Upload
javed-akram
View
217
Download
0
Embed Size (px)
Citation preview
8/8/2019 c12book
1/34
Chapter 12
Computers and Society:
Security and Privacy
8/8/2019 c12book
2/34
Computer Security: Risks
and Safeguards
What is a computer virus? computer program that
alters the way thecomputer works
without yourknowledge orpermission
Spreads its damage
p.12.2
Next
Click to
view video
8/8/2019 c12book
3/34
Computer Security: Risks
and Safeguards
What are the ways viruses can beactivated?
Opening aninfected file
Running aninfected program
Booting thecomputer with aninfected floppydisk
p.12.2
Next
Click to view Web Link
then click Computer Viruses
8/8/2019 c12book
4/34
Computer Security: Risks
and Safeguards
What are signs of a virus infection?
p.12.4 Fig. 12-2
Next
8/8/2019 c12book
5/34
Boot sector virus
Executes when acomputer boots up
Resides in the bootsector of a floppydisk or the masterboot record of ahard disk
Computer Security: Risks
and Safeguards
What are the three main types of virus?
p.12.4
Next
File virus
Attaches itselfto program files
When you runthe infectedprogram, the
virus loads intomemory
Macro virus
Uses the macrolanguage of anapplication to hidevirus code
When you open adocument thatcontains an infectedmacro, the virusloads into memory
Click to
view animation
8/8/2019 c12book
6/34
Computer Security: Risks
and Safeguards
How do viruses activate?
p.12.4
Next
Many activate as soon as acomputer accesses an infectedfile or runs an infected program
Logic bomb
A virus that activates when itdetects a certain condition
Time bomb
A type of logicbomb that activates
on a particular date
Click to
view animation
8/8/2019 c12book
7/34
Computer Security: Risks
and Safeguards
A program thatacts without ausers knowledge
Deliberately altersthe computer'soperations
Several types
virus worm
rojan horse
p.12.4
Next
Worm
copies itself repeatedly in memory oron a disk drive until no memory or
disk space remains
Trojan orse
ides it in or looks like a le itimatepro ram and is usually tri ered y a
certain condition or action
nlike a virus or orm, it does not
replicate itself to ot er computers
W at is a malicious-lo ic pro ram?
8/8/2019 c12book
8/34
Computer Security: Risks
and Safeguards
How can you safeguard your computerfrom virus attacks?
Install an antivirusprogram andupgrade itfrequently
Be selective in
opening emails Settings in your
browser
p.12.5 Fig. 12-4
Next
Popular antivirus software packages
8/8/2019 c12book
9/34
Computer Security: Risks
and Safeguards
What is a virus signature? A known specific pattern of virus code
Used by Antivirus software to identify viruses
Updates
p.12.6 Fig. 12-5
Next
8/8/2019 c12book
10/34
8/8/2019 c12book
11/34
Technology Trailblazer
Clifford Stoll
Provokes people to thinkabouthow they use computertechnology
Wrote The Cuckoos Eggin 1989about his investigation thatuncovered a computer spy ring
Highly critical of the benefitscomputers and the Internetpresumably provide
Questions why computersare so bland looking
Why hardware has such a short useful life
Proclaims that schools should spend money on teachers,librarians, and books rather than on technology because
computers isolate and weaken peoplep.12.8
Next
Click to view
Web Link
then click
Clifford Stoll
8/8/2019 c12book
12/34
Computer Security: Risks
and Safeguards
Access control
Determine who, what, where
and when Two-phase process of access
control
Identification verifies that you
are a valid user Authentication verifies that you
are who you claim to be
Four methods exist
p.12.8
Next
User names andpasswords
Possessedobjects
Biometricdevices
Callback
systems
How can unauthorized access and use beprevented?
8/8/2019 c12book
13/34
Computer Security: Risks
and Safeguards
How can you make your password moresecure? Longer passwords provide greater security than shorter
ones
p.12.9 Fig. 12-9
Next
8/8/2019 c12book
14/34
Computer Security: Risks
and Safeguards
What is a possessed object? Any item that you
must carry to gainaccess to a
computer Often used in
combination with apersonalidentificationnumber (PIN)
p.12.10 Fig. 12-10
Next
Click to view
Web Link
then click
Personal
Identification
Numbers
8/8/2019 c12book
15/34
Computer Security: Risks
and Safeguards
What is a biometric device?
Authenticates apersons identity byverifying personalcharacteristics
Translates a personscharacteristics into adigital code that iscompared to a digitalcode stored in thecomputer
p.12.10
Next
Click to view Web
Link
then click
Biometric Devices
Biometric identifier
A physical or behavioralcharacteristic
Fingerprints
Hand geometry
Facial features
Voice
Signatures
Retinal (eye) patterns
8/8/2019 c12book
16/34
Computer Security: Risks
and Safeguards
What is a fingerprint scanner? Captures curves and
indentations of afingerprint
Some predict this willbecome the home usersauthentication device fore-commerce transactions
Some newer keyboardsand notebook computersalready equipped
p.12.11 Fig. 12-11
Next
8/8/2019 c12book
17/34
Computer Security: Risks
and Safeguards
What is a hand geometry system? Measures the shape
and size of a personshand
Typically used as atime and attendancedevice by largecompanies
Costs more than$1,000
p.12.11 Fig. 12-12
Next
8/8/2019 c12book
18/34
Computer Security: Risks
and Safeguards
What is a face recognition system?
