SlideShare une entreprise Scribd logo

2 second lectuer theory princible security.pptx

Télécharger en tant que PPTX, PDF
Y
YunisAmenMuhammed

computer security

Internet
1  sur  16
INTRODUCTION TO INFORMATION SECURITY Theory Second lecture Younus.muhammed@soran.edu.iq Information security
Outline: • Top 10 Cybercrime Prevention Tips. • Principle security. Information security
Top 10 Cyber Crime Prevention Tips 1. Use Strong Passwords: Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis. Information security
2. Secure your computer: • Activate your firewall Firewalls are the first line of cyber defence. they block connections to unknown or bogus sites and will keep out some types of viruses and hackers. • Use anti-virus/malware software prevent viruses from infecting your computer by installing and regularly updating anti-virus software. • Block spyware attacks Prevent spyware from infiltrating your computer by installing and updating anti-spyware software. Information security
3. Be Social-Media Savvy Make sure your social networking profiles (e.g. Facebook, Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online. Once it is on the Internet, it is there forever! 4. Secure your Mobile Devices Be aware that your mobile device is vulnerable to viruses and hackers. Download applications from trusted sources. 5. Install the latest operating system updates Keep your applications and operating system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software. Information security
6. Protect your Data • Use encryption for your most sensitive files such as tax returns or financial records, make regular backups of all your important data, and store it in another location. 7. Secure your wireless network • Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured. Review and modify default settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid conducting financial or corporate transactions on these networks Information security
8. Protect your e-identity • Be cautious when giving out personal information such as your name, address, phone number or financial information on the Internet. Make sure that websites are secure (e.g. when making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using social networking sites). 9. Avoid being scammed • Always think before you click on a link or file of unknown origin. Don’t feel pressured by any emails. Check the source of the message. When in doubt, verify the source. Never reply to emails that ask you to verify your information or confirm your user ID or password. Information security
10. Call the right person for help • Don’t panic! If you are a victim, if you encounter illegal Internet content (e.g. child exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police. If you need help with maintenance or software installation on your computer, consult with your service provider or a certified computer technician. Information security
Principle security. • There are five principles of security. They are as follows 1. Confidentiality The principle of confidentiality specifies that only the sender and the intended recipient should be able to access the content of the message. Information security
2. Integrity • Integrity means that data is protected from unauthorized changes to ensure that it is reliable and correct. • The confidential information sent by A to B which is accessed by C without the permission or knowledge of A and B. Information security
3. Authentication: • Authentication mechanism helps in establishing proof of identification. 4. Access control: Access control specifies and control who can access what. 5. Availability: It means that assets are accessible to authorized parties at appropriate times. Information security
Attacks • We want our security system to make sure that no data are disclosed to unauthorized parties.  Data should not be modified in illegitimate ways  Legitimate user can access the data. Types of attacks Attacks are grouped into two types:  Passive attacks: does not involve any modification to the contents of an original message  Active attacks: the contents of the original message are modified in some ways. Information security
Elementary cryptography: substitution cipher • Encryption is the process of encoding a message so that its meaning is not obvious. • Decryption is the reverse process, transforming an encrypted message back into its normal, original form. • The terms encode and decode or encipher and decipher are used instead of encrypt and decrypt. • We say that we encode, encrypt, or encipher the original message to hide its meaning. • We decode, decrypt, or decipher it to reveal the original message. A system for encryption and decryption is called a cryptosystem. Information security
• The original form of a message is known as plaintext, and the encrypted form is called cipher text. For convenience, we denote a plaintext message P as a sequence of individual characters P = <p1, p2, …, Pn>. Similarly, cipher text is written as C = <c1, c2, …,Mm>. Information security
• For instance, the plaintext message "I want cookies" can be denoted as the message string <I, ,w,a,n,t,c,o,o,k,i,e,s>. It can be transformed into cipher text<c1, c2, …,c14>, and the encryption algorithm tells us how the transformation is done. • We use this formal notation to describe the transformations between plaintext and cipher text. • For example: • we write C = E (P) and P = D(C), • where C represents the cipher text, • E is the encryption rule, • P is the plaintext, • D is the decryption rule. Information security
• Cryptanalyst: cryptanalyst is a person who studies encryption and decrypted message and tries to find the hidden meanings (to break an encryption). • Confusion: it is a technique for ensuring that ciphertext has no clue about the original message. • Diffusion: that if we change a character of the plaintext, then several characters of the ciphertext should change, and similarly, if we change a character of the ciphertext, then several characters of the plaintext should change. We saw that the Hill cipher has this property.. Information security

