Menu
» » Sample Thesis Chapter 2 on Security Issues of Computer

Chapter II – Literature Review

 

What is Computer Security?

                The society had become more and more dependent on computer systems, which are being applied and used in almost all of the transactions and procedures in daily lives. It is important to take note that most of these systems are connected via the Internet, which is considered as very open and vulnerable to attacks and destructions. Attacks on these important systems can cause huge impact to the systems, which include destructions and disruptions, which range from losses in services up to financial safety issues and consequences. The risks which are included in these attacks establish over the application and survival of IT systems lead to wide surveys and studies about the issue, which include CSI/FBI (2003) and DTI-UK (2002).

                Due to the fact that a single attack can freeze and destroy an entire sector within an hour, the process of securing the entire computer system had become a very vital aspect of system design, development as well as deployment. But, the measures implemented are not always as effective as needed. Therefore, more research and more advanced and innovative tools are needed in order to fully comprehend, prevent and anticipate different security threats. An innovation may be the growing acknowledgement from the research community, which shows that technical solutions alone are not sufficient enough in order to match the current development and changes in computer system (Bernard and Arief, 2004).

                It is important to take note that computer security is an important aspect which cognitive scientists have not investigated as deeply as human and computer interaction or even problem solving. However, it offers a stimulating issue in the sense that there are conflicting and different objectives held by some of the entities of a given system, which include the attackers and the legitimate or authorized users of the system. Consequently, depending on the objective that an entity is pursuing, the use of a given computer system will differ in dramatic manner (Bernard and Arief, 2004).

                With all these factors, the issue computer system security is very important. The main objective of Security System is to prevent different undesired access, at the same time, allowing authorized access to the important information and data inside the system. As the computer usage expands into more important areas and functions of an organization and the number of different users, it is expected that more complex security provisions and systems will also be demanded by many organizations (Post and Kievit, 1991).

Changes and Evolution of Computer System Security Issues

                In the contemporary world, computer systems have become the brain and heart of businesses and organizations in the world. As a result, computer security is vital to sustain the availability of the system; integrity of the information; and confidentiality and privacy. The lack of computer security will not just compromise the life of the business, but will also affect the entire democratic society because computer systems play a vital role in the government sectors which influence the economic and financial system (Vandenberghe, n.d.).

                Since the introduction of computers to the business environment, there have been huge changes and developments on the way that computers are used, as well as the purposes for which are used. These developments have had a direct influence towards the different types of computer related security that are used nowadays. Fundamentally, computers are used as a business tools in order to automate the entire business process. During those times, the use of computers was isolated, thus computers are commonly found in the computer center only (Mutsauers et al., 1998, 119). This situation had remained until the early of 1980s, which enabled the implementation of computer security to focus on the efforts of securing and protecting the physical infrastructure of the computer system (Bradhurn, 1987, 27). Due to those reasons, computer security attacks were mainly centered on the computer center, thus, physical security offered efficient and comprehensive protection on the overall computer infrastructure and mechanism of organizations.

                However, this had changed when the multi-tasking technology have become popular, which enabled the interactive application of computer to be possibly done in the entire organization (Hearnden, 1987, 10). As a result, security attacks could have a greater effect on the organization and the distributed use of computer made the physical security measures to be ineffective and insufficient security procedures (Gollman, 1999, 165). As a result, during this time, the protection of information technology (IT) systems necessitated extra technical security measures or the security implemented with the help of software mechanisms which resides on the IT systems (Pfleeger, 1989, 4). This resulted to the change of focus of the security efforts towards the IT security.

                Since the 1990s, there has been vital development in terms of IT systems. The emergence of the World Wide Web or the Internet enables businesses from different parts of the globe to be connected and the popularity of the Intranet. This added new burden for organizations. More than 30 years ago, the first computer virus – Elk Cloner, was written with the intention to display a short poem after the computer booted for more or less 50 times. After which, there have been millions of viruses and other malware, such as email viruses, Trojans, Internet worms, spyware, keystroke loggers, etc. – which have appeared and some spread worldwide, causing massive destruction of personal, business government computer system. Examples are the Michelagelo virus and I Love You virus. During those era, viruses and malwares intended on deleting files, filling computer screens and making garbage, considered as small problems as compared as the scenario today. Currently virus can encrypt all files and demand for ransom or a hacker might blackmail large company by threatening to launch a denial-of-service (DoS) attack, which will prevent its customers and employees from accessing and retrieving information from the website (Sophos, n.d.). Hackers and attackers can also create a look-a-like of a company website then gather or collect important information of individual customers, such as credit card information, which will affect the image of the organization and the lives of the people.

