Im Unit 2

IT6701 INFORMATION MANAGEMENT RMDEC
UNIT-II
INFORMATION MANAGEMENT
Program Security, Malicious code and controls against threats; OS level
protection; Security – Firewalls, Network Security Intrusion detection systems.
Data Privacy principles. Data Privacy Laws and compliance.
S.no Topic
1 Program Security
Malicious code
Non Malicious code
2 Controls against threats
3 OS level protection
Memory Protection
File Protection
User Authentication
General object Protection
4 Firewalls
Types
Configuring firewall
5 Network Security
6 Intrusion detection systems
7 Data Privacy principles
8 Data Privacy Laws and compliance
Program Security:
• A bug: trap door,backdoor
• Error: When a human makes a mistake, called an error, - syntax error –logical error etc
• Fault: incorrect step, incorrect command, incorrect process, or incorrect data definition in a
computer program.
• A failure: is deviation from the system's required behavior.
PROGRAM SECURITY
Protecting programs is at the heart of computer security
• How do we keep programs free from flaws?
• How do we protect computing resources against programs that contain flaws?
Fixing Faults
• “if 100 faults were discovered and fixed it is better than another in which only 20 faults were
discovered and fixed”
Penetrate and patch
• "penetrate and patch,“ where analysts searched for and repaired faults. The patch efforts were
largely useless, making the system less secure rather than more secure because they frequently
introduced new faults.
• The inadequacies of penetrate-and-patch led researchers to seek a better way – check if code
meets its security requirements. One way to do that is to compare the requirements with the
behavior.Program security flaw; whether they behave as their designers intended or users
expected. Such unexpected behavior a program security flaw.
• Program security is making "vulnerability" and "flaw" do not map directly to faults and failures
NON MALICIOUS CODE

1. Buffer Overflows
for (i=0; i<=9; i++)
sample[i] = 'A';
sample[10] = 'B'
Implications of buffer overflow
by causing buffer overflow… can…
change stack pointer
return addresses are modified
attacker can redirect execution to a block

Malicious Code
Virus {resident virus Vs transient virus}
Trojan horse
Logic bomb
Worms
Rabbit
Trapdoor
How virus attach
• Appended Viruses
• Viruses That Surround a Program
• Integrated Viruses and Replacements
• Document Viruses
Appended Viruses
Viruses That Surround a Program
Integrated Viruses and Replacements
Document Viruses
• The most popular virus type is what we call the document virus, which is implemented within a
formatted document, such as a
• written document, a database, a slide presentation, a picture, or a spreadsheet. These documents

are highly structured files that contain both data (words or numbers) and commands (such as
formulas, formatting controls, links).
• The commands are part of a rich programming language, including macros, variables and
procedures, file accesses, and even system calls.
• The writer of a document virus uses any of the features of the programming language to perform
malicious actions.
How Viruses Gain Control
Homes for Viruses
 One-Time Execution
 Boot Sector Viruses
 Memory-Resident Viruses
 In application program
 In libraries
Virus Signatures
virus cannot be completely invisible. Code must be stored somewhere, and the code must be in
memory to execute. Each of these characteristics yields a telltale pattern, called a signature
Eg - Code Red worm pattern
Patterns of Virus
• Storage Patterns
• Execution Patterns
• Transmission Patterns
• Polymorphic Viruses
Anonymous Malicious Code <un targeted>
• Brain Virus
• Internet worm
• Code Red
• Web bugs
The Brain Virus
• One of the earliest viruses
• The so-called Brain virus was given its name because it changes the disk label to brain.
• have originated in Pakistan, attacks PCs running an old Microsoft operating system.
• Hides in boot sector
• Uses interrupts to cause attacks