Recommandé

Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
sneha padhiar
 
Top 10 Cyber Crime Prevention Tips.pptx
Top 10 Cyber Crime Prevention Tips.pptxTop 10 Cyber Crime Prevention Tips.pptx
Top 10 Cyber Crime Prevention Tips.pptx
SarimRyan
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwal
VaishnaviKhandelwal6
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
MohammedYaseen638128
 
Network Security
Network SecurityNetwork Security
Network Security
moviebro1
 
Internet security
Internet securityInternet security
Internet security
Mohamed El-malki
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
Information security
Information securityInformation security
Information security
Vijayananda Mohire
 

Recommandé

Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
sneha padhiar
 
Top 10 Cyber Crime Prevention Tips.pptx
Top 10 Cyber Crime Prevention Tips.pptxTop 10 Cyber Crime Prevention Tips.pptx
Top 10 Cyber Crime Prevention Tips.pptx
SarimRyan
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwal
VaishnaviKhandelwal6
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
MohammedYaseen638128
 
Network Security
Network SecurityNetwork Security
Network Security
moviebro1
 
Internet security
Internet securityInternet security
Internet security
Mohamed El-malki
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
Information security
Information securityInformation security
Information security
Vijayananda Mohire
 
Information Security
Information Security Information Security
Information Security
Dio Pratama
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
UmangThakkar26
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
binowe
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
JayfErika
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
reagan sapul
 
Internet Security.pptx
Internet Security.pptxInternet Security.pptx
Internet Security.pptx
havaneb872
 
Security Threats
Security ThreatsSecurity Threats
Security Threats
Yasmeen Shaikh
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ncell
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdf
krishnapriya673257
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
tunzida045
 
Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security Introduction
Alwyn Rajiv
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptx
jondon17
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issues
Haseeb Ahmed Awan
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
Luke Rusten
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
KnownId
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
AparnaSunil24
 
Security in it
Security in it Security in it
Security in it
Yoshan madhumal
 
Cyber
CyberCyber
Cyber
pooja kumari
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Monica Sydney
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 

Contenu connexe

Similaire à 2 second lectuer theory princible security.pptx

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
KnownId
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
AparnaSunil24
 

Similaire à 2 second lectuer theory princible security.pptx (20)

Information Security
Information Security Information Security
Information Security
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
Internet Security.pptx
Internet Security.pptxInternet Security.pptx
Internet Security.pptx
 
Security Threats
Security ThreatsSecurity Threats
Security Threats
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdf
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security Introduction
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptx
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issues
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
Security in it
Security in it Security in it
Security in it
 
Cyber
CyberCyber
Cyber
 

Dernier

Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Monica Sydney
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
kumargunjan9515
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 

Dernier (20)

Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 

2 second lectuer theory princible security.pptx

  • 1. INTRODUCTION TO INFORMATION SECURITY Theory Second lecture Younus.muhammed@soran.edu.iq Information security
  • 2. Outline: • Top 10 Cybercrime Prevention Tips. • Principle security. Information security
  • 3. Top 10 Cyber Crime Prevention Tips 1. Use Strong Passwords: Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis. Information security
  • 4. 2. Secure your computer: • Activate your firewall Firewalls are the first line of cyber defence. they block connections to unknown or bogus sites and will keep out some types of viruses and hackers. • Use anti-virus/malware software prevent viruses from infecting your computer by installing and regularly updating anti-virus software. • Block spyware attacks Prevent spyware from infiltrating your computer by installing and updating anti-spyware software. Information security
  • 5. 3. Be Social-Media Savvy Make sure your social networking profiles (e.g. Facebook, Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online. Once it is on the Internet, it is there forever! 4. Secure your Mobile Devices Be aware that your mobile device is vulnerable to viruses and hackers. Download applications from trusted sources. 5. Install the latest operating system updates Keep your applications and operating system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software. Information security
  • 6. 6. Protect your Data • Use encryption for your most sensitive files such as tax returns or financial records, make regular backups of all your important data, and store it in another location. 7. Secure your wireless network • Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured. Review and modify default settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid conducting financial or corporate transactions on these networks Information security
  • 7. 8. Protect your e-identity • Be cautious when giving out personal information such as your name, address, phone number or financial information on the Internet. Make sure that websites are secure (e.g. when making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using social networking sites). 9. Avoid being scammed • Always think before you click on a link or file of unknown origin. Don’t feel pressured by any emails. Check the source of the message. When in doubt, verify the source. Never reply to emails that ask you to verify your information or confirm your user ID or password. Information security
  • 8. 10. Call the right person for help • Don’t panic! If you are a victim, if you encounter illegal Internet content (e.g. child exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police. If you need help with maintenance or software installation on your computer, consult with your service provider or a certified computer technician. Information security
  • 9. Principle security. • There are five principles of security. They are as follows 1. Confidentiality The principle of confidentiality specifies that only the sender and the intended recipient should be able to access the content of the message. Information security
  • 10. 2. Integrity • Integrity means that data is protected from unauthorized changes to ensure that it is reliable and correct. • The confidential information sent by A to B which is accessed by C without the permission or knowledge of A and B. Information security
  • 11. 3. Authentication: • Authentication mechanism helps in establishing proof of identification. 4. Access control: Access control specifies and control who can access what. 5. Availability: It means that assets are accessible to authorized parties at appropriate times. Information security
  • 12. Attacks • We want our security system to make sure that no data are disclosed to unauthorized parties.  Data should not be modified in illegitimate ways  Legitimate user can access the data. Types of attacks Attacks are grouped into two types:  Passive attacks: does not involve any modification to the contents of an original message  Active attacks: the contents of the original message are modified in some ways. Information security
  • 13. Elementary cryptography: substitution cipher • Encryption is the process of encoding a message so that its meaning is not obvious. • Decryption is the reverse process, transforming an encrypted message back into its normal, original form. • The terms encode and decode or encipher and decipher are used instead of encrypt and decrypt. • We say that we encode, encrypt, or encipher the original message to hide its meaning. • We decode, decrypt, or decipher it to reveal the original message. A system for encryption and decryption is called a cryptosystem. Information security
  • 14. • The original form of a message is known as plaintext, and the encrypted form is called cipher text. For convenience, we denote a plaintext message P as a sequence of individual characters P = <p1, p2, …, Pn>. Similarly, cipher text is written as C = <c1, c2, …,Mm>. Information security
  • 15. • For instance, the plaintext message "I want cookies" can be denoted as the message string <I, ,w,a,n,t,c,o,o,k,i,e,s>. It can be transformed into cipher text<c1, c2, …,c14>, and the encryption algorithm tells us how the transformation is done. • We use this formal notation to describe the transformations between plaintext and cipher text. • For example: • we write C = E (P) and P = D(C), • where C represents the cipher text, • E is the encryption rule, • P is the plaintext, • D is the decryption rule. Information security
  • 16. • Cryptanalyst: cryptanalyst is a person who studies encryption and decrypted message and tries to find the hidden meanings (to break an encryption). • Confusion: it is a technique for ensuring that ciphertext has no clue about the original message. • Diffusion: that if we change a character of the plaintext, then several characters of the ciphertext should change, and similarly, if we change a character of the ciphertext, then several characters of the plaintext should change. We saw that the Hill cipher has this property.. Information security