Preview

INFORMATION SYSTEMS SECURITY: SHANGHAI WIRELESS CAFE

Good Essays
Open Document
Open Document
2074 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
INFORMATION SYSTEMS SECURITY: SHANGHAI WIRELESS CAFE
UNIVERSITAS INDONESIA

CASE STUDY 5
INFORMATION SYSTEMS SECURITY: SHANGHAI WIRELESS CAFE

SISTEM INFORMASI DAN PENGENDALIAN INTERNAL

Chitarani Kartikadewi - 1406524682
Desi Susanti - 1406524695
Karina Ayu Ditriani - 1406524713

FAKULTAS EKONOMI
PROGRAM MAKSI-PPAK
OKTOBER 2014
CHAPTER I
INTRODUCTION

CHAPTER II
META-PERSPECTIVE OF MANAGING INFORMATION RESOURCES AND SECURITY

The Information System Vulnerability
Information resources (physical resources, data, software, procedures, and other information resources) are scattered throughout the firm. Information is transmitted to and from the firm’s components. Therefore vulnerabilities exist at many points and at any time.

System Vulnerability
A universal vulnerability is a state in a computing system which either: allows an attacker to execute commands as another user; allows an attacker to access data that is contrary to the access restrictions for that data; allows an attacker to pose as another entity; or allows an attacker to conduct a denial of service.
An exposure is a state in a computing system (or set of systems) which is not a universal vulnerability, but either: allows an attacker to conduct information gath­ering activities; allows an attacker to hide activities; includes a capability that behaves as expected, but can be easily compromised; is a primary point of entry that an attacker may attempt to use to gain access to the system or data; and is considered a problem according to some reasonable security policy.
The vulnerability of information systems is increasing as we move to a world of networked and especially wireless computing. Theoretically, there are hundreds of points in a corporate information system that can be subject to some threats. These threats can be classified as:
1. Unintentional
a. Human errors
b. Environmental hazards
c. Computer system failures
2. Intentional
a. Theft of data
b. Inappropriate use of data
c. Theft of mainframe com­puter time
d. Theft of equipment
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Better Essays

    Nt2580 Week 1 Multi-Layered Security Research Paper
    • 1234 Words
    • 5 Pages

    Nt2580 Week 1 Multi-Layered Security Research Paper

    of the System/Application domain is loss of data. System/application attacks are generalized into three categories: denial or destruction, alteration,…

    • 1234 Words
    • 5 Pages
    Better Essays
    Read More
  • Good Essays

    Nt1310 Unit 3 Assignment 1
    • 1244 Words
    • 5 Pages

    Nt1310 Unit 3 Assignment 1

    Analysis and explanation of the threat and vulnerability pairs and their likelihood of occurrence. The chart explains the aspects of the vulnerabilities and threats. b\Because we have no data on these threats on the amount of occurrences we cannot assign an impact rating or a probability rating in which is high medium an low (reference page 121 of book)…

    • 1244 Words
    • 5 Pages
    Good Essays
    Read More
  • Powerful Essays

    IS3110 U5L1
    • 912 Words
    • 4 Pages

    IS3110 U5L1

    One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.…

    • 912 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    IS4560 Unit 1 Assignment 1

    • 275 Words
    • 1 Page

    IS4560 Unit 1 Assignment 1

    In this assignment we are asked to identify the major threats and security concepts from a whitepaper located on the internet: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf. This report stated that: “There are a number of recent and growing trends in the threat activity landscape that were observed by Symantec in 2009.” These threats are identified as:…

    • 275 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS4799
    • 675 Words
    • 8 Pages

    IS4799

     Importance • Significant amount of supplemental information IS4799 Information Systems and Cybersecurity Capstone Project © ITT Educational Services, Inc. All rights reserved. Page 4 Key Concepts  Clarification • Additional information to clarify RFP contents…

    • 675 Words
    • 8 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Nt1330 Unit 3 Essay
    • 764 Words
    • 4 Pages

    Nt1330 Unit 3 Essay

    Vulnerability is a weakness or a fault within the system, such as software package flaws, unlocked doors, or an unprotected system port. Vulnerability leaves things open to an attack or damage. Exposure on the other hand, is a single instance when the system is open to damage. Vulnerabilities (weaknesses) can in turn be the cause of exposure (system open for attack).…

    • 764 Words
    • 4 Pages
    Good Essays
    Read More
  • Powerful Essays

    Technical Paper
    • 2659 Words
    • 9 Pages

    Technical Paper

    Global Finance, Inc. (GFI) is a hypothetical company, which has grown rapidly over the past year. GFI has invested in its network and designed it to be fault tolerant and resilient from any network failures. However, although the company’s financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth. The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems that are vital to the company’s operations that also affect the overall financial situation. The most vital application servers is the company is their Oracle database and email system. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has recently experienced multiple network attacks resulting in a total estimated loss at more than $1,000,000.…

