1

UNIT-1 CYBER SECURITY (KCA A01)

MCA -1 (2nd SEM)

Introduction to Information System

• It is made up of two terms, namely, Information and System. Information can be
defined as a well-structured data with specific meaning, and a System is an
arrangement that takes input and provides output after completing the required
process. Thus information system is an arrangement that processes data and
provides meaningful information.
• An information system can also be defined as the software that helps organize and
analyze data. So, the purpose of an information system is to turn raw data into useful
information that can be used for decision making in an organization.
• It can also be defined as a set of interrelated components that collect, store, process,
generate and disseminate information for effective business functioning.
• Many organizations work with large amounts of data.
• Data are basic values or facts and are organized in a database.
• Many people think of data as synonymous with information.
• However, information actually consists of data that has been organized to help
answers questions and to solve problems.
• An information system is defined as the software that helps organize and analyze
data.
• So, the purpose of an information system is to convert
raw data into useful information that can be used for decision making in an
organization
2

The data for an information system can be collected from various inter-
organization and intra-organization sources such as employee personal details and
competitor’s performance. This data can be stored in paper and electronic format.

What are the components of IS?

An IS have various components, which are mainly grouped under two heads:
1. System Resources
2. System Activities
Information System Resources
Those resources that comprise a system. An IS consists of five major resources :
 People
 Hardware
 Software
 Data
 Network
 Information
• People:
 It refers to the human associated with an Information system. This
resource can be divided into two categories. The first category
includes IS specialist such as system analysts, software developer and
system operators. The second category includes the end users of the
information that is anybody who uses the information derived from
the IS.
• Hardware:
 Refers to the machine and media components of an IS.
 The machine include computers, monitors, printers and scanners.
While the media include floppy disks, magnetic tapes and pen drives.
 It is the part of a physical component of an information system which
we can touch.
• Software:
 Refers to a set of programs and procedures of an IS. The programs
include OS and application software such as MS office. The
procedure includes data entry procedures and information distribution
procedures.
 It can be used to organize, process and analyse
data in the information system.
3

• Data:
 Data is a collection of facts.
 Information systems work with data.
 Refers to various observations and facts derived from external or
internal organizational sources.
 The internal sources are product descriptions ,customers records,
employee records
 The external sources are supplier details, market conditions and
competitors information.
• Network:
 Refers to the communication and media components of an IS. For
example network access and control software
 It includes internet, intranet, extranet to provide successful operations
for all types of organizations and computer-based information system.
• Information:
 Refers to the reports and results derived after data processing. For
example management reports and business documents including text,
graphics, audio and paper reports.

Information System Activities

• Information System involve a set of components that belong to a particular
activity. These components are as follows:-
 Input- It captures or collects raw data from within
the organization or from its external environment.It Involves
data entry activities such as recording and editing. Generally data is
entered into computer system.
 Data Storage- Involves maintaining and organizing records such as
details related to customers, employees and various other parties. Data
is stored in folders and hard disk.
 Processing converts this raw input into a meaningful form. It involves
those activities that are performed to process the data to produce
information .For example – calculating, classifying and summarizing.
 Output-Ittransfers the processed information to the people who will use
it or to the activities for which it will be used. It involves
communicating the processed information to the end users. For example
presenting sales performance of an organization in the form of videos
and reports.
4

 Control and system maintenance- It refers to the feedback at each

activity level to maintain the standard of performance and ensure the
flexibility of a system.

