GROUP ONE

Name Student Number Registration Number

Mugoya Hilarious 2300711612 23/U/11612/PS

Tumukunde Simon Peter 2300718071 23/U/18071/PS

Atwine Ivan 2300707012 23/U/07012/PS

Eliau Benyamin 2300708072 23/U/08072/PSA

Tamire Henry 2300717850 23/U/17850/PS

Mukasa Ronald 2300727978 23/U/27978/PSA

INFORMATION SYSTEM
SECURITY
 INFORMATION SYSTEMS SECURITY

Information Systems Security is the

practice of protecting information and
information systems from unauthorized
access, use, disclosure, disruption,
modification, or destruction.

It involves a set of policies, procedures and

technologies designed to safeguard digital assets and
prevent cyber threats
The consequences of security incidents can
be theft of private information, data
tampering, data deletion among others.
Attacks can disrupt work processes and
damage a company’s reputation, and also
have a tangible cost.

Information security protects sensitive

information from unauthorized
activities, including inspection,
modification, recording, and any
disruption or destruction. The goal is to
ensure the safety and privacy of critical
data such as customer account details,
financial data or intellectual property if
the information system is for a banking
institution.
 INFORMATION SYSTEMS SECURITY POLICIES (ISSP)
Information Systems Security Policies (ISSP) are guidelines and rules that govern the secure use,
management, and protection of an organization's information systems and data.

These policies aim to:

1. Protect 2. Ensure 3. Prevent Cyber 4. Comply With 5. Establish 6. Guide

Sensitive Confidentiality, Threats And Regulatory Roles And Incident
Information Integrity, And Attacks Requirements Responsibilities Response And
From Availability Of And Industry For Information Disaster
Unauthorized Data Standards Security Recovery
Access, Efforts
Disclosure, Or
Modification
 Common ISSP categories
include:

6. Backup
1. Access 3. Network 4. Data 5. Incident 7. Remote
2. Password and
Control Security Encryption Response Access
Policy Recovery
Policy Policy Policy Policy Policy
Policy
 Information Systems Security has principles as discussed below;

CONFIDENTIALITY
The Confidentiality principle mainly focuses on prevention of unauthorized disclosure of
information. The purpose of this principle is to keep personal information private and to
ensure that it is visible and accessible only to those individuals who own it or need it to
perform their organizational functions. It also focuses on limiting data inspection and
modification.
Just like any other principle, Confidentiality is prone to threats as explained below;
 Threats:

Interception is the Eavesdropping, Snooping ,Capturing Traffic analysis, Exploitation, is the

unauthorized capture Unauthorized data transmitted over Analyzing act of taking
of data during listening to networks. communication advantage of a
transmission. This communications. patterns to gather vulnerability in a
can be done in the information. system or application
ways below; to compromise its
security. Examples
are; Malware:
Malicious software to
steal or damage data.
Phishing, Deceiving users into
revealing personal information.
Social engineering, Manipulating
people to gain access to information.
Inference, the process of uncovering
sensitive information from available
data. Examples are below;
Deduction, Deriving sensitive
information from publicly available
data.
Reverse engineering, Analyzing a
system to understand its components
and functionality.

Prevention methods can include;

Encryption,
access controls,
authentication, authorization among others.
 INTEGRITY
 The principle of integrity ensures
that data is accurate and reliable and
is not modified incorrectly, whether
accidentally or maliciously. It
prevents unauthorized modification,
deletion, or creation of data.

Integrity is prone to threats below; Unauthorized Access is the major treat to

information integrity, this can be in terms like;
Human Errors like accidental modification: (Incorrect data entry,
 Data manipulation: Intentional alteration
deletion, or alteration), negligence: (Overlooking errors or
inconsistencies, lack of training): Insufficient knowledge about data of data for malicious purposes.
handling procedures.  Data deletion: Removing critical data to
System Failures too can be a major threat to data integrity in the ways disrupt operations.
below;  Data injection: Introducing false or
Hardware malfunctions like Equipment failures that can lead to data misleading information.
corruption, Software bugs: (Errors in software causing data
inconsistencies) ,Power outages: (Data loss or corruption due to
unexpected power interruptions).
Prevention methods can be;
 Data Validation: Implementing checks to ensure data is accurate and consistent.
 Input Validation: Verifying data entered by users to prevent malicious input.
 Error Detection and Correction (EDAC): Detecting and correcting errors in data transmission.
 Encryption: Protecting data from unauthorized modification.
 Hashing: Creating unique digital fingerprints of data for comparison.
 Digital Signatures: Verifying the authenticity and integrity of data.
 Access Controls: Limiting access to data based on the principle of least privilege.
 AVAILABILITY
Availability is the protection of a system’s ability
to make software systems and data fully available
when a user needs it (or at a specified time). The
purpose of this principle is to make the technology
infrastructure ever available , the applications and
the data available when they are needed for an
organizational process or for an organization’s
customers.

