Explore chapters and articles related to this topic
Computer and Internet Crime
Published in G. K. Awari, Sarvesh V. Warjurkar, Ethics in Information Technology, 2022
G. K. Awari, Sarvesh V. Warjurkar
An exploit is a computer attack on a system that takes advantage of a flaw in the system. Poor system design or implementations are frequently the cause of this attack. When a security flaw is found, software engineers work rapidly to produce and distribute a “fix,” or patch, to remedy the problem. The patch, which can usually be downloaded from the Internet, is the responsibility of the system or application’s users. Any time a patch is not installed, the user risks a security breach. The daily pace at which software vulnerabilities are found by companies across the globe is estimated to be between 7 and 382 per day. All of these bugs and potential vulnerabilities put developers who are in charge of security fixes under a lot of pressure. Keeping up with all of the required patches can be difficult. A zero-day intrusion occurs until the security industry or app developers are aware of the flaw or are ready to fix it. Although zero-day vulnerabilities can cause significant harm, few such attacks have been reported as of this writing.
Blockchain User, Network and System-Level Attacks and Mitigation
Published in Shaun Aghili, The Auditor's Guide to Blockchain Technology, 2023
Nishtha Baria, Dharmil Parmar, Vidhi Panchal
Nodes are just as vulnerable as users. But a node itself may also be affected by shared and/or misconfigured membership service provider vulnerability. Shared vulnerability is vulnerability where an attacker steals the private key and obtains the target node with the aim of also compromising other nodes on the blockchain. A misconfigured membership service provider vulnerability is caused by control weaknesses on the blockchain leading to DoS/DDoS attacks. For additional protection, one can regularly update and patch the software, thereby mitigating any underlying vulnerability.
IT Systems Troubleshooting and Repair
Published in Sharon Yull, BTEC National for IT Practitioners: Systems units, 2010
Software patches are small pieces of software/programmes that are used to fix problems within a piece of software. Patches can be used to fix bugs and improve the performance, efficiency and usability of the original software. Patches can also be used to ensure that systems security is not compromised, as illustrated in Case Study 6.1.
A formally verified authentication protocol in secure framework for mobile healthcare during COVID-19-like pandemic
Published in Connection Science, 2021
Shaik Shakeel Ahamad, Al-Sakib Khan Pathan
The hospital TPM contains: Identity and Access Management (IAM): This entity authenticates IoT devices, IoT Medical Applications (IMA) and Doctor (D) credentials which are issued by TSM, i.e. CA and issues a token which is used to carry out transactions.Time Stamping Authority (TSA): It offers timestamping services for CCH generated messages.Personalisation Manager (PM): PM is responsible for provisioning and personalising of the IoT device, IMA, and UICC of the doctor. UICC is the SE in doctor’s smartphone.Evidence Manager (EM): It collects evidences using various audit log techniques. When any dispute arises among the stakeholders, this entity can provide proofs to the court of law. Once ECDSA is signed, it can prove that data is valid – by matching confirmation data with log data, timestamps, nonce, and old certificates. It also collects evidence from LMCM. TPA finds evidence in TPM of CCH. TPA audits the logs of TPM and detects tampering with the logs.Patch Management and System Hardening: Applications and OSs are often targeted by various types of attacks on a daily basis. Effective “Patch Management” can successfully reduce the risk of compromising systems. System hardening process ensures relatively less attack surface of various types of networking devices and applications. As part of this task, system administrators can close specific network ports, enable or disable some services, use minimal software, etc. If a server runs a huge number of functions, it would be more prone to cyber-attacks and then, system hardening would be also more difficult. To facilitate system hardening, in our approach, we do whatever is required based on the requirements set for the system complying with the standard chosen before implementation of the system. After talking about various entities and aspects of our system, we describe here the health monitoring mechanism.