You're about to create your best presentation ever

Security Engineering Background Presentation

Create your presentation by reusing one of our great community templates.

Software Engineering security

Transcript: The security of software is threatened at various points throughout its life cycle, both by inadvertent and intentional choices and actions taken by “insiders”—individuals closely affiliated with the organization that is producing, deploying, operating, or maintaining the software, and thus trusted by that organization—and by “outsiders” who have no affiliation with the organization. The goal of software security engineering is to build better, defect-free software. Software-intensive systems that are constructed using more securely developed software are better able to continue operating correctly in the presence of most attacks by either resisting the exploitation of weaknesses in the software by attackers or tolerating the failures that result from such exploits The objective of secure software development is to design, implement, configure, and sustain software systems in which security is a necessary property from the beginning of the system’s life cycle to its end . Experience has taught that the most effective way to achieve secure software is for its development life cycle processes to rigorously conform to secure development, deployment, and sustainment principles and practices. Organizations that have adopted a secure software development life cycle (SDLC) process have found almost immediately upon doing so that they have begun finding many more and weaknesses in their software early enough in the SDLC that they are able to eradicate those problems at an acceptable cost. Moreover, as such secure practices become second nature over time, these same developers start to notice that they seldom introduce such vulnerabilities and weaknesses into their software in the first place. 1) Finding Vulnerabilities .. 6W4 .. REFERENCE that mean Resilient software is software that is resilient enough to: (1) either resist (i.e., protect itself against) or tolerate (i.e., continue operating dependably in spite of) most known attacks plus as many novel attacks as possible (2) recover as quickly as possible, and with as little damage as possible, from those attacks that it can neither resist nor tolerate. Trustworthiness it's when can I say the software is secure , secure software is software that is engineered “so that it continues to function correctly under malicious attack” and is able to recognize, resist, tolerate, and recover from events that intentionally threaten its dependability. Resilience Dependability The problem of non-secure software when we compared between the good goal and bad goal we find the goal is good if goals when are “SMART” that is Specific, Measurable, Attainable, Realistic, Traceable and Appropriate, and we find the goal is bad if the goals justify the means to obtain the goals Approaches To Application Security Software Engineering security (cc) photo by Franco Folini on Flickr 1)Software Security Engineering: A Guide for Project Manag ‪Julia H. Allen,Sean Barnum,Robert J. Ellison 2)Introduction to Software Security. Karen Mercedes Goertzel, Updated 2009-01-09 https://buildsecurityin.us-cert.gov/bsi/547-BSI.html 3) http://www.slideshare.net/marco_morana/rochester-security-summit-presentation The software security threatened that mean Trustworthy software contains few if any weaknesses that can be intentionally exploited to subvert or sabotage the software’s dependability. In addition, to be considered trustworthy, the software must contain no malicious logic that causes it to behave in a malicious manner the development process by and large is not controlled to minimize the vulnerabilities that attackers exploit. vulnerable software can be invaded and modified to cause damage to previously healthy software, and infected software can replicate itself and be carried across networks to cause damage in other systems. these damaging processes may be invisible to the lay person even though experts recognize that their threat is growing. And as in cancer, both preventive actions and research are critical, the former to minimize damage today and the latter to establish a foundation of knowledge and capabilities that will assist the cyber security professionals of tomorrow reduce risk and minimize damage for the long term. 3 important properties to know software is secure or not 2) Manage Software Risks that mean Dependable software executes predictably and operates correctly under all conditions, including hostile conditions, including when the software comes under attack or runs on a malicious host The Goal of Software Security Engineering software security metrics goals (cc) photo by Metro Centric on Flickr The objective of secure software development Asma Alswayed Aljawharah alkhnini Bayan al rubaie Nora Alslamah defines secure software

Social Engineering(Security)

