What Is Computer Security?

In: Computers and Technology

Submitted By jahstar
Words 286
Pages 2
Computer security (Also known as cybersecurity or IT Security) is information security as applied to computers and networks.
The field covers all the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction. Computer security also includes protection from unplanned events and natural disasters.

One way to think of computer security is to reflect security as one of the main features
Some of the techniques in this approach include:
The principle of least privilege, where each part of the system has only the privileges that are needed for its function. That way even if an attacker gains access to that part, they have only limited access to the whole system.
Automated theorem proving to prove the correctness of crucial software subsystems.
Code reviews and unit testing are approaches to make modules more secure where formal correctness proofs are not possible.
Defense in depth, where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds.
Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.
Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
Full disclosure to ensure that when bugs are found the "window of vulnerability" is kept as short as…...

Similar Documents

Computer Security

...NAME: COMPUTER SECURITY COURSE CODE: CSC3207 Instructions: Answer all questions. Duration: 1hour. Date sat. 15th April 2012 Test is out of 40marks. 1. Is magnetic media safe for data storage? Elaborate on your answer. 6mks NO. - It is volatile. - A lot of vigilance is required (no exposure to heat, sun light etc) - Forensics (data recovery tools undermine some operations like delete) YES, if care and precautions are adhered to. (state those precautions here) 2. State two technical challenges of the FLASH architecture 5mks -The number of read/write cycles -The power MUST-BE-ON requirement - Erasure failures Read page 414 of “Hardware Based Security” 3. A good security practice is to continuously review and appropriately modify misuse case presentations of a system. What approaches would you consider to maintain an up-to-date misuse case presentation for a given system? 6mks Consider using a team for periodical review and analysis and different design and implementation sections of the system. - Periodically review the existing use-case based on the pre-existing knowledge base. - Brainstorm on the basis of existing system resources and identify representative risks. - Redefining the use-cases and mis-use cases incase of new threats Sources of information here include - Audit logs and security......

Words: 376 - Pages: 2

Computer Security

...Computer Security Victoria M. Deardorff Brevard Community College April 10, 2012 This paper is written as a basic overview of computer security for the non-technical user. This paper is meant to educate the reader on practical steps that can be implemented to secure their home-based computers. Additionally, the reader will be informed of industry and government needs for and methods of computer security. With this information, the reader should gain a better understanding of why agencies and companies have their rules and regulations pertaining to computer security. What do you think when you read or hear the words “computer security”? The word security implies freedom from risk, danger, doubt, anxiety, or fear and invokes a feeling of safety and confidence. As security relates to our computers, you may immediately ask yourself if you have done everything possible to guard your personal computer as well as the information stored on that computer. Also, you may think about the companies with which you do business and ask the same question; have they done everything possible to protect my personal information? The world of computer security or information security, as it is sometimes called, continues to evolve as consumers expand the use of computer systems. “The story of network attacks, bugs, viruses, and criminal actions stretches as far as the computer industry itself. One of the first bugs to develop in a computer system was precisely that: a moth was......

Words: 1938 - Pages: 8

Computer Security

...shorter keys than existing public-key encryption methods. Usability: symmetric-key encryption is easier to understand by a non-expert than public-key encryption. 2. Give an example of the false sense of security that can come from using the “security by obscurity" approach. Solution There are many examples. One possibility would be to use a weak encryption algorithm, like the Caesar cipher and try to keep secret the type of algorithm that you are using, in addition to keeping the key secret. The problem with this approach is that if someone guesses you are using such an algorithm or is able to reverse engineering your software, then they will discover your algorithm. From there it is a simple matter to break your weak encryption scheme. 3. Benny is a thief who tried to break into an Automated Teller Machine (ATM) using a screwdriver, but was only able to break five different keys on the numeric keypad and jam the card reader, at which point he heard Alice coming, so he hid. Alice walked up, put in her ATM card, successfully entered her 4-digit PIN, and took some cash. But she was not able to get her card back, so she drove off to find help. Benny then went back to the ATM, and started entering numbers to try to discover Alice's PIN and steal money from her account. What is the worst-case number of PINs that Benny has to enter before correctly discovering Alice's PIN? Solution Since Benny broke 5 different keys and Alice was still able to enter her PIN, it must only use......

Words: 578 - Pages: 3

Computer Security

...Contents INTRODUCTION 4 SECURITY 4 Client Security 4 Server Security 5 Document Confidentiality 5 Risks and threats to E-commerce Sites 5 Hackers 5 Software/hardware failure 5 WHY SECURITY FAIL 6 Exposure of confidential data 6 Modification of Data 6 Errors in Software 6 Poor stipulation and testing 6 Repudiation 6 Solutions to E-commerce Security Risks 7 Encryption 7 Data Encryption Standard (DES) 7 RSA Public Key Algorithm 8 Digital signatures 8 Digital certificates 9 Security for Transactions 9 Secure sockets layer 10 Secure Electronic Transactions (SET) 10 Conclusions 11 INTRODUCTION Internet security is not fully understood by many. However, it is an integral part of Using the Internet safely, most of the security on the Internet is not seen nor its Existence known to the user. The importance of web security is to keep the user, the E- Commerce Merchants and Authorised third parties safe whilst carrying out normal Browsