CH 1

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 16

CoSc 4171: Computer Security

University of Gondar, Faculty of Informatics

Chapter 1
Lecture Notes

Computer Security Introduction

Department of Computer Science


Objectives

To define security

To define security goals

To define security controls

To define vulnerability


Introduction
Computer Security:
• Computer security: is the process of preventing and
detecting unauthorized use of your computer.
• Privacy: Is the process of protecting he’s or her own
personal files against any intrusion.
• Prevention: measures help you to stop unauthorized users
(also known as "intruders") from accessing any part of your
computer system.
• Detection: helps you to determine whether or not someone
attempted to break into your system, if they were successful,
and what they may have done.
Cont..

Data Security
• Data security is the practice of keeping data protected from
corruption and Unauthorized access.
• The focus behind data security is to ensure privacy while
protecting personal or corporate data.
Information Technology Security
• Information technology security is the process of protecting
computers, networks, programs and data from unintended or
unauthorized access, change or destruction.
Why Do we care about Computer Security?
• Our modern ways of communication provide a lot of
examples of critical situations involving security issues.
✓ Communicating by phone,
✓ by e-mail, or by fax,
✓ Getting connected to a bank via the Internet and performing
transactions
✓ Digital payment systems,
✓ e-voting systems, etc. demands confidentiality and integrity
of exchanged information.
Security Goals (pillars)

• Confidentiality
• Integrity
• Availability

Fig 1 security goals


Cont..

Confidentiality
• It ensures that computer-related assets are accessed only by
authorized parties.
• Confidentiality is sometimes called secrecy or privacy.
Only authorized entities are allowed to view
Only sender, intended receiver should “understand”
message contents
• confidentiality covers two related concepts
Data confidentiality
Privacy
Cont..

Integrity
• Information needs to be changed constantly.
• Integrity means that changes need to be done only by authorized
entities and through authorized mechanisms or assets can be
modified only by authorized parties or only in authorized ways.
 Ensures the message was not altered by unauthorized
individuals.
 sender, receiver want to ensure message not altered (in transit,
or afterwards) without detection
• Integrity can be
 Data integrity
 System integrity
Cont..

Availability
• it means that assets are accessible to authorized parties at
appropriate times
• The information created and stored by an organization needs
to be available to authorized entities. Information needs to
be constantly changed, which means it must be accessible to
authorized entities.
• It assures that system works promptly and service is not
denied for authorized user.
Vulnerability

• Vulnerability is a weakness in the security system.


• Weaknesses can appear in any element of a computer, both
in the hardware, operating system, and the software.

Fig 2 vulnerability of computing system


Cont..

Hardware Vulnerabilities
• Hardware is more visible than software
• it is rather simple to attack by adding devices, changing
them, removing them, intercepting the traffic to them, or
flooding them with traffic until they can no longer function.
• Computers have been drenched with water, burned, frozen,
gassed, and electrocuted with power surges.
Cont..

Software vulnerability
• Software can be replaced, changed, or destroyed
maliciously, or it can be modified, deleted, or misplaced
accidentally. Whether intentional or not, these attacks exploit
the software’s vulnerabilities.
• Sometimes, the attacks are obvious, as when the software no
longer runs. More subtle are attacks in which the software
has been altered but seems to run normally
Cont..

Data vulnerability
• a data attack is a more widespread and serious problem than
either a hardware or software attack.
• data items have greater public value than hardware and
software because more people know how to use or interpret
data.
Policies and mechanisms

• Policy is a statement of what is, and what is not allowed by


users of a system.
• Mechanisms is a method, tool or procedure for enforcing a
security policy.
Security controls
• controls or countermeasures that attempt to prevent
exploiting a computing system's vulnerabilities.
a. Authentication
• Is a process of binding an identity to a subject.
• Validates the source of a message, to ensure the sender is
properly identified
• sender, receiver want to confirm identity of each other
b. Encryption
c. Auditing
d. Standards etc.
• Thank you!

You might also like