THREATS

INVOLVED IN
INFORMATION
SYSTEMS
By : VIPUL SHARMA
CHRISTOPHER KEELOR
SIDDHANT JAIN

SYSTEM VULNERABILITY &

ABUSE
WHY SYSTEMS ARE
VULNERABLE ?
HACKERS
THINGS

& VIRUSES

THAT CREATE CONCERN FOR BUILDERS &

USERS
SYSTEM

QUALITY PROBLEMS

THREATS TO
INFORMATION SYSTEMS

HARDWARE FAILURE

FIRE

SOFTWARE FAILURE

ELECTRICAL PROBLEMS

PERSONNEL ACTIONS

USER ERRORS

ACCESS PENETRATION

PROGRAM CHANGE

THEFT OF DATA

SERVICES

EQUIPMENT TELECOMMUNICATIONS PROBLEMS

*

VULNERABILITIES
RADIATION: Allows recorders, bugs to tap system
CROSSTALK: Can garble data
HARDWARE: Improper connections, failure of
protection circuits
SOFTWARE: Failure of protection features, access
control, bounds control
FILES: Subject to theft, copying, unauthorized
access
*

VULNERABILITIES
USER: Identification, authentication,
subtle software modification
PROGRAMMER: Disables protective
features; reveals protective measures
MAINTENANCE STAFF: Disables
hardware devices; uses stand-alone
utilities
OPERATOR: Doesnt notify supervisor,
reveals protective measures
*

HACKERS & COMPUTER VIRUSES

HACKER: Person gains access to

computer for profit, criminal mischief,

personal pleasure
COMPUTER

VIRUS: Rogue program;

difficult to detect; spreads rapidly;

destroys data; disrupts processing &
memory
*

COMMON COMPUTER VIRUSES

CONCEPT, MELISSA: Word documents, e-mail.

Deletes files
FORM: Makes clicking sound, corrupts data
EXPLORE.EXE: Attached to e-mail, tries to e-mail to
others, destroys files
MONKEY: Windows wont run
CHERNOBYL: Erases hard drive, ROM BIOS
JUNKIE: Infects files, boot sector, memory conflicts
*

ANTIVIRUS SOFTWARE

SOFTWARE TO DETECT

ELIMINATE VIRUSES

ADVANCED VERSIONS RUN IN MEMORY TO

PROTECT PROCESSING, GUARD AGAINST
VIRUSES ON DISKS, AND ON INCOMING
NETWORK FILES
*

CONCERNS FOR
BUILDERS & USERS

DISASTER

BREACH OF SECURITY

ERRORS
*

DISASTER

LOSS OF HARDWARE

SOFTWARE

DATA BY FIRE

POWER FAILURE

FLOOD OR OTHER CALAMITY

SYSTEM QUALITY
PROBLEMS

SOFTWARE & DATA

BUGS: Program code defects or errors

MAINTENANCE: Modifying a system in

production use; can take up to 50% of
analysts time

DATA QUALITY PROBLEMS: Finding,

correcting errors; costly; tedious
*

SECURITY AND THE INTERNET

ENCRYPTION: Coding & scrambling messages to

deny unauthorized access

AUTHENTICATION: Ability to identify another

party
MESSAGE

INTEGRITY

DIGITAL

SIGNATURE

DIGITAL

CERTIFICATE
*

SECURITY AND THE INTERNET

PUBLIC KEY ENCRYPTION

SCRAMBLED

SENDER

MESSAGE
Encrypt
with public key

RECIPIENT

Decrypt
with private key

SECURITY AND THE INTERNET

DIGITAL

WALLET: Software stores credit card,

electronic cash, owner ID, address for e-commerce

transactions
SECURE

ELECTRONIC TRANSACTION: Standard

for securing credit card transactions on Internet

*

SECURITY AND THE INTERNET

ELECTRONIC PAYMENT SYSTEMS

CREDIT CARD-SET: Protocol for payment security

ELECTRONIC CASH: Digital currency

ELECTRONIC CHECK: Encrypted digital signature

SMART CARD: Chip stores e-cash

ELECTRONIC BILL PAYMENT: Electronic funds transfer

*

THANK YOU