
o Some are only a particular malicious logic
- Worms: Blaster, Sobig
o Some are all three types:
- Melissa
- Activation methods:
o Opening infected files, running an infected file, starting the
computer with an infected floppy
o Some viruses are harmless or even cute!
o There are more than 80,000 known viruses (last 20 years)
o A list of viruses are available on web pages: http://www.cert.org
Why would anyone want to spend time to write a
computer virus???
F.Farahmand
3 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
4 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
Identification
User name
/Password
Processed
Object
Authentication
Biometric
Call back
systems
o
o Password: 6 characters; how many combinations? (2 Billions)
How long does it take you to figure it out? (700 years!)
o Possessed objects: Pin number, Card (ATM card), external devices
o Biometric devices: Authenticates persons identity by verifying
personal characteristics
fingerprint scanner
TruePrint Technology looking at live-tissues (more
accurate fingerprinting scheme Offered by Authen
Tech
F.Farahmand
5 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
6 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
F.Farahmand
7 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
Computer safeguards:
- System failure protection: prolonged malfunction of a computer resulting
in loss of data, information, hardware damage, etc.
o Electrical disturbances in a single or network of computers
o Includes:
Noise: unwanted signal disturbing the normal operation. Not a
risk to the hardware.
Undervoltage: When voltage level drops (blackout complete
power failure)
Overvoltage: Excessive power increase (spike momentary
overvoltage) - Use surge protector.
- System backup: duplicating files.
o Backup media can be Zip disks, CD-RW, DVD-RW
o Three basic types:
Full: complete backup
Differential: Copying only files which have changed since the
last full backup
Incremental: Copying the most recent files which have
changed
- Disaster recovery plan: A written plan describing how to restore
computer operations in case of emergency failure. Contains four major
components:
o Emergency plan: describes immediate actions after the disaster
o Backup plan: How the computer uses backup files
o Recovery plan: Actions taken to restore full information processing
operation
o Test plan: simulating various levels of emergency cases
- Developing computer security plan: A written document summarizing all
computer safeguards to protect companys information assets
F.Farahmand
8 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
F.Farahmand
9 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
Information privacy
- Refers to the right of individuals and companies to deny or restrict the
collection and use of information about them data privacy
- Similar technologies are used for web-casting and advertising:
o Cookies: A small file that the web server store on your computer
You can avoid it by changing your computer security level
Delete the ones you dont want: search for COOKIES!
Remember some of the files are hidden: Open a folder ->
Tools -> Folder Options -> Viewing -> Hidden files
o Spam: Unsolicited e-mail message
Use email filtering http://www.cloudmark.com
o Spyware: collects information on your PC without your
knowledge.
It communicates these information with an outside source
Examples: Adware or Web bug (browsing habits!)
A software that is free may contain one of these utilities
- Privacy laws: Laws regarding storing and disclosure of personal data
o There is a long list of ACTs passed by the congress
Video Privacy Protection Act (forbids retailer from revealing
or selling video-rental without the consumer consent or court
order
Cable Communications Policy Act (regulating the disclosure
of TV subscriber record)
Then came the PATRIOT ACT The law enforcement have
the right to monitor peoples activities
- Keyboard tracking
- Tracking your cell phones, emails, web activities
- Book records
o What is the problem?
We still dont know what to do with the telemarketers
F.Farahmand
10 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
F.Farahmand
11 / 12
File: lec12chap11f04.doc
Lecture 16 / Chapter 12
11/8/2004
F.Farahmand
12 / 12
File: lec12chap11f04.doc