31_TG_V1_Computer Science_10_Revision_Information Security

Confidentiality. In information security, confidentiality "is the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes. While similar to "privacy," the two words aren't interchangeable. Rather, confidentiality is a component of privacy that implements to protect our data from unauthorized viewers. Examples of confidentiality of electronic data being compromised include laptop theft, password theft, or sensitive emails being sent to the incorrect individuals.

Integrity. In information security, data integrity means maintaining and assuring the accuracy and completeness of data over its entire lifecycle. This means that data cannot be modified in an unauthorized or undetected manner. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of consistency as understood in the classic ACID model of transaction processing. Information security systems typically provide message integrity along side to confidentiality.

Availability. For any information system to serve its purpose, the information must be available when it is needed. This means the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks, such as a flood of incoming messages to the target system, essentially forcing it to shut down.

Information Security is not all about securing information from unauthorized access. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. Information can be physical or electrical one. Information can be anything like your details or we can say your profile on social media, your data in mobile phone, your biometrics etc. Thus Information Security spans so many research areas like Cryptography, Mobile Computing, Cyber Forensics, Online Social Media etc.

Identification describes a method of ensuring that a subject is the entity it claims to be. E.g.: A user name or an account no.

Authentication is the method of proving the subjects identity. E.g.: Password, Passphrase, PIN

Authorization is the method of controlling the access of objects by the subject. E.g.: A user cannot delete a particular file after logging into the system

Authentication Methods

Biometrics

Verifies an individuals identity by analyzing a unique personal attribute or behavior. It is the most effective and accurate method for verifying identification. It is the most expensive authentication mechanism.

Types of Biometric Systems

·         Finger Print- are based on the ridge endings, bifurcation exhibited by the friction edges and some minutiae of the finger

·         Palm Scan- are based on the creases, ridges, and grooves that are unique in each individuals palm

·         Hand Geometry- are based on the shape (length, width) of a persons hand and fingers

·         Retina Scan- is based on the blood vessel pattern of the retina on the backside of the eyeball.

·         Iris Scan- is based on the colored portion of the eye that surrounds the pupil. The iris has unique patterns, rifts, colors, rings, coronas and furrows.

·         Signature Dynamics- is based on electrical signals generated due to physical motion of the hand during signing a document

·         Keyboard Dynamics- is based on electrical signals generated while the user types in the keys (passphrase) on the keyboard.

·         Voice Print- based on human voice

·         Facial Scan- based on the different bone structures, nose ridges, eye widths, forehead sizes and chin shapes of the face.

·         Handy Topography- based on the different peaks, valleys, overall shape and curvature of the hand.

Passwords

It is the most common form of system identification and authentication mechanism. A password is a protected string of characters that is used to authenticate an individual

Password Management

·         Password should be properly guaranteed, updated, and kept secret to provide and effective security

·         Passwords generators can be used to generate passwords that are uncomplicated, pronounceable, non-dictionary words.

·         If the user chooses his passwords, the system should enforce certain password requirement like insisting to use special char, no of char, case sensitivity etc.

Techniques for Passwords Attack

·         Electronic monitoring. Listening to network traffic to capture information, especially when a user is sending her password to an authentication server. The password can be copied and reused by the attacker at another time, which is called a replay attack.

·         Access the password file. Usually done on the authentication server. The password file contains many users’ passwords and, if compromised, can be the source of a lot of damage. This file should be protected with access control mechanisms and encryption.

·         Brute force attacks. Performed with tools that cycle through many possible character, number, and symbol combinations to uncover a password.

·         Dictionary attacks. Files of thousands of words are used to compare to the user’s password until a match is found.

·         Social engineering. An attacker falsely convinces an individual that she has the necessary authorization to access specific resources.

Password checkers can be used to check the strength of the password by trying to break into the system. Passwords should be encrypted and hashed. Password aging should be implemented. No of log on attempts should be limited.

Скачано с www.znanio.ru