200 likes | 453 Vues
Agendas. Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack. Course Road Map. Network Elements – LAN. LAN Topologies. Packet Switching. Chapter 6: Assuring Reliable and Secure IT Services . Reliability through redundancy
E N D
Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack
Network Elements – LAN LAN Topologies
Chapter 6: Assuring Reliable and Secure IT Services • Reliability through redundancy • Tradeoff – complexity and cost • IS Security and Control • Malicious threats (download) – New Architecture for Intra-Domain Network by Huang and Cao et al. (2006)
Chapter 6: Assuring Reliable and Secure IT Services Managing Infrastructure Risk
Chapter 6: Assuring Reliable and Secure IT Services Availability – Serial Processing
Chapter 6: Assuring Reliable and Secure IT Services Availability – Parallel Processing (Reliability = 1 – Probability of failure)
Why Systems Are Vulnerable? Telecommunications networks vulnerabilities
Why Systems Are Vulnerable? Type of computer crimes and criminals • Hacker: An outside person who has penetrated a computer system, usually with no criminal intent. • Cracker: A malicious hacker. • Social engineering: Getting around security systems by tricking computer users into revealing sensitive information or gaining unauthorized access privileges. • Cybercrimes: Illegal activities executed on the Internet. • Identify theft: A criminal (the identity thief) poses as someone else. • Cyberwar: War in which a country’s information systems could be paralyzed from a massive attack by destructive software. • Virus: Software that can attach itself to (“infect”) other computer programs without the owner of the program being aware of the infection.
IS Security and Control Security Treats
Protecting the Digital Firm • Firewall screening technologies • Static packet filtering • Network address translation • Application proxy filtering • Intrusion detection systems • Scanning software • Monitoring software
Security and Electronic Commerce • Encryption • Authentication • Message integrity • Digital signatures • Digital certificates • Public key infrastructure (PKI)
Article Discussion (Team DIY – Take Home) • The Myth of Secure Computing (Austin and Darby, 2003, HBR) • Why senior executives often ignore the digital security issue? • According to the authors, what are the major treats to digital security? Explain each of them. • How to mitigate the risks in digital security? What is the bottom-line?
IS Security and Control Public key encryption (in a nutshell)
IS Security and Control Digital certificates
Chapter 6: Assuring Reliable and Secure IT Services Taxonomy of Networking Attacks Adopted from Huang and Cao et al. {Communications of ACM, 49 (11), 2006}
Chapter 6: Assuring Reliable and Secure IT Services Secure framework Adopted from Huang and Cao et al. {Communications of ACM, 49 (11), 2006}