Académique Documents
Professionnel Documents
Culture Documents
Silviu Cojocaru
Confidentiality – information cannot be
accessed by unauthorized individuals
Integrity – data cannot be upgraded without
proper authorisation
Availability – data are available when needed
Authentication– ensuring data authenticity
during e-business processes
Risk management is a process used for
identifying vulnerabilities and threats against
information resources of an organization
Information resources = all the resources
used by an organization to reach its goals
Most security incidents are generated by
users negligence and lack of knowledge
Less than 20 percent of the incidents are
caused by application bugs or security issues
Viruses
Worms
Trojan horses
Phishing
A virus is a computer program that usually
attaches itself to a legitimate program and
executes certain unwanted actions upon the
infected computer.
Various spreading ways (memory stick, mail,
etc.)
The first viruses date back in the 1980s (the
Palestinians tried an IT attack against Israel)
A worm is seen as a different program
category from a virus, as the worm is able to
multiply itself within the infected computer
memory and to infect other computers.
Criminal activity mainly aiming to steal
information (user name, password, PIN code
for cards)
A Trojan horse is a program apparently
useful. Instead, it executes hidden damaging
functions.
UPGRADED antivirus applications
◦ AVG Free
◦ Avira Free
Firewall applications (they inspect the traffic
between computer and network)
Constantly upgrading the operating system
and the applications
Constant data backup (incremental backup)
Very low cost of storage media (HDD, Memory
Flash, DVD)
Confidentiality
Integrity
Availability
Authenticity
Viruses, worms, Trojan horses
Confidentiality – financial damages for the
organization
Availability – Mission Critical
Integrity (for example data damaging within a
banking institution)
Authenticity ( for example non-existent
electronic payment)
Assumes altering a message or a document in
order to make its content unrecognizable
Message encryption – a process to convert a
clear text into a code
Decoding - the reverse process which, based
on certain keys or rules, changes coded text
into clear text
Internet Gmail service,
Yahoo MAIL
Internet Gmail service,
Yahoo MAIL
Data
interception
Encryption protocol that ensures
communication security on the Internet
Hypertext Transfer Protocol Secure (HTTPS) –
a combination between HTTP and SSL
Internet
A series of nodes on the Internet that
communicate between themselves by using
an encryption technology
Michael A. Banks – PC Confidential – Editura
ALL
Securitate Deplina, Gh. Ilie – Editura UTI
Multiple online security resources