    • 2659 Words
    • 9 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    It205 Capstone Question
    • 633 Words
    • 3 Pages

    It205 Capstone Question

    In modern business, information and enterprise systems are becoming major backbones, relied upon for function, communication and longevity. Even smaller businesses have become dependent on computers for operations as well as management of information, from everything from billing, stock levels, to payroll. With the growing demand and need for computer systems and networks, issues begin to arise with systems security. Viruses, Trojan horses, worms, hackers, as well as internal security issues can plague a business. This paper will cover some of the basic concepts for system security, and possible threats.…

    • 633 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    IS4560 Graded Assingments
    • 5563 Words
    • 23 Pages

    IS4560 Graded Assingments

    This particular report provides information on cutting edge and growing threats to Internet security. Using the background provided by the class so far, as well as your own critical thinking skill, you need to write a summary of the top threats described in the whitepaper. Explain why the threats are important issues and how these threats have changed or are changing.…

    • 5563 Words
    • 23 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Nt1310 Unit 1 Assignment
    • 4104 Words
    • 17 Pages

    Nt1310 Unit 1 Assignment

    However, there is growing interest in protocols and other mechanisms for use with novel telecommunications services. Next-generation value-added services are bound to introduce new vulnerabilities. The interaction between all these communications and security protocols, and the mechanisms used for distributed systems security, is fertile ground for both interesting research. Ways to enhance these protection tools to make sure our technology is safe from IT attacks are evolving all the time. The systems or measures used to protect a company system at present might not be of any use in the future as technology is always enhancing to higher levels. Telecommunication businesses tend to be comparatively adept at managing information security risks. And many are taking action to achieve an enhanced level of ongoing insight and intelligence into ecosystem vulnerabilities and dynamic threats. Companies like Celcom must be ready to invest in this expensive research so as to be able to aggressively compete in the intense telecommunication market and to be able to sustain itself in this industry. Today, information security is a discipline that demands advanced technologies and processes, a skill set based on counterintelligence techniques, and the unwavering support of top executives. As telecom operators become more similar to technology companies, they will face a raft of new challenges. Core practices like employee awareness and training, policies and tools to reduce insider risks, and protection of data, including intellectual property, will need to be updated. The confluence of mobility, cloud, and social networking have multiplied risks, yet few operators have addressed these threats or deployed technologies that monitor user and network activity to provide insight into ecosystem vulnerabilities and threats. These…

    • 4104 Words
    • 17 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    NT2580
    • 526 Words
    • 5 Pages

    NT2580

    Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 4 Definitions  Risk: Probability that an intentional or unintentional act will harm resources  Threat: Any accidental or intentional event that negatively impacts company resources  Vulnerability: Inherent weakness that may enable threats to harm system or networks Risks, threats, and vulnerabilities affect confidentiality, integrity, and availability (CIA). NT2580 Introduction to Information Security © ITT Educational Services, Inc.…

    • 526 Words
    • 5 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Assignment 2: Business Impact Analysis
    • 349 Words
    • 2 Pages

    Assignment 2: Business Impact Analysis

    operations in organisations and business environments. Security threats on the remote machines can always be averted easily and their impacts are not as serious compared to threats on the central computer system (Kaufman et al, 2002).The central computer system is a valuable resource that must be secured to ensure continued operation in the organisation. Securing a central computer network is the key to ensuring network security in any institution (Kaeo, 1999).…

    • 349 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    CSEC 610 Individual Assignment
    • 3199 Words
    • 8 Pages

    CSEC 610 Individual Assignment

    Before we get into the details let first examine what exactly is a security vulnerability. By definition a security vulnerability can be flaws in hardware, software, networks or the employees that use them which in turn can allow hackers to compromise the confidentiality, integrity and availability of the information system (“Common Cybersecurity,” 2011). To thoroughly discuss this topic in more detail I will first discuss Confidentiality as it is one of the three main goals of IT Security. Confidentiality is as simple as it sounds, limiting…

    • 3199 Words
    • 8 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Security Awareness Policy
    • 1733 Words
    • 3 Pages

    Security Awareness Policy

    with IS security policies by signing a compliance agreement that is retained in their personnel…

    • 1733 Words
    • 3 Pages
    Powerful Essays
    Read More
  • Good Essays

    Ontological Approach
    • 465 Words
    • 2 Pages

    Ontological Approach

    Ontological approach provides us with the way to store the information that can be gained from the attack graph in a structured form. Ontology is made of entities and their interrelationships. The entities are defined as follows:Machine: Any host machine connected to the network comes in the category. All the workstations and the servers that the attacker can use to his advantage will be called as a machine. Vulnerability: Any weakness in the system that the attacker have access and capability to exploit is considered a vulnerability. There are many vulnerability scanners available that scan the system and list all the vulnerabilities that exist in that particular system. All the vulnerabilities are…

    • 465 Words
    • 2 Pages
    Good Essays
    Read More

Related Topics