Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 10 : ONLINE SECURITY - Coggle Diagram
CHAPTER 10 : ONLINE SECURITY
Security Policy
There are three primary characteristics of a good security
policy: Most important, the policy must be enforceable and it
must apply to everyone. The policy must be capable of being
implemented through system administration n procedures and through the publication of acceptable-use guidelines or other appropriate methods.
E-commerce security is at stake, the security breach will lead to information disclosure or other misuse of the information. E-commerce security policy must be clear confidentiality, integrity, non-repudiation requirements.
4 steps process creating a security policy
Step 2: Conduct a Physical and Logical Review of Your IT
Security Components
Step 3: Assemble a Data Security Team and Start Assigning
Responsibilities
Step 1: Review Your Security Architecture and Establish Your
Desired Security State
Step 4: Align Your IT Security Components with Your Business’
Goals
Element of Computer Security
Necessity
Preventing data delays or denials (removal)
Secrecy
Protecting against unauthorized data disclosure and ensuring the
authenticity of data source
Integrity
Preventing unauthorized data modification
Risk Management Model
Applicable for protecting Internet and electronic commerce
assets from physical and electronic threats
Four general organizational actions - impact (cost) and
probability of physical threat
Origins of Security
Interconnected Computer Systems
Modern electronic security techniques by Defense
Department wartime use e "Orange Book": rules for
mandatory access control
Business computers by initially adapted military's
security methods
Data security measure taken by Roman Empire and
coded information to prevent enemies from reading
secret wart and defense plan
Today's computing by requiring comprehensive
computer security plans
Online Security Issues Overview
Early internet days - most popular use of electronic
mail
Today's higher stakes - electronic mail, shopping, all
types of financial transactions
Common worry of Web shoppers - stolen credit card
as it transmits over the Internet and more likely to be
stolen from computer where stored
Computer Security and Risk Management
Threat
Physical Security
Computer Security
Countermeasure
Logical Security
Electronic Threats
Eavesdroppers
Crackers or hackers
Thieves
Impostors