Since then, there have been changes in the importance of IT inside organizations, which considered data and information as important assets, which dictates profit or loss and success or failure (Forcht, 1994, 373 – 374). Thus, this moved the focus of security towards information security.

                For the past decades, the changes of the usage of the computer and the advancement of IT systems further complicated and diversified the issues and problems related to security of computer system. From the focus towards the physical infrastructure of the computer system to the software infiltration, then the issue of information safety, confidentiality and privacy – in the future, in the current pace of the technological development and improvement, together with the development in the business environment due to the different influential macro- and micro-environmental factors, it is expected for organizations to face further challenges, changes and threats in computer security.

 

Categories of Computer Security Risk

                There are three major categories of computer security risks: destruction, modification and disclosure (Shim and Qureshi, 2000).

                In addition, each of the computer security risks can be categorized into further groups, which include intentional, unintentional and environmental attacks.

                Intentional comes from those computer criminals and dissatisfied and resentful employees who intend to defraud sabotage as well as “hack.” The unintentional threats or risks come from those computer users who are careless and unaware and who lack of knowledge about the computer system. The final risks come from the environment, which include those natural and man-made disasters, such as fire, flood, earthquake etc (Shim and Qureshi, 2000).

                Kelly and Cegielski (2009) explained that unintentional threats include those human errors, environmental hazards as well as computer system failures. On the other hand, intentional threats include espionage, extortion, vandalism, theft, software attacks and compromise to intellectual property. The author explained another category of a attach, which is known as the software attacks, which include those viruses, worms, Trojan horses, logic bombs, back doors, denial-of-service, alien software, phishing as well as pharming. It is important to take note that part of these software attacks can be considered as cyber-crime for they tend to steal identity of other people then use those information in order to do crimes online.

                As a result, it is important to understand these attacks and threats, at the same time, focus on the different defense mechanisms to be used and applied in order to protect the entire computer system. It is important to take note that computer systems are being protected by different types of controls, which include those related to security procedures, physical safeguarding as well as detection software. All of these can be classified as controls that are used in order to prevent, deter, detect, control and damage, recover and correct the entire computer system (Kelly and Cegielski, 2009).

 

Computer Security Risks Issues

                There are different aspects and factors to be considered by organizations in order to maintain and monitor computer security risks issues, these include: physical, hardware, software personnel and network security.

Physical Security

                The first line of defense for a computer system is to protect the physical mechanisms, which include the plant, equipment and the personnel. In addition, it also focuses on protecting the integrity, accuracy and privacy of data. Physical security focuses on preventing security failure (Lehtinen, Russell and Gangemi, 2006).

                This includes environmental, technical and human-caused threats. This pertains on those issues related to the computer facilities, which include the environmental factors, including the heating, cooling, dehumidifying, ventilating, lighting and the overall power systems and supplies. It is also important to focus on those issues that will help the computer system to be safe from different man-made disasters and environmental catastrophes such as flood and fire, but it is important to ensure that the facility is equipped with the important gadgets and machineries, together with the practices that will help to prevent man-made disasters, particularly fire (Vacca, 2009).

                It is important to focus on the important environmental factors, including: heat, water, humidity, dust, dirt and foreign particles and power failure. Heat can cause electronic components, gadgets and equipment to fail. Therefore, it is important to manage and maintain air conditioning system to ensure reliable operation; this is by ensuring that air is circulating freely. In addition, water is a prominent enemy of computer hardware, therefore, floods, rain, sprinkler system or the burst pipes can do vital damage and destruction to the computer system. In order to prevent this from happening, it is important to ensure that the pipes and water system are being managed and monitor continuously. Make sure that all of the water systems are away or far from the computer system. Humidity, on the other hand, if extreme is very harmful for the computers. This is because it can cause to condensation, which can corrode metal contacts, or even cause electrical shorts. On the other hand, it is also important to take note that even low humidity can cause harm for it allow the buildup of static electricity, which can affect important hardware and equipment in the computer system. With this, it is important to maintain the level of humidity inside the computer centers or rooms, at the same time, ensure that the floors of the computer facilities are all bare or even covered by anti-static covering.

