Computer's FotoPage

By: Computer Security

[Recommend this Fotopage] | [Share this Fotopage]
[<<  <  [1]  2  3  4  >  >>]    [Archive]
Tuesday, 27-Jul-2004 00:00 Email | Share | | Bookmark
Computer Security: A Practical Definition

Security Domains
Computer Security is also frequently defined in terms of several interdependent domains that roughly map to specific departments and job titles:
Physical security -- Controlling the comings and goings of people and materials; protection against the elements and natural disasters
Operational/procedural security -- Covering everything from managerial policy decisions to reporting hierarchies
Personnel security -- Hiring employees, background screening, training, security briefings, monitoring, and handling departures
System security -- User access and authentication controls, assignment of privilege, maintaining file and file system integrity, backups, monitoring processes, log-keeping, and auditing
Network security -- Protecting network and telecommunications equipment, protecting network servers and transmissions, combating eavesdropping, controlling access from untrusted networks, firewalls, and detecting intrusions
This text is solely concerned with the latter two. System and network security are difficult, if not impossible, to separate in a system. Nearly every distribution in the past fifteen years has included a TCP/IP protocol implementation as well as numerous network services such as FTP, Telnet, DNS, and, more recently, HTTP.
A Practical Definition
In the spirit of practicality, I like the straightforward definition: "A computer is secure if you can depend on it and its software to behave as you expect." In essence, a computer is secure if you can trust it. Data entered today will still be there tomorrow in unaltered form. If you made services x, y, and z available yesterday, they're still available today.
These practical definitions circumvent an obvious element: a secure system should be hard for unauthorized persons to break into -- i.e., the value of the work necessary for an unauthorized person to break in should exceed the value of the protected data. Increasing attacker workload and the risks of detection are critical elements of computer security.
For the purposes of this article, I define "system security" as:
The ongoing and redundant implementation of protections for the confidentiality and integrity of information and system resources so that an unauthorized user has to spend an unacceptable amount of time or money or absorb too much risk in order to defeat it, with the ultimate goal that the system can be trusted with sensitive information.

Monday, 26-Jul-2004 00:00 Email | Share | | Bookmark
Computer Security: A Practical Definition

Defining "Computer Security" is not trivial. The difficulty lies in developing a definition that is broad enough to be valid regardless of the system being described, yet specific enough to describe what security really is. In a generic sense, security is "freedom from risk or danger." In the context of computer science, security is the prevention of, or protection against, access to information by unauthorized recipients, and intentional but unauthorized destruction or alteration of that information.
This can be re-stated: "Security is the ability of a system to protect information and system resources with respect to confidentiality and integrity." Note that the scope of this second definition includes system resources, which include CPUs, disks, and programs, in addition to information.
Taxonomy of Computer Security
Computer security is frequently associated with three core areas, which can be conveniently summarized by the acronym "CIA":
Confidentiality -- Ensuring that information is not accessed by unauthorized persons
Integrity -- Ensuring that information is not altered by unauthorized persons in a way that is not detectable by authorized users
Authentication -- Ensuring that users are the persons they claim to be
A strong security protocol addresses all three of these areas. It has enabled an explosion in ecommerce which is really about trust (or more precisely, about the lack of trust). SSL overcomes the lack of trust between transacting parties by ensuring confidentiality through encryption, integrity through checksums, and authentication via server certificates.
Computer security is not restricted to these three broad concepts. Additional ideas that are often considered part of the taxonomy of computer security include:
Access control -- Ensuring that users access only those resources and services that they are entitled to access and that qualified users are not denied access to services that they legitimately expect to receive
Nonrepudiation -- Ensuring that the originators of messages cannot deny that they in fact sent the messages.
Availability -- Ensuring that a system is operational and functional at a given moment, usually provided through redundancy; loss of availability is often referred to as "denial-of-service"
Privacy -- Ensuring that individuals maintain the right to control what information is collected about them, how it is used, who has used it, who maintains it, and what purpose it is used for
These additional elements don't neatly integrate into a singular definition. From one perspective, the concepts of privacy, confidentiality, and security are quite distinct and possess different attributes. Privacy is a property of individuals; confidentiality is a property of data; and security is a property assigned to computer hardware and software systems. From a practical perspective, the concepts are interwoven. A system that does not maintain data confidentiality or individual privacy could be theoretically or even mathematically "secure," but it probably wouldn't be wise to deploy anywhere in the real world.
A Functional View
Computer security can also be analyzed by function. It can be broken into five distinct functional areas
Risk avoidance -- A security fundamental that starts with questions like: Does my organization or business engage in activities that are too risky? Do we really need an unrestricted Internet connection? Do we really need to computerize that secure business process? Should we really standardize on a desktop operating system with no access control intrinsic?
Deterrence -- Reduces the threat to information assets through fear. Can consist of communication strategies designed to impress potential attackers of the likelihood of getting caught.
Prevention -- The traditional core of computer security. Consists of implementing safeguards like the tools covered Absolute prevention is theoretical, since there's a vanishing point where additional preventative measures are no longer cost-effective.
Detection -- Works best in conjunction with preventative measures. When prevention fails, detection should kick in, preferably while there's still time to prevent damage. Includes log-keeping and auditing activities
Recovery -- When all else fails, be prepared to pull out backup media and restore from scratch, or cut to backup servers and net connections, or fall back on a disaster recovery facility. Arguably, this function should be attended to before the others
Analyzing security by function can be a valuable part of the security planning process; a strong security policy will address all five areas, starting with recovery.