The Internet Worm
• Serious damages to network
• Many systems were affected by internet worm
• Initially –recourse exhaustion---isolation
• disconnection of many systems from the Internet
-->worm exploited several known flaws and ---configuration failures
 Via passwords
Via trapdoors
Code Red
• It is a 2 step process
infect & propogate
• Step-1 :=To infect a server, the worm takes advantage of a vulnerability in Microsoft's IIS. It
overflows the buffer in the dynamic link library idq.dll to reside in the server's memory.
• Step-2:=to propagate, Code Red checks IP addresses on port 80 of the PC to see if that web server
is vulnerable.
Web Bugs
• A web bug, sometimes called a pixel tag, clear gif, one-by-one gif, invisible gif, or beacon gif, is a
hidden image on any document that can
display HTML tags, such as a web page, an HTML e-mail message, or even a spreadsheet. Its creator
intends the bug to be invisible,
• unseen by users but very useful nevertheless because it can track the activities of a web user.
Targeted Malicious Code
 Trojans---client –server attack model
 Trapdoor----undocumented entry point to a module
 Salami Attack--- a salami attack merges bits of seemingly inconsequential data to yield
 Rootkits--- Operate as root (super privilege)
 Privilege Escalation--- access rights and low privileges to high privileges

 Interface Illusions--- An interface illusion is a spoofing attack in which all or part of a web
 page is false.
 Keystroke Logging--- retains a copy of all keys pressed
 Man-in-the-Middle Attacks--- malicious program interjects itself between two other programs.
 Timing Attacks—time (based on size)
 infer the size of the computer's input.
 Creating 20 database records takes approximately twice as long as creating 10
 Covert Channels--- Programs That Leak Information

Types of Covert Channel
Storage Channel
Timing Channel
Method used to identify covert channel
shared recourse matrix
Information flow(explicit and implicit flow)
Controls against Program threats
Prevention of virus controls;=
• Use only commercial software acquired from reliable, well-established vendors.
• Test all new software on an isolated computer
• Open email attachments only when you know them to be safe.
• Make a recoverable system image and store it safely.
• Make and retain backup copies of executable system files.
• Use virus detectors (often called virus scanners) regularly and update them daily
There are three types of against program threats
• Development Controls
• Operating System Controls
• Administrative Controls
Development Controls
• Good specification(SRS)
• Good flawless Design
• Good Implementation
• Adequate testing
• Proper reviews
• Proper training
• Good documentation
• Easy Maintenance
• Modularity,
• Encapsulation, and
• Information Hiding
OS level Protection
OS supports multiprogramming so OS s/m designers must come up with mechanism to protect one user’s
computation from malicious code as well other user’s program
…to facilitate this OS offers
Memory Protection
File Protection
General control of access to objects
User authentication
Basis of OS level protection
• The Basis of OS level protection is Seperation keeping one user’s object separate from others
– physical separation,
– temporal separation,
– logical separation &
– cryptographic separation
1. Memory and Address Protection
Fence
Base/Bounds Registers
Tagged Architecture
Segmentation
Paging
Fence [Fixed Fence]
The fence was a predefined memory address, enabling the operating system to reside on one side and
the user to stay on the other.
• Disadvantage:predefined amount of space was always reserved for the operating system,
whether it was needed or not. If less than the predefined space was required, the excess space
was wasted.
Variable Fence Register
Each time a user program generated an address for data modification, the address was utomatically
compared with the fence address. If the address was greater than the fence address (that is, in the user
area), the instruction was executed; if it was less than the fence address .
Pair of Base/Bounds Registers.
• Fence registers provide a lower bound (a starting address) but not an upper one.
• To overcome this difficulty, a second register is often added, called a bounds register, is an upper
address limit,
• In this way, a program's addresses are neatly confined to the space between the base and the
bounds registers.
Tagged Architecture
• An alternative is tagged architecture, in which location of memory has one or more extra bits to
identify the access rights to that location
• EG-1-one memory location may be protected as execute-only
• EG-2another is protected for fetch-only (for example, read) data access.

Segmentation
• Involves the simple notion of dividing a program into separate pieces.
• Each segment has a unique name.
• Code or data item within a segment is addressed as the pair <name, offset>
• A process can access a segment only if that segment appears in that process's segment translation
table.
• This control provides strong protection of segments
• The operating system can place any segment at any location or move any segment to any location,
even after the program begins to execute.
Paging
• The program is divided into equal-sized pieces called pages, and physical memory is divided into
equalsized units called page frames.
• Each address in a paging scheme is a two-part object, this time consisting of <page, offset>
• Each address is again translated.
• The operating system maintains a table of user page numbers and their true addresses in memory.
• The page portion of every <page, offset> reference is converted to a page frame address by a
table lookup; the offset portion is added to the page frame address to produce the real memory
address.
2.File Protection
• All None Protection (password)
• Group Protection (chmod abc.c g+x;)
• Individual permission
– Persistent Permission(token/ticket)
– Temporary Acquired Permission(siud)
• Per-Object and Per-User Protection (ACL)

