AllFreePapers.com - All Free Papers and Essays for All Students
Search

Information System Security: An Overview of Emerging Threats and Controls

Autor:   •  March 10, 2012  •  Research Paper  •  1,371 Words (6 Pages)  •  2,076 Views

Page 1 of 6

Running Head-Information Systems: Threats and Controls

Information System Security: An Overview of Emerging Threats and Controls

Nitin Juneja

Oklahoma Christian University

Abstract

The term “system security threats” refers to the acts or incidents that can and will affect the integrity of business systems, which in turn will affect the reliability and privacy of business data. Most organizations are dependent on computer systems to function, and thus must deal with systems security threats. This paper identifies and explains the set of top network, host and application layer threats and describes the countermeasures that are appropriate to address each threat. It also explains common attacker methodology and a series of common attacks. The following information will also help understand and categorize threats in preparation for performing threat modeling. While you can mitigate the risk of an attack, you do not mitigate or eliminate the actual threat. Threats still exist regardless of the security actions you take and the countermeasures you apply. The reality in the security world is that you acknowledge the presence of threats and you manage your risks. Threat modeling can help us manage and communicate security risks across our team.

When we incorporate security features into our application's design, implementation, and deployment, it helps to have a good understanding of how attackers think. By thinking like attackers and being aware of their likely tactics, one can be more effective when applying countermeasures.

Information System Security: An Overview of Emerging Threats and Controls

1. Introduction

Computer systems are vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire computer centers. The term “system security threats” refers to the acts or incidents that can and will affect the integrity of business systems, which in turn will affect the reliability and privacy of business data.

2. Categories of threat and their countermeasures

Threats faced by the application can be categorized based on the goals and purposes of the attacks.

2.1 STRIDE Threats and their Countermeasures

• Spoofing.

...

Download as:   txt (9 Kb)   pdf (134.5 Kb)   docx (14 Kb)  
Continue for 5 more pages »