NOTE: Free essay sample provided on this page should be used for references or sample purposes only. The sample essay is available to anyone, so any direct quoting without mentioning the source will be considered plagiarism by schools, colleges and universities that use plagiarism detection software. To get a completely brand-new, plagiarism-free essay, please use our essay writing service.
One click instant price quote
Security is the discipline of using effective protection measures to safeguard important assets from abuse. In other words, security is about protecting important things. Protection involves not just mechanisms (such as locks and doors), but also proper selection and use of mechanisms. Properly applied, the various disciplines of information security really come down to risk management that is not fundamentally different from risk management in other situations such as finance and insurance. In learning how to think constructively about managing risks, often the following common sense vocabulary is used: Asset: something important that needs protection Risk: likelihood of threat leading to actual abuse Cost (1): reduction in value of abused asset Cost (2): amount of resources required to use security measures to protect an asset Benefit: the value of a security measure It would be great if these terms asset, value, threat, risk, cost, benefit could be used scientifically, but when it comes to information systems, most of them are pretty squishy. Nevertheless, even a best guess is remarkably useful.
If guesses about relative value and likelihood are consistently applied, then it is usually possible to decide on the priority of potential improvements in information security. Cost becomes a matter of budget. Most people with authority over funds for security can, if properly informed, make good decisions about how to allocate the budget. In many instances, it is possible to analyze whether the incremental value of a high budget would be significant.
Understanding of information security technology is necessary to make informed judgements like these. Fortunately, the essential technological aspects are not rocket science. There are several types of security issues: data security, computer security, system security, communication security, and network security. The term information security is often used to encompass all of them and to distinguish them from closely related and important issues such as physical security, operational security, and personnel security that do not rely primarily on computing technology. Computing is as risky as any other aspect of modern life, and in some sense more so because of the complexity of computing systems. Vulnerabilities exist at all levels: network, operating system, middleware and application because all software has bugs, administration is error-prone and users are unreliable.
It is virtually impossible to develop any significant system without some errors in it. We know how to build bridges so the imperfections are tolerable. That is, we can build bridges that do not crash (if proper engineering methodology is followed), but we cannot build systems and applications that do not crash. In computing systems, flaws are often bugs repeatable situations in which the system behaves in an unintended manner. Each bug can also be a security vulnerability, if the bug can be used in a way that allows a failure of security: either authorized users exceeding their privileges, or unauthorized users gaining access to systems. Furthermore, the complexities of modern computing systems make them difficult to manage.
Configuration and administrative errors also create security vulnerabilities. It can be difficult to determine whether the system is properly configured. For example, to harden Windows NT for usage on the Internet, Microsoft recommends over a hundred specific configuration changes that effectively turn off many features that led people to want to use NT. In addition, security experts have other recommendations in addition to those described by Microsoft. Computing, like life, has many threats. But what are the risks?
Given the wide rage of threats, the sheer number of vulnerabilities, and the ever-increasing number of attackers, the risk is nearly 100 per cent that some incident will occur if information security is not addressed in a systematic manner. There are many different avenues of attack. Inadequate data security can provide unauthorized users access to sensitive information. Inadequate computer security can result from the use of weak passwords and allow abuse of user accounts.
Applications filled with bugs can allow unauthorized transactions. Inadequate system security can result from a mis-configured operating system and allow unintended network access. Eavesdropping and password reuse are examples of inadequate communication security which can result in impersonation of individuals. Inadequate network security can lead to unintended Internet access to private systems. There are many examples of inadequate security. Who is hurt by these attacks?
Internet access in this scenario affects the on-line consumer greatly, sometimes in a negative way. Companies store information about their customers on corporate servers and networks. Sensitive information such as credit card and social security numbers and other personal details are stored in file servers. Any individual with knowledge of networking protocols can capture data flowing over the Internet via unsecured methods. IT organizations lack of knowledge has jeopardized the information that corporations are responsible for. The convenience of the Internet and client server systems contributes to this problem.
If important and sensitive data is permitted to travel unprotected between computers, it is subject to theft and alteration. Sophisticated individuals (or corporations) can capture the data for illegal or malicious reasons. Security for Internet-connected systems was not designed for dedicated attackers. Most Internet-connected systems were variants of an operating system called Unix, and many variants were designed and implemented in, and for, an academic environment. The early cases of attacks were oriented towards gaining privilege that could be abused: spying on sensitive information, maliciously disclosing or destroying information etc. As time has gone by, people have become more adept to automating attacks.
The results of such automation are programs that do more damage than many of the perpetrators could do on their own: viruses, Trojan horses, etc. However, the basic vulnerabilities are often the same, while the change is result of human ingenuity applied to exploiting the vulnerabilities. Companies and people who are Internet-connected are not immune to the attacks and risks, some of which are described below. Finger is a trivial Unix networking program that conveys information about the status of a user account (e.
g. when the user last logged in). The finger daemon (or server program) would listen for requests over the network from anywhere. This program, finger was executed with root privilege, for reasons mostly derived from the kitchen sink integration of networking with the operating system (OS). The software has a common bug: unexpectedly long messages could overfill the message buffers in the code and cause execution errors. In particular, the error in the execution allowed a careful attacker to cause finger to execute any command with full administrative privilege.