                Dust, dirt and other foreign particles can also interfere with the proper reading and writing of the different media or hardware to be inserted in the computer system. Therefore, in order to prevent this from happening, the air should be filtered and the filters to the rooms should always be replaced in regular manner. The most important environmental factor to consider is the power failure. It is important to take note that power failure can cause all equipment useless. Brownouts or blackouts can cause vital damage to the operation of the computer system, which consequently lead to disruption of transactions between the organization and other entities connected to it. It is also important to focus on the other important factors, which can cause some serious damage to the power system, such as the spikes and lightning (Shim, 1999).

                Overall, in order to prevent any serious or minor physical security threats, it is important to focus on maintenance and preventive care. As the adage says prevention is better than cure. Regular maintenance can help in order to prevent any unexpected downtime which can be because of the weather, climate and other environmental factors. It is important to regularly run diagnostic programs as a vital part of regular maintenance, at the same time, keep a maintenance log, in order to properly monitor the maintenance activities (Shim, Qureshi and Siegel, 2000).

                In addition, it is important to use and apply different security machineries and gadgets such as surveillance camera, tracking management system or card security such as Xyloc access cards in order to monitor and control the access of people in the physical facilities of computer system of the organization (Shim and Qureshi, 2000).

 

Hardware Security

                Software security is dependent on the hardware security; therefore, lack of security in terms of hardware has a great influence over the entire security of the computer system (Pfleeger, and Pfleeger, 2003). In connection to the physical security, if part of the hardware can be easily stolen, changed or replaced, then it can create vital problems.

                Some of the common hardware risks faced by organizations are:

  • Removable devices and media can be stolen or replaced;

  • Changing of hardware setup parameters;

  • Booting of the computer system by unauthorized users or software;

  • Rewriting booted media by unauthorized software;

As a result, it is important to focus on physical security, which includes:

  • Locking and protecting rooms with the computer system;

  • Proper and intensive monitor and audit of the use of computer system;

  • Proper and safe storage of keyboards and removable devices;

  • Using password to configure and setup computer system;

  • Requiring passwords in using the system (Shim and Qureshi, 2000).

Security for hardware issues is not that hard, for the harm to be done can be observed or be seen just by using intensive security, in connection to that of the physical security issues. It is important for the organizational policy to focus on the following issues:

  • Access should only be given to those who need the specific data or information;

  • The rooms which contain the computers should have locks or bars, thus electronic detection devices can also be installed;

  • Access to rooms which contains computer and other connected gadgets and equipment should only be restricted for the specific personnel;

  • Computers should be protected and locked;

  • Keep computers in viable environment in order to increase its life (Shim and Qureshi, 2000);

 

Software Security

                Software security is considered as one of the major problems in the current world, for individual or personal use of computer as well as businesses, particularly with the growth of the Internet and Intranet, wherein people or users can download or upload and share files in easy manner.

                First, it is important for organizations to address different malicious codes, which can affect in discreet and dangerous impact on the computer system. The best known viruses are: worms, Trojan Horses, droppers, bombs, etc. Viruses can be benign, annoying and catastrophic. There are different types of viruses, which include: booth sector viruses, file infectors, macro viruses, multipartite viruses, stealth viruses, polymorphic viruses and future new viruses (figure 1).

Figure  SEQ Figure \* ARABIC 1 Types of Viruses

                Source: (Shim and Qureshi, 2000)

According to the Symantec, the maker of Norton anti-virus, the most common symptoms of virus infiltrations are:

  • Alteration on the length of programs;

  • Changes in the date or time stamp of file;

  • Longer loading time of a program;

  • Slower operation of the system;

  • Reduced on the memory of the computer or the disk space;

  • Back sector on the disks;

  • Unusual and irritating error messages and screen activities;

  • Failed execution of programs;

  • Failed boot-ups of system; and

  • Unexpected writes and files on the disks (Shim and Qureshi, 2000).

