CW3351 Data and Information Security- Unit 2 Security Investigation.pdf
PerumalrajaRengaraju
4 views
25 slides
Oct 22, 2025
Slide 1 of 25
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
About This Presentation
Topics to be covered
Need for Security,
Business Needs,
Threats, Attacks,
Legal, Ethical and Professional Issues –
An Overview of Computer Security –
Access Control Matrix,
Policy
Security policies,
Confidentiality policies,
Integrity policies and
�...
Slide Content
CW3351 Data and Information Security
Unit 2 : Security Investigation
Dr. R.Perumalraja, Professor & Head
Department of Artificial Intelligence and Data Science, SRM TRP EC.
CW3351 Data and Information Security Unit 2 : Security Investigation
Unit 2 : Security Investigation
Dr. R.Perumalraja, Professor & Head
Department of Artificial Intelligence and Data Science, SRM TRP EC.
CW3351 Data and Information Security Unit 2 : Security Investigation
Topics to be covered
Need for Security,
Business Needs,
Threats, Attacks,
Legal, Ethical and Professional Issues –
An Overview of Computer Security –
Access Control Matrix,
Policy
Security policies,
Confidentiality policies,
Integrity policies and
Hybrid policies
2
CW3351 Data and Information Security Unit 2 : Security Investigation
Need for Security,
Business Needs,
Threats, Attacks,
Legal, Ethical and Professional Issues –
An Overview of Computer Security –
Access Control Matrix,
Policy
Security policies,
Confidentiality policies,
Integrity policies and
Hybrid policies
2
CW3351 Data and Information Security Unit 2 : Security Investigation
Need For Security
Toensurebusinesscontinuityandreducebusinessdamagebypreventing
andminimizingtheimpactofsecurityincidents.
InformationSecurityManagementSystemenablesinformationtobe
shared,atthesametimeensuringtheprotectionofinformationand
computingassets.
securingtheinformationonyourcomputermeans:
oEnsuringthat your information remains confidential and only those
who should access that information, can.
oKnowingthat no one has been able to change your information, so
you can depend on its accuracy (information integrity).
oMakingsure that your information is available when you need it.
CW3351 Data and Information Security Unit 2 : Security Investigation
3
Toensurebusinesscontinuityandreducebusinessdamagebypreventing
andminimizingtheimpactofsecurityincidents.
InformationSecurityManagementSystemenablesinformationtobe
shared,atthesametimeensuringtheprotectionofinformationand
computingassets.
securingtheinformationonyourcomputermeans:
oEnsuringthat your information remains confidential and only those
who should access that information, can.
oKnowingthat no one has been able to change your information, so
you can depend on its accuracy (information integrity).
oMakingsure that your information is available when you need it.
CW3351 Data and Information Security Unit 2 : Security Investigation
3
Business Needs
Four important functions for an organization:
1.Protects the organization’s ability to function
2.Enables the safe operation of applications implemented on
the organization’s IT systems.
3.Protects the data the organization collects and uses.
4.Safeguards the technology assets in use at the organization.
CW3351 Data and Information Security Unit 2 : Security Investigation
4
Four important functions for an organization:
1.Protects the organization’s ability to function
2.Enables the safe operation of applications implemented on
the organization’s IT systems.
3.Protects the data the organization collects and uses.
4.Safeguards the technology assets in use at the organization.
CW3351 Data and Information Security Unit 2 : Security Investigation
4
1, Protecting the functionality of an organization
Decisionmakersinorganizationsmustsetpolicyandoperate
theirorganizationsincompliancewiththecomplex,shifting
legislationthatcontrolstheuseoftechnology
2. Enabling the safe operation of applications
Organizations are under immense pressure to acquire and
operate integrated, efficient, and capable applications.
Themodernorganizationneedstocreateanenvironmentthat
safeguardsapplicationsusingtheorganization’sITsystems,
particularlythoseapplicationsthatserveasimportant
elementsoftheinfrastructureoftheorganization.
