Need of Security , Security Approaches, Principles of Security
Download as PPTX, PDF0 likes33 views
This presentation introduces the essential building blocks of cryptography, focusing on why security is critical in today’s digital world. Learn about the need for security in communication and data storage, and explore the core principles of security—Confidentiality, Integrity, Availability, Authentication, and Non-repudiation. Whether you're a student, tech enthusiast, or professional, this lecture lays a solid foundation for understanding how cryptography safeguards modern systems
Need of Security , Security Approaches, Principles of Security
- 1. Galgotias University 1 The need for security, Security Approaches, Principles of Security Session No.: 2 Course Name: Fundamentals of Cryptography Course Code: EIUA408B Instructor Name: Aishwarya Duration: 50 min
- 2. Galgotias University 2 A. Information Security B. CIA Traid Recap
- 3. Galgotias University 3 Opening Question? What would you do if your phone suddenly stopped working because of a virus?
- 4. Galgotias University 4 LEARNING OUTCOMES LO1 • Describe Security Approaches: preventive, detective and corrective measures. LO2 • Identify common security threats, such as phishing, malware, DoS and insider threats. At the end of this session students will be able to
- 5. Galgotias University 5 Session Outline 1. Need of Security 2. Learning Concept of Activity 1 3. A1(Real-world scenario): Why security Approaches 4. Learning Concept of Activity 2 5. A2 :Attack Simulation Discussion 6. Conclusion & Closing Activity
- 6. Galgotias University 6 Concept and Definition for Learning Activity 1
- 7. Galgotias University 7 They are strategies used to protect data, systems, and networks from threats. They can be categorized into three main types: Preventive, Detective, and Corrective Measures. Security approaches Preventive Measures Detective Measures Corrective Measures
- 8. Galgotias University 8 Preventive measures are proactive security controls designed to stop attacks before they happen. These measures help reduce vulnerabilities and protect systems, data, and networks from threats. Ex: Think of it like locking your house doors to prevent burglars from entering. Preventive Measures (Prevention Before an Attack) Key Preventive Measures: 1. Firewalls 2. Antivirus & Anti-malware Software 3. Strong Authentication & Password Policies 4. Access Control 5. Data encryption Why Are Preventive Measures Important? o Reduce the risk of cyberattacks before they occur. o Protect sensitive data from unauthorized access. o Minimize financial and reputational damage caused by breaches. o Ensure business continuity by preventing disruptions. Preventive measures reduce risk.
- 9. Galgotias University 9 Detective measures are security controls that identify and monitor potential threats or security breaches. These measures help detect unauthorized activities, intrusions, or anomalies in a system, allowing quick responses to security incidents. Ex: Like having a security camera to catch intruders in action. Detective Measures (Monitoring & Identifying Threats) Key Preventive Measures: 1. Intrusion Detection Systems (IDS) 2. Security Logs & Auditing 3. Anti-malware & Virus Scanning 4. Network Traffic Monitoring 5. File Integrity Monitoring (FIM) Why Are Detective Measures Important? o Identify security breaches early before they cause significant damage. o Monitor and analyze suspicious activities in real time. o Provide evidence for forensic investigations and legal actions. o Help improve preventive measures by detecting vulnerabilities. Detective measures identify threats early.
- 10. Galgotias University 10 Corrective measures are actions taken to respond to and recover from security incidents. These measures help minimize damage, restore systems, and prevent future attacks. Ex: Like repairing a broken lock and recovering stolen valuables after a burglary. Corrective Measures (Response & Recovery After an Attack) Key Preventive Measures: 1. Incident Response Plan (IRP) 2. Data Backup & Recovery 3. Software Patching & Updates 4. Blocking or Revoking Access 5. Forensic Analysis & Investigation Why Are Corrective Measures Important? o Minimize the impact of security breaches and restore normal operations. o Prevent the same attack from happening again by fixing vulnerabilities. o Ensure business continuity even after a security incident. o Improve future security strategies by learning from past incidents. Corrective measures help recover quickly.
- 11. Galgotias University 11 Security Approach Match-Up(10 min) Scenario 1: Unauthorized Access to a University Database A student finds an old professor’s login credentials and accesses the university’s grading system to change their marks. The IT team discovers the changes during a routine audit. Discussion Questions: 1.What preventive measures should have been in place? (e.g., Password expiration policies, Multi-Factor Authentication) 2.How could detective measures have detected this sooner? (e.g., Regular security audits, system logs, user behavior monitoring) 3.What corrective actions should the university take? (e.g., Change login policies, restore original grades, improve system security)
- 12. Galgotias University 12 Quiz on Wooclap
- 13. Galgotias University 13 Concept and Definition for Learning Activity 2
- 14. Galgotias University 14 THE OSI SECURITY ARCHITECTURE The OSI (Open Systems Interconnection) Security Architecture provides a framework for securing communication systems by addressing security concerns across different layers of network communication. It was developed by ISO (International Organization for Standardization) to identify security threats, define security services, and establish security mechanisms Security attack (Threats to Security): The OSI model classifies security threats into two main types: Passive Attacks (Eavesdropping, Traffic Analysis) Attackers secretly monitor communication without altering data. Example: A hacker intercepting an email without modifying it. Active Attacks (Modification, Masquerade, Replay, Denial of Service) Attackers alter, disrupt, or impersonate communication. Example: A hacker modifying bank transaction details during online payment.