Per-Object and Per-User Protection
3.Control of Access to General Objects
• Memory
• Afile or data set on an auxiliary storage device
• An executing program in memory
• A directory of files
• A hardware device
• A data structure, such as a stack

• A table of the operating system
• Instructions, especially privileged instructions
• Passwords and the user authentication mechanism
• The protection mechanism itself
Directory Access
Access Control List(PER SUBJECT)
Access Control Matrix <SUBJECT,OBJECT,RIGHTS>

4.USER AUTHENTICATION
1.Passwords as Authenticators
--Encrypted password list

--One time password
2. Biometrics: Authentication Not Using Passwords
– Fingerprints,
– Hand geometry (shape and size of
– Fingers),
– Retina and iris (parts of the eye),
– Voice,
– Handwriting,
– Blood vessels in the finger, and face.
Attacks on Passwords
• Try all possible passwords.
• Try frequently used passwords.
• Try passwords likely for the user.
• Search for the system list of passwords.
• Ask the user
Password Strength
Firewall
What Is a Firewall?
A firewall is a device that filters all traffic between a protected or "inside" network
and a less trustworthy or "outside" network.
The purpose of a firewall is to keep "bad" things outside a protected environment..
 For example, the policy might be to prevent any access from outside (while still
allowing traffic to pass from the inside to the outside).
 Alternatively, the policy might permit accesses only from certain places, from
certain users, or for certain activities.
Design of Firewalls
Issue Description
1. always invoked By carefully positioning a firewall within a
network, we can ensure that all network
accesses that we want to control must pass
through it.
2. tamperproof A firewall is typically well isolated, making it
highly immune to modification.
Usually a firewall is implemented on a separate
computer, with direct connections only
with the outside and inside networks.
3. small and simple enough for rigorous And firewall designers strongly recommend
analysis keeping the functionality of the firewall
simple.
Types of Firewalls
 Packet filtering gateways or screening routers
 Statefull inspection firewalls
 Application proxies
 Guards
 Personal firewalls
Packet Filtering Gateway
 A packet filtering gateway or screening router is the simplest and most effective type of
firewall. A packet filtering gateway controls access to packets on the basis of packet address
(source or destination).
A separate firewall behind (on the local side) of the router can screen traffic before it gets to the
protected network. Figure (1) shows a packet filter that blocks access from (or to) addresses in one
network; the filter allows HTTP traffic but blocks traffic using the Telnet protocol.
Example, suppose a company has three LANs at three locations throughout the world, The
company might want communication only among the three LANs of the corporate network. It
could use a screening router on the LAN at 100.24.4.0 to allow in only communications destined to
the host at 100.24.4.0 and to allow out only communications addressed with address 144.27.5.3 or
192.19.33.0.
Figure(2)
A packet filter sits between the inside network and the outside network, so it can know if a packet
from the outside is forging an inside address, as shown in Figure(3).A screening packet filter might
be configured to block all packets from the outside that claimed their source address was an inside
address.
In this example, the packet filter blocks all packets claiming to come from any address of
the form 100.50.25.x (but, of course, it permits in any packets with destination 100.50.25.x).
Figure -3 Filter Screening Outside Addresses.
Disadvantage:
Packet filters do not "see inside" a packet; they block or accept packets solely on the basis
of the IP addresses and ports. Thus, any details in the packet's data field is beyond the capability of
a packet filter.
Stateful Inspection Firewall
Traditional packet filter firewalls do not examine higher layer context(i.e inside packet). Stateful
packet filters address this need .They examine each IP packet in context. Hence are better able to
detect bogus packets out of context .
Fig- Stateful Inspection Firewall

Application Proxy firewall/proxies
An application proxy gateway, also called a bastion host.
A proxy gateway is a two-headed device: It looks to the inside as if it is the outside (destination)
connection, while to the outside it responds just as the insider would.
 All incoming traffic directed are to firewall