Types of Information System

5

Information system supports all the different business operations in an

organization. There are three basic categories of IS
 Operation support Systems
 Knowledge based system
 Management support system

Operational Support Systems (OSS):

Information System has been supporting various business operations such as
accounting and production. Those systems that support some business
operations are grouped under operations support systems (OSS). There are
three main parts of OSS
 Transaction processing system (TPS):
It helps in processing various transactions and retrieving information
from them. Processing a transaction can be done in two ways batch
processing and real time processing. For Example:- retail stores the
cash receipts or card payments.
 Process control system:
It helps in monitoring and controlling physical process in an
organization. This system helps in making day-to-day decisions and
controlling operational process. For Example- electronic sensors can
monitor the pressure and send automated warnings if pressure is about
to reach the danger level.
6

 Enterprise Collaboration System: It helps in sharing information

among employees. A proper flow of information helps in increasing
the productivity of an organization. For example- Use of E-mail to
share information by one team member to the other and team leader
addressing a meeting with the team through conferencing.
Management Support Systems (MSS):
A management support system provides useful information to mangers for
decision making and control. The different types of MSS are as follows:
 Management Information System (MIS):
It provides information on various business aspects to managers. It
generates information for monitoring performance and maintaining
coordination. For Example- A production manager can check the
report of cost and time of production for previous year so that he/she
can take effective production decisions for the current year.
 Decision Support System (DSS):
It supports managerial decision making. For Example- a sales
manager can set sales targets for the coming year by considering the
existing market conditions.
 Executive Information System (EIS):
It provides critical information to the executive and top level
managers for making strategic decisions. It provides statistical
representation of information. For example:-an executive can check
for brand image by looking at the graphs representing customer
preferences.
Knowledge Based Systems:
A Knowledge Based System provides information to users in different
business areas when required. The following are the two types of
Knowledge Based Systems:
o Expert System:
It provides adequate knowledge an expert advice for making various
managerial decisions. An expert system is composed of two main
components are knowledge base and software modules.
o Knowledge Management System (KMS):
It provides knowledge and expertise for making various management
level decisions. For sharing knowledge KMS uses a group of
collaboration systems such as intranet.
7

Development of Information System

• Development of Information Systems is similar tothe
application development procedure.
• It can be developed using different approaches.
• The suitability of an approach depends upon thespecific
input conditions, preference of approach and development objective.
• We can follow any of the different approach, based
on the requirements, for an effective Information System development.
• A system development process is set of activities, methods, best practices,
deliverables and automated tools that stakeholders use to develop and
maintain information system and software.
The main of IS Development approaches are listed below:
• Waterfall Model
• Prototyping Model
• Evolutionary Model
• Spiral Model
Waterfall Model
• Waterfall model is the basic model of system development.
• This model follows a flow of steps beginning from feasibility check up to
system maintenance in a sequence.
• This method is also called linear sequential model.
Steps in the waterfall methods:
 Technical and financial feasibility check about system development.
 Gathering knowledge about the required system and developing the
specifications needed. Converting the requirements and specifications
into a system model.
 Here designing is converted into code by coder. Ensuring that IS is
developed as it was required.
 Updating the system, if there is any kind of shortcomings.
8

– Feasibility Check: Technical and financial feasibility check about

system development.
– Requirement and Specification: Gathering knowledge about the
required system and developing the specifications needed.
– Design: Converting the requirement and specifications into a system
model.
– Coding: This process of designing a bridge between understanding of
the user and the system. This is also called programming.
– Testing: Ensuring that the system performance is according to the
user requirement.
– Maintenance: Changes in the system after testing or use to correct
the shortcomings or further requirement.

Waterfall Advantage
• Easy to understand, easy to use
• This model is suitable for the software development when requirements are
very much clear in the beginning.
• Waterfall model works well for smaller projects
• In this model phases are processed and completed one at a time. Phases do
not overlap.
Waterfall Disadvantage
• Work done in each phase cannot be changed
• High amounts of risk and uncertainty.
• Not a good model for complex & Object Oriented Project.
9

Prototyping Model
• Prototyping approach is an effort to improve the drawbacks
of the waterfall model.
• A prototype is similar to the model or blueprint of a system before the actual
development is done.
• This model first performs requirement analysis and
develops a prototype or blueprint of the whole development process.
• This approach helps in understanding the shortcoming
before the actual design is built and implemented.
• The understanding of the shortcomings helps in system evaluation.
• Hence, any specification or further improvement can be done easily at much
lesser cost with the support of prototype software.
• After finalizing the prototype, the actual system building is done similar to
that in the waterfall method.
• This model helps in matching the client requirements for system
development, as any other suggestion can be easily incorporated in the
prototype.
• Also, any constraint in the system development process can also be
identified and improved.

