Lec1-Information Security

Information security is the process of protecting information. It protects its availability, privacy and integrity. Access to stored information on computer databases has increased greatly. More companies store business and individual information on computer than ever before. Much of the information stored is highly confidential and not for public viewing.

Information Security Components: Confidentiality, Integrity and Availability . Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: Physical, personal and organizational. Essentially, procedures or policies are implemented to tell people (administrators, users and operators)how to use products to ensure information security within the organizations.

Passive Versus Active Attacks
Alice and Bob want to communicate in presence of adversaries Adversaries:
Passive – just looking
Active – may change msgs

Security service have 5 Categories:
Confidentiality
Confidentiality is the property of preventing disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred.

Integrity
In information security, integrity means that data cannot be modified without authorization. This is not the same thing as referential integrity in databases. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast a very large number of votes in an online poll, and so on.

Authentication
In computing, e-Business and information security it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim they are.
Non-repudiation In law, non-repudiation implies one's intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. Electronic commerce uses technology such as digital signatures and encryption to establish authenticity and non-repudiation.

Access Control
Prevention of the unauthorized use of a resource.

LAB1-VMWare

What is VMware
VMware is program which runs under Linux (or NT) and emulates the hardware of a standard PC to provide one or more virtual machines. Many operating systems can be installed on these virtual machines so that it is possible to run, for example, Windows 95 inside a standard X Window under Linux. It is even possible to run a complete Linux installation (maybe a different version) inside another window, at the same time!
Since the emulation occurs at a low level and runs standard operating system software, there are no additional problems with software compatibility. When running Windows 95, for example, a Windows licence is required and it is the real, full operating system that is running. The operating system believes that it is running on real hardware and speaking to real devices.
In general, the performance is very good and many applications appear to run as fast as on a native machine. A few applications may however have special problems - in particular programs which interface closely with devices (parallel storage media or MIDI) and, possibly some programs requiring high performance graphics.
A well-configured machine is required for acceptable performance - at least 400MHz with 128Mb RAM. Sufficient space is also required for the disk images of the additional operating systems - typically about 500Mb for Windows 95 with MS Office.

Advantages of VMware
A normal installation of a Microsoft operating system requires a long manual process to configure the system to the specific hardware of the machine. This means that the same installation can not be used for another machine which usually has different hardware. Since VMware emulates the same set of virtual devices on any machine, a single operating system image can be used.
It is also possible to configure VMware virtual disks in a read-only mode, so that changes to the filesystem are written to a separate log file, rather than being written back to the disk image. When the virtual machine is shut down, the changes can either be discarded or committed back into the disk image. This allows a single disk image to be used without any fear of it being corrupted. It also allows software to be installed experimentally with the installation only being committed if it is successful.

VMware allows Linux to be used for most commodity computing, while providing access to another operating system, such as MS Windows, running inside a Linux X Window. The guest operating system would be a full, standard version of MS Windows, allowing documents on the Linux file system to be edited with MS Office applications.