SEMINAR REPORT ON
ROLE OF CYBER SECURITY IN DIFFERENT APPLICATION OF E GOVERNANCE
COLLEGE OF COMPUTING SCIENCES AND INFORMATION TECHNOLOGY TMU, MORADABAD
Session: JULY 20!" DEC 20!
S#$%i&&e' To:
S#$%i&&e' B(:
M)* A+( Rs&o-i
R.#/ #%) MCA1LE ,SEM 3)' TCA!040!
1 | Page
COLLEGE OF COMPUTING SCIENCES AND INFORMATION TECHNOLOGY TEERTHANKER MAHAVEER UNIVERSITY DELHI ROAD, MORADABAD
This This is to certi certify fy that that the the semi semiar ar!" !"re rese seta tatio tio re"or re"ortt o the the to"i to"icc #ROLE OF CYBER SECURITY IN DIFFERENT APPLICATION OF E GOVERNANCE5 has
$ee st%&ie& a& "resete& $y R.#/ #%) i "artia' "artia' f%'fi''met f%'fi''met of &e(ree &e(ree of Master Master of )om"%ter A""'icatio, ))SIT, TMU Mora&a$a&*
This semiar!"rese semiar!"resetatio tatio re"ort re"ort has $ee fo%& satisfactory satisfactory a& is a""ro+e& a""ro+e& for s%$missio*
Date&
Mr* A-ay Rasto(i Lect%re ))SIT, TMU
2 | Page
A)KNO.LED/MENT*
The satisfactio that accom"aies that the s%ccessf%' com"'etio of ay tas0 1o%'& $e icom"'ete 1itho%t the metio of "eo"'e 1hose cease'ess coo"eratio ma&e it "ossi$'e, 1hose costat (%i&ace a& eco%ra(emet cro1 a'' efforts 1ith s%ccess* .e are (ratef%' to o%r "ro-ect (%i&e M)*A+( Rs&o-i for the (%i&ace, is"iratio a& costr%cti+e s%((estios that he'"f%' %s i the "re"aratio of this "ro-ect* .e a'so tha0 o%r co''ea(%es 1ho ha+e he'"e& i s%ccessf%' com"'etio of the "ro-ect*
Rah%' 0%mar M)A2LE3 SEM 4r&
3 | Page
Ta$'e of )otet 5*I NTRODU)TION 5*5 )y$er sec%rity 5*6 E /o+erace
6*)ON)E7T 6*5 E8/OVERNAN)E )ON)E7T 6*6 EVOLUTION O9 E8/OVERNAN)E 6*4 )YBER SE)URITY )ON)E7T IN E /OVERNAN)E
4* A77LI)ATIONS O9 E8/OV 4*5 Rea' 'ife a""'icatio of e8/o+erace 4*6 A""'icatio a& E8/o+erace Ser+ices
:*ROLE O9 )YBER SE)URITY :*5Ty"ica' ro'es :*6 Key of cy$er sec%rity
;* )ON)LUSION
<* RE9EREN)E
4 | Page
5 | Page
ROLE OF CYBER SECURITY IN DIFFERENT APPLICATION OF E GOVERNANCE * In&)o'#6&ion: * C($e) se6#)i&(
)y$er sec%rity refers (eera''y to the a$i'ity to cotro' access to et1or0e& systems a& the iformatio they cotai* .here cy$er sec%rity cotro's are effecti+e, cy$ers"ace is cosi&ere& a re'ia$'e, resi'iet, a& tr%st1orthy &i(ita' ifrastr%ct%re* .here cy$er sec%rity cotro's are a$set, icom"'ete, or "oor'y &esi(e&, cy$ers"ace is cosi&ere& the 1i'& 1est of the &i(ita' a(e* E+e those 1ho 1or0 i the sec%rity "rofessio 1i'' ha+e a &ifferet +ie1 of cy$er sec%rity &e"e&i( o the as"ects of cy$ers"ace 1ith 1hich they "ersoa''y iteract* .hether a system is a "hysica' faci'ity or a co''ectio of cy$ers"ace com"oets, the ro'e of a sec%rity "rofessioa' assi(e& to that system is to "'a for "otetia' attac0 a& "re"are for its cose=%eces*
Fi- *6($e) se6#)i&(
A'tho%(h the 1or& #cy$er> is maistream +erac%'ar, to 1hat e?act'y it refers is e'%si+e* Oce a term of sciece fictio $ase& o the the8emer(i( fie'& of com"%ter cotro' a& comm%icatio 0o1 as cy$eretics, it o1 refers (eera''y to e'ectroic a%tomatio @Safire 5:* The corres"o&i( term #cy$ers"ace> has &efiitios that ra(e from coce"t%a' to techica', a& has $ee c'aime& $y some to $e a fo%rth &omai, 1here 'a&, sea a& air are the first three @K%eh' 6CC* There are %mero%s &efiitios of cy$ers"ace a& cy$er sec%rity
6 | Page
scattere& thro%(ho%t 'iterat%re* O%r itet is ot to e(a(e i a &e$ate o sematics, so 1e &o ot ic'%&e these &efiitios* Moreo+er, s%ch &e$ates are %ecessary for o%r "%r"ose, as 1e (eera''y %se the term #cy$er> ot as a o%, $%t as a a&-ecti+e that mo&ifies its s%$-ect 1ith the "ro"erty of s%""orti( a co''ectio of a%tomate& e'ectroic systems accessi$'e o+er et1or0s* As 1e'' ref'ecte& i 'a(%a(e8%sa(e &e$ates i $oth the fie'& of co(iti+e 'i(%istics a& "o"%'ar 'iterat%re o 'e?ico(ra"hy, the 1ay 'a(%a(e is %se& $y a (i+e comm%ity $ecomes the &e facto &efiitio @immer 6CC, a& so 1e re=%est that o%r rea&ers set asi&e the "ossi$i'ity that they 1i'' $e cof%se& $y refereces to #cy$ers"ace> a& #cy$er sec%rity> a& sim"'y refer to their o1 c%rret coce"t of these terms 1he it ma0es sese to &o so, 1hi'e 0ee"i( i mi& that 1e (eera''y the term cy$er as a a&-ecti+e 1hose &etai'e& attri$%tes 1i'' cha(e 1ith the system of iterest * At a hi(h 'e+e', cy$er sec%rity is ty"ica''y e?"'aie& i terms of a fe1 tria&s that &escri$e the o$-ecti+es of sec%rity "rofessioa's a& their metho&s, res"ecti+e'y @Bay%0 6C5C* Three that com$ie to co+er most %ses of the term are prevent, detect, respond people, process, technology confidentiality, integrity, and availability. These ref'ect the (oa's of cy$er sec%rity, the meas to achie+e cy$er sec%rity, a& the mechaisms $y 1hich cy$er sec%rity (oa's are achie+e&, res"ecti+e'y* Prevent, detect, respond a&&resses (oa's commo to $oth "hysica' a& cy$er sec%rity* Tra&itioa''y, the "rimary (oa' of sec%rity "'ai( has $ee to "re+et a s%ccessf%' a&+ersary attac0* Ho1e+er, a'' sec%rity "rofessioa's are a1are that it is sim"'y ot "ossi$'e to "re+et a'' attac0s, a& so "'ai( a& "re"aratio m%st a'so ic'%&e metho&s to &etect attac0s i "ro(ress, "refera$'y $efore they ca%se &ama(e* Ho1e+er, 1hether or ot &etectio "rocesses are effecti+e, oce it $ecomes o$+io%s that a system is threatee&, sec%rity ic'%&es the a$i'ity to res"o& to s%ch ici&ets* I "hysica' sec%rity, the term #first res"o&ers> refers to the heroic i&i+i&%a's i "o'icy, fire, a& emer(ecy me&ica' "rofessios* Res"ose ty"ica''y ic'%&es re"e''i( the attac0, treati( h%ma s%r+i+ors, a& safe(%ar&i( &ama(e& assets* I cy$er sec%rity, the thir& e'emet of the tria& is ofte state& i s'i(ht'y more o"timistic form* Rather tha #res"o&> it is #reco+er> or #correct*> This more "ositi+e e?"ectatio o the o%tcome of the thir& tria& acti+ity, to reco+er rather tha sim"'y res"o&, ref'ects the 'iterat%re of iformatio sec%rity "'ai(, 1herei sec%rity maa(emet is recomme&e& to ic'%&e com"'ete recostit%tio a& reco+ery of ay $%siess critica' system* Beca%se iformatio techo'o(y a''o1s &i+ersity, re&%&acy, a& recostit%tio for the &ata a& "ro(rams re=%ire& to o"erate systems, iformatio sec%rity "rofessioa's e?"ect that &ama(e ca $e com"'ete'y a''aye&* I either case, the 'essos 'eare& i res"ose are e?"ecte& to iform "re+etio "'ai(, creati( a 'oo" of coti%o%s sec%rity im"ro+emet* People, process, technology a&&resses metho&s commo to $oth techo'o(y maa(emet i (eera' a& to cy$er sec%rity maa(emet as a s"ecia'iFe& fie'&* This tria& o$ser+es that systems re=%ire o"erators, a& o"erators m%st fo''o1 esta$'ishe& ro%ties i or&er for systems to accom"'ish their missios* .he a""'ie& to sec%rity, this tria& hi(h'i(hts the fact that sec%rity is ot achie+e& $y sec%rity "rofessioa's a'oe, a& a'so that cy$er sec%rity caot $e accom"'ishe& 1ith techo'o(y a'oe* The system or or(aiFatio to $e sec%re& is ac0o1'e&(e& to ic'%&e other h%ma e'e mets 1hose &ecisios a& actios "'ay a
7 | Page
+ita' ro'e i the s%ccess of sec%rity "ro(rams* E+e if a'' these "eo"'e ha& moti+atio a& iterest to $eha+e sec%re'y, they 1o%'& i&i+i&%a''y ot 0o1 ho1 to co''ecti+e'y act to "re+et, &etect, a& reco+er from harm 1itho%t "re"'ae& "rocess* So sec%rity "rofessioa's are e?"ecte& to 1ea+e sec%rity "ro(rams ito e?isti( or(aiFatioa' "rocesses a& ma0e strate(ic %se of techo'o(y i s%""ort of cy$er sec%rity (oa's* Confidentiality, integrity, and availability a&&resses the sec%rity o$-ecti+es that are s"ecific to iformatio* )ofi&etia'ity refers to a systemGs ca"a$i'ity to 'imit &issemiatio of iformatio to a%thoriFe& %se* Ite(rity refers to a$i'ity to maitai the a%theticity, acc%racy, a& "ro+eace of recor&e& a& re"orte& iformatio* A+ai'a$i'ity refers to the time'y &e'i+ery of f%ctioa' ca"a$i'ity* These iformatio sec%rity (oa's a""'ie& to iformatio e+e $efore they 1ere o com"%ters, $%t the a&+et of cy$ers"ace has cha(e& the metho&s $y 1hich the (oa's are achie+e&, as 1e'' as the re'ati+e &iffic%'ty of (oa' achie+emet* Techo'o(ies to s%""ort cofi&etia'ity, ite(rity, a& a+ai'a$i'ity are ofte at o&&s 1ith each other* 9or e?am"'e, efforts to achie+e a hi(h 'e+e' of a+ai'a$i'ity for iformatio i cy$ers"ace ofte ma0e it har&er to maitai iformatio cofi&etia'ity* Sorti( o%t -%st 1hat cofi&etia'ity, ite(rity, a& a+ai'a$i'ity meas for each ty"e of iformatio i a (i+e system is the s"ecia'ty of the cy$er sec%rity "rofessioa'* )y$er sec%rity refers i (eera' to metho&s of %si( "eo"'e, "rocess, a& techo'o(y to "re+et, &etect, a& reco+er from &ama(e to cofi&etia'ity, ite(rity, a& a+ai'a$i'ity of iformatio i cy$ers"ace* *2 E"GOVERNANCE
E8/o+erace or e/o+ meas %si( e'ectroic me&ia, "artic%'ar'y the 1e$, to &e'i+er "%$'ic iformatio a& "%$'ic ser+ices e/o+erace a""'icatios em"o1er citiFes a& $%siesses to trasact /o+erace $%siess o8'ie that mi(ht other1ise re=%ire a tri" &o1to1* A(ecies $eefit, too, from re&%ce& "a"er1or0, im"ro+e& &ata$ases, a& icrease& efficiecy*
8 | Page
Iformatio a& )omm%icatio Techo'o(ies ca ehace the trasformatio of 1or0 c%'t%re $y ser+i( a +ariety of e&s, $etter &e'i+ery of /o+erace ser+ices to citiFes, im"ro+e& /o+erace iteractios 1ith $%siess a& i&%stry, citiFe em"o1ermet thro%(h access to iformatio a& "artici"atio for &ecisio8ma0i( a& more efficiet /o+erace maa(emet* e8/o+erace is ot meat o'y for itro&%ci( or %si( techo'o(ica' too's, it f%&ameta''y stri+es to $ri( a$o%t a cha(e i mi&set a& 1or0 c%'t%re to ite(rate /o+erace "rocesses a& f%ctios to ser+e the citiFes $etter* I this "rocess, it is cr%cia' that the ca"acity of /o+erace to $e o"e to criticism as 1e'' as the a""'icatio of e1 socia' cotract $et1ee a'' sta0eho'&ers, cofirmi( a share& res"osi$i'ity o the trasformatio "rocesses* The iteractio $et1ee a citiFe a& a /o+erace a(ecy ta0e s"ace i a /o+erace office* .ith emer(i( Iformatio a& )omm%icatio techo'o(ies it is "ossi$'e to 'ocate ser+ice ceters c'ose& to c'iets* I a'' the cases "%$'ic tra&itioa''y 'oo0 for iformatio a& ser+ices a&&ressi( his or her ee&s a& i $oth cases =%a'ity, re'e+ace a& efficiecy are of "aramo%t im"ortace* Therefore, the esta$'ishmet of e8/o+erace re=%ires a (oo& 0o1'e&(e of the ee&s that e?ist i the society a& that ca $e offere& %si( I)T* The effecti+eess of I)T i /o+erace is c'ose'y re'ate& 1ith the ca"acity of /o+erace to i&%ce a c%'t%re cha(e8"'aci( et1or0 1ithi its istit%tios as istr%meta' to tras"arecy a& 0o1'e&(e e?cha(e a& creatio* I E8/o+erace, /o+erace ma0es $est "ossi$'e %se of iteret techo'o(y to comm%icate a& "ro+i&e iformatio to commo "eo"'es a& $%siessma* To&ay, e'ectricity, 1ater, "hoe a& a'' 0i&s of $i''s ca $e "ai& o+er the iteret* A'' this is 1hat /o+erace a& citiFes is %si( a& &oi(* A'' are &e"e&et o iteret a& 1he citiFes &e"e&s o /o+erace iteret ser+ices a'' that come is E8/o+erace*
There are fo%r "i''ars of E8/o+erace8 * CONNECTIVITY8)oecti+ity is re=%ire& to coect the "eo"'e to the ser+ices of the /o+erace* There sho%'& $e a stro( coecti+ity for a effecti+e e8(o+erace* 2* NO7LEDGE: " Here 0o1'e&(e refers to IT 0o1'e&(e* /o+erace sho%'& em"'oy s0i'' f%'' e(ieers 1ho ca ha&'e the e8(o+erace i a efficiet 1ay* These e(ieers a'so ha&'e a'' 0i& of fa%'t that may occ%r &%ri( the 1or0i( of e8(o+erace* 3* DATA CONTENT: " To share ay 0i& of 0o1'e&(e or iformatio o+er the iteret, there sho%'& $e its &ata$ase* This &ata$ase sho%'& ha+e the &ata cotet 1hich is re'ate& to /o+erace ser+ices* !* CAPITAL:")a"ita' ca $e o "%$'ic or "ri+ate "artershi"* It refers to moey %se& $y /o+erace to "ro+i&e their ser+ices or to that sector of the ecoomy $ase& o its o"eratio
9 | Page
Fi-*3 Pi//)s o8 eGo9e)nn6e
I this "a"er, 1e &isc%ss a$o%t the #Ro'e of cy$er sec%rity i &ifferet i e /o+erace> )y$ersec%rity starts 1ith a %&ersta&i( of yo%r critica' assets a& the threats yo% face* O'y the yo% ca &e+ise strate(ies to maa(e yo%r ris0se+e if yo% caot e'imiate them* A 'ife8cyc'e a""roach to sec%rity marries the strate(y of costat "rocess im"ro+emet to the o"eratioa' tactics of coti%a' moitori( a& &efese i &e"th* I this +ie1, cy$er "rotectio, &efese, res"ose, a& reco+ery are o(oi( cocers, each re=%iri( a "'a*E8 /o+erace sec%rity is cosi&ere& oe of the cr%cia' factors for achie+i( a a&+ace& sta(e of e8/o+erace* As the %m$er of e8/o+erace ser+ices itro&%ce& to the %ser icreases, a hi(her 'e+e' of e8/o+erace sec%rity is re=%ire& This "a"er cotri$%tes to the e8/o+erace 'iterat%re $y esta$'ishi( a aa'ytica' frame1or0 for %&ersta&i(, c'arificatio a& i+esti(atio of the maa(emet iss%es i+o'+e& i im"ro+i( e8/o+erace sec%rity i techo'o(ica''y8&e+e'o"i( co%tries*
10 | P a g e
2*Con6e&s 2* E"Go9e)nn6e 6on6e& The coce"t of a e8/o+erace system is to "ro+i&e access to /o+erace ser+ices ay1here at ay time o+er o"e et1or0s* This 'ea&s to iss%es of sec%rity a& "ri+acy i the maa(emet of the iformatio systems* Maa(i( s%ch iss%es i the "%$'ic sector has &ifferet em"hases tha i the "ri+ate sector* The $roa&er e8/o+erace a""roach is socio8 techica' $y at%re, i+o'+i( "eo"'e a& "rocesses as 1e'' as techo'o(iesJ hece, "artic%'ar'y i trasitioa' co%tries, the socia' c%'t%re a& characteristics of the co%try are factors i s%ccessf%' e8/o+erace &e+e'o"met* I the o"e 'iterat%re there are fo%r &istict as"ects to e8/o+erace* The remai&er of this sectio (i+es a o+er+ie1 of this 'iterat%re*
2*2 E9o/#&ion o8 E"Go9e)nn6e /'o$a' shifts to1ar&s icrease& &e"'oymet of IT $y /o+eraces emer(e& i the ieties, 1ith the a&+et of the .or'& .i&e .e$ @...* The techo'o(y as 1e'' as e8(o+erace iitiati+es ha+e come a 'o( 1ay sice the* .ith the icrease i Iteret a& mo$i'e coectios, the citiFes are 'eari( to e?"'oit their e1 mo&e of access i 1i&e ra(i( 1ays* They ha+e starte& e?"ecti( more a& more iformatio a& ser+ices o'ie form /o+eraces a& cor"orate or(aiFatios to f%rther their ci+ic, "rofessioa' a& "ersoa' 'i+es, th%s creati( a$%&at e+i&eces that the e1 e8citiFeshi"G is ta0i( ho'&* The coce"t of e8/o+erace has its ori(is i I&ia &%ri( the se+eties 1ith a foc%s o &e+e'o"met of i8ho%se /o+erace a""'icatios i the areas of &efese, ecoomic moitori(, "'ai( a& the &e"'oymet of IT to maa(e &ata itesi+e f%ctios re'ate& to e'ectios, ces%s, ta? a&miistratio etc* The efforts of the Natioa' Iformatics )eter @NI) to coect a'' the &istrict hea&=%arters &%ri( the ei(hties 1as a +ery si(ificat &e+e'o"met*
11 | P a g e
Fi-*! E9o/#&ion o8 Go9e)nn6e