Prototype Approach to System Development

10

Evolutionary Model
• Evolutionary model approaches to improve the classic waterfall model by
providing scope of feedback and improvement at every stage of the system
development.
• This model tries to develop a realistic view that clients can change the
requirements in the system at any stage of the system development.
• There is a scope of improvement in design and software.

Evolutionary approach to develop Information System

Spiral Model
• Spiral model is a further improvement in the system development.
• It is a combination of the features of the
waterfalland prototype models.
• This idea was given by Bohem, a computer professional.
• It is similar to evolutionary model.
• This model also adapts to repetitive improvement.
11

Figure: Spiral Model

Incremental Model
 Incremental Model approaches system development through various
incremental steps where every step tries to add more functions in
System development process.
 Each step of system development is a separate group of activities.
This model is also called continuous improvement model.
 In this model, each module goes through the requirements, design,
implementation and testing phases.
 Every subsequent release of the module adds function to the previous
release. The process continues until the complete system achieved.
12

SYSTEMS DEVELOPMENT LIFE CYCLE (SDLC)

• Systems development life cycle (SDLC)- a structured step-by-step approach
for developing information systems
• Typical activities include:
• Determining budgets
• Gathering business requirements
• Designing models
• Writing user documentation

System Development Life Cycle Phase

SL SDLC Phase Activities

1. Planning • Define the system to be

developed
• Develop the project plan
2. Analysis Gather business/technical requirements

3. Design • Design the technical architecture

• Design system models

4 Development / Implementation of • Build technical architecture

Design (Coding) • Build databases and programs

5. Testing • Write test conditions

• Perform testing

6. Implementation / Installation of • Write user documentation

Software • Provide training

7. Maintenance • Build a help desk

• Support system changes
13

System Development Life Cycle

Introduction to Information Security

• It refers to the protection of information.
• It is the process of securing, protecting and safeguarding the information
from an unauthorized access, use and modification.
• The password protection method is the basic level of security that can be
used for securing information.
• The main goal of information security is integrity, confidentiality and
availability.
14

The term “information security” means protecting information and information

systems from unauthorized access, use, disclosure, disruption, modification, or
destruction in order to provide:
• Integrity:- It refers to the accuracy of information or data. It means
guarding against improper information modification or destruction, and
includes ensuring information no repudiation, accuracy, and authenticity.
• Confidentiality:- It refers to the process of securing information from
unauthorized access. It means preserving authorized restrictions on access
and disclosure, including a means for protecting personal privacy and
proprietary information.
• Availability:- It States that information must be available when it is
needed. It means ensuring timely and reliable access to, and use of,
information.

Role of Security in Internet and Web Services

• Internet is widely used for performing various tasks such as exchanging data
and information, online shopping and bank transaction. Common people,
governmental organization, big business entirely depend on Internet for
transmitting and receiving critical information and conducting day-to-day
business. All these data needs to be secured against unauthorized access
from illegal and malicious sources.
• Security in websites is implemented mainly through two processes:
Authorization and Authentication.
15

Securing Web Services:

• Authorization: Authorization is the process of allowing an
authenticated user to access the resources by checking whether the user has
access rights to the system. Authorization helps you to control access rights
by granting or denying specific permissions to an authenticated user.
It refers to the process of providing access to various resources to the
authenticated users.
• Authentication: Authentication is the process of verifying the
identity of a user by obtaining some sort of credentials and using those
credentials to verify the user's identity. If the credentials are valid, the
authorization process starts. Authentication process always proceeds to
Authorization process. It refers to the process of recognizing the identity
of a user.
• Encryption and message-based security: Encryption is the process
of scrambling the text that your Web service contains so that only the
intended user is able to decrypt it with the help of a key.
• Message-Based Security allows us to send encrypted message to
anyone without worrying about the decryption of the messages by a
malicious user.
• Authentication and Access controls for the Web Service:
Authentication is the process validating a user against the user credentials
provided by the user. Make mandatory for the users to provide credentials in
form of ID and Password if they want to use the Web service. If they fail to
do that, they are refused access to the Web service.
Need for Information Security
• To maintain proper security of information in an organization, we need to
apply certain measures, policies, and procedure so that no harm is caused to
the confidentiality, integrity and availability of organizational information.
• These policies, procedures, and standards are included in a system called
Information Security Management System (ISMS), whose main goal is to
remove any possible loss or destruction of information. It ensures
information security over the network or multiple computer systems.

Benefits of Information Security Management System (ISMS)

• Helps to protect and secure information in an organization because
information is its vital resource.
• Maintain the security of the data and information.
16

• Protects and maintain confidentiality, integrity and availability of

information. An ISM is a standard of the International Organization for
Standardization (ISO).
• Encourages clients, including individuals and other organization, to invest in
an organization.
• Utilizes information and data more effectively and efficiently.
• Provides high level information security. An ISM cultivates sense of
responsibility and accountability in the employees of the organization.
Threats to Information System
• A threat is a possible danger that might misuse drawbacks”.
• In IT, threat is an illegal activity that can cause damages such as loss of
information and data corruption to the network of an organization.
Types of Threats
• PHYSICAL THREAT: Physical threat to a computer system could be as a
result of loss of the whole computer system, Damage of hardware, Damage to
the computer software , Theft of the computer system
• Accidental threat: is an activity that occurs accidentally and its occurrence
is not dependent on any entity. It can occur due to exposure of confidential
information and unauthorized modification in information.
• Intentional threat: is an activity that is performed by an entity to violate
security of the computer system and network.
• MALICIOUS MISUSE : Any form of tampering of the computer system
which includes Trojan horses, viruses and any form of illegal alteration of
the computer system which also includes the generation of illegal codes to
alter the standard codes within the system can be termed as malicious
misuse.

What is Attack in Information System?

Attacks on the network can breach the security of data and resources
over the network. There are two types of attacks over the internet, which
are as follows:
• Passive Attack: Refers to the attack in which the attackers do not intent to
cause any harm to the network. He just monitors, analyzes or observes the
information available over the network. Attacker do not alter the message,
he just reads the messages. Passive attacks are of 3 types:
• Brute force attack: Breaks the encryption of data by finding the
appropriate key.
17

• Algebraic attack: Refers to the type of attack in which you can write
cipher as a system equation. After writing a cipher, you can read it by
using a appropriate key.
• Code block attack: Refers to a technique for cryptanalysis. The
attacker tries to build a code block in which he describes the cipher
text and its corresponding plain text.
• Active Attack: Refers to the attack in which the attacker is aware of the
attack. In active attack, the attacker tries to steal information from the
network. In addition, he creates, deletes, alter, modify and replace a
message.

Information Assurance
• Information Assurance (IA) refers to the steps involved in protecting
information systems, like computer systems and networks. There are
commonly five terms associated with the definition of information
assurance: Integrity, Availability, Authentication, Confidentiality, Non
repudiation.
• Integrity involves making sure that an information system remains
unscathed and that no one has tampered with it. IA takes steps to maintain
integrity, such as having anti-virus software in place so that data will not be
altered or destroyed, and having policies in place so that users know how to
properly utilize their systems to minimize malicious code from entering
them.
• Availability is the facet of IA where information must be available for use
by those that are allowed to access it. Protecting the availability can involve
protecting against malicious code, hackers and any other threat that could
block access to the information system.
• Authentication involves ensuring that users are who they say they are.
Methods used for authentication are user names, passwords, biometrics,
tokens and other devices. Authentication is also used in other ways -- not
just for identifying users, but also for identifying devices and data messages.
• IA involves keeping information confidential. This means that only those
authorized to view information are allowed access to it. Information needs to
be kept confidential. This is commonly found, for example, in the military,
where information is classified or only people with certain clearance levels
are allowed access to highly confidential information.
18

• The final pillar is non repudiation. This means that someone cannot deny
having completed an action because there will be proof that they did it.
Information Assurance v/s Information Security
• Information assurance, which focuses on ensuring the availability,
integrity, authentication, confidentiality, and non-repudiation of information
and systems. These measures may include providing for restoration of
information systems by incorporating protection, detection, and reaction
capabilities.
• Information security, which centers on the protection of information and
information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide confidentiality, integrity, and
availability.