Business Needs
CW3351 Data and Information Security Unit 2 : Security Investigation
5
Decisionmakersinorganizationsmustsetpolicyandoperate
theirorganizationsincompliancewiththecomplex,shifting
legislationthatcontrolstheuseoftechnology
2. Enabling the safe operation of applications
Organizations are under immense pressure to acquire and
operate integrated, efficient, and capable applications.
Themodernorganizationneedstocreateanenvironmentthat
safeguardsapplicationsusingtheorganization’sITsystems,
particularlythoseapplicationsthatserveasimportant
elementsoftheinfrastructureoftheorganization.
Business Needs
CW3351 Data and Information Security Unit 2 : Security Investigation
5
3.Protecting data that organizations collect & use
Protecting data in motion
Protecting data at rest
Both are critical aspects of information security.
The value of data motivates attackers to seal, sabotage, or corrupt it.
It is essential for the protection of integrity and value of the organization’s
data
4.Safeguarding Technology assets in organizations
Must add secure infrastructure services based on the size and scope of the
enterprise.
Organizational growth could lead to the need for public key infrastructure,
PKI, an integrated system of software, encryption methodologies.
Business Needs
CW3351 Data and Information Security Unit 2 : Security Investigation
6
Protecting data in motion
Protecting data at rest
Both are critical aspects of information security.
The value of data motivates attackers to seal, sabotage, or corrupt it.
It is essential for the protection of integrity and value of the organization’s
data
4.Safeguarding Technology assets in organizations
Must add secure infrastructure services based on the size and scope of the
enterprise.
Organizational growth could lead to the need for public key infrastructure,
PKI, an integrated system of software, encryption methodologies.
Business Needs
CW3351 Data and Information Security Unit 2 : Security Investigation
6
Threats
A threat is an object, person, or other entity, that represents a constant
danger
Old generation threats
Theft of intellectual property
Identity theft
Theft of equipment and information
Sabotage –destroying company’s website
Information extortion
New generation threats
Technology with weak security
Social media attacks
Mobile Malware
Outdated Security Software
Corporate data on personal devices
Social Engineering
CW3351 Data and Information Security Unit 2 : Security Investigation
7
A threat is an object, person, or other entity, that represents a constant
danger
Old generation threats
Theft of intellectual property
Identity theft
Theft of equipment and information
Sabotage –destroying company’s website
Information extortion
New generation threats
Technology with weak security
Social media attacks
Mobile Malware
Outdated Security Software
Corporate data on personal devices
Social Engineering
CW3351 Data and Information Security Unit 2 : Security Investigation
7
Non-technical Threats
Information Security threats can be classified as technical and non-
technical threats. The non-technical threats are,
Physical
Environmental
Insider Threat: Employees, contractors, or partners can commit fraud
Social Media: Employees often fall victim to scams or reveal information not
intended for public
Dumpster Diving: Improper disposal of sensitive data could lead to improper
disclosures and sensitive information just sitting in trash bins.
Social Engineering: Attackers rely heavily on human interaction to gain
access to company networks or systems
8
CW3351 Data and Information Security Unit 2 : Security Investigation
Information Security threats can be classified as technical and non-
technical threats. The non-technical threats are,
Physical
Environmental
Insider Threat: Employees, contractors, or partners can commit fraud
Social Media: Employees often fall victim to scams or reveal information not
intended for public
Dumpster Diving: Improper disposal of sensitive data could lead to improper
disclosures and sensitive information just sitting in trash bins.
Social Engineering: Attackers rely heavily on human interaction to gain
access to company networks or systems
8
CW3351 Data and Information Security Unit 2 : Security Investigation
Technical Threats (1/2)
Hacking: refers to an unauthorized user gaining access to a computer
or a network
Cracking: Cracking is reverse engineering of software, passwords or
encryption could lead to unauthorized access to sensitive information.
Malware: Malware (malicious software) gains access to a computer
system to compromise data and information. Antivirus software and
firewalls are typically used to keep malware off of computers.
Misuse: Employees may take advantage of entrusted resources or
privileges for a malicious
Errors: Errors such as system misconfigurationsor programming
errors can cause unauthorized access by cybercriminals.
