Secure System: Authentication, Web Security, Types of Attacks
Added on 2023-04-21
14 Pages3428 Words384 Views
SECURE SYSTEM
TABLE OF CONTENTS
INTRODUCTION...........................................................................................................................1
Authentication.............................................................................................................................1
Web security (Secure socket layer).............................................................................................1
Types of attacks...........................................................................................................................2
Social Engineering & the human aspects to information systems security................................2
Logical vs physical security........................................................................................................3
Network enumeration, foot printing and scanning......................................................................3
Cryptography and secure data transfer........................................................................................4
Attack countermeasures: ............................................................................................................4
Wireless networks.......................................................................................................................5
Security policies and Legislation, ethical principles, privacy and protection of personal and
sensitive data...............................................................................................................................6
Security tools and patches...........................................................................................................6
Securing Cloud infrastructure.....................................................................................................7
Storing and processing personal and sensitive data....................................................................7
Describing ISO27000/ISO27002...............................................................................................8
Conclusion.......................................................................................................................................8
REFERENCES................................................................................................................................9
INTRODUCTION...........................................................................................................................1
Authentication.............................................................................................................................1
Web security (Secure socket layer).............................................................................................1
Types of attacks...........................................................................................................................2
Social Engineering & the human aspects to information systems security................................2
Logical vs physical security........................................................................................................3
Network enumeration, foot printing and scanning......................................................................3
Cryptography and secure data transfer........................................................................................4
Attack countermeasures: ............................................................................................................4
Wireless networks.......................................................................................................................5
Security policies and Legislation, ethical principles, privacy and protection of personal and
sensitive data...............................................................................................................................6
Security tools and patches...........................................................................................................6
Securing Cloud infrastructure.....................................................................................................7
Storing and processing personal and sensitive data....................................................................7
Describing ISO27000/ISO27002...............................................................................................8
Conclusion.......................................................................................................................................8
REFERENCES................................................................................................................................9
ILLUSTRATION INDEX
Illustration 1: Cryptography.............................................................................................................5
1
Illustration 1: Cryptography.............................................................................................................5
1
INTRODUCTION
Secure system helps organization against destruction, data corruption, interception and
unauthorized access. It is necessary for the management of corporation to manage its information
and data systems (Wong and Ledley, 2013). The present report describes Authentication process
of IT system in the organizations. Further, it describes working of web security and logical vs.
physical security for corporations. In addition to this, it explains cryptography as well as data
transfer techniques for securing information. It reveals security policies for the organizations as
per rules and regulations of government. It describes techniques of securing cloud infrastructures
as well as wireless networks in the corporations. It explains about social engineering and the
human aspects to information systems security for the organizations.
Authentication
Generally, Authentication is a process to identify genuine user through systematic
process. There are many types of authentication which are described as follows.
Password authentication: Password authentication is an effective method for
recognizing real user. In this process, person log on web page through user name and password
(Alexander and Finch. 2013). Then after, system checks this user name and password with help
of database which contains all information.
Smart card Authentication: Generally, this type of authentication is used by many
organizations like bank and MNC companies. Further, smart card contain computer chip which
is used to store private, public and other important information. To log into network, user has to
insert Smart card into reader and enter personal identification number to access the data.
Biometric Authentication: Mainly, organizations use biometric authentication for better
safety of data. In this process, biological statistics like finger prints, voice as well as iris pattern
of users are adopted by the system (Conheady, 2014). They are used for authentication of the
person by matching biological pattern.
Web security (Secure socket layer)
The SSL protocol is an Internet standard which is used to give secured access to Web
sites with help of public key technology and secret key technology. In addition to this, secret key
encryption provides effective speed for processing data and it is called symmetric encryption. On
the other side, asymmetric public key encryption gives better authentication to websites (Yeluri
and Castro-Leon, 2014). Secure Socket Layer is developed to take benefit of symmetric as well
2
Secure system helps organization against destruction, data corruption, interception and
unauthorized access. It is necessary for the management of corporation to manage its information
and data systems (Wong and Ledley, 2013). The present report describes Authentication process
of IT system in the organizations. Further, it describes working of web security and logical vs.
physical security for corporations. In addition to this, it explains cryptography as well as data
transfer techniques for securing information. It reveals security policies for the organizations as
per rules and regulations of government. It describes techniques of securing cloud infrastructures
as well as wireless networks in the corporations. It explains about social engineering and the
human aspects to information systems security for the organizations.
Authentication
Generally, Authentication is a process to identify genuine user through systematic
process. There are many types of authentication which are described as follows.
Password authentication: Password authentication is an effective method for
recognizing real user. In this process, person log on web page through user name and password
(Alexander and Finch. 2013). Then after, system checks this user name and password with help
of database which contains all information.
Smart card Authentication: Generally, this type of authentication is used by many
organizations like bank and MNC companies. Further, smart card contain computer chip which
is used to store private, public and other important information. To log into network, user has to
insert Smart card into reader and enter personal identification number to access the data.
Biometric Authentication: Mainly, organizations use biometric authentication for better
safety of data. In this process, biological statistics like finger prints, voice as well as iris pattern
of users are adopted by the system (Conheady, 2014). They are used for authentication of the
person by matching biological pattern.
Web security (Secure socket layer)
The SSL protocol is an Internet standard which is used to give secured access to Web
sites with help of public key technology and secret key technology. In addition to this, secret key
encryption provides effective speed for processing data and it is called symmetric encryption. On
the other side, asymmetric public key encryption gives better authentication to websites (Yeluri
and Castro-Leon, 2014). Secure Socket Layer is developed to take benefit of symmetric as well
2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Assurance and Information Technology Assignment 2022lg...
|4
|721
|13
Introduction to Information Assurance and Information Security Assignment 2022lg...
|11
|1301
|11
Hybrid Encryptionlg...
|4
|798
|8
Creating a Company Culture for Security - Security steps and methods for an organizationlg...
|4
|534
|193
Network Security: Cryptography, Data in Transit and Rest, Cloud Computinglg...
|10
|1928
|459
Network Security: Concepts and Techniqueslg...
|11
|718
|27