INFORMATİON TECHNOLOGİES - Deneme Sınavı - 12

Any person, group or force that may intentionally infringe on the integrity, confidentiality and availability of information is called adversary.

In information technology, there are three principle goals of security (1) confidentiality, (2) integrity, and (3) availability of information.In addition to those three important goals, non-repudiation is also important. Meanwhile security breach is a software or hardware failure or incompleteness which could result in a breach of access in computer security.

Correctness and completeness of information as well as the forestalling of unauthorized alteration of information in computers are provided with integrity service. Integrity concerns the completeness, origin and correctness of the information. In information technology, the origin of the information is equally important as the integrity of information.

There are different types of symmetric key cryptography. It is mainly classified as block ciphers and stream cipher. Some important stream ciphers are RC4, A5/1, SALSA20. The most popular block ciphers are Data Encryption Standard (DES), Triple DES (3DES), and Advanced Encryption Standard (AES).

In public key cryptography, there is no key distribution problem since public key can be accessible to everyone. For this reason, public key cryptography does not require any secure communication channel to send or receive ciphertext.

Authentication is the process of how one proves that they are who they claim that they are. When one claims to be “Ahmet San” by logging into a computer as “ahmetsan”, the computer system will most likely ask him for a password. He has claimed to be that person by entering the name into the username field. This part is the identification process. However, now he must prove that he is really that person. This is the authentication part.

Phishing is a specialized type of spam that attempts to trick you into entering one’s confidential personal or account information for many different purposes including violating his/her account and identity theft or fraud.

In computer security, any data, device, or any confidential resource that the computer possess is evaluated as an asset of the computer system which needs to be protected with security tools. Simply, an asset can be considered what it is aimed to be protected from malicious events or attacks

One important precaution to protect a computer based system from malicious software is to pay attention to free software as they can open security vulnerabilities.

The most dangerous and relatively easy to spread viruses are network based viruses, named as worms. Worms are malicious software designed to automatically copy itself from one computer to another, which can consume high bandwidth on the local drive or on the network, affecting the speed of the computer and/or causing the computer to crash.

In information technology, there are three principle goals of security (1) confidentiality, (2) integrity, and (3) availability of information

One has to use regularly updated operating system and security software on the computer. However,

one important thing is to use a strong password that has the following features:

• The password should be a minimum of 9-12 characters

• At least two-digit numbers

• At least one upper case letter

• At least one special symbol character

Authentication is the process of how one proves that they are who they claim that they are.

Phishing is a specialized type of spam that attempts to trick you into entering one’s confidential personal or account information for many different purposes including violating his/her account and identity theft or fraud.

Vulnerability: It is a security term that indicates a flaw in a computer system that can leave it open to possible malicious attacks. Simply, a vulnerability is a weakness point in the protection efforts that is provided in the system.

When supplying security to a computer-based system, its cost also needs to be considered. This phase is called risk assessment. The cost-benefit calculation needs a way of accurately identifying the security costs.

Worms are malicious software designed to automatically copy itself from one computer to another, which can consume high bandwidth on the local drive or on the network, affecting the speed of the computer and/or causing the computer to crash.

For a given design, a hardware Trojan can be added into a particular specification, toplevel models, RTL level descriptions, gate-level netlist, chip layout or chip mask. The Trojan behaviour varies from a denial of service attacks such as aging acceleration of transistors and bus deadlocks to subtler attacks, such as bypassing the authentication and gaining unrecognized privileged access on a system for unauthorized adversaries, or data leakage through side channels of the hardware components.

Pay attention to free software, they can open security vulnerabilities;