Captures a live faceimage and compares itto a stored image
Can recognize peoplewith or without glasses,makeup, or jewelry, andwith new hairstyles
p.12.11 Fig. 12-13
Next
8/8/2019 c12book
19/34
Computer Security: Risks
and Safeguards
p.12.12
Next
Voice verification system
Compares a persons livespeech to their stored voice
pattern Signature verificationsystem
Recognizes the shape ofyour handwritten signature,as well as pressure exerted
and the motion used towrite the signature
Uses a specialized pen andtablet
8/8/2019 c12book
20/34
Computer Security: Risks
and Safeguards
An access controlmethod thatauthenticates
remote users
p.12.12
Next
You call the computer
You enter a username and password
If these are valid, thecomputer instructs
you to hang up
What is a callback system?
The computer callsyou back and allows
you to connect to
the system
8/8/2019 c12book
21/34
When you purchasesoftware, you do not
own the software.Instead, you
become a licenseduser
Computer Security: Risks
and Safeguards
What is software theft? Can range from someone
physically stealing mediathat contains software to
intentional piracy ofsoftware
Software piracy is theunauthorized and illegalduplication of
copyrighted software
p.12.14
Next
Click to view Web Link
then click Software Piracy
Click to
view video
8/8/2019 c12book
22/34
Computer Security: Risks
and Safeguards
What is a single-user license agreement? The most common
type of licenseincluded withsoftware packages
purchased byindividual users
Also called an end-user licenseagreement (EULA)
Includes manyconditions thatspecify a usersresponsibility
p.12.14
Next
Users are permitted to:
Install the software on only onecomputer
Make one copy for backup
Give or sell the software to another
individual, but only after theyremove the software from theircomputer first
Users are not permitted to:
Install the software on a network
Give copies to friends andcolleagues
Export the software
Rent or lease the software
8/8/2019 c12book
23/34
Computer Security: Risks
and Safeguards
What is a site license? Gives the buyer the
right to install thesoftware onmultiple computersat a single site
Usually costssignificantly lessthan purchasing
individual copies ofsoftware for eachcomputer
p.12.15
Next
Network sitelicense
Allows network usersto share a single copyof the software which
resides on the networkserver
8/8/2019 c12book
24/34
Computer Security: Risks
and Safeguards
What is encryption? The process of
converting readable datainto unreadablecharacters
An encryption key is theformula that the recipientof the data uses todecrypt ciphertext
Two types - private key encryption
public key encryptionp.12.16
Next
Click to view
Web
Link
then click
Encryption
Plaintext
Unencrypted, readable data
Ciphertext
The encrypted (scrambled) data
encryption software
Plaintext
encryption key
8/8/2019 c12book
25/34
Computer Security: Risks
and Safeguards
What are some data encryption methods? An encryption key (formula) often uses more than one of
these methods
p.12.16 Fig. 12-18
Next
8/8/2019 c12book
26/34
Full backup
Also called an archival backup
Copies all of the files in the computer
Provides the best protection against data loss
Computer Security: Risks
and Safeguards
File Backups
p.12.20
Next
Differential backup
Copies only the files that have changed since the last full backup
You always have two backups: the full backup and thedifferential backup
Incremental backup
Copies only the files that have changed since the last full orlastincremental backup
You have the full backup and one or more incremental backups
8/8/2019 c12book
27/34
Computer Security: Risks
and Safeguards
What is a disaster recovery plan? A written plan
describing the stepsa company would
take to restorecomputeroperations in theevent of a disaster
p.12.21
Next
Emergency plan
Backup plan
Recovery plan
Test plan
8/8/2019 c12book
28/34
Test Plan
Contains information
for simulating variouslevels of disasters
Best test is to simulatea disaster withoutadvance notice
Recovery Plan
Specifies the actions to
be taken to restore fullinformation processingoperations
Differs for each type ofdisaster
Computer Security: Risks
and Safeguards
What is a recovery plan and a test plan?
p.12.21
Next
8/8/2019 c12book
29/34
Internet and Network
Security
How do Web browsers provide secure datatransmission?
Many Web browsers
use encryption Secure sites
Secure sites usedigital certificates
along witha security protocol
Secure SocketLayers (SSL)
p.12.23
Next
Digital certificate
Also called a public-keycertificate
A notice that
guarantees a user or aWeb site is legitimate
8/8/2019 c12book
30/34
Internet and Network
Security
What is a digital signature?
An encrypted code that a person, Web site, orcompany attaches to an electronic message to
verify the identity of the message sender The code usually consists of the user's name and
a hash of all or part of the message
Helps to prevent e-mail forgery and verify that thecontents of a message has not changed
p.12.24
Next
Hash
Amathematical formula thatgenerates a code from the
contents of the message
8/8/2019 c12book
31/34
Internet and Network
Security
What is a firewall?
A security system consisting of hardwareand software that prevents unauthorized
access to data and information on anetwork
p.12.24
Next
8/8/2019 c12book
32/34
Track user preferences
Information Privacy
What is a cookie? A small file that a Webserver stores on yourcomputer
A Web site can read data
only from its own cookie file Some Web sites sell or trade
information stored in yourcookie to advertisers
You can set your browser to
accept cookiesautomatically, prompt you ifyou wish to accept a cookie,or disable cookie use
p.12.28
Next
Click to view
Web Link
then click
Cookies
Track how regularlyyou visit a site andthe Web pages you
visit when at the site
Targetadvertisements toyour interests andbrowsing habits
8/8/2019 c12book
33/34
Information Privacy
What is spyware? A program placed on a
computer without theuser's knowledge thatsecretly collects
information about the user Can enter your computer
as a virus or as a result ofinstalling a new program
Communicates
information it collects tosome outside source whileyou are online
p.12.31
Next
Adware
Spyware used byInternet advertising
firms to collectinformation about a
users Web browsing
habits
To removespyware, you
need to purchasea special program
that can detectand delete it
8/8/2019 c12book
34/34
Todays Quote
Diplomacy is the art ofletting someone else get
your way.