Displaying the Scope of Information Assurance

Non-repudiation is the assurance that someone cannot deny the validity of

something.
19

Non-repudiation refers to the ability to ensure that a party to a contract or a

communication must accept the authenticity of their signature on a document or
the sending of a message.

Three-Dimension Information Assurance model

• Information states consists of three states Stored, Processed and

Transmitted and Information is available in any of these three states and can
even co-exist in two different states.
• Security Services: Is an integral part of the Information Assurance model. It
consists of five different security services.
– Availability,
– Integrity
– Authentication
– Confidentiality
– Non-Repudiation.
• Security Countermeasures: Those protective activities required such as the
account of technology, operations and people to prevent espionage,
sabotage, theft, or unauthorized use of classified or controlled information,
systems, or material then the systems becomes vulnerable to the attacks.
20

Cyber security
• Cyber security is the protection of information and information systems
against the potential threats on the Internet. It is the ability to protect
yourself and your cyberspace (or the internet) from the attacks caused
through the internet.
• Cyberspace is a domain characterized by the use of electronics and the
electromagnetic spectrum to store, modify, and exchange data via networked
systems and associated physical infrastructures. In effect, cyberspace can be
thought of as the interconnection of human beings through computers and
telecommunication, without regard to physical geography.
Difference between Cyber Security and Information Security

• Cyber Security: securing information related to the use of the Internet.

• Information Security: means securing information and information system
against all kinds of unauthorized access, use, disclosure, destruction, or
disruption.
• Security on the internet must involve information and information system,
but information and information systems not necessarily require
involvement of cyberspace. Cyber security therefore be considered as a
subset if information security.
21

Cyber Crimes
• Cyber crime can be defined as any crime with the help of computer and
telecommunication technology with the purpose of influencing the
functioning of computer or computer system.
• Cyber crime can be of three categories:
1. Cyber crime against person
2. Cyber crime against Property
3. Cyber crime against government

Cyber Crime Against Persons

• These crimes include various crimes such as harassing anyone with the
use of a computer that could be:
• Via e-mail
• Cyber-stalking
• Transmission of child-pornography
• One of the most important cyber crimes known today includes
dissemination of obscene material including:
• Pornography
• Distribution
• Posting
22

Cyber Crime Against property

• These crimes include:
Computer vandalism
Transmission of harmful programmes
Unauthorized possession of computerized information
Unauthorized computer trespassing through cyberspace.

Cyber Crime Against Government

• A distinct kind of crime in this category is cyber terrorism.
• This crime manifests itself into terrorism when an individual or a group
of people cracks into a government or military-maintained website.

Some Common Computer Crimes

1. Data diddling:
• It is a simple and common computer-related crime which involves changing
data prior to or during input to a computer.
• Data can be changed by anyone involved in the process of creating,
recording, encoding, examining, checking, converting, or transporting
computer data.
2. Trojan Horse attacks:
• Trojan horse involves the placement of unwanted computer instruction in a
programme so that the host computer will perform some undesired or
unauthorized function.
• The instructions enter the target system hidden in some other message or
programme, thus the name Trojan horse attacks.
3. Logic bomb:
• Logic bomb is a computer programme executed at a specific time to cause
damage to computer programmes or data.
4. Internet and bulletin boards:
• Internet and bulletin boards can be used by hackers to exchange information
necessary to commit criminal acts on computer systems.
5. Computer virus:
• A computer virus is programme code which can attach itself to other
programmes and corrupt data and damage hardware.
23

6. Spamming: Spamming is the use of messaging systems to send multiple

unsolicited messages to large numbers of recipients for the purpose of commercial
advertising,