9rom the ear'y ieties, IT techo'o(ies 1ere s%""'emete& $y I)T techo'o(ies to e?te& its %se for 1i&er sect ora' a""'icatios 1ith "o'icy em"hasis o reachi( o%t to the r%ra' areas a& ta0i( i (reater i"%ts from N/OGs a& "ri+ate sector as 1e''* There has $ee icreasi( i+o'+emet of iteratioa' &oor a(ecies %&er the frame1or0 of e8(o+erace for &e+e'o"met to cata'yFe the &e+e'o"met of e8(o+erace 'a1s a& techo'o(ies i &e+e'o"i( co%tries * .hi'e the em"hasis has $ee "rimari'y o a%tomatio a& com"%teriFatio, state /o+eraces ha+e a'so e&ea+ore& to %se I)T too's ito coecti+ity, et1or0i(, setti( %" systems for "rocessi( iformatio a& &e'i+eri( ser+ices* At a micro 'e+e', this has ra(e& from IT a%tomatio i i&i+i&%a' &e"artmets, e'ectroic fi'e ha&'i( a& 1or0f'o1 systems, access to etit'emets, "%$'ic (rie+ace systems, ser+ice &e'i+ery for hi(h +o'%me ro%tie trasactios s%ch as "aymets of $i''s, ta? &%es to meeti( "o+erty, a''e+iatio (oa's thro%(h the "romotio of etre"ree%ria' mo&e's a& "ro+isios of mar0et iformatio* The thr%st has +arie& across iitiati+es, 1ith some foc%si( o ea$'i( the citiFe8state iterface for +ario%s /o+erace ser+ices, a& others foc%si( o $etteri( 'i+e hoo&s* E+ery state /o+erace has ta0e the iitiati+es to form a IT tas0 force to o%t'ie IT "o'icy &oc%met for the state a& the citiFe charters ha+e starte& a""eari( o /o+erace 1e$sites* 9or /o+eraces, the more o+ert moti+atio to shift from ma%a' "rocesses to IT8 ea$'e& "rocesses may icrease& efficiecy i a&miistratio a& ser+ice &e'i+ery, $%t this shift ca $e cocei+e& as a 1orth1hi'e i+estmet 1ith "otetia' for ret%rs*
2*3C($e) se6#)i&( 6on6e& in e Go9e)nn6e 12 | P a g e
)y$er Sec%rity is tra&itioa''y cocere& 1ith iformatio "ro"erties of cofi&etia'ity, ite(rity a& a+ai'a$i'ity* These "ro"erties %&er"i ser+ices s%ch as %ser a%theticatio, a%thoriFatio, acco%ta$i'ity a& re'ia$i'ity* M%ch has $ee "%$'ishe& o the cha(i( ro'e of cy$er sec%rity @Dhi''o a& Tor0Fa&eh, 6CC
13 | P a g e
im"ortace sice it ca if'%ece /o+eracesG a& %sersG 1i''i(ess to a&o"t the o'ie ser+ices offere&* The E%ro"ea 7ar'iamet, +ia the Science and Technology Options and Assessment has as0e& The E%ro"ea Techo'o(y Assessmet /ro%" @ETA/, 1hich ic'%&es
3* A/i6&ion 3* REAL LIFE APPLICATION OF e"Go9e)nn6e
7e$"$se' )e6)e&ion 8ie/' n' 86i/i&( s6.e'#/in-
O'ie iteracti+e ma"s sho1s city streets a& ei(h$orhoo&s, ic'%&i( $a'' fie'&s, teis co%rts, a& other "ar0s recreatio faci'ities* )oaches, "'ayers, 'ea(%es, schoo's a& i&i+i&%a's ca +isit the &e"artmeta' 1e$ site from home or office, at ay ho%r, 1ee0e&s 1ee0&ays* Users of the o'ie system ca 'ocate faci'ities $y ame, ei(h$orhoo& or street a&&ress* They ca =%ery the &ata$ase to fi& a+ai'a$'e fie'&s, co%rts, etc* for s"ecific times a& &ates* The iteracti+e ma" ca co'or8co&e faci'ities, $ase& o a+ai'a$i'ity, sim"'ifyi( the "rocess of fi&i( a a+ai'a$'e faci'ity that is a'so ear$y* Iteracti+e ma"s are easi'y "rite& &irect'y from the e/o+ 1e$ site* A&+ace& systems ca acce"t reser+atios o'ie, a& co''ect a""ro"riate fees "ai& +ia cre&it car&*
On/ine /n' o;ne)s.i %s n' &< 9/#&ion
O'ie ma"s sho1i( rea' estate ma"s, ic'%&i( streets, "ro"erty $o%&aries a& "ro"erty &escri"tios* To fi& a "arce', citiFes ty"e a street a&&ress or a+i(ate %si( a iteracti+e Yahoo8'i0e ma"* By Foomi( i o a street or "arce', %sers ca see "ro"erty $o%&ary 'ies a& &escri"ti+e iformatio &ra1 a%tomatica''y from "%$'ic &ata$ases* 7rit a ma" a&!or re"ort a$o%t the "arce'*
14 | P a g e
Fi-*4 Y.oo M
A#&o"no&i8i6&ion o8 )o' )ei) = 6ons&)#6&ion
O'ie iteracti+e ma"s sho1i( %"8to8&ate 'ocatios of c%rret a& "ro-ecte& roa& or other costr%ctio "ro-ects* This 'ist a& ma" is %"&ate& a%tomatica''y as city staff a&& to or e&it a o'ie &ata$ase* A&+ace otice ca 'ea& tra+e'ers to "ic0 a'terati+e ro%tes, a+oi&i( the aoyace, &e'ays "o''%tio re'ate& to %e?"ecte& roa& co(estio* O"tio O"t8i a%to8emai's to a'ert ear$y citiFes!$%siess if costr%ctio mi(ht affect them* On/ine s&)e% >#/i&( %oni&o)in-
)%rret'y a +ariety of +o'%teers s%r+ey stream or other 1ater1ay co&itios* A iteracti+e ma" system co%'& co''ect their o$ser+atios %si( o'ie forms, the imme&iate'y %"&ate iteracti+e ma"s* T%r$i&ity, &e$ris, a&!or other stream co&itios 1o%'& $e sym$o'iFe& or co'ore& &ifferet'y $ase& o s%r+ey +a'%es i the o'ie &ata$ase* The 1e$8$ase& iteracti+e ma"s 1o%'& i''%strate stream co&itios, he'"i( stream ste1ar&s maa(e their 1ater1ays a& he'"i( e&%cate yo%( "eo"'e a$o%t e+irometa' affairs* Data8&ri+e 1e$ ma" soft1are 1o%'& %"&ate the ma"s a%tomatica''y, as &ata$ase recor&s are a&&e& or %"&ate&* E?am"'e P; 9ish /ame, Hea'th On/ine .)9es& )e %s n' .e/&. ;)nin-s