 All outgoing traffic appears to come from firewall
Eg-A company wants to set up an online price list so that outsiders can see the products and prices
offered. It wants to be sure that no outsider can change the prices or product list. So the firewall is
designed to act as the server giving pricelist ,so even if an intruder posing as clients tries to destroy
the server it only destroys the firewall and not the original server.
 Tailored to http, ftp, smtp, etc.
Fig- Application-level gateways/proxies
Circuit-level gateways/proxies
 Tailored to TCP,UDP
Fig-Circuit-level gateways/proxies
Guard
A guard is a sophisticated firewall. The guard decides what services to perform on the user's behalf
.Eg- A company wants to allow its employees to fetch files via ftp. However, to prevent
introduction of viruses, it will first pass all incoming files through a virus scanner. The firewall
acts as an virus scanner. Combining a virus scanner with a personal firewall is both effective and
efficient.
Personal Firewalls
A personal firewall is an application program that runs on a workstation to block unwanted

traffic, usually from the network.
Just as a network firewall screens incoming and outgoing traffic for that network, a personal
firewall screens traffic on a single workstation. A personal firewall runs on the very computer it is
trying to protect.
Commercial implementations of personal firewalls include Norton Personal Firewall from
Symantec, McAfee Personal Firewall, and Zone Alarm from Zone Labs.
The personal firewall is configured to enforce some policy.
For example, the A college may decide that certain sites, such as youtube, facebook on the
company network, are not highly trustworthy ….so do not allow
Table - Comparison of Firewall Types.

Packet Filtering Stateful Inspection Application Proxy Guard Personal Firewall
Simplest More More complex Even more Most complex Similar to packet
complex complex filtering firewall
Sees only Can see either Sees full data Sees full text of Can see full data
addresses addresses or data portion of packet communication portion of packet
and service
protocol
type
Auditing difficult Auditing Can audit Can audit Auditing
possible activity activity possible
Screening based Screening based Screening based Screening based Typically,
on on on on Screening
connection rules information behavior of interpretation of based on
across proxies message content information in a
packetsin either single packet,
header or data using
field header or data
Complex Usually Simple proxies Complex guard Usually starts in
addressing preconfigured to can functionality can "deny all
rules can make detect certain substitute for limit assurance inbound"
configuration attack complex mode, to which
tricky signatures addressing user adds trusted
rules addresses as they
appear
Firewall Configurations
o Firewall with Screening Router

o Firewall on Separate LAN
o Firewall with Proxy and Screening Router
Firewall with Screening Router
It is the simplest use of a firewall.

This environment has a screening router positioned between the internal LAN and the outside
network connection.
Figure - Firewall with Screening Router
Disadvantage: If the firewall router is successfully attacked, then all traffic on the LAN to which
the firewall is connected is visible and subjective to attack.
Firewall on Separate LAN
To reduce this exposure, a proxy firewall is often installed on its own LAN. In this way the only
traffic visible on that LAN is the traffic going into and out of the firewall.
Figure - Firewall on Separate LAN
Firewall with Proxy and Screening Router
For even more protection, we can add a screening router to proxy firewall. The proxy firewall
filters traffic according to its proxy rules and only the traffic to the proxy firewall is visible not any
of the sensitive information on the internal protected LAN.
Figure- Firewall with Proxy and Screening Router
What Firewalls Can and Cannot Block
 Firewalls can protect an environment only if the firewalls control the entire perimeter.
 Firewalls do not protect data outside the perimeter
 Firewalls are the most visible part of an installation to the outside, so they are the most
attractive target for attack
 Firewalls must be correctly configured, that configuration must be updated as the internal
and external environment changes, and firewall activity reports must be reviewed
periodically for evidence of attempted or successful intrusion.
 Firewalls are targets for penetrators. so that even if a penetrator breaks it, the firewall does
not have further tools, such as compilers, linkers, loaders, and the like, to continue an
attack.
Network Security
An "active attack" attempts to alter system resources or affect their operation.

A "passive attack" attempts to learn or make use of information from the system but does
not affect system resources.
Port Scan Attack
Ports are like little doors on your system. Most packets leaving /enter your machine using a certain
door(port). There are two different protocols that use ports: TCP and UDP. Each of these two
protocols has 65,536 different ports. Web servers usually listen on TCP port 80. Mail servers
usually listen on TCP door port 25.
An attacker launches a port scan to see what ports are open, on your machine. A port scan attack,
occurs when an attacker sends packets to your machine, varying the destination port. The attacker
can use this to find out what services you are running and to get a pretty good idea of the operating
system you have.
Fig-Port scan attack
Eavesdropping
Eavesdropping is secretly listening to the private conversation of others without their consent.
Fig-Eavesdropping
Wiretapping
An attacker can eavesdrop on rednet/modem communications and obtain sensitive information.

Unless this information is encrypted, it can easily be read by the attacker, possibly compromising
passwords, control signals, or other sensitive info. It is a passive attack
Denial-Of-Service (Dos) Attack
Denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to

its intended users.
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable
by overwhelming it with traffic from multiple sources.
Backdoor
Backdoors are essentially tunnels that lead into a computer ,which must be manually opened by an
attacker. A backdoor generally works like this:
1. The attacker sends a program on a channel that the backdoor is listening on.
2. The backdoor finds the program, downloads it, and executes it.
The program that the backdoor executes can be any form of malicious thing.It is an active attack
Packet sniffing
Packet sniffing is the act of capturing data flow of packets across a computer network.
Packet sniffing has legitimate uses to monitor network performance or troubleshoot problems
with network communications. However, it is also widely used by hackers and crackers to gather
information illegally about networks they intend to break into. Using a packet sniffer it is possible
to capture data like passwords, IP addresses, protocols being used on the network and other
information that will help the attacker infiltrate the network.
Fig-Packet sniffing
Reconnaissance attack
Active reconnaissance is a type of computer attack in which an intruder engages with the targeted
system to gather information about vulnerabilities.
The word reconnaissance is borrowed from its military use, where it refers to a mission into
enemy territory to obtain information. In a computer security context, reconnaissance is usually a
preliminary step toward a further attack seeking to exploit the target system
Passive reconnaissance is an attempt to gain information about targeted computers and networks
without actively engaging with the systems.
DNS attack
A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain
name system (DNS).
DNS is a protocol that translates a user-friendly domain name, like abc.com, into the computer-
friendly IP address 206.19.49.154.
DNS attack is a computer hacking attack, whereby data is introduced into a Domain Name System
(DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic
to the attacker's computer (or any other computer).
Masquerade
Masquerade is a type of attack where the attacker pretends to be an authorized user of a system in
order to gain access to it or to gain greater privileges than they are authorized.
Fig-masquerade attack
Fig-Masquerade/Man-in-the middle attack
Session hijacking
Session hijacking, also known as TCP session hijacking.It is a method of taking over a user’s
session by illegally obtaining the session ID and masquerading as the authorized user. Once the
user's session ID has been accessed, the attacker can masquerade as that user and do anything the
user is authorized to do on the network.
SYN Flooding
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN
requests to a target's system in an attempt to consume enough server resources to make the system
unresponsive to legitimate traffic.
Fig-SYN Flooding
Intrusion Detection Systems

An intrusion detection system (IDS) is a device, typically another separate computer, that
monitors activity to identify malicious or suspicious events.
An IDS is a sensor, like a smoke detector, that raises an alarm if specific unwanted things
occur.
There are the four basic elements of an intrusion detection system

1. Storage Unit
2. Event log Unit
3. Analysis Unit
4. Counter Measure
An IDS receives raw inputs from sensor(events). It saves those inputs, analyzes them, and takes
some controlling action.
IDSs perform a variety of functions:

 monitoring users and system activity
 auditing system configuration for vulnerabilities and misconfigurations
 assessing the integrity of critical system and data files
 recognizing known attack patterns in system activity
 identifying abnormal activity through statistical analysis
 managing audit trails and highlighting user violation of policy or normal activity
 correcting system configuration errors
 installing and operating traps to record information about intruders
Note:No one IDS performs all of these functions.
Goals for Intrusion Detection Systems
Ideally, IDS should be fast, simple, and accurate, while at the same time being complete. It
should detect all attacks with little performance penalty. An IDS could use someor all of the
following design approaches:
 Filter on packet headers

 Filter on packet content
 Use complex, multipacket signatures
 Use minimal number of signatures with maximum effect
 Filter in real time, online malicious code
 Hide its presence(so that it cannot be attacked)
 Use less time to match signature
Figure-an IDS complimenting a firewall system
TYPES OF IDS
Classification -1
o Signature based
o Heuristic based
Classification-2
o Network based
o Host based
Signature-based intrusion detection systems:-
Signature-based intrusion detection systems perform simple pattern-matching and report

situations that match a pattern corresponding to a known attack type.
 Handles known attack type

 Signature-based intrusion detection systems tend to use statistical analysis. This approach uses
statistical tools both to obtain sample measurements of key indicators (such as amount of external
activity, number of active processes, number of transactions) and to determine whether the
collected measurements fit the predetermined attack signatures.
Disadvantage: The problem with signature-based detection is the signatures themselves. An

attacker will try to modify a basic attack in such a way that it will not match the known signature
of that attack. For example, the attacker may convert lowercase to uppercase letters.
Heuristic intrusion detection systems:-
Heuristic intrusion detection systems, is also known as anomaly based systems, It builds a model
of acceptable behavior as acceptable.
Instead of looking for matches, heuristic intrusion detection looks for behavior that is out of
the ordinary.
Helpful in understanding normal and abnormal behavior.(- this is refered to as Inference
Engine)
For example, one user might always start the day by reading e-mail, write many documents using a
word processor, and occasionally back up files. These actions would be normal. This user does not
seem to use many administrator utilities. If that person tried to access sensitive system
management utilities, this new behavior might be a clue that someone else was acting under the
user's identity.
Inference engines work in two ways

 State-based intrusion detection systems
 Model-based intrusion detection systems
State-based intrusion detection systems detect when the system has veered into unsafe modes.
Model-based intrusion detection systems try to map current activity onto a model of unacceptable
activity and raise an alarm when the activity resembles the unacceptable model
Network-based IDS
Network-based IDS is a stand-alone device attached to the network to monitor traffic throughout
that network;
Host-based IDS
a host-based IDS runs on a single workstation or client or host, to protect that one host.
Stealth Mode
An IDS is a network device. Any network device is potentially vulnerable to network

attacks. If anattacker succeeded in logging in to a system then he/she will disable the IDS. To
counter those problems, most IDSs run in stealth mode. In this mode an IDS has two network
interfaces: one for the network being monitored and the other to generate alerts
The IDS uses the monitor interface as “input only”; it never sends packets out through this N/w
interface. Often, the interface is configured so that the device has no published address ; so, a
router cannot route anything to that address directly, because the router does not know such a
device exists.
If the IDS needs to generate an alert, it uses only the alarm interface on a completely separate
control network.
Such an architecture is shown in Figure bellow
Figure -Stealth Mode IDS Connected to Two Networks.
Advantage:
(1) IDSs detect an ever-growing number of serious problems;And as we learn more about
problems, we can add their signatures to the IDS model. Thus, over time, IDSs continue to
improve.
(2) Cheaper and easier to administer.
Disadvantage:
An IDS does not run itself; someone has to monitor its track record and respond to its alarms.
Responding to Alarms
An intrusion detection system raises an alarm when it finds a match. The alarm can range from
something modest, such as writing a note in an audit log, to something significant, such as call the
system security administrator.
Response-1: Monitor, collect data, perhaps increase amount of data collected

Response-2: Protect, act to reduce exposure
Response-3: Call a human
Privacy in Computing
Privacy is a human right. Privacy is an aspect of confidentiality
Privacy Concepts
Information privacy has three aspects:
(1) Sensitive data,
(2) Affected parties, and
(3) Controlled disclosure
Controlled Disclosure
What is privacy? privacy is the right to control who knows certain aspects about you, your
communications, and your activities. In other words, you voluntarily choose who can know things
about you and what those things are.
The problem is: Anyone who has access to an object(data) can copy, transfer, or propagate
object or its content to others without consent.
Sensitive Data
Example ; People usually consider data sensitive like financial status, certain health data.
Here are examples (in no particular order) of data many people consider private.
 Identity, the ownership of private data and the ability to control its
disclosure
 Finances, credit, bank details
 Legal matters
 Medical conditions, drug use, DNA, genetic predisposition to illnesses
 Voting, opinions, membership in advocacy organizations
 Preferences: religion
 Biometrics, physical characteristics, polygraph results, fingerprints
 Illegal activities, criminal records
 Air travel data, general travel data, a person's location (present and past)
Affected Subject
Individuals, groups, companies, organizations,and governments all have data they consider
sensitive.
Eg-1:Companies consider product plans, key customers, profit margins, and newly
discovered technologies as private or sensitive.
Eg-2: schools, hospitals, or charities, may need to protect personal data of their students,
patients, or donors..
Privacy Issues
(1) Data Collection:-