Transcript: What is Impersonation? Target What makes this tool different Manipulation of targets Common Roles Warning Signs of an Attack Suggestions 80% attribute human error to the lack of security knowledge, a lack of training or a failure to follow security procedures Citations Violation of Security Summary of our Presentation Preventative Measures Skimmers Personal Thought Software Piracy Social Engineering(Security) Phishing Lawrence, Anne T. Weber, James. Business and Society. 14th ed. New York: McGraw-Hill, 1963. Print. "Leran How To Avoid Fraud and Stay Safe Online." Learn How To Avoid Fraud and Stay Safe Online. N.P.,2013. WEb. 20 Nov. 2013 <http://mysecurityawareness.com/>. "Phishing & Social Engineering." Phishing & Social Engineering. Stanford University, 17 Jan. 2011. Web. 20 Nov. 2013. <http://www.stanford.edu/grup/security/securecomputing/phishing.html> "RReal World Social Engineering Example: Phishing." The Official Social Engineering Framework-, N.p., 20 June 2011. Web. 20 Nov. 2013. <http://www.social-engineer.org/framework/Real_World_Social_Engineering_Examples:_Phishing>. Key Points Impersonation Phishing Cyber-Security and Threats Software Piracy Conclusion Software Piracy Raven Salazar Theresa Yeager Khaewta Santirulepong Kiana Vigil Introduction Impersonation What is phishing? Protection Types of phishing Examples UPS Call Spoofing Email 419 scam Digital Millennium Copyright -1998 3 Strike System- French Government U.S. Motion Pictures Zombie Virus Trojan Virus Hacktivist Business Response to Security Breaching Statistics Software Piracy- The illegal copying of copyrighted software Different areas of piracy: Computer based software Musical Recordings Video movie productions & lately electronic versions Raven Salazar Kristin Anderson

Background Presentation

Transcript: 14th Week Consulting interns can be expensive Time and Money Personal Experience Preliminary Design Stage NFPA 101 and NFPA 13 New and Existing Education, Business, and Mercantile Definition of Project This app would be used to provide interns and recent graduates with an outline of guidelines for how to design and review designs of specific occupancies. With the given time frame, I will be writing the information that will go into the app Begin parametric study: Speak with my mentor and Jason to understand more about what critical variables I could concentrate on for this app. Choose those parameters and begin my study Gather information from NFPA 101 and NFPA 13 for new and existing education, business, and mercantile occupancies. By: Breanne Thompson Next Steps (Continued) Finish preparing for Draft of Analysis Pull together and discuss results of project Draw my conclusions and state future work needed Turn in Final Paper! 10th and 11th Week Turn in my parametric study Begin draft of analysis Map out the process of the app for the key elements 15th Week References Next Steps 7th Week Prepare for Final Presentation Summarize my draft of analysis into presentation Work on how to incorporate a live demonstration for my presentation App Development Background Information 8th-9th Week Continuous Process Objective-C for Apple products Java for Android products 6 months of studying Places to Learn: Codecademy, iOS Dev Center, Android Developers Training Hire App Developer will cost thousands Prepare Final Paper Dive into Shark Tank! 1. http://lifehacker.com/5401954/programmer-101-teach-yourself-how-to-code 2. http://www.bluecloudsolutions.com/blog/cost-develop-app/ 6th Week Background Presentation 12th-13th Week

Background Presentation

Transcript: Real action and accountability Amnesty International Non-state actors/ Rebel Groups?? ...and what about men?? ignoring male rape victims? would rape exist without a man? Weapons of War: Rape UN as an Arena - NGO's - Discussion and dialogue Arena Instrument Actor Critical Thinking Weapons of War: Rape UN as an instrument UNSC Resolution 1820 (2008) UN as an Actor - UN Action Against Sexual Violence in Conflict Weapons of War: Rape Problems with 1820 "Roles and Functions of International Organizations" "Sexual violence, when used as a tactic of war in order to deliberately target civilians or as a part of a widespread or systematic attack against civilian populations, can significantly exacerbate situations of armed conflict and may impede the restoration of international peace and security… effective steps to prevent and respond to such acts of sexual violence can significantly contribute to the maintenance of international peace and security" (UNSC Resolution 1820, p. 2)" http://www.stoprapenow.org/uploads/advocacyresources/1282164625.pdf Background Presentation- Kristin Mann Weapons of War: Rape Brief Insight - used to manipulate social control - destabilize communities - weaken ethnic groups and identities Examples: - Sudanese Militia - Rwanda Genocide - DRC Critical Thinking http://www.womenundersiegeproject.org/blog/entry/the-need-for-numbers-on-rape-in-warand-why-theyre-nearly-impossible-to-get Critical Thinking Increased Data Collection by international organizations - determine humanitarian responses - ensures justice and reparation - provides recognition and dignity

Now you can make any subject more engaging and memorable