)reate a o'ie 1e$ ma" a""'icatio, $ase& o a &ata$ase of fish or she''fish har+est areas* The 1e$ ma" system 1o%'& a''o1 %sers to iteracti+e'y Foom i to see shore'ie &etai's, $oat faci'ities, etc* or Foom $ac0 for a 1i&er8area +ie1s* The &ata8&ri+e ma" co%'& %se co'ors or sym$o's to (ra"hica''y f'a(areas 1here the seaso is o"e a& a'so areas affecte& $y re& ti&e, i&%stria' "o''%tio, etc* Seaso a& har+est co&itios ca cha(e ra"i&'y* The o'ie system ma0es it "ossi$'e to comm%icate cha(es imme&iate'y a& efficiet'y* To maitai the ma", 9ish /ame or Hea'th staff 1o%'& %"&ate +a'%es i &ata ta$'es i $ac0(ro%& &ata$ase* The iteracti+e 1e$ ma" soft1are a%tomatica''y refreshes the ma" $ase& o the e1 iformatio* O"tio A%to8 otificatio $y emai', for $ait sho"s, $oat reta's, 'icese ho'&ers, "%$'ic safety a(ecies, a& ay others 1ho choose to si( %" for o"tioa' a'erts* On/ine B/o6? 7&6. = C)i%e in6i'en6e %s
O'ie ma"s 'et citiFes a+i(ate to their ei(h$orhoo& $y ty"i( a a&&ress, itersectio, comm%ity ame, or Fi" co&e* Users &is"'ay ma"s of recet $%r('aries, car "ro1's, or other comm%ity safety e+ets* The &ata8&ri+e ma""i( system may a%tomatica''y co'or8co&e e+et 'ocatios $y ty"e of e+et, &ate!time, or mo&%s o"era&i* Nei(h$ors may "rit ma"s from their 1e$ $ro1sers for off'ie %se or to "ost at the corer store* O"tioa''y, resi&ets co%'& re(ister to recei+e a%to8emai's if, for e?am"'e, there 1as a attem"te& $rea08i ear them* Simi'ar'y ei(h$ors co%'& %se o'ie forms to =%ic0'y share
15 | P a g e
iformatio a$o%t e+erythi( from s%s"icio%s e+ets, to a$a&oe& +ehic'es, to ei(h$orhoo& yar& sa'es*
E Go9 E<%/es •
7%$'ic ser+ices a& comm%ity statistics Icrease citiFe "artici"atio a& a1areess $y ma0i( it easy to o$tai %"8to8&ate ma"s a& re"orts of ser+ices, faci'ities, a& statistics*
•
Hea'th co&itios a& e"i&emio'o(y system The U* S* )eter for Disease )otro' he'"s "re+et &isease a& acci&ets $y "reseti( ici&ece, morta'ity, a& other statistics %si( this iteracti+e 1e$ ma" system
•
Iteracti+e $icyc'e ro%te ma"s
•
7o''i( "'ace 'ocator system Eco%ra(e +oti( $y ma""i( c%rret "o''i( "'aces $ase& o +oter a&&ress*
•
Schoo' $%s ro%te fi&er system Im"ro+e c%stomer ser+ice $y 'etti( "arets fi& the earest schoo' $%s ro%te*
•
Ecoomic &e+e'o"met system 7romote ecoomic &e+e'o"met $yma""i( "rofi'i( a+ai'a$'e i&%stria' commercia' sites*
•
Ta? rate 'ocator Im"ro+e ta? ret%r acc%racy a& icrease ta? co''ectios $y 'etti( $%siess ma" their 'ocatios +is a +is $o%&aries of Loca' Im"ro+emet &istricts a& other s"ecia' assessmet Foes * )omm%ity ser+ices 'ocator Im"ro+e "%$'ic access to e?isti( ser+ices $y ma""i( 'ocatios of e'&er'y ser+ices, comm%ity hea'th c'iics, 'itt'e city ha''s, a& comm%ity "o'ice offices * Assiste& ho%si( 'ocator He'" fami'ies a& e'&er'y choose s%$si&iFe& ho%si( %its $y ma""i( a+ai'a$'e %its sho1i( "ro?imity to trasit a& other faci'ities*
•
•
3*2 A/i6&ion n' E"Go9e)nn6e Se)9i6es En&e))ise A/i6&ions E"P(%en&
16 | P a g e
The E87aymet "ro+i&es the ca"a$i'ity for ay e8commerce 1e$site to acce"t e'ectroic "aymet metho&s* This ser+ice a''o1s ay 1e$ a""'icatio to ea$'e its c%stomers to ma0e "aymets o'ie* 9eat%res ic'%&e •
Desi( 1ith /o+erace i mi&
•
Acce"ts ma-or cre&it car&s a& e8chec0s
•
9'e?i$'e $atchi(!%"&ate of iformatio
•
Off8'ie "aymet "rocessi(
•
A&&ress +erificatio ser+ices
Fi-*@ E"P(%en&
En&e))ise A#&.o)i&ion = A#&.en&i6&ion Eter"rise AA is the State of Io1as share& 'o(o ser+ice* It ha&'es %ser re(istratio, acco%t maa(emet @'i0e cha(i( a& reco+eri( "ass1or&s a& sim"'e "ri+i'e(e maa(emet f%ctios*
The ser+ice 'ets %sers e-oy ha+i( -%st oe acco%t to (i+e them access to m%'ti"'e a""'icatios a& a cosistet 1ay to maa(e that acco%t* Im"'emeti( a commo acco%t reso%rce ma0es it 'ess e?"esi+e a& easier to offer m%'ti"'e ser+ices a& a""'icatios to citiFes a& em"'oyees a'i0e* 9eat%res ic'%&e •
Use of commo i&etifiers across m%'ti"'e "'atforms a& ser+ices
•
A''o1s creatio of acco%ts for the "%$'ic a& other o8em"'oyees
•
7ermits se'f8re(istratio $y %sers creati( e1 acco%ts
•
Esta$'ishes a""'icatio8s"ecific ca"a$i'ities
17 | P a g e
Fi-*En&e))ise A#&.o)i&ion = A#&.en&i6&ion Sin-/e Con&6& Reosi&o)( 1SING
The Si('e )otact Re"ository @SIN/ is a iteret a""'icatio &e+e'o"e& a& s"osore& $y the State De"artmet of A&miistrati+e Ser+ices ! Iformatio Techo'o(y Eter"rise that a''o1s re(istere& %sers to "erform $ac0(ro%& chec0s o "otetia' em"'oyees, +o'%teers, a& st%&ets &oi( c'iica', from a si('e 1e$ scree* The a""'icatio 'ets a %ser chec0 Io1a crimia' history, three a$%se re(istries @chi'&, &e"e&et a&%'t, a& se? offe&er, a& o+er :C 7%$'ic Hea'th "rofessioa' 'icese ty"es from oe c'ic0 o the scree* This &ata resi&es o +ario%s "'atforms 1ithi Io1a state/o+erace, ic'%&i( a maiframe a& se+era' &e"artmeta' LAN ser+ers* SIN/ "erforms its $ac0(ro%& chec0s a(aist the ori(ia' re(istries, rather tha %si( "oit8i8time co"ies, 1hich $ecome o%t8of8&ate $et1ee refreshes* I a&&itio to es%ri( that em"'oyers recei+e %"8to8&ate iformatio, SIN/s