Sunday, 25-Jul-2004 00:00 Email | Share | | Bookmark
Why Security?

Computer Security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:
 Damage or destruction of computer systems.
 Damage or destruction of internal data.
 Loss of sensitive information to hostile parties.
 Use of sensitive information to steal items of monitory value.
 Use of sensitive information against the organization's customers which may result in legal action by customers against the organization and loss of customers.
 Damage to the reputation of an organization.
 Monitory damage due to loss of sensitive information, destruction of data, hostile use of sensitized data, or damage to the organization's reputation.
The methods used to accomplish these unscrupulous objectives are many and varied depending on the circumstances. This guide will help administrators understand some of these methods and explain some countermeasures
Security Issues
Computer security can be very complex and may be very confusing to many people. It can even be a controversial subject. Network administrators like to believe that their network is secure and those who break into networks may like to believe that they can break into any network. I believe that overconfidence plays an important role in allowing networks to be intruded upon. There are many fallacies that network administrators may fall victim to. These fallacies may allow administrators to wrongfully believe that their network is more secure than it really is.
Your organization should be aware how physically secure every aspect of its network is because if an intruder gets physical access, they can get your data. Be sure your organization properly secures locations and consider the following:
Servers - Contain your data and information about how to access that data.
Workstations - Man contain some sensitive data and can be used to attack other computers.
Routers, switches, bridges, hubs and any other network equipment may be used as an access point to your network.
Network wiring and media and where they pass through may be used to access your network or place a wireless access point to your network.
External media which may be used between organizational sites or to other sites the organization does business with.
Locations of staff that may have information that a hostile party can use.
Some employees may take data home or may take laptops home or use laptops on the internet from home then bring them to work. Any information on these laptops should be considered to be at risk and these laptops should be secure according to proper policy when connected externally on the network.

Saturday, 24-Jul-2004 00:00 Email | Share | | Bookmark
Computer Security

The term Computer Security is used frequently, but the content of a computer is vulnerable to few risks unless the computer is connected to other computers on a network. As the use of computer networks, especially the Internet, has become pervasive, the concept of computer security has expanded to denote issues pertaining to the networked use of computers and their resources.
The major technical areas of computer security are usually represented by the initials CIA: confidentiality, integrity, and authentication or availability. Confidentiality means that information cannot be access by unauthorized parties. Confidentiality is also known as secrecy or privacy; breaches of confidentiality range from the embarrassing to the disastrous. Integrity means that information is protected against unauthorized changes that are not detectable to authorized users; many incidents of hacking compromise the integrity of databases and other resources. Authentication means that users are who they claim to be. Availability means that resources are accessible by authorized parties; "denial of service" attacks, which are sometimes the topic of national news, are attacks against availability. Other important concerns of computer security professionals are access control and nonrepudiation. Maintaining access control means not only that users can access only those resources and services to which they are entitled, but also that they are not denied resources that they legitimately can expect to access. Nonrepudiation implies that a person who sends a message cannot deny that he sent it and, conversely, that a person who has received a message cannot deny that he received it. In addition to these technical aspects, the conceptual reach of computer security is broad and multifaceted. Computer security touches draws from disciplines as ethics and risk analysis, and is concerned with topics such as computer crime; the prevention, detection, and remediation of attacks; and identity and anonymity in cyberspace.
While confidentiality, integrity, and authenticity are the most important concerns of a computer security manager, privacy is perhaps the most important aspect of computer security for everyday Internet users. Although users may feel that they have nothing to hide when they are registering with an Internet site or service, privacy on the Internet is about protecting one's personal information, even if the information does not seem sensitive. Because of the ease with which information in electronic format can be shared among companies, and because small pieces of related information from different sources can be easily linked together to form a composite of, for example, a person's information seeking habits, it is now very important that individuals are able to maintain control over what information is collected about them, how it is used, who may use it, and what purpose it is used for.