Data Leakage: Unauthorized electronic or physical transmission of
data
9
CW3351 Data and Information Security Unit 2 : Security Investigation
Hacking: refers to an unauthorized user gaining access to a computer
or a network
Cracking: Cracking is reverse engineering of software, passwords or
encryption could lead to unauthorized access to sensitive information.
Malware: Malware (malicious software) gains access to a computer
system to compromise data and information. Antivirus software and
firewalls are typically used to keep malware off of computers.
Misuse: Employees may take advantage of entrusted resources or
privileges for a malicious
Errors: Errors such as system misconfigurationsor programming
errors can cause unauthorized access by cybercriminals.
Data Leakage: Unauthorized electronic or physical transmission of
data
9
CW3351 Data and Information Security Unit 2 : Security Investigation
Technical Threats (2/2)
Cloud Computing: Storing unencrypted sensitive data with lax access
controls leaves data stored in the cloud vulnerable to improper disclosure.
Mobile Devices: Mobile devices carrying sensitive data can be lost or
stolen
Availability Attacks: Availability attacks are structured cyberattacksto
extort or damage companies whose websites or online assets are a major
source of revenue
Advanced Persistent Threats (APT): The goal of an APT isn’t to corrupt
files or tamper, but to steal data as it continues to come in
Third Parties / Service Providers: Third-party networks may be used by
other external cybercriminals as an initial access point into a company’s
network
10
CW3351 Data and Information Security Unit 2 : Security Investigation
Cloud Computing: Storing unencrypted sensitive data with lax access
controls leaves data stored in the cloud vulnerable to improper disclosure.
Mobile Devices: Mobile devices carrying sensitive data can be lost or
stolen
Availability Attacks: Availability attacks are structured cyberattacksto
extort or damage companies whose websites or online assets are a major
source of revenue
Advanced Persistent Threats (APT): The goal of an APT isn’t to corrupt
files or tamper, but to steal data as it continues to come in
Third Parties / Service Providers: Third-party networks may be used by
other external cybercriminals as an initial access point into a company’s
network
10
CW3351 Data and Information Security Unit 2 : Security Investigation
Information Security Threats example
Categoriesofthreat
Actsofhumanerrororfailure --
Examples
Accidents,employeemistakes
Compromisestointellectualproperty --Piracy,copyrightinfringement
Deliberateactsofespionageortrespass--Unauthorizedaccessand/or/datacollection
Deliberateactsofinformationextortion--Blackmailorinformationdisclosure
Deliberateactsofsabotageorvandalism--Destructionofsystemsorinformation
Deliberateactsoftheft --Illegalconfiscationofequipmentor information
Deliberatesoftwareattacks
--
Viruses,worms,macros,denial-of-service
Forcesofnature --Fire,flood,earthquake,lightning
Deviationsinqualityofservice --ISP,power,orWANserviceproviders
Technicalhardwarefailuresorerrors --Equipmentfailure
Technicalsoftwarefailuresorerrors --Bugs,codeproblems,unknownloopholes
Technologicalobsolescence --Antiquatedoroutdatedtechnologies
CW3351 Data and Information Security Unit 2 : Security Investigation
11
Categoriesofthreat
Actsofhumanerrororfailure --
Examples
Accidents,employeemistakes
Compromisestointellectualproperty --Piracy,copyrightinfringement
Deliberateactsofespionageortrespass--Unauthorizedaccessand/or/datacollection
Deliberateactsofinformationextortion--Blackmailorinformationdisclosure
Deliberateactsofsabotageorvandalism--Destructionofsystemsorinformation
Deliberateactsoftheft --Illegalconfiscationofequipmentor information
Deliberatesoftwareattacks
--
Viruses,worms,macros,denial-of-service
Forcesofnature --Fire,flood,earthquake,lightning
Deviationsinqualityofservice --ISP,power,orWANserviceproviders
Technicalhardwarefailuresorerrors --Equipmentfailure
Technicalsoftwarefailuresorerrors --Bugs,codeproblems,unknownloopholes
Technologicalobsolescence --Antiquatedoroutdatedtechnologies
CW3351 Data and Information Security Unit 2 : Security Investigation
11
Malware Threats
Malware, virus, worms, bots, etc., all are malicious software but
they are not same, behaves differently. Malware can be divided in 2
categories; 1. Infection Methods 2. Malware Actions
Infection Method are
Virus –They have the ability to replicate themselves by hooking them to the
program on the host computer
Worms –Worms are also self-replicating in nature but they don’t hook
themselves to the program on host computer. Biggest difference between virus
and worms is that worms are network-aware.
