Hardware and Software. Security information system classification according to David Icove, are:
1. Physical (Physical Security),
2. Man (people / personal security),
3. Data, media, communication techniques,
4. Policies and procedures (policy and procedure).
However, most people only focus on data, media, communication techniques. And based on the elements of the system there are several security systems, namely:
1. Network security, this element focuses on the channel (media) or information carrier path traversed.
2. Application of security, this element focuses on the systems and databases and its service.
3. Computer security, this element focuses on the security of computer users (end system) that is used to access the application, including the operating system (OS).
In a security system also has the basics, namely:
➔ Stating that the data or information that is used or provided by the user is the property of the original, as well as server and accessible information systems.
➔ attacks on networks such as DNS or DNS Poison Corruption, fake terminals (spooffing), asphalt and fake websites, user and password false.
➔ Countermeasure: Digital Signature for example technology SSL / TLS for web and mail servers.
Authorization or Access Control
Settings ➔ who can do what, or from where to where. Can use the mechanism of a user / password or other mechanisms.
➔ There is a division of classes or levels.
➔ Implementation: on "ACL" between networks, the "ACL" proxy server (eg, bandwidth restriction / delaypools).
Privacy / confidentiality
➔ Security of the data of personal data, messages / messages or other sensitive information.
➔ attacks on networks such as sniffing activity (tap) and the presence of a keylogger. Generally occurs because the policy / policies are less clear. Admin or ISP naughty.
➔ Coutermeasure: use encryption technology / cryptography.
➔ that information or message certainly not altered or changed. Because when passing through the Internet network, the data actually have to walk very far across various countries. At the time of the trip, various disturbances can occur to the contents, either lost, damaged, or manipulated by people who are not supposed to.
➔ attacks on the network can be spoofing activity, mail modification, Trojan horses, MITM Attack.
➔ Countermeasure: with digital signatures and cryptographic technology such as PGP, 802.1x, WEP, WPA.
➔ Security on the availability of information services.
➔ attacks on the network: DoS (denial of services) both realized / intentionally or not. Activity malware, worms, viruses and often jammed the mail bomb network.
➔ Countermeasure: Firewall and router filtering, backup and redundancy, IDS and IPS
➔ Keeping if already doing online transactions or activities, it can not be denied that they have to send or receive a file accommodate the changes.
➔ Generally used for e-commerce activities. For example, the email that is used to transact using a digital signature.
➔ On the network can use digital signatures, certificates and cryptography.
➔ The existence of some sort of recording file data communication occurring on the network for audit purposes such as identifying attacks on a network or server.
➔ Implementation: the firewall (IDS / IPS) or router using the system logging (syslog).
Hardware and Software Security Syestem.
Here gets a closer to look in Auditing.
The objective of computer security (security goals) is the assurance of "confidentiality", "integrity" and "availability" of a computer system. To ensure that the security objectives can be achieved will require several processes are carried out together. One such process is to conduct an audit of computer systems and computer networks therein.
Auditing is a tool to keep track of all the events, errors, and attempted access and authentication in a server computer. Auditing help a network administrator and computer security analyst to identify weaknesses in an organization's computer network and assist in the development of computer network security policy. Through the audit process, data integrity can be guaranteed, as well as to maintain the confidentiality of the data and its availability is ensured. Broadly speaking, an audit of a computer network security system is divided into 3 categories, namely: an audit of access rights (privileges audit), an audit of the use of resources (usage auditing), audits of escalation (escalation audit).
• Audit Privilege, this type of audit objective is to verify whether the "group", "roles" and "account" has been properly applied in an organization and security is applied in it also is appropriate. This audit also verify whether the policies were implemented in an organization has been followed correctly or not, it's accurate or not, and whether access to the system has been applied correctly. Privilege auditing is done by doing a complete review of all the "group" and "account" in a network system for an organization. For example, when an employee in a mutation in an organization, the name of the employee should be removed from the old group. Errors in doing so may cause a user can gain access to higher than it should be obtained by the user.
• Usage Audit, Audit verifying whether this kind of software and systems used within an organization are used consistently and appropriately in accordance with the applicable policies within the organization. This audit will conduct a complete review of the physical side of a system, verify the configuration of the software, and the activities of other systems. The main concern of this type of audit is how to install and license the software correctly. The organization shall test the system periodically to verify that the software on the license by the organization that should be installed on every computer that exists in the organization. In addition to software problems and physical security systems in auditing, things are also taken into consideration is the issue of security holes that may be inflicted by the software installed in the system of the organization. So it must be ensured that the software-software that is already installed in the update as needed. This audit also tested the use of computer networks in an organization. Checks carried out to determine whether the computer network resources are used as intended or not. Any use of the network that do not fit the user will be marked by this audit process and can be stopped before it becomes a problem later on.
• Escalation Audit, audit Escalation focused around how the management / decision-makers controlling network system if it finds an emergency against the system. This type of audit will test how an organization is able to deal with the problems that may arise when an emergency occurs. For example, testing and system verification process to "disaster recovery plans" and "business continuity plans". The types of planning can be "outdated" fast and an audit process can be used to ensure that everything can be resolved and these plans can be successfully implemented if the problem occurs on a computer network system of the organization.