The lucky guy(s) were using my card,when I received a call from the bank asking me if I have used my card that day or not. Eventually the card got cancelled.
This inspired me to pick security for this post, and use this as an example for the tactics involved.
Security Tactics
Tactics for achieving security can be divided into those concerned with resisting attacks, those concerned with detecting attacks, and those concerned with recovering from attacks.Using a familiar analogy, putting a lock on your door is a form of resisting an attack, having a motion sensor inside of your house is a form of detecting an attack, and having insurance is a form of recovering from an attack.
RESISTING ATTACKS
Authenticate users. Authentication is ensuring that a user or remote computer is actually who it purports to be. Passwords and digital certificates for example.
Authorise users. Authorisation is ensuring that an authenticated user has the rights to access and modify either data or services. This is usually managed by providing some access control patterns within a system.
Maintain data confidentiality. Data should be protected from unauthorised access. Confidentiality is usually achieved by applying some form of encryption to data and to communication links. SSL, public/private keys.
Maintain integrity. Data should be delivered as intended. It can have redundant information encoded in it, such as checksums or hash results, which can be encrypted either along with or independently from the original data.
Limit exposure. Attacks typically depend on exploiting a single weakness to attack all data and services on a host. The architect can design the allocation of services to hosts so that limited services are available on each host.
Limit access. Firewalls restrict access based on message source or destination port. Messages from unknown sources may be a form of an attack. It is not always possible to limit access to known sources.
DETECTING ATTACKS
The detection of an attack is usually through an intrusion detection system. Such systems work by comparing network traffic patterns to a database. In the case of misuse detection, the traffic pattern is compared to historic patterns of known attacks. In the case of anomaly detection, the traffic pattern is compared to a historical baseline of itself. As an example I can refer you to my stolen card story mentioned above. Since the patterns and amount of usage was different from the rest, the bank could detect this.
RECOVERING FROM ATTACKS
Tactics involved in recovering from an attack can be divided into those concerned with restoring state and those concerned with attacker identification.
The tactics used in restoring the system or data to a correct state overlap with those used for availability since they are both concerned with recovering a consistent state from an inconsistent state. One difference is that special attention is paid to maintaining redundant copies of system administrative data such as passwords, access control lists, domain name services, and user profile data.
The tactic for identifying an attacker is to maintain an audit trail. An audit trail is a copy of each transaction applied to the data in the system together with identifying information. Audit information can be used to trace the actions of an attacker, support nonrepudiation (it provides evidence that a particular request was made), and support system recovery. Audit trails are often attack targets themselves and therefore should be maintained in a trusted fashion.
For my case of stolen card. Bank cancelled the card.
If you are working on a project with some security measures implemented into it, see if you can identify tactics implemented.
great
ReplyDelete
DeleteGreat Article
IEEE Projects on Information Security
Project Centers in Chennai
JavaScript Training in Chennai
JavaScript Training in Chennai