Trojan –The Concept of Trojan is completely different from the viruses and
worms. Their purpose is either stealing information or any other purpose for
which they are designed.
Bots –: can be seen as advanced form of worms. They are automated processes
that are designed to interact over the internet without the need for human
interaction. All infected hosts attached to that network called Botnet.
12
CW3351 Data and Information Security Unit 2 : Security Investigation
Malware, virus, worms, bots, etc., all are malicious software but
they are not same, behaves differently. Malware can be divided in 2
categories; 1. Infection Methods 2. Malware Actions
Infection Method are
Virus –They have the ability to replicate themselves by hooking them to the
program on the host computer
Worms –Worms are also self-replicating in nature but they don’t hook
themselves to the program on host computer. Biggest difference between virus
and worms is that worms are network-aware.
Trojan –The Concept of Trojan is completely different from the viruses and
worms. Their purpose is either stealing information or any other purpose for
which they are designed.
Bots –: can be seen as advanced form of worms. They are automated processes
that are designed to interact over the internet without the need for human
interaction. All infected hosts attached to that network called Botnet.
12
CW3351 Data and Information Security Unit 2 : Security Investigation
Malware Actions
Adware –Adware is not exactly malicious but they do breach privacy of
the users.
Spyware –It is a program or we can say software that monitors your
activities on computer and reveal collected information to an interested
party.
Ransomware–It is type of malware that will either encrypt your files or
will lock your computer making it inaccessible either partially or wholly.
Scareware–It masquerades as a tool to help fix your system but when the
software is executed it will infect your system or completely destroy it.
Rootkits–are designed to gain root access or we can say administrative
privileges in the user system.
Zombies –They work similar to Spyware. Infection mechanism is same but
they don’t spy and steal information rather they wait for the command
from hackers.
13
CW3351 Data and Information Security Unit 2 : Security Investigation
Adware –Adware is not exactly malicious but they do breach privacy of
the users.
Spyware –It is a program or we can say software that monitors your
activities on computer and reveal collected information to an interested
party.
Ransomware–It is type of malware that will either encrypt your files or
will lock your computer making it inaccessible either partially or wholly.
Scareware–It masquerades as a tool to help fix your system but when the
software is executed it will infect your system or completely destroy it.
Rootkits–are designed to gain root access or we can say administrative
privileges in the user system.
Zombies –They work similar to Spyware. Infection mechanism is same but
they don’t spy and steal information rather they wait for the command
from hackers.
13
CW3351 Data and Information Security Unit 2 : Security Investigation
Attacks
An attack is an act of or action that takes advantage of a vulnerability
to compromise a controlled system using a threat agent .
Attacks can be classified into Active and passive attacks
Active attacks: Attacker attempts to alter, destroy, or disrupt the normal
operation of a system or network. It is more dangerous than passive attacks,
which involve simply monitoring or eavesdropping on a system or network.
Passive attacks: A Passive attack attempts to learn or make use of information
from the system but does not affect system resources. Passive Attacks are in the
nature of eavesdropping on or monitoring transmission. The goal of the
opponent is to obtain information that is being transmitted.
CW3351 Data and Information Security Unit 2 : Security Investigation
14
An attack is an act of or action that takes advantage of a vulnerability
to compromise a controlled system using a threat agent .
Attacks can be classified into Active and passive attacks
Active attacks: Attacker attempts to alter, destroy, or disrupt the normal
operation of a system or network. It is more dangerous than passive attacks,
which involve simply monitoring or eavesdropping on a system or network.
Passive attacks: A Passive attack attempts to learn or make use of information
from the system but does not affect system resources. Passive Attacks are in the
nature of eavesdropping on or monitoring transmission. The goal of the
opponent is to obtain information that is being transmitted.