techi=%e "ro+i&es a e?tra meas%re of sec%rity* Each cofi&etia' &ata$ase is store& i its ori(ia' sec%re 'ocatio, a& o1here e'se* No &ata resi&es o the 1e$ ser+er itse'f* This meas that SIN/ m%st comm%icate 1ith m%'ti"'e &ata$ases @from &ifferet +e&ors o m%'ti"'e "'atforms @a'so from &ifferet +e&ors* Some of the &ata$ases accesse& ic'%&e SQL, Orac'e, Sy$ase, a& a maiframe )A!IDMS* The SIN/ 1e$ site is a sec%re& site 8 o'y re(istere& %sers ca access the iformatio* De"e&i( o 1hat ty"e of a or(aiFatio they are &etermies to 1hich of the &ata$ases they ha+e 'e(a' access* This is &oe $y "%tti( them i (ro%"s, 1ith the (ro%" ha+i( access o'y to certai &ata$ases, or a'' of them* The a""'icatio is %se& $y o+er 5,CCC %sers each moth, &oi( a a+era(e of 5,;CC trasactios, or searches, a moth* This a""'icatio has
18 | P a g e
e?"e&ite& the "rocess of chec0i( $ac0(ro%&s of em"'oyees a& +o'%teers as ofte re=%ire& $y re(%'atios a& "o'icies*
eLe9e
eLea+e Ser+ice a''o1s em"'oyees a& s%"er+isors to i"%t a& re+ie1 'ea+e re=%ests 1hi'e %si( the iteret* As 'o( as the iteret is a+ai'a$'e, a "erso ca i"%t 'ea+e re=%ests a& re+ie1 re=%ests* This "ro+i&es a easy 1ay for s%"er+isors to =%ic0'y see 1ho has re=%este& 'ea+e as 1e'' as those 1ho ha+e 1or0e& o+ertime* They ca a'so a""ro+e or &ey a re=%est* This "ro+i&es a =%ic0 fee&$ac0 to the "erso re=%esti( the 'ea+e* The fo''o1i( items are a+ai'a$'e •
Vie1 yo%r most recet re=%ests
•
Eter a e1 re=%est
•
Vie1 re=%ests that are "e&i( or re+ie1e&
•
Search "re+io%s'y etere& re=%ests
•
E?"ort the iformatio
•
Vie1 a ca'e&ar 1ith yo%r 'ea+e re=%ests
•
Vie1 a ca'e&ar 1ith the 'ea+e re=%ests of yo%r &e"artmet* This a''o1s each "erso to +ie1 1ho has re=%este& 'ea+e* It &oes ot "ro+i&e the &etai's of the 'ea+e re=%ests*
19 | P a g e
A'')ess V/i'&ion
A&&ress Va'i&atio is the +erificatio of a&&ress iformatio* The ser+ice %ses a &ata$ase s%""'ie& $y the Uite& States 7osta' Ser+ice @US7S to &etermie if a a&&ress is a &e'i+era$'e a&&ress* The ser+ice 1i'' a'so ret%r the a&&ress i the sta&ar&iFe& US7S format* The ser+ice ca $e accesse& either $y "ro+i&i( a fi'e 1hich 1i'' $e r% as a $atch "rocess or $y s%$mitti( a&&resses oe at a time to o%r 1e$ ser+ice* I a&&itio to the ret%r of the a&&ress itse'f, 1e ca a'so "ro+i&e a&&itioa' iformatio s%ch as co%ty %m$er, co%ty ame, (eo co&e a& co(ressioa' &istrict* A a&&itioa' item that is offere& is the Natioa' )ha(e of A&&ress* If yo% "ro+i&e 5CC or more %i=%e a&&resses, 1e ca "rocess the fi'es thro%(h the Natioa' )ha(e of A&&ress @N)OA &ata to &etermie if the "erso, fami'y or $%siess has mo+e&* If the mo+e is 1ithi the 'ast 5 moths, 1e ca ret%r the e1 a&&ress* .e ca a'so "ro+i&e iformatio &etai'i( if the mo+e is for a i&i+i&%a', a fami'y or a $%siess* There are may a&+ata(es to a&&ress +erificatio
A&&resses i a &ata$ase ca $e searche& more effecti+e'y as they are i the same format* The s"e''i(s of streets a& cities are the same thro%(ho%t the &ata$ase* 7osta' &isco%ts ca $e o$taie& 1he the a&&resses are sta&ar&iFe& a& "rocesse& thro%(h the N)OA* A(ecies ca see a &ecrease of as m%ch as 5C cets "er item mai'e&*
Se)9i6e"O)ien&e' A)6.i&e6&#)e 1SOA
Ser+ice8Oriete& Architect%re @SOA is a Uti'ity that "ro+i&es the ser+ice oriete& ifrastr%ct%re for %se $y state a(ecies* SOA has $ee a&o"te& as a sta&ar& for soft1are &e+e'o"met, to &ri+e re%se amo( a(ecies a& foster (reater shari( of iformatio* A SOA A&+isory )ommittee 1as create& $y the Techo'o(y /o+erace Boar& to &e+e'o" sta&ar&s for IT8re'ate& iitiati+es 1ithi the Boar&s "%r+ie1* The )ommittee is 'e& $y DAS8 ITE 1ith +o'%teer mem$ers from State a(ecies a& o+ersi(ht $y the )IO @-oit co%ci' of 'ar(e8a(ecy )IOs*
20 | P a g e
!* ROLE OF CYBER SECURITY
4.1 Typical roles
Fig.8 Typical roles INCIDENT & THREAT MANAGEMENT & FORENIC 9rot 'ie Defe&ers maa(i( et1or0s a& mo$i'e &e+ices* E?am"'es are maa(i( et1or0 to 0ee" attac0ers o%tJ testi( otherGs et1or0s to assess their sec%rity a& a&+isi( o ma0i( them 'ess +%'era$'eJ ici&et maa(ersJ foresics aa'ysts %"ic0i( 1hat ha""ee&J aa'ysts of e1 ma'1are!"ro&%ctio of co%termeas%res* @7'ease ote the e8crime %it has o1 $ee a$sor$e& ito the N)A
RI! ANA"#T & MANAGEMENT Ris0 Aa'ysts a& Maa(ers ee& to %&ersta& 1hich threats 1i'' ha+e the 1orst $%siess im"act a& a&+ise Boar&s i o8techica' 'a(%a(e 1hy a& ho1 they sho%'& s"e& o re&%ci( these ris0s* Ris0 maa(ers may $e o8techica' or techica' "eo"'e* Some a%&it et1or0s a& es%re com"'iace a& 'e(a' iss%es are &ea't 1ith*
PO"IC# MA!ER & TRATEGIT
21 | P a g e
7o'icy Ma0ers a& Strate(ists &efie ho1 a com"ay &ea's 1ith &ifferet sec%rity ris0s a& meets its 'e(a' o$'i(atios a& (ets these "o'icies im"'emete&* 7ri+ate sector has )ISOs @)hief Iformatio Sec%rity Officers ofte s%""orte& $y a team* /o+erace has ITSOs @IT sec%rity officers a& DSOs @De"artmeta' sec%rity officers*