As a result, it is vital for an organization to focus on the different software and hardware products, together with the policies related to the personnel or the end-users of the system in order to prevent software security risks.

First, it is important to install and update anti-virus software – a type of utility software which looks for and eliminates viruses. Figure 2 shows how it works.

Figure 2 How Anti-Virus Works?

Source: (Parson and Oja, 2009)

                On the other hand, even though anti-virus is considered as a useful protection, it is important to take note that the process does not end in the installation. Thus, maintenance and update of the anti-virus software directly influence the process of maintaining computer security. As a result, anti-virus protections can potentially open a hotel open in terms of security for it is important to be maintained and updated in regular manner (Rescorla, 2003). Therefore, it is important for an organization to include the process of updating and maintaining the anti-virus software as part of its regular activities, at the same time, ensure that each and every users of the system will be informed regarding it.

Second, it is important to install and maintain firewall – a system or group of systems which imposes an access control policy on network traffic as it passes through access points (Hunt, 2002). Figure 3 shows the basic operation of a firewall. Firewalls help in order to:

  • Secure the network access with a perimeter defense;

  • Manage, control and monitor all connections in and out of the network;

  • Filter data with accordance to the rules defined;

  • Authenticate users and applications before allowing them to access internal resources;

  • Record and log activities for security and auditing purposes;

  • Notify the appropriate people when a suspicious event happens in regular basis (Shim and Qureshi, 2000).

However, it is important to take note that even though firewalls offer vital protection against any network threats, they are not completely ensure complete security (Chapman, 1995). With this, other threats outside the control and the responsibility of firewall must be addressed and focused by other tools and means.

Figure 3 How does Firewall Works?

Source: (http://www.teach-ict.com/as_a2/topics/networks/pages/firewalls1.html)

Above all, it is important to focus on informing the employees about the usage of storage device, upload and download of files from and to the Internet and extranet.

 

Personnel Security

                Properly informed and well-trained employees or personnel are less likely to do wrong things. This is applicable in the case of computer security. It is important for organizations to focus on the knowledge and skills of the employees about the different flow and procedures that are needed to be done and follow in order to ensure the security and safety of the entire computer system.

                In order to implement personnel security, it is important to focus on the different strategies and policies to be implemented by the organizations, which include the process of: establishing the criteria for filling each position, specifying the process used in order to evaluate the candidate, screening the applicants and doing background check. In addition, it is also important to focus on the process of specifying and maintaining training programs related to computer security.

                This processes shows the actions and strategies which can be implemented by organizations in order to ensure the knowledge of the candidate or individuals to be hired, at the same time maintain the knowledge of the hired employees of the company. Thorough check and research about the past performance, connections and behaviors of the candidates can help in order to check if the records of those individuals to be hired are clean and free from any issues related to computer security (Shim and Qureshi, 2000). Segregation of duties or the process of establishing and declaring the specific roles and obligations of the employees in connection to the computer system can also help in order for the employees or the personnel to be properly informed about the limitations of their access to the overall computer system. It can also help in the process of maintaining and update of the computer system, which will help in order for the IT developers to know about the level of authority of the employees towards certain information, and other important computer resources.

                On the other hand, for the hired employees, it is important to implement continuous monitoring, benchmarking and auditing activities in order to ensure that the employees are following the orders or policies of the organization regarding the computer security. It is also important to take note that computer security issue is constantly changing as technology and the global industry change.  

 

Figure 4 Techniques for Personnel Security

Source: (Newman, 2009)

Network Security

Fundamentally, it is important to focus on the process of designing the network. There are 3 factors to be considered, which include:

  • The users should get the best response time and throughput;

  • The data should be transmitted and shared within the network along the least cost path, but reliability and confidentiality must not be compromised; and

  • Reliability should be maximized in order to ensure that all data will be received by the users or requestor (Shim and Qureshi, 2000).

For physical, hardware, software and network security issues, the password security can always be applied and use in order to protect and limit the access of the users in different computer resources in the system, including those important information data. With all these important aspect of computer system security, authentication is considered as the most important security action to be done in order to ensure that only those authorized users can access the right amount or kinds of resources.