CW3351 Data and Information Security Unit 2 : Security Investigation
14
Types of active attacks
1.Masquerade
2.Modification of messages
3.Repudiation
4.Replay
5.Denial of Service
Masquerade: Attacker pretends to be someone else in order to
gain access to systems or data. There are several types of
masquerade attacks, including
Username and password masquerade:
IP address masquerade
Website masquerade
Email masquerade
15
CW3351 Data and Information Security Unit 2 : Security Investigation
1.Masquerade
2.Modification of messages
3.Repudiation
4.Replay
5.Denial of Service
Masquerade: Attacker pretends to be someone else in order to
gain access to systems or data. There are several types of
masquerade attacks, including
Username and password masquerade:
IP address masquerade
Website masquerade
Email masquerade
15
CW3351 Data and Information Security Unit 2 : Security Investigation
Active Attacks
Repudiation: in this the attacker attempts to deny or repudiate
actions that they have taken, such as sending a message
Message repudiation attacks
Transaction repudiation attacks
Data repudiation attacks
Denial of Service (DoS): Attacker floods a target system or network
with traffic such as bandwidth, CPU cycles, or memory, and prevent
legitimate users from accessing it.
Flood attacks and Amplification attacks
Prevention of DoSattacksorganizations can implement
Using firewalls and intrusion detection systems
Limiting the number of requests or connections
Using load balancers and distributed systems
Implementing network segmentation and access controls
16
CW3351 Data and Information Security Unit 2 : Security Investigation
Repudiation: in this the attacker attempts to deny or repudiate
actions that they have taken, such as sending a message
Message repudiation attacks
Transaction repudiation attacks
Data repudiation attacks
Denial of Service (DoS): Attacker floods a target system or network
with traffic such as bandwidth, CPU cycles, or memory, and prevent
legitimate users from accessing it.
Flood attacks and Amplification attacks
Prevention of DoSattacksorganizations can implement
Using firewalls and intrusion detection systems
Limiting the number of requests or connections
Using load balancers and distributed systems
Implementing network segmentation and access controls
16
CW3351 Data and Information Security Unit 2 : Security Investigation
Passive Attacks
Possible passive attacks are
1.The release of message content
2.Traffic analysis
3.The release of message content –Telephonic conversation, an
electronic mail message, or a transferred file may contain sensitive or
confidential information. We would like to prevent an opponent from
learning the contents of these transmissions
4.Traffic analysis –Suppose if we had a way of encrypting information,
then the attacker can capture the message but could not extract any
information from the message. The opponent could determine the
location and identity of communicating host and could observe the
frequency and length of messages being exchanged.
17
CW3351 Data and Information Security Unit 2 : Security Investigation
Possible passive attacks are
1.The release of message content
2.Traffic analysis
3.The release of message content –Telephonic conversation, an
electronic mail message, or a transferred file may contain sensitive or
confidential information. We would like to prevent an opponent from
learning the contents of these transmissions
4.Traffic analysis –Suppose if we had a way of encrypting information,
then the attacker can capture the message but could not extract any
information from the message. The opponent could determine the
location and identity of communicating host and could observe the
frequency and length of messages being exchanged.
17
CW3351 Data and Information Security Unit 2 : Security Investigation
Legal, Ethical and Professional Issues
1.Personal Privacy: with the distribution of the network on a large scale, more
chances for disclosing information and violating the privacy of individuals /group.
2.Access Right: Defining and maintaining the access level in a IT systems
3.Harmful Actions: t refers to the damage or negative consequences to the IT such as
loss of important information, loss of property, loss of ownership, destruction of
property and undesirable substantial impacts.
4.Patents: A patent can preserve the unique and secret aspect of an idea. However,
that unique idea will be disclosed to other employees during software development
lifecycle.
5.CopyrightIs a very powerful legal tool in protecting computer software, both
before a security breach and surely after a security breach.
6.Trade Secrets
7.Liability: Software developer makes promises and assertions to the user about the
nature and quality of the product that can be restricted as an express warranty.
8.Piracy: Piracy is an activity in which the creation of illegal copy of the software is
made.