7.Cyber bullying
• Protecting against attacks on the internet involves phishing and malware
protection, security from theft, safety of applications and individuals,
presentation of online predators and cyber bullies etc.
• Cyber bullying is bullying that takes place over digital devices like cell
phones, computers, and tablets. It can occur through SMS, Text, and apps, or
online in social media, forums, or gaming where people can view,
participate in, or share content. It includes sending, posting, or sharing
negative, harmful, false, or mean content about someone else. It can include
sharing personal or private information about someone else causing
embarrassment or humiliation. Some cyber bullying crosses the line into
unlawful or criminal behavior.
• The most common places where cyber bullying occurs are:
• Social Media, such as Facebook, Instagram, Snapchat, and Twitter
• SMS (Short Message Service) also known as Text Message sent through
devices
• Instant Message (via devices, email provider services, apps, and social
media messaging features)
• Email
8.Viruses, Phishing, and Identity Theft
• People on the Internet do to know everything about security. Considering
this as a weapon, one can attack another person.
• Who has limited knowledge about the use of the Internet.
• Through VIRUSES – a program written to cause harms to a system.
• Can steal identity through PHISHING – an act of convincing people to
provide confidential details such as passwords and PINs.
• Through SPYWARE – a program that is created to read the personal
information of a person from their accounts or systems.
• People may launch viruses through e-mails or blog posts.
• To protect yourself from viruses and spyware, you need to have your
firewalls and antivirus software up to date.
24

Antivirus software:
is the most common Cyber security tool used in most personal PCs and
offices. The main functionality of antivirus software is to scan, detect and
prevent any kids of suspicious files and software. The Antivirus may prevent
further attack by deleting the infected file, isolating it or monitoring the
Internet traffic.
• Firewalls: A firewall acts as a shield between your network and the world
wide web. It monitors the incoming and outgoing traffic from the system and
prevents the suspicious packets from entering/leaving the network.
• The three kinds of Firewalls
• Network Layer Firewall: This type of firewall has a packet filter that
monitors the packets being sent and received. Then, it provides
security by accepting or rejecting these packets on the basis of
predefined filtering rules.
• Application Level Firewall: This firewall works for a specific
application and applies security mechanisms to prevent all unwanted
traffic over the network.
• Circuit Level Firewall: Also known as proxy servers, this firewall
allows only specific packets to enter the network and restrict all other
packets completely. It also protects the network by hiding the actual
machine address (IP address) over the Internet.
Difference between Firewall and Anti Virus
– A Firewall protects infected and malicious software and packets from
entering your system. The antivirus is the next-step protection which
will remove the infected files and software from your PC and
network.
– The Antivirus works at the file level whereas a firewall will protect
your system at the network protocol level blocking all vulnerable
packets on the port.
– An antivirus is a standalone software that protects other software. On
the other hand, a Firewall is capable of preserving both software and
hardware on the network.
Security Risk Analysis
Risk analysis is a method of identifying vulnerabilities and threat and
assessing the possible damage to determine where to implement security
safeguards.
25

Why Risk Analysis?

• To ensure that security is cost effective, relevant, timely, and responsive to
threat.
• To provide cost/benefit comparison, this compares the annualized cost of
safeguards to the potential cost of loss.
• Help integrate the security program objectives with the company’s business
objectives and requirements.
• To provide an economic balance between the impact of the threat and the
cost of the countermeasure.
The Risk Analysis Activities
• Identifying assets and their values.
• Identifying the vulnerabilities and threats.
• Analyze the risk-Two approaches:
– Quantitative Approach
– Qualitative Approach
• Selecting and Implementing a countermeasure
The common terminology that comes out from the process of Security Risk
Analysis is described as follows:
• Assets: Assets for an organization means everything that has some value and
needs to be safeguarded.
• Threats: are defined as potential actions actual actions having the
possibility of damaging the assets of an organization.
• Vulnerability: refers to some weaknesses or loopholes in securing assets.
Vulnerability exposes the assets of an organization to some probably
damage from threats.