This bug and similar ones are still useful today for attacking network applications of all kinds. Buffer overflow attacks are still very common, and the wide range of potentially vulnerable server software gets wider all the time. Sendmail is an example of a program that is too valuable to turn off, and is too dangerous to expose to the Internet. The Morris worm was a particularly interesting case aside from the fact that it crashed pretty much the entire Internet by accident because it used not a bug, but a feature of sendmail.
The debug mode feature allowed anybody who asked to get the ability to do pretty much anything on the host machine. This ability was a necessary side effect of having the capability to play with the sendmail program during execution in order to find out why some of the sendmail's notoriously complex behavior was misbehaving. The necessity of this side effect was, again, related to the need for the sendmail server program to run with administrative privilege. While no longer viewed as a good idea, few had disabled it, and many were hit by the Morris worm.
The worm used the debug mode to copy itself to another computer, and to copy itself repeatedly, until it infested a great number of computers on the Internet. The Morris worm turned out to be a blessing in disguise. It caused people to close off a very dangerous vulnerability, before someone trying to cause very serious and unrecoverable damage exploited it. Enterprise client / server applications have application protocols, and many operate beyond the boundaries of a traditional enterprise network (extranet features and Internet usage). These applications have application protocols, and leaving aside a large number of potential security problems (from lowly password management on up), protocol implementations have bugs that can leave applications vulnerable.
To see how important applications are on the Internet (and vice versa), one only has to listen to Microsoft's anti-anti-trust mantra: the OS isnt the platform, the Internet is the platform and to watch the scramble to embed applications into the OS creating more unnecessary complexity to create vulnerabilities. Application security consists of features of an application that provide security features to authenticate users, control their access, and audit (log) their actions. Each factor exists, works well, and has challenges. For authentication, the typical problem is too many user / password databases to manage and too many users with multiple passwords.
For access control, there are simply too many things to be controlled with an access rule (or list, ACL) for each. For audit, too many applications produce different kinds of log data that is practically impossible to analyze and correlate. In other words, the main challenges are in security management where complexity creates significant practical challenges that generate a different kind of risk: mis configured applications can create security vulnerabilities. Most recently, news media picked up on a string of stories about theft of credit card numbers from e-commerce sites. In many cases, the vulnerability is from mis-management of the SQL server storing the payments database: the administrator account is left unsecured. Trojan horse is a term used to describe a malicious program that users are tricked into executing.
The term comes from Homers Iliad where the Achaeans tricked the Trojans into bringing inside their walls a large wooden horse in which Achaean warriors were concealed. Probably the most common Trojan technique is sending an email attachment that is an executable file, which installs and / or executes some malicious software. Although many mail programs try to help people be careful about opening the e-mail bombs, it still happens. Recent reports indicate that in some unlucky enterprises, as much as a quarter of workstations have been trojan with a program called nets.
Hackers are present on the net. For example, a user who was logged onto the Internet visited some IRQ chat rooms frequented by hackers, and noted that his workstation was probed for the presence of nets as soon as he entered the chat room. There are bad neighborhoods in the net as in the real world! Perhaps better known than nets is back-orifice (the recent release is often referred to as BO 2 K) by the Cult of the Dead Cow. Like nets, BO 2 K allows the host system to be remotely controlled over the network. Any informed person can get a trojan workstation to do anything it is asked to do.
BO 2 K achieved some notoriety when the Cult of the Dead Cow presented BO 2 K as a remote management and debugging tool. In fact, BO 2 K is reputedly pretty useful, and it is not fundamentally different in techniques than legitimate products like PC Anywhere. Perhaps the most ingenious Trojan horse was a free-ware e-mail tool that really was a fully functional and quite popular program that thousands of people used daily. In addition to some very carefully thought out and well-implemented features, it also had some hidden features that allowed ones e-mail to be obtained by others without ones knowledge. The main lesson from Trojan horses is simply that software should be untrusted by default and used only if obtained through legitimate channels. In corporate environments, this is more often addressed by security policies in which installation of programs is a privilege reserved for systems support staff, and supported by security mechanisms designed to help keep users out of situations in which they might forget their security awareness training and accidentally install software on their own.
A virus is a type of malicious software that takes advantage of a fundamental weakness of a pre-NT windows systems: there was no operating system. That is, application programs have free rein of the system and are on the honor system not to do things like mess around with the file system, the operating system software, etc. A virus does just that. When a virus-laden program is executed, it copies itself around the system so that even if the original program is deleted, the virus is still around.
Further, it can copy itself so that any time the infected PC interacts with the outside world (e. g. copying files via floppy) it goes along for the ride. Originally, viruses operated only on programs and propagated by sharing software. Before long, virus writers expanded their bag of tricks as parts of an arms race in the anti-virus battle.
Several clever and subtle types of self-copying software techniques were invented, as well...
Free research essays on topics related to: operating system, credit card, side effect, client server, trojan horses
Research essay sample on Trojan Horses Operating System