- 15. Galgotias University 15 THE OSI SECURITY ARCHITECTURE A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security Mechanisms (How Security is Implemented) Security Services (Protection Measures) A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
- 16. Galgotias University 16 Definition of threat and attack A threat is a possible security violation that might exploit the vulnerability of a system or asset. The origin of the threat may be accidental, environmental (natural disaster), human negligence, or human failure. A hacker trying to find weaknesses in a bank's website. Threat: Attack Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. A hacker steals money from a bank by hacking into accounts.
- 17. Galgotias University 17 Summary A. The Need for Security: Protects sensitive data, prevents cyber threats (hacking, malware, phishing), and ensures safe communication. B. Security Approaches: Includes Preventive (firewalls, encryption), Detective (monitoring, IDS), and Corrective (incident response, backups) measures. C. Confidentiality: Ensures data is accessible only to authorized users (e.g., encryption, access controls). D. Integrity: Maintains accuracy and reliability of data (e.g., hashing, digital signatures). E. Availability: Ensures systems and data remain accessible when needed (e.g., backups, disaster recovery plans).
- 18. Galgotias University 18 Ensure attainment of LOs in alignment to the learning activities: outcomes (1-2) LO1: Describe Security Approaches: preventive, detective and corrective measures. LO2:Identify common security threats, such as phishing, malware, DoS and insider threats.
- 19. Galgotias University 19 Discussion on the post session activities Attempt the Post-session activity on LMS, before next session
- 20. Galgotias University 20 Information to next topic of the course Next session: Types of Attacks
- 21. Galgotias University 21 Review and Reflection from students https://gulms.galgotiasuniversity.org/mod/ feedback/view.php?id=41919
Editor's Notes
- #3: Restart the Phone – Try a simple reboot to see if the issue is temporary. Boot in Safe Mode – If possible, restart in Safe Mode to prevent malicious apps from running. Disconnect from the Internet – Turn off Wi-Fi and Mobile Data to stop the virus from spreading or communicating with remote servers.
- #4: Identify common security threats, such as phishing, malware, denial-of-service (DoS), and insider threats.
- #8: 🔹 Firewalls – Block unauthorized access to networks by filtering incoming and outgoing traffic. 🔹 Antivirus & Anti-malware Software – Detect and remove malicious software before it infects a system. 🔹 Strong Authentication & Password Policies – Use strong passwords and Multi-Factor Authentication (MFA) to prevent unauthorized access. 🔹 Access Control – Restrict access to sensitive data based on user roles and permissions. 🔹 Data Encryption – Secure data by converting it into an unreadable format that only authorized users can decode. 🔹 Security Awareness Training – Educate users about phishing, scams, and social engineering attacks to prevent human errors. 🔹 Software Updates & Patch Management – Regularly update software and operating systems to fix security vulnerabilities. 🔹 Physical Security Measures – Use security cameras, biometric access, and ID verification to prevent unauthorized physical access. 🔹 Network Segmentation – Divide a network into sections to limit the spread of cyber threats. 🔹 Backup & Disaster Recovery Plans – Regularly back up data to ensure it can be restored in case of an attack or failure.
- #9: 🔹 Intrusion Detection Systems (IDS) – Monitors network traffic and alerts administrators about suspicious activity. 🔹 Security Logs & Auditing – Tracks user activities, login attempts, and system changes to identify security threats. 🔹 Anti-malware & Virus Scanning – Scans files and applications for malware or malicious behavior. 🔹 User Behavior Analytics (UBA) – Uses AI and analytics to detect unusual user activity, such as unauthorized access attempts. 🔹 SIEM (Security Information and Event Management) Systems – Collects and analyzes security data from different sources to identify threats in real time. 🔹 Honeypots – Decoy systems designed to attract and analyze attackers' behavior before they can cause real damage. 🔹 Surveillance Cameras & Physical Monitoring – Detects unauthorized physical access to restricted areas. 🔹 Network Traffic Monitoring – Analyzes data flow to detect potential threats, such as unusual spikes in traffic that might indicate a cyberattack. 🔹 File Integrity Monitoring (FIM) – Detects unauthorized changes to critical system files. 🔹 Penetration Testing & Vulnerability Scanning – Simulates attacks to uncover weaknesses in a system.
- #10: Incident Response Plan (IRP) – A structured approach for handling security breaches, including containment, investigation, and recovery. 🔹 Data Backup & Recovery – Regular backups ensure that lost or corrupted data can be restored after an attack or system failure. 🔹 Software Patching & Updates – Fixes vulnerabilities that were exploited during an attack to prevent recurrence. 🔹 Blocking or Revoking Access – Disables compromised accounts, resets passwords, or restricts system access to contain a breach. 🔹 System Restoration & Reinstallation – Reverts systems to a secure state after malware infection or unauthorized changes. 🔹 Security Policy Adjustments – Updates security policies and procedures based on lessons learned from an incident. 🔹 Forensic Analysis & Investigation – Identifies the root cause of the attack and gathers evidence for legal action. 🔹 User Awareness & Training – Educates employees on what went wrong and how to prevent similar incidents in the future. 🔹 Enhanced Monitoring & Logging – Improves detection systems to catch similar threats earlier in the future. 🔹 Legal & Compliance Actions – Ensures that regulatory reporting and legal actions are taken after a security breach.
- #16: Threat: A thief watching your house, looking for ways to break in. 🔨 Attack: The thief breaking into your house and stealing valuables.
- #18: Conclusion: 1 min [46]
- #19: * Share / Discuss details – 1 min [47]
- #20: Conclusion: 1 min [48]
- #21: Conclusion: 2 min [50]