OPERATION & EC$RIT# MANAGEMENT O"eratios a& Sec%rity Maa(ers "rotect &ata o et1or0s, 'a"to"s a& mo$i'e &e+ices, they may maa(e ecry"tio a& other "rotecti+e meas%res 'i0e fire1a'' r%'es*
ENGINEERING% ARCHITECT$RE & DEIGN E(ieeri(, Architect%re a& Desi( Desi(i( sec%re co&e a& a""'icatiosJ architecti( a sec%re system or creati( e1 sec%rity too's are a'' essetia' "arts of cy$er sec%rity $%t othi( stays sti'' so yo% 1i'' ee& to 0ee" cha(i( fast*
ED$CATION% TRAINING AND AARENE E&%catio Traii( a& A1areess are &ema&i( 1hether the -o$ is a$o%t traii( e1comers, 0ee"i( e?"erts %" to &ate or ea$'i( staff or c%stomers to $eefit f%''y from techo'o(y they are %si(*
REEARCH Research may $e hi(h'y techica' or more "o'icy or "sycho'o(y orietate&* Areas ic'%&e )om"'e? mo&e's to he'" %&ersta& a& maa(e ris0s* i+etio of e1 techo'o(ies or e1 1ays to a""'y them to re&%ce ris0sJ 'oo0i( for the e?t #$i( thi(>*
"A#ER PECIA"IING IN AD'ICE AND PROEC$TION FOR INTERNET CRIME AND DATA PROTECTION La1yers s"ecia'iFi( i the a&+ice a& "rosec%tio of &ata sec%rity a& Iteret crime* The ee& for e?"ert a&+ice is (ro1i( 1ith hi(h 'e+e's of crime a& "ea'ties for or(aiFatios that &oGt "rotect &ata s%fficiet
!*2 e( o8 6($e) se6#)i&( •
•
System a&miistratio c'iet systems a& ser+ersJ Net1or0 a&miistratio a& et1or0 sec%rity o"eratiosJ
•
Sec%rity assessmet, sec%rity a%&iti( a& iformatio ass%raceJ
•
Threat aa'ysis, itr%sio a& &ata aa'ysis, ite''i(ece a& co%ter ite''i(eceJ
22 | P a g e
•
9oresics i+esti(atioJ
•
7ro(rammi(J
•
Techica' 1riti(J
•
Sec%rity architect%re a& e(ieeri(J a&
•
Iformatio sec%rity a& ici&et maa(emet* Systems a&miistrators, et1or0 a&miistrators, those 1ho 1rite co&e are ty"ica''y ot i&etifie& as cy$ersec%rity ty"es, Ree&er sai& i a iter+ie1 T%es&ay* B%t 1hat they &o or the maer i 1hich they &o it is critica' $oth to &e"'oyi( techo'o(y that is to the e?tet that 1e ca ma0e it safe a& (i+e that there is o s%ch thi( as a$so'%te'y safe techo'o(y, ha+i( the s0i''s ecessary to "rotect it a& &efe& it a& %'timate'y reco+er 1he $a& st%ff ha""es $eca%se $a& st%ff 1i'' ha""e* The 9e&era' )hief Iformatio Officers )o%ci' a& the Office of 7ersoe' Maa(emet, as 1e'' as other or(aiFatios, are 1or0i( to &e+e'o" occ%"atioa' c'asses for cy$ersec%rity "rofessioa's, a& the commissio recomme&atios are aime& at i&etifyi( the 0ey ro'es i cy$ersec%rity, the f%ctios they "erform a& the s"ecific s0i''s 8 ic'%&i( re=%isite traii( a& e&%catio 8 re=%ire& to &o those -o$s* Occ%"atioa' c'assificatios for IT sec%rity 1ithi /o+erace 1o%'& he'" sim"'ify recr%iti( 8 recr%iters 1o%'& 0o1 the s"ecific e?"ertise to see0 8 a& faci'itate traii( $y &efii( 1hat s0i''s ee& to $e &e+e'o"e&* To&ay, most cy$ersec%rity "rofessioa's are c'assifie& as iformatio techo'o(y s"ecia'ists* Beca%se cy$ersec%rity 1or0 is "erforme& i may &ifferet "ositios a& "'aces thro%(ho%t the fe&era' /o+erace, it is ot easy to i&etify them $y 'oo0i( so'e'y at -o$ tit'es or or(aiFatio charts, oh Berry, &irector of the Office of 7ersoe' Maa(emet, sai& 'ast No+em$er 1he he %+ei'e& the /o+eraces IT sec%rity c'assificatio iitiati+e* By reachi( a coses%s o the ro'es a& re=%isite s0i''s, the commissio re"ort says, e&%cators 1o%'& ha+e a m%ch $etter %&ersta&i( of the 'a$or mar0et their (ra&%ates 1i'' eter, "%rchasers of cy$ersec%rity ser+ices co%'& more c'ear'y s"ecify the =%a'ificatios they see0 from ser+ice "ro+i&ers a& the sometimes cof%si( re(ime of "rofessioa' certificatios "ro(rams co%'& ref'ect the ee&s of "otetia' em"'oyees* IMPROVING SECURITYIN E"GOVERNENCE
To ma0e iformatio a+ai'a$'e to those 1ho ee& it a&1ho ca $e tr%ste& 1ith it, a ro$%st &efese re=%ires a f'e?i$'e strate(y that a''o1s a&a"tatio to the cha(i( e+iromet, 1e''8
23 | P a g e
&efie& "o'icies a& "roce&%res, the %se of ro$%st too's, a& costat +i(i'ace* It is he'"f%' to $e(i a sec%rity im"ro+emet "ro(ram $y &etermii( the c %rret state of sec%rity at the site* Metho&s for ma0i( this &etermiatio i a re'ia$'e 1ay are $ecomi( a+ai'a$'e* Ite(ra' to a sec%rity "ro(ram 2;3 are &oc%mete& "o'icies a& "roce&%res, a& techo'o(y that s%""ort their im"'emetatio* A. Security policy