Attacks on information availability can be;

 Denial of Service (DoS) Attacks: Overwhelming a system with traffic to
prevent legitimate users from accessing it.
 Distributed Denial of Service (DDoS) Attacks: A more sophisticated
version of DoS, using multiple systems to launch an attack.
 Resource Exhaustion Attacks: Consuming system resources (CPU,
memory, bandwidth) to degrade performance.
 Physical Attacks: Damaging hardware or disrupting power supply.
 Software Vulnerabilities: Exploiting software bugs to disrupt service.
Prevention methods may be;

Redundancy: Implementing backups, failover systems, and load

balancing.
 Network Security: Firewalls, intrusion prevention systems, and
network segmentation.
 System Hardening: Configuring systems with security in mind to
minimize vulnerabilities.
 Intrusion Detection and Prevention Systems (IDPS): Monitoring
network traffic for anomalies and blocking threats.
 Content Delivery Networks (CDNs): Distributing content across
multiple servers to improve performance and availability.

AUTHORIZATI
ON Authorization is the process of granting or
denying access to resources, data, or systems
based on a user's identity, role, or privileges. It
ensures that only authorized individuals or systems
can perform specific actions or access sensitive
information.

Threats:
1. Unauthorized Access: Bypassing authorization
controls to access resources or data.
2. Privilege Escalation: Exploiting vulnerabilities
to gain higher privileges or access.
3. Identity Theft: Stealing user identities to gain
unauthorized access.
4. Insider Threats: Authorized individuals
misusing their privileges or access.
5. Insecure Configuration: Misconfigured
authorization settings or default permissions.
Measures:

1. Role-Based Access Control (RBAC): Assigning

privileges based on user roles.
2. Attribute-Based Access Control (ABAC): Granting
access based on user attributes.
3. Mandatory Access Control (MAC): Enforcing strict
access controls based on user clearance.
4. Discretionary Access Control (DAC): Allowing owners
to control access to resources.
5. Least Privilege Principle: Granting only necessary
privileges.
6. Separation of Duties: Dividing responsibilities to
prevent single points of failure.
7. Regular Audits and Reviews: Monitoring and updating
authorization settings.
8. Secure Configuration and Change Management:
Ensuring secure authorization settings.
 AUTHENTICATI
ON
Authentication is the process of verifying the identity
of a user, device, or system, ensuring that they are who
they claim to be. It's a critical aspect of information
security, ensuring that only authorized entities have
access to sensitive resources, data, or systems.

Common authentication methods include:

1. Username/Password: Using a combination of a

username and password.
2. Token-Based: Using a physical or digital token, such as
a smart card or one-time password (OTP).
3. Biometric: Using unique physical characteristics, like
fingerprints, facial recognition, or voice recognition.
Threats:

 1. Password Guessing/Brute Force: Attempting to guess or use

automated tools to try multiple passwords.

2. Phishing: Tricking users into revealing passwords or other sensitive

information.

3. Session Hijacking: Stealing or taking over a user's authenticated

session.

4. Man-in-the-Middle (MitM): Intercepting communication to steal

credentials or inject malware.

5. Insider Threats: Authorized individuals misusing their access or

credentials.

6. Credential Stuffing: Using stolen credentials from one system to access
others.

7. Social Engineering: Manipulating users into revealing sensitive

information.
Measures to Combat Threats:

1. Strong Password Policies: Enforce complex

passwords, regular changes, and account
lockout.
2. Multi-Factor Authentication (MFA): Require
additional verification steps beyond passwords.
3. Two-Factor Authentication (2FA): Combine
passwords with tokens, biometrics, or smart
cards.
4. Single Sign-On (SSO): Allow users to access
multiple systems with one set of credentials.
5. Secure Authentication Protocols: Use TLS,
SSL, or Kerberos to protect authentication data.
6. Regular Security Awareness Training:
Educate users on authentication best practices
and threats.
7. Monitoring and Incident Response: Detect
and respond to authentication-related security
incidents.
8. Password Managers: Encourage users to
store unique, complex passwords securely.
NON-REPUDIATION
Non-repudiation is the ability to ensure that a party cannot deny their
involvement in a transaction, communication, or action. It provides proof of
origin, receipt, or authenticity, preventing individuals from repudiating
(denying) their actions.

Threats:

1. Denial of Actions: Claiming no involvement in a transaction or

communication.
2. Identity Denial: Denying one's identity or role in a transaction.
3. Transaction Repudiation: Denying involvement in a financial
transaction.
4. Message Repudiation: Denying sending or receiving a message.
5. Signature Repudiation: Denying authenticity of a digital signature.
Measures:

1. Digital Signatures: Using cryptographic techniques to ensure authenticity

2. Timestamping: Recording the time of transactions or communications
3. Audit Trails: Maintaining records of all transactions and actions.
4. Authentication Protocols: Using secure authentication protocols (e.g.,
Kerberos).
5. _Public Key Infrastructure (PKI): Establishing trust through digital
certificates.
6. _Secure Communication Channels, Using encrypted channels (e.g.,
SSL/TLS).
7. _Access Control, Restricting access to sensitive resources.
8. _Monitoring and Logging, Detecting and recording potential repudiation
attempts.