telekom unauthirized

7/31/2019 TELEKOM UNAUTHIRIZED

1/36

UNAUTHORIZEDACCESSANDUSED

SPPM 1013: TELECOMMUNICATION ANDNETWORKING


2/36

UNAUTHORIZED ACCESS

The use of a computer and network withoutpermission.

A cracker, or hacker, is someone who tries toaccess a computer or network illegally.

Some hackers break into a computer for thechallenge. However, others use or steal computerresources or corrupt a computer's data.


3/36

UNAUTHORIZED USED

The use of a computer or its data for unapprovedor possibly illegal activities.

Examples of unauthorized use of computersinclude:

An employee using a company computer to sendpersonal e-mail.

Someone gaining access to a bank computerand performing an unauthorized transfer.


4/36

They can be committed by bothinsiderand outsider.

Insider: people who work for the company whosecomputer are being accessed.

Outsider: people who do not work for that company.


5/36

HOW TO PREVENT

One way to prevent unauthorized access andunauthorized use of computers is to utilize accesscontrols.

Codes of conduct (used to specify rules forbehavior, typically by a business or school);typically address prohibited activities such asplaying games, installing personal software,

violating copyright laws, causing harm to othercomputer and snooping other files.


6/36

SAMPLECODEOFCONDUCT


7/36

TYPES OF UNAUTHORIZED


8/36

HACKERS

Person using the computer to break into anothercomputer network.

It can be performed in person by hacking into acomputer the hacker has physical access to, butmore often performed via the internet or anothernetwork.

Unless authorized, when a company ask aprofessional hackers to test the security of itssystem.


9/36

REASONS

To steal data, sabotage a computer system and

perform some other type of illegal act such as:i. Theft on credit card number and cardholder

information.

ii. Generating spam or hosting pornographic sites.


10/36

In US hacking is also considered serious threatbecause of increasing on the number of worms

controlled by computer and connected to internet. Its allow the hackers to access a system that led to

an based risk of cyberterrorism where terroristlaunch attack via the Internet.


11/36

WARDRIVINGANDWI-FIPIGGYBACKING

Wi-Fi hacking: Common for hackers to gainentrance via Wi-Fi.

War driving or Wi-Fi piggybacking: Using someoneelses Wi-Fi network to gain free access to theInternet.

Illegal in some areas: steal data of credit cardnumber via network.

Can lead to criminal behavior

Ethical issues: borrow someone internetconnection to avoid paying crossing over theline.


12/36

INTERCEPTIONOFCOMMUNICATION

Interception of communications: Gainingunauthorized access to data as it is being sent overthe Internet or another network.

The increased use of wireless networks has

opened up new opportunities for datainterception;

Business and personal wireless networks

Use of public hotspots

Wireless connections with mobile phones andmobile devices

Once intercepted, the content can be read,altered, or otherwise used for unintendedpurposes.


13/36

PROTECTINGAGAINSTUNAUTHORIZEDACCESSANDAUTHORIZEDUSE


14/36

ACCESSTOCONTROLSYSTEM

Used to control access to:

Facilities

Computer networks Databases

Web site accounts

Can be individual or part of a complete network

access control (NAC) system.


15/36

Can be:

Identification systems: Verify that the persontrying to access the facility or system is anauthorized user.

Authentication systems: Determine if the personis who he or she claims to be.

Can use more than one type (two-factor systems).


16/36

POSSESSEDKNOWLEDGEACCESSSYSTEM

Use information that only an individual shouldknow:

Usernames PINs

Passwords

Should be strong passwords and changed

frequently.Tokens can generate passwords.


17/36

Cognitive authentification systems: Useinformation the individual knows(past teachers, birthplace, first home, etc.)

Disadvantage: Can be used by an unauthorizedindividual with the proper knowledge


18/36

Two factor authentication;

The user must have both the access card (to obtainthe OTP) and his or her conventional username/password combination in order to log on to his orher online account.


19/36


20/36

BIOMETRIC ACCESS SYSTEM (BAS)

BAS is refer to identify users by a particular uniquebiological characteristic.

Such as fingerprints, iris, hand and facerecognition.


21/36

Today, keystroke dynamicsare commonly use liketype on username and password.

Other than that, identify via voice, signature or gait.


22/36

HOWTHE BAS FUNCTION

To identify an individual, some device need to use.There is the system and device that should be use.

System Device

Fingerprints system Fingerprints reader

Iris detection Iris scanner

Via voice Recorder

Via face recognition Digital camera


23/36

All the device have been conjunct it to databasethat who were stored all the data saved previously.

In order to indentify who is the user, the device willrecognize it by searching on the matching data bywhat they received from scanning from the user.

Other than that, to speed up the process, userneeds to identify themselves first by swiping theirpersonal card and so on.


24/36

USESOF BIOMETRICACCESSSYSTEM

To control access on security facilities

To log user computer or other device

On networking

Secure Web site (https://exp.CIMBCLICKs) Punch of employee in and out of work

Confirms customer on ATM machine.


25/36

DEPARTMENTTHATUSETHISSYSTEM

Military

Prisoner

Airport

Banking


26/36

ADVANTAGEOF BAS

Totally accurate. (exp: even a twin have same DNAbut they will have difference irises.)

Tend more accurate than personal trait. Becausepersonal trait may be change like signature.

Cannot be lost/broken and forgotten.

Doesnt need to bring all time.


27/36

DISADVANTAGEOF BAS

Hardware and software to expensive

The data used for authentication ( cannot be reset )


28/36

CONTROLLING ACCESSTO WIRELESSNETWORKS

Wireless network like WIFI are less secure.

The original standard was WEP ( Wired EquivalentPrivacy) are replaced with WPA/WPA2 ( Wi-Fiprotection Access) who is more secure

Commonly, Wi-Fi hardware are shipped withsecurity features switched off.

So, owner need to change their router and accesspoint setting in order to secure their network.

SSID is helping us to protect and secure to ournetwork.


29/36

FIREWALL

Is a security system that essentially create barrierbetween computer network to internet.


30/36

Work two-way, will check on all incoming and

outgoing to protect home computer from hackers.

incoming incoming

outgoing outgoing


31/36

All computer directly connect to internet must havefire wall.

There are some example of firewall software. It willclassified in two. Stand Alone and Built in OperatingSystem.

Stand Alone Software(need to purchase by

user)

Built in OperatingSystem (purchase withwindow)


32/36

THEUSESOFFIREWALL

To control employee Internet access.

To protect business networks from the outsiders orhacker.


33/36

ENCRYPTION

Is a way of temporarily converting data into a form.( called cipher)

It only can be read after decrypted it.

In order to protect data from unauthorized people.


34/36

Secure Web pages will encrypt the sensitive datalike ( credit card number)

It also use in data file. So, the data that stored inhard drive will be secure and unreadable from

unauthorized people.


35/36

TYPEOF ENCRYPTION

Public Key Encryption Type of encryption that uses key pairs to encrypt and

decrypt the file or message.


36/36

Private Key Encryption

Type of encryption that uses a single key to encrypt anddecrypt the file or message.

telekom unauthirized

Documents