Goals of Computer Security:
The principles and goals of computer security includes following features:
• To protect computer assets from Human errors, natural disasters, physical and electronic maliciousness.
• To keep privileged and private information confidential and available only to authorized people. This is generally accomplished by identifying the individual requesting access with a login ID, authenticating their identity with a password, configuring computer access controls to match authorization rules (i.e. limit login IDs to particular files), and encrypting data which may travel outside the computer access controls (over the network, for example). Note that most desktop computers do not require a login ID and password. Therefore all access control for confidentiality depends upon the operator's actions rather than computer controlled mechanisms. In particular, if a program is run on most desktops, it turns control of the desktop over the author of the program... for better or worse.
• To keep data intact. This is done primarily through the same mechanisms that keep the data confidential with additional access controls to limit who can change the data and, perhaps, mechanisms to alert that the data has been changed. Data that travels outside the computer (over the network, for example) can be protected by cryptographic methods which make it difficult or impossible for the data to be modified without detection. As with confidentiality, most desktop computers depend upon operator actions rather than computer controlled access control to ensure data integrity.
• To keep services available. A variety of things come into play here. Access controls limit the number of avenues of potential attack. Redundant power and hardware limit the effect of failures. Backups serve as a recovery mechanism when the inevitable failure occurs. Capacity planning in concert with access controls help prevent service overloads. Constant monitoring provides trend data and ongoing operational status which in turn improve response to events or changes in use.
The basic GOALS are described below:
1. Confidentiality
Protecting information from being read or copied by people who are not authorized by the information's owner to read or copy it. This includes pieces of information from which the confidential information can be inferred. It includes failure of confidentiality or privacy or inappropriate disclosure. Privacy of personal information or of data about individuals is a significant concern, as is that of sensitive corporate data (such as trade secrets and proprietary information) and government classified data.
Threats to Confidentiality:
• Interception/Wiretapping (snifters)
– Used to be commonly installed after a system break-in
– Can capture passwords, sensitive info
• Illicit copying (proprietary information, etc.)
– Copied company documents, plans
– Copied source code for proprietary software
2. Data integrity
Protecting information including programs, backup tapes, file creation times, documentation etc from being deleted or altered without the permission of the information's owner. Integrity means different things in context: sometimes it means that data or programs should be returned exactly as they were when they were recorded, or that modifications to data or programs should be made only by authorized persons, or by authorized programs, or in certain ways, or that the quality of data should be maintained. Data and programs should meet the demands of the way in which they are to be used
Threats to Integrity
• Modification
– Changing data values (database)
– Changing programs (viruses, backdoors, Trojan horses, game cheats)
– Changing hardware (hardware key capture)
– Can be accidental corruption (interrupted DB transaction)
• Fabrication
– Spurious transactions
– Replay attacks
3. Availability
Ensuring that, the computer services are not degraded or made unavailable without authorization.
A failure of availability is also known as denial of service. Partial denial of service is lack of capacity or unacceptable responsiveness. Computer users expect programs and data to be available on demand to meet computing needs. Applications such as power generation, stock trading, and even airplane cockpit navigation and aspects of medical care have become so dependent on computing that loss of availability becomes a serious threat to life or society. Even on a less dramatic level, people have become dependent on computers in aspects of everyday life, and so maintaining expected availability of computers is probably the most important of the three goals of computer security.
Threats to Availability
• Denial of Service (DoS)
– Commonly thought of as network/system flooding
– Can be more basic: disrupting power
– Deleting files
– Hardware destruction (fire, tornado, etc.)
No comments:
Post a Comment