Wednesday, October 28, 2009

Lecture 1 : Introduction to Information Security

Slide 1 ::Week 1

What is security ?

Security to me, it all about how you control your machine to save from outsider threat when connecting with other workstation trough the internet. So, in my mind it show several devices and application such as network firewall, anti virus, or other application to prevent attackers done their jobs.

Information Security?

Information Security is the protection of information and the systems and hardware that use, store and transmit that information.

There are 3 security area :

a) Detection - detect the threat, which it will scan the incoming packet from exterior network.

b) Prevention - prevent the threat before it will crash the system or data or any information, basically using tools such as firewall and proxy.

c) Recovery - after the threat attack, we had to recover or repair the problem or learn from it.

There are 3 security principles :

a) Confidentiality - Prevention of unauthorized Slide 7 disclosure of information.

Slide 3 b) Integrity - Prevention of unauthorized modification of information.

c) Availability - Prevention of unauthorized withholding of information or resources.

There are passive and active attacks. Passive attack only some attackers attempt to eavesdropping and monitor what we done or the flow. Active attack seem to modify the data or information in order to obtain authorization of the system or machine itself.