COMMERCE 2KA3 Lecture Notes - Lecture 14: Symmetric-Key Algorithm, Public-Key Cryptography, Intrusion Detection System

Security: policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems. Controls: methods, policies, and organizational procedures that ensure safety of organization"s assets; accuracy and reliability of its accounting records; and operational adherence to management standards. Reasons systems are vulnerable: hardware problems, software problems, disasters, use of networks/computers outside of firm"s control, loss and theft of portable devices, accessibility of networks. Computer viruses: rogue software programs that attach to other programs in order to be executed. Worms: programs that copy themselves from one computer to another over networks. Trojan horse: a software program that appears to be benign, but then does something unexpected. Sql injection attacks: hackers submit data to web forms that exploits site"s unprotected software and sends rogue sql query to database. Spyware: keylogging records keystrokes made on a keyboard. Spoofing: masquerading as someone else, or redirecting a web link to an unintended address.