INTRODUCTIONWhat is Secure Computing?Computersecurity (Also known as cyber security or IT Security) is information security as applied to computers and networks.
The field covers all theprocesses and mechanisms by which computer-based equipment, information andservices are protected from unintended or unauthorized access, change ordestruction. Computer security also includes protection from unplanned eventsand natural disasters. Diagram clearly explain theabout the secure computingWorking conditions and basic needs in the secure computing:If you don’t take basic steps to protect your workcomputer, you put it and all the information on it at risk. You canpotentially compromise the operation of other computers on yourorganization’s network, or even the functioning of the network as awhole.Physical security:Technicalmeasures like login passwords, anti-virus are essential.
(More about thosebelow) However, a secure physical space is the first and more importantline of defense.Isthe place you keep your workplace computer secure enough to prevent theft oraccess to it while you are away? While the SecurityDepartment provides coverage across the Medical center, it only takesseconds to steal a computer, particularly a portable device like a laptopor a PDA. A computer should be secured like any other valuable possessionwhen you are not present.Humanthreats are not the only concern.
Computers can be compromised byenvironmental mishaps (e.g., water, coffee) or physical trauma. Makesure the physical location of your computer takesaccount of those risks as well. 1. Access passwords:TheUniversity’s networks and shared information systems are protected in partby login credentials (user-IDs and passwords).
Access passwords arealso an essential protection for personal computers in mostcircumstances. Offices are usually open and shared spaces, so physical accessto computers cannot be completely controlled.To protectyour computer, you should consider setting passwords for particularlysensitive applications resident on the computer (e.g., data analysissoftware), if the software provides that capability. 2. Prying eyeprotection:Because we dealwith all facets of clinical, research, educational and administrative data hereon the medical campus, it is important to do everything possible to minimizeexposure of data to unauthorized individuals. 3.
Anti-virus software:Up-to-date,properly configured anti-virus software is essential. Whilewe have server-side anti-virus software on ournetwork computers, you still need it on the client side (your computer).4. Firewalls:Anti-virus productsinspect files on your computer and in email. Firewall software andhardware monitor communications between your computer and the outsideworld. That is essential for any networked computer.
5. Software updates:It iscritical to keep software up to date, especially the operating system,anti-virus and anti-spyware, email and browser software. The newestversions will contain fixes for discovered vulnerabilities.
Almost allanti-virus have automatic update features (including SAV). Keeping the”signatures” (digital patterns) of malicious software detectorsup-to-date is essential for these products to be effective.6. Keep secure backups:Even if youtake all these security steps, bad things can still happen. Beprepared for the worst by making backup copies of critical data, and keepingthose backup copies in a separate, secure location.
For example, usesupplemental hard drives, CDs/DVDs,or flash drives to storecritical, hard-to-replace data. 7. Report problems:If youbelieve that your computer or any data on it has been compromised, yourshould make a informationsecurity incident report. That is required by Universitypolicy for all data on our systems, and legally required for health, education,financial and any other kind of record containing identifiable personalinformation.
Benefits of secure computing:· Protect yourself – Civil liability:You may be held legally liable to compensate a third party should theyexperience financial damage or distress as a result of their personal databeing stolen from you or leaked by you.· Protect your credibility – Compliance:You may require compliancy with the Data Protection Act, the FSA, SOX or otherregulatory standards. Each of these bodies stipulates that certain measures betaken to protect the data on your network.· Protect your reputation – Spam: A common use for infected systems is to join them to a botnet (acollection of infected machines which takes orders from a command server) anduse them to send out spam. This spam can be traced back to you, your servercould be blacklisted and you could be unable to send email.· Protect your income – Competitive advantage: There are a number of “hackers-for-hire” advertising their services on theinternet selling their skills in breaking into company’s servers to stealclient databases, proprietary software, merger and acquisition information,personnel detail set all.
· Protect your business – Blackmail:A seldom-reported source of income for “hackers” is to break into your server,change all your passwords and lock you out of it. The password is then soldback to you. Note: the “hackers” may implant a backdoor program on your serverso that they can repeat the exercise at will.· Protect your investment – Free storage:Your server’s hard drive space is used (or sold on) to house thehacker’s video clips, music collections, pirated software or worse. Your serveror computer then becomes continuously slow and your internet connection speedsdeteriorate due to the number of people connecting to your server in order todownload the offered wares.
2.SYSTEM ANALYSISEXISTING SYSTEM:v Thedata provenance methodology, in the form of robust watermarking techniques oradding fake data, has already been suggested in the literature and employed bysome industries.v Hasanet al. present a system that enforces logging of read and write actions in atamper-proof provenance chain. This creates the possibility of verifying theorigin of information in a document.v Pohaddresses the problem of accountable data transfer with untrusted senders usingthe term fair content tracing.
He presents a general framework to comparedifferent approaches and splits protocols into four categories depending ontheir utilization of trusted third parties, i.e., no trusted third parties,offline trusted third parties, online trusted third parties and trustedhardware. Furthermore, he introduces the additional properties of recipientanonymity and fairness in association with payment.DISADVANTAGES OF EXISTINGSYSTEM:v Insome cases, identification of the leaker is made possible by forensictechniques, but these are usually expensive and do not always generate thedesired results.v Mostefforts have been ad-hoc in nature and there is no formal model available.v Additionally,most of these approaches only allow identification of the leaker in anon-provable manner, which is not sufficient in many cases.
v Anattacker is able to strip of the provenance information of a file, the problemof data leakage in malicious environments is not tackled by their approach.PROPOSEDSYSTEM:v Wepoint out the need for a general accountability mechanism in data transfers.This accountability can be directly associated with provably detecting atransmission history of data across multiple entities starting from its origin.This is known as data provenance, data lineage or source tracing.v Inthis paper, we formalize this problem of provably associating the guilty partyto the leakages, and work on the data lineage methodologies to solve theproblem of information leakage in various leakage scenarios.v Thissystem defines LIME, a generic data lineage framework for data flow acrossmultiple entities in the malicious environment.
v Weobserve that entities in data flows assume one of two roles: owner or consumer.We introduce an additional role in the form of auditor, whose task is todetermine a guilty party for any data leak, and define the exact properties forcommunication between these roles.