Advances in computer storage(Disks) make it possible to hold and manipulate huge
numbers of records leading to privacy attacks.
(2) No Informed Consent:-
Data are collected without announcement. The user is not necessarily aware of this
category of data collection and thus cannot be said to have given informed consent.
(3) Loss of Control:-
We know that others may keep data we give them when you order products online, you
know you have just released your name, probably some address and payment data, and the
items you purchased. You have little control over dissemination (or redissemination) of
your data.
(4) Ownership of the Data:-
Customer details are being marketed. Information about you is being sold and you have no
control; nor do you get to share in the profit.
Data privacy principles
Computers and networks with internet have increased the feasibility of unwanted disclosures.
Vulnernability- Public records, storage capacity, Search engines, openness of networks.
Set of principles of fair information practice
Collection limitation:
Data should be obtained lawfully and fairly.
Data quality:
Data should be relevant to their purposes only then u can collect data and the collected ,
data must be accurate, complete, and up-to-date.
Purpose specification:
The purposes for which data will be used should be identified and the data destroyed if no
longer necessary to serve that purpose.
Use limitation:
The data must be used for purposes other than those specified only with consent of the data
owner or by authority of law.
Security safeguards:
Procedures to guard against loss, corruption, destruction, or misuse of data should be
established.
Individual participation:
The data subject (either individual/company/organization) normally has a right to access
and to challenge data relating to her.
Accountability:
There must be strict privacy rules,laws and punishments
Eight dimensions of privacy
Information collection: Data are collected only with knowledge and explicit consent.
Information usage: Data are used only for certain specified purposes.
Information retention: Data are retained for only a set period of time.
Information disclosure: Data are disclosed to only an authorized set of people.
Information security: Appropriate mechanisms are used to ensure the protection of the data.
Access control: All modes of access to all forms of collected data are controlled.
Monitoring: Logs are maintained showing all accesses to data.
Policy changes: Less restrictive policies are never applied after-the-fact to the already obtained
data.
Data Privacy Laws and Compliance
CONTROLS ON WEB SITES
Notice:- Data collectors must disclose their information practices before collecting
personal information from consumers.
Choice:- Consumers must be given a choice as to whether and how personal information
collected from them may be used.
Access:- Consumers should be able to view and contest the accuracy and completeness of
data collected about them.
Security:-Data collectors must take reasonable steps to ensure that information collected
from consumers is accurate and secure from unauthorized use.
Enforcement:-. A reliable mechanism must be in place to impose sanctions for
noncompliance with these fair information practices.
DATA PROTECTION LAWS IN INDIA
Data Protection refers to the set of privacy laws, policies and procedures that aim to minimize
intrusion into one‟s privacy caused by the collection, storage and dissemination of personal data.
The (Indian) Information Technology Act, 2000 deals with the issues relating to payment of
compensation (Civil) and punishment (Criminal) in case of wrongful disclosure and misuse of
personal data and violation of contractual terms in respect of personal data.
 Section 43A of the (Indian) Information Technology Act, 2000, a body-

corporate who is possessing, dealing or handling any sensitive personal data if is negligent in
implementing and maintaining reasonable security practices resulting in wrongful loss or wrongful
gain to any person, then such body corporate may be held liable to pay damages to the person so
affected.
Penalty for Damage-Section 43 of the IT Act, imposes a penalty of INR 10 million inter alia, for
downloading data without consent.
 Section 72A of the (Indian) Information Technology Act, 2000, disclosure of

information, knowingly and intentionally, without the consent of the person concerned and in
breach of the lawful contract has been also made punishable with imprisonment for a term
extending to three years and fine extending to INR 5,00,000
Tampering with Computer Source Documents as provided for under the IT Act, 2000
Section 65 of the IT Act lays down that whoever knowingly or intentionally conceals,
destroys, or alters any computer source code used for a computer, computer programme, computer
system or computer network, when the computer source code is required to be kept or maintained
by law for the time being in force and shall be punish able with imprisonment up to three years, or
with fine which may extend up to INR 200,000, or with both.
Recent amendments as introduced by the IT Amendment Act