Friday, 23-Jul-2004 00:00 Email | Share | | Bookmark
Choose a Strong Password to Keep Computer Security

Your living space has doors and windows, and perhaps most of the time theyâ??re locked. For each lock that uses a key, chances are that each key is different. You know to lock up and not to share the keys with strangers, and probably not with most of your friends. You should not hide keys under the mat or in a flowerpot on your front porch.
Passwords for computers are much the same. For each Computer Security and service you use (online purchasing, for example), you should have a password. Each password should be unique and unrelated to any of your other passwords. You shouldnâ??t write them down nor should you share them with anyone, even your best friends.
Take a look at your front door key. Itâ??s pretty complicated. There are lots of notches and grooves. If there werenâ??t so many possible variations, a thief could easily make a key for every possible combination and then try each on your front door. This trial-and-error method, (for computers, called brute force) is likely to be effective even if it takes a long time. Nonetheless, no matter how complicated, if the thief gets hold of your key, he or she can copy it and use that copy to open your door.
A password can also be complicated. Most schemes let you use any combination of letters, both upper and lower case, and numbers; and some also let you use punctuation marks. Lengths can vary. You can create a password to be as complicated as you want. The key (no pun intended) is to be able to remember this password whenever you need it without having to write it down to jog your memory.
Like the thief at your door, computer intruders also use trial-and-error, or brute-force techniques, to discover passwords. By bombarding a login scheme with all the words in a dictionary, they may â??discoverâ?? the password that unlocks it. If they know something about you, such as your spouseâ??s name, the kind of car you drive, or your interests, clever intruders can narrow the range of possible passwords and try those first. They are often successful. Even slight variations, such as adding a digit onto the end of a word or replacing the letter o (oh) with the digit 0 (zero), donâ??t protect passwords. Intruders know we use tricks like this to make our passwords more difficult to guess.
Just like the front door key, even a complicated password can be copied and the copy reused. Remember the earlier discussion about information on the Internet being in the clear? Suppose that really strong password you took a long time to create â?? the one thatâ??s 14 characters long and contains 6 letters, 4 numbers, and 4 punctuation marks, all in random order â?? goes across the Internet in the clear. An intruder may be able to see it, save it, and use it. This is called sniffing and it is a common intruder practice.
The point is that you need to follow the practice of using a unique password with every account you have. Below is a set of steps that you can use to help you create passwords for your accounts:
The Strong test: Is the password as strong (meaning length and content) as the rules allow?
The Unique test: Is the password unique and unrelated to any of your other passwords?
The Practical test: Can you remember it without having to write it down?
The Recent test: Have you changed it recently?
In spite of the SUPR tests, you need to be aware that sniffing happens, and even the best of passwords can be captured and used by an intruder.
You should use passwords not only on your home computer but also for services you use elsewhere on the Internet. All should have the strongest passwords you can use and remember, and each password should be unique and unrelated to all other passwords. A strong password is a password that is longer than it is short, that uses combinations of uppercase and lowercase letters, numbers, and punctuation, and that is usually not a word found in a dictionary. Also remember that no matter how strong a password is, it can still be captured if an intruder can see it â??in the clearâ?? somewhere on the Internet.

[<<  <  [1]  2  3  4  >  >>]    [Archive]

© Pidgin Technologies Ltd. 2016