Even though there are new approaches towards authentications, such as biometrics (Brostoff and Sasse, 2003), passwords are still the most commonly used security mechanism. There are different modern software products that force passwords to be of minimum 8 characters long. This tendency arise due to the desire to control accesses to information and data and resources in more tight and secured manner, with the hidden assumption that it will help in order to protect the privacy of data and information. Even though these types of password are harder to crack, it is important to take note that long passwords, with different symbols, characters and numbers are not totally secured (Nielsen, 2000). This is because of the two important factors. First, the attackers can use other important software in order to crack passwords of authorized users. On the other hand, for the part of the users, it will pertain on the human cognitive limitations, wherein users may not remember their passwords. Thus, it can arise to the needs of internal memories, such as sticky notes, notebooks or monitors, which again can rise to another personnel issue, wherein those unauthorized users can access and can be used in order to enter the system. With this, it shows that it will offer and materialize new issues related to the security procedures.

Overall, the security issues inside the organization in terms of computer system are interconnected or related to each other. Those policies and standards, together with important protocols to be implemented in the physical security are connected to other security issues: software, hardware, network and personnel, and so as the other factors. It is important to take note that the security management effort of an organization will not be successful by just focusing on one aspect of security management. It is important to focus on each and every aspect, and ensure that all of these aspects are being considered as parts of the whole computer system.

For example, it is impossible to ensure that the physical or environment of the computer system will be managed correctly or will be maintained without ensuring that the personnel or the employees, particularly the IT staffs will follow rules regarding what are those things that cannot be taken inside the room, or what are those software or hardware that cannot be used or installed towards the system. This is the same as the process of installing anti-virus and firewall, it will be ineffective to install and maintain updated anti-virus, if the personnel or the employees will not follow the rules regarding the proper usage of the computer system or other important resources connected to it. For example browsing those websites that might offer viruses, malware and other malicious codes, particularly due to watching or downloading inappropriate contents, such as porn and other related to similar files or contents, can cause future problems for the computer system, for the employees might download some strong viruses and codes that cannot be handled by the anti-virus software installed by the organization.

Overall, the lesson for computer security will lead to the adage “prevention is better than cure.” This means that it is important for any organization to assume and foresee those possible activities, aspects and procedures in the entire organizations that can cause future risks and problems to the computer system. It is always important to start on the aspect of the employees or the personnel, for they are the direct users or the direct people who handle and use the system, therefore, even though they are small human and machine intervention, these relationship has a great influence over the overall performance of the system. With this, it is important first, to focus on the process of ensuring that each and every employees to be employed and employed are clean of any record or past history regarding improper use or mischief behavior about computer system, such as inappropriate use of the computer system resources, accessing files and data that are not connected to his and her work or destroying physical and software aspect of the entire computer system.

As a result, it is important to start on the physical aspect of the computer system, followed by other important security issues then end at the personnel security issues. This include information dissemination, mentoring and proper and updated training. This will help in order to interconnect those important computer system security issues in more effective and efficient manner.

With all these factors, it shows that it is important not just to focus on individual perspective where cognitive factors are being thought to play a vital role in the entire system. It is important to look at the greater picture, which is to analyze and consider the collective dimension of security in large distributed computer-based systems.          Thus, it is important to focus on models that will have to view the organization as a multi-layered organization (Reason, 1990). In terms of the security field, it can help in order to consider computer system as one system which is consisted of threats, entities as well as protection layers. Therefore, the entire computer system security is compose of multiple layer, which is consists of different users or actors, which include the developers, IT officers or personnel, end-users, customers, employees, etc. – all of which have a vital or key role to be played in order to ensure the success of security management process of the organization. For example, the administrators of the system, together with the end-users of the system, or those employees are who responsible in using the computer system in order to process and transact different procedures of the organization, by not updating for the anti-virus software can offer great holes for attacks. It is important to take note that this type of local failure can happen at any layer of the organization for any entity or actor of the system. It enables and open for different security breaches, that when combined with each other can defeat the overall protection of the computer system (Besnard and Arief, 2004).


Posted by
Labels:
at 11:00

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Top