A new section 10A has been inserted in the IT Act which deals with the validity of contracts
 Rule 1: mentions the list of things which will be treated as "sensitive personal data "under
the Act. It includes passwords, credit or debits card information, medical and biometric
records etc.
 Rule 2: Body- Corporate to provide a privacy policy for dealing with personal information
and sensitive data. The policy shall include all the necessary details for e.g. type of
personal data collected, statements of practices, purpose of collection, provisions related to
disclosure and security practices etc.
 Rule 3: it deals with provisions which govern the collection of information.
i. Body- Corporate shall not collect sensitive personal data without obtaining consent
in writing or by fax or e-mail form the provider regarding the purpose for which the
data is being collected.
ii. Any personal information or sensitive data shall not be collected unless and until it
is for a lawful purpose.
iii. The provider shall be made aware of the facts as to the information collected.
iv. The information collected shall be used only for the purpose for which it is
collected and shall not be retained for a period longer than which is required.
v. The provider shall be given an option to opt out of providing such information
along with an option to withdraw his consent at any later stage.
 Rule 4: requires that the Body- Corporate shall seek the consent of the concerned provider
before disclosing the sensitive data to a third party,
 Rule 5: clarifies that a body- corporate shall get their code duly approved by the Central
Government.
The following important sections have been substituted and inserted by the IT Amendment Act
Sections Descriptions
Section 43A Compensation for failure to protect data
Section 66 Computer Related Offences
Section 66A Punishment for sending offensive messages through communication service,
etc
Section 66B Punishment for dishonestly receiving stolen computer resource or
communication device.
Section 66C Punishment for identity theft of information
Section 66D Punishment for cheating by person by or using computer resource
Section 66E Punishment for violation for privacy
Section 84C Punishment for attempt to commit offences
Government of India first serious Law towards privacy was "Information Technology was
(Reasonable Security Practices and Procedures and Sensitive Personal Data or Information)
Rules, 2011)

Im Unit 2

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Im Unit 2

Caricato da

Copyright:

Formati disponibili

IT6701 INFORMATION MANAGEMENT RMDEC

• A bug: trap door,backdoor

• A failure: is deviation from the system's required behavior.

Protecting programs is at the heart of computer security

• How do we keep programs free from flaws?

• How do we protect computing resources against programs that contain flaws?

Penetrate and patch

NON MALICIOUS CODE

Implications of buffer overflow

by causing buffer overflow… can…

change stack pointer

return addresses are modified

attacker can redirect execution to a block

Virus {resident virus Vs transient virus}

How virus attach

• Viruses That Surround a Program

• Integrated Viruses and Replacements

Viruses That Surround a Program

Integrated Viruses and Replacements

• written document, a database, a slide presentation, a picture, or a spreadsheet. These documents

How Viruses Gain Control

Homes for Viruses

 Boot Sector Viruses

Eg - Code Red worm pattern

Anonymous Malicious Code <un targeted>

The Brain Virus

• One of the earliest viruses

• Hides in boot sector

• Uses interrupts to cause attacks

The Internet Worm

• Serious damages to network

• Many systems were affected by internet worm

• Initially –recourse exhaustion---isolation

• disconnection of many systems from the Internet

-->worm exploited several known flaws and ---configuration failures

infect & propogate

Targeted Malicious Code

 Trojans---client –server attack model

 Trapdoor----undocumented entry point to a module

 Rootkits--- Operate as root (super privilege)

 Privilege Escalation--- access rights and low privileges to high privileges

 Keystroke Logging--- retains a copy of all keys pressed

 Timing Attacks—time (based on size)

 infer the size of the computer's input.

 Creating 20 database records takes approximately twice as long as creating 10

 Covert Channels--- Programs That Leak Information

Types of Covert Channel

Method used to identify covert channel

shared recourse matrix

Information flow(explicit and implicit flow)

Controls against Program threats

Prevention of virus controls;=

• Use only commercial software acquired from reliable, well-established vendors.

• Test all new software on an isolated computer

• Open email attachments only when you know them to be safe.

• Make a recoverable system image and store it safely.

• Make and retain backup copies of executable system files.

There are three types of against program threats

• Operating System Controls

• Good flawless Design

…to facilitate this OS offers

General control of access to objects

Basis of OS level protection