1 / 14

Initial Topics

Telecommunications and Network. Physical and Personnel. System. Application and Individual. Planning, Policies, and Procedures. Initial Topics. An introduction to information assurance The threat environment Risk management Personnel and physical security. Objectives.

Télécharger la présentation

Initial Topics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Telecommunications and Network Physical and Personnel System Application and Individual Planning, Policies, and Procedures Initial Topics • An introduction to information assurance • The threat environment • Risk management • Personnel and physical security

  2. Objectives • Recognize the impact of cyber security in daily activities • Recognize the evolution of information assurance over time • Recognize the fundamental concepts of information assurance

  3. What If… • The sewage system for a major city was compromised? • Spills of raw sewage into a river, parks, and near businesses and homes • Environmental impact to wildlife • Stench for residents • Large cleanup bill • Access to the municipal network and its services were lost • The sewer system was compromised • Rail traffic was halted • The power was shut down • There were problems with a nuclear power plant • A nuclear power plant was compromised? • Railroad service was stopped • Freight and passenger • For a day or more • In 23 states • An electric power plant was compromised? • A major city lost its network for: • E-mail • Law enforcement records • Payroll • Personnel records • Etc. for a week or more?

  4. Who / What Is At Risk? • Organizations: • Transportation – Telecommunications • Medical – Utilities • Government – And more • Devices: • Computers – Phones – Game systems • Cable TV – MP3 players – And more Anyone connected to anyone else.

  5. A Brief History Of Information Assurance • Not a new idea • Greeks circa 480 B.C.E. • Romans (Caesar 100-44 B.C.E.) • Protect information / keep secret • Locks • Fences • Guards • Safes • Couriers Photo by Adam Polselli

  6. Computers • Early • Physical security concerns • Separate computer and communication security • Information transfer by physical means • Multiuser systems • Accounts • Access controls • Remote access (modems) SAGE computer IBM 360 Photos by tomspixels’ http://flickr.com/photos/tomspixels/

  7. Fundamental Concepts Of Information Assurance • Confidentiality • Integrity • Availability

  8. Growth Of Networks • ARPANET • Development of • TCP/IP • Other communication protocols • Evaluating and developing secure systems • Rainbow Series • Common Criteria Image courtesy DARPA

  9. Before The Internet • Bulletin Board Systems (BBSs) • America Online, CompuServe, etc. • Usenet • Need to share information • Tim Berners-Lee developed language to permit sharing of data, including non-text data (HyperText Markup Language (HTML), based on Generalized Markup Language (GML)) • Browser development followed for graphical display of information

  10. The Internet • World Wide Web – name given to the program by Tim Berners-Lee • Growth in number of servers • Platform independent (Windows, X Windows, Mac) • Scripting to allow interaction from pages • Databases providing services through Web interface • As services grow, so do vulnerabilities • More systems connected for convenience

  11. Where Are We Today? Internet Growth • Over 1.5 billion users on the Internet (12/2008) • 5,000 – 8,000 PB (PetaByte = 1015 bytes) of Internet traffic per month worldwide (12/2008) • Traffic growth rate 50-60% per year (12/2008) • Who? • Transportation – Telecommunications • Medical – Utilities • Government – Who else? Data from Internet World Stats, March 2, 2009http://www.internetworldstats.com/emarketing.htm

  12. New Information Assurance Concerns • Information access not controlled by physical means alone • Trespassing • Eavesdropping • Alteration • Theft The CIA triad in a cyber world.

  13. Where This Stuff Came From… • Real world issues caused by computers and networks • Computers are everywhere, supporting daily life • Computers are connected together • Information assurance from Greeks to today • Concepts of • Confidentiality • Integrity • Availability

More Related