18
CW3351 Data and Information Security Unit 2 : Security Investigation
1.Personal Privacy: with the distribution of the network on a large scale, more
chances for disclosing information and violating the privacy of individuals /group.
2.Access Right: Defining and maintaining the access level in a IT systems
3.Harmful Actions: t refers to the damage or negative consequences to the IT such as
loss of important information, loss of property, loss of ownership, destruction of
property and undesirable substantial impacts.
4.Patents: A patent can preserve the unique and secret aspect of an idea. However,
that unique idea will be disclosed to other employees during software development
lifecycle.
5.CopyrightIs a very powerful legal tool in protecting computer software, both
before a security breach and surely after a security breach.
6.Trade Secrets
7.Liability: Software developer makes promises and assertions to the user about the
nature and quality of the product that can be restricted as an express warranty.
8.Piracy: Piracy is an activity in which the creation of illegal copy of the software is
made.
18
CW3351 Data and Information Security Unit 2 : Security Investigation
Access Control Matrix
It is a table that defines access permissions between specific subjects
and objects. Simply, user permissions are typically outlined using
different attributes. There are five attributes generally associated with
access control matrices.
Read (R) –Read access allows a user to view data or read information but
not make changes.
Write (W) –Write permission enables not only the viewing of files but also
the ability to modify them.
Delete (D) –Delete permission allows a user to delete data, files, and
programs.
Execute (E) –Execute permission allows a user to execute particular
programs. This permission is specific to executable programs.
In an ACM, a dash (-), the fifth attribute, is used to indicate that a user has
no privileges. . A systems administrator usually assigns privileges.
Organizations have two access controls; one is physical and the other
is logical
19
CW3351 Data and Information Security Unit 2 : Security Investigation
It is a table that defines access permissions between specific subjects
and objects. Simply, user permissions are typically outlined using
different attributes. There are five attributes generally associated with
access control matrices.
Read (R) –Read access allows a user to view data or read information but
not make changes.
Write (W) –Write permission enables not only the viewing of files but also
the ability to modify them.
Delete (D) –Delete permission allows a user to delete data, files, and
programs.
Execute (E) –Execute permission allows a user to execute particular
programs. This permission is specific to executable programs.
In an ACM, a dash (-), the fifth attribute, is used to indicate that a user has
no privileges. . A systems administrator usually assigns privileges.
Organizations have two access controls; one is physical and the other
is logical
19
CW3351 Data and Information Security Unit 2 : Security Investigation
Policy-Security policies, Confidentiality
Security policies: Security policies are living documents for a
company to protect physical and IT assetsthat are continuously
updated and changing as technologies, vulnerabilities and security
requirements change.
Confidentiality is the protection of information in the system so
that an unauthorized person cannot access it. It is mandatory for a
company to protect their sensitive information (e.g., legal, personal,
or medical information).
20
CW3351 Data and Information Security Unit 2 : Security Investigation
Security policies: Security policies are living documents for a
company to protect physical and IT assetsthat are continuously
updated and changing as technologies, vulnerabilities and security
requirements change.
Confidentiality is the protection of information in the system so
that an unauthorized person cannot access it. It is mandatory for a
company to protect their sensitive information (e.g., legal, personal,
or medical information).
20
CW3351 Data and Information Security Unit 2 : Security Investigation
Threats and How Confidentiality be achieved
Threats to Confidentiality:
Hackers
Masqueraders
Unauthorized user activity
Unprotected downloaded files
Local area networks (LANs)
Trojan Horses
21
CW3351 Data and Information Security Unit 2 : Security Investigation
Confidentiality is used to protect
sensitive data and information from
unauthorized access and disclosure.
Some common ways to achieve:
Encryption
Access control
Data masking
Virtual private networks (VPNs)
Secure file transfer protocols (SFTPs)
Two-factor authentication
Data loss prevention (DLP)
Threats to Confidentiality:
Hackers
Masqueraders
Unauthorized user activity
Unprotected downloaded files
Local area networks (LANs)
Trojan Horses
21
CW3351 Data and Information Security Unit 2 : Security Investigation
Confidentiality is used to protect
sensitive data and information from
unauthorized access and disclosure.
