269111 – communication technology in a changing world dr. ken cosh week 14
TRANSCRIPT
269111 – Communication Technology in a Changing World
Dr. Ken CoshWeek 14
Previously…
We talked about the “Digital Divide” What is it? Projects that attempt to close the divide Value of those projects?
This Week
Challenges (still) facing Modern ICTs Reliability Security
Reliability
Redundancy is the Key! Spare components Components running in parallel
Triple Modular Redundancy Identify unreliable components and
arrange back ups. UPS Multiple ISPs
Security
Data stored digitally & transmitted through networks == Greater security threats. After all digital data can be copied more
easily
Security Threats
Unauthorised AccessErrorsViruses/WormsSpyware
TappingSniffingMessage AlterationTheft/Fraud
HackingVandalismDoS attacksTheft/Copy DataHardware/Software
Failure
Malware (Malicious Software):Viruses / Worms / Trojans / Spyware
Virus Display message -> destroying data Spread by human action;
i.e. sending infected email, or copying a file
Worms Don’t need human action;
Copy themselves across network on their own.
Destroy data / Disrupt network
Malware (Malicious Software):Viruses / Worms / Trojans / Spyware
Trojan Horses Software appears benign, but then does
something unexpected Doesn’t replicate (so not a virus), but may
facilitate viruses Spyware
Program installs itself and then serves up advertising
Keyloggers record all keystrokes – including passwords / CC numbers etc.
Some spyware uses up memory / redirect search requests / reset browser home page
Hackers & Computer Crime
Objective: to gain unauthorised access Steal information System damage Cybervandalism Defacing websites
Spoofing / Sniffing Spoofing
Masquerade as someone else [email protected]
Redirect you to similar webpage www.hsbc.net
Sniffing Eavesdropping on data passed through a
network Legitimately to identify trouble spots / criminal
activity But also to steal information
V. difficult to detect
DoS Attacks
Denial of Service DDoS – Distributed Denial of Service Fake communications / requests
submitted simultaneously through network to slow it down and prevent legitimate usages.
Identity Theft
Perhaps by Phishing Asking users for confidential data
through fake emails/websites “Please update your records…”
Or Evil Twins I could set up a “trustworthy” wifi
network connection in a hotel lobby
Countering the Threats
Tight Security Policies Access Control
Authentication Password Biometrics
Firewalls Anti Virus Encryption
Security PoliciesAccess Control Lists (ACL)
Limit which users can do what (e.g. update websites)
Signed agreements for service When allowing users onto a network, normally
they sign an agreement, regarding terms of use.Policies could include,
Regular password changes Whether personal use of service is permitted Antivirus updates
Can help against, external attacks, intrusion, virus / worms
Encryption
Encoding the contents of a transmission so it can’t be decrypted on route.Symmetric-key encryptionPublic / Private key encryption
Helps prevent interception.
Symmetric Key Encryption Both sender and receiver use
the same ‘code’ to encrypt and then decrypt a message. If I tell you to move each
character back two in the alphabet, and then send you this message;
Jgnnq Encuu Anyone who intercepts the
message gets nothing, but you are able to decrypt it.
More interesting patterns can be created to increase security. Substitution Transposition
Key:FANCY
Message:eatitnihmexnetmgmedt
Decoding