If it is im"ortat to $e sec%re, the it is im"ortat to $e s%re* A'' of the sec%rity "o'icy is eforce& $y mechaisms that are stro( eo%(h* There are or(aiFe& metho&o'o(ies a& ris0 assessmet strate(ies to ass%re com"'eteess of sec%rity "o'icies a& ass%re that they are com"'ete'y eforce&* I com"'e? systems, s%ch as iformatio systems, "o'icies ca $e &ecom"ose& ito s%$8"o'icies to faci'itate the a''ocatio of sec%rity mechaisms to eforce s%$8"o'icies* A "o'icy is a &oc%mete& hi(h8'e+e' "'a for or(aiFatio81i&e com"%ter a& iformatio sec%rity* It "ro+i&es a frame1or0 for ma0i( s"ecific &ecisios, s%ch as 1hich &efese mechaisms to %se a& ho1 to cofi(%re ser+ices, a& is the $asis for &e+e'o"i( sec%re "ro(rammi( (%i&e'ies a& "roce&%res for %sers a& system a&miistrators to fo''o1* Beca%se a sec%rity "o'icy is a 'o(8term &oc%met, the cotets a+oi& techo'o(y8s"ecific iss%es* Defiitio of acce"ta$'e %se for %sers /%i&e'ies for reacti( to a site com"romise* Hi(h8'e+e' &escri"tio of &ie techica' e+iromet of the site, the 'e(a' e+iromet @(o+eri( 'a1s, the a%thority of the "o'icy, a& the $asic "hi'oso"hy to $e %se& 1he iter"reti( the "o'icy Ris0 aa'ysis that i&etifies the sites assets, the threats that e?ist a(aist those assets, a& the costsof asset 'oss /%i&e'ies for system a&miistrators o ho1 to maa(e systems
24 | P a g e
Fi-* Se6#)i&( o/i6( B. Security Practices
The &ai'y $arra(e of s"am, o1 ifeste& 1ith Fero8&ay ma'1are attac0s, ot to metio the ris0s of ma'icio%s isi&ers, ifecte& 'a"to"s comi( a& (oi( $ehi& the "ac0et8is"ecti( fire1a''s a& cy$er8attac0s8"re+etio systems is the fact of et1or0e& comm%icatio to&ay* This esta$'ishes ee& for ste"s of &%e care a& &%e &i'i(ece to1ar&s a re(%'atory com"'iace, 1hich m%st $e "%t i "'ace for smooth o"eratios, if ot i e?istece a'rea&y* System a&miistratio "ractices "'ay a 0ey ro'e i et1or0 sec%rity* )hec0'ists a& (eera' a&+ice o (oo& sec%rity "ractices are rea&i'y a+ai'a$'e* Be'o1 are e?am"'es of commo'y recomme&e& "ractices Es%re a'' acco%ts ha+e a "ass1or& a& that the"ass1or&s are &iffic%'t to (%ess* A oe8 time "ass1or& system is "refera$'e* Use too's s%ch as MD; chec0s%ms @, a stro( cry"to(ra"hic techi=%e, to es%re the ite(rity of system soft1are o a re(%'ar $asis* Use sec%re "ro(rammi( techi=%es 1he 1riti( soft1are* These ca $e fo%& at sec%rity8 re'ate& sites o the .or'& .i&e .e$* Be +i(i'at i et1or0 %se a& cofi(%ratio, ma0i( cha(es as +%'era$i'ities $ecome 0o1* Re(%'ar'y chec0 1ith +e&ors for the 'atest a+ai'a$'e fi?es a& 0ee" systems c%rret 1ith %"(ra&es a& "atches* Re(%'ar'y chec0 o8'ie sec%rity archi+es, s%ch as those maitaie& $y ici&et res"ose Iteratioa' )oferece o )om"%ter Sciece a& Iformatio Techo'o(y @I))SIT6C55 7attaya Dec* 6C55 566 teams, for sec%rity a'erts a& techica' a&+ice* A%&it systems a& et1or0s, a& re(%'ar'y chec0 'o(s* May sites that s%ffer com"%ter sec%rity ici&ets re"ort that is%fficiet a%&it &ata isco''ecte&, so &etecti( a& traci( acy$er8attac0s is &iffic%'t Best "ractices are thi(s &oe 8 ste"s ta0e 8 actios a& "'as carrie& o%t* 9or e?am"'e8J, ecry"tio is a $est "ractice a& ot a "ro&%ct or too'* There are may commercia''y a& free'y a+ai'a$'e too's 1hich may "ro+e to $e most s%ite& for a $est8"ractice mo&e'*
25 | P a g e
Fi-*0 Se6#)i&( )6&i6es C. Security Procedures
7roce&%res are s"ecific ste"s to fo''o1 that are $ase& o the com"%ter sec%rity "o'icy* 7roce&%res a&&ress s%ch to"ics as retrie+i( "ro(rams from the et1or0, coecti( to the sites system from home or 1hi'e tra+e'i(, %si( ecry"tio, a%theticatio for iss%i( acco%ts, cofi(%ratio, a& moitori(*
26 | P a g e
CONCLUSION It is e+i&et from a$o+e &isc%ssio that iformatio sec%rity i a essetia' "art of ay e8 (o+erace iitiati+e* I I&ia e8(o+erace sceario, ho1e+er, the sec%rity as"ects are ot $ei( ta0e as serio%s'y* I 'ar(e %m$er of cases it is ot &iffic%'t to see that the &ecisio8ma0ers i the /o+erace "refer to com"romise 1he it comes to hi(h e& techo'o(y a&o"tio, im"'emetatio a& maiteace* Di(ita' sec%rity is critica' i e8(o+erace iitiati+es* )ofi&etia'ity of ay trasactio or iformatio a+ai'a$'e o the et1or0 is cr%cia'* The /o+erace &oc%met a& other im"ortat materia' ha+e to $e "rotecte& from %a%thoriFe& %sers i case of e8(o+erace "ro-ects* Hece sec%rity is critica' for s%ccessf%' im"'emetatio of s%ch "ro-ects* E8(o+erace co%"'e& 1ith sec%rity systems "ro+i&i( a&e=%ate "rotectio is the re=%iremet of ay system &esi( effort to $eat the iertia*
27 | P a g e
RE9EREN)ES 253E8/o+erace i I&ia O""ort%ities a& cha''e(es, OAA/, Vo'* 4* No* 6, 6CC* 263Shai'e&ra Si(h, Sa-ay Si'a0ari* A S%r+ey of )y$er Attac0 Detectio Systems, Iteratioa' o%ra' of )om"%ter Sciece a& Net1or0 Sec%rity, ISSN8548C<, Vo'* No*;, ""585C May 6CC* 243A $%si+e $eha+ior htt"!!111*%s8rt*(o+!cotro'systems!"&f!%&ir8 Ecte&attac0CC;*"&f 2:3Defii(Ma'1are9AQ*techet*microsoft*com*htt"!!techet*micros oft*com!e8%s!'i$rary!&&<46:*as"?* Retrie+e& 6CC8C85C* 2;3)ho, Do(80i* The iformatio society a& "ri+acy, me&ia a& c%'t%re i the iformatio a(e, Seo%', 5* 2<3)'ar00e, R* A hi&&e cha''e(e to the re(%'atio of &ata s%r+ei''ace, o%ra' of La1 a& Iformatio Sciece :@6, 54 23Ste+e H* S"e1a0 Ste+e )* Hi'', Eter"rise Architect%re 7'ai( De+e'o"i( a B'%e"rit for Data, A""'icatio a& Techo'o(y, oh .i'ey Sos, Ne1 Yor0, ISBN C8:58;;
28 | P a g e