Some common ways to achieve:
Encryption
Access control
Data masking
Virtual private networks (VPNs)
Secure file transfer protocols (SFTPs)
Two-factor authentication
Data loss prevention (DLP)
Types of Confidentiality
Data confidentiality:This is achieved through various methods,
such as encryption and access controls.
Network confidentiality:This is achieved through encryption and
secure protocols such as SSL/TLS.
End-to-end confidentiality: This is achieved through encryption
and secure protocols.
Application confidentiality: This is achieved through user
authentication, access controls, and encryption of data stored in the
application.
Disk and file confidentiality: This is achieved through
encryption, secure storage facilities, and access controls.
22
CW3351 Data and Information Security Unit 2 : Security Investigation
Data confidentiality:This is achieved through various methods,
such as encryption and access controls.
Network confidentiality:This is achieved through encryption and
secure protocols such as SSL/TLS.
End-to-end confidentiality: This is achieved through encryption
and secure protocols.
Application confidentiality: This is achieved through user
authentication, access controls, and encryption of data stored in the
application.
Disk and file confidentiality: This is achieved through
encryption, secure storage facilities, and access controls.
22
CW3351 Data and Information Security Unit 2 : Security Investigation
Confidentiality Models
Confidentiality models are used to describe what actions must be
taken to ensure the confidentiality of information.
These models can specify how security tools are used to achieve the
desired level of confidentiality.
The most commonly used model for describing the enforcement of
confidentiality is the Bell-LaPadulamodel.
In this model the relationship are described in terms of the subject’s (i.e,
the person) assigned level of access or privilege and the object’s (i.e,
resources) and level of sensitivity.
Another type of model commonly used is Access control model.
It organizes the system into objects (i.e, resources), subjects (i.e, the
person), and operations (i.e, the process of interaction).
A set of rules specifies which operation can be performed on an object
by which subject.
23
CW3351 Data and Information Security Unit 2 : Security Investigation
Confidentiality models are used to describe what actions must be
taken to ensure the confidentiality of information.
These models can specify how security tools are used to achieve the
desired level of confidentiality.
The most commonly used model for describing the enforcement of
confidentiality is the Bell-LaPadulamodel.
In this model the relationship are described in terms of the subject’s (i.e,
the person) assigned level of access or privilege and the object’s (i.e,
resources) and level of sensitivity.
Another type of model commonly used is Access control model.
It organizes the system into objects (i.e, resources), subjects (i.e, the
person), and operations (i.e, the process of interaction).
A set of rules specifies which operation can be performed on an object
by which subject.
23
CW3351 Data and Information Security Unit 2 : Security Investigation
Integrity and Hybrid policies
Integrity policies:
Integrity involves maintaining the consistency, accuracy and
trustworthiness of data over its entire lifecycle.
Data must not be changed in transit, and steps must be taken to
ensure data cannot be altered by unauthorized people (for
example, in a breach of confidentiality).
Hybrid policies
Hybrid policies refer equally to confidentiality and integrity. e.g.
Chinese Wall Model.
Describes policies that involve conflict of interest in business.
The objects of the database are items of information related to a
company.
24
CW3351 Data and Information Security Unit 2 : Security Investigation
Integrity policies:
Integrity involves maintaining the consistency, accuracy and
trustworthiness of data over its entire lifecycle.
Data must not be changed in transit, and steps must be taken to
ensure data cannot be altered by unauthorized people (for
example, in a breach of confidentiality).
Hybrid policies
Hybrid policies refer equally to confidentiality and integrity. e.g.
Chinese Wall Model.
Describes policies that involve conflict of interest in business.
The objects of the database are items of information related to a
company.
24
CW3351 Data and Information Security Unit 2 : Security Investigation
Thank you
25
CW3351 Data and Information Security Unit 2 : Security Investigation
25
CW3351 Data and Information Security Unit 2 : Security Investigation
Tags
Categories
EducationDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 4
- Slides 25
- Age 41 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
32 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
24 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
40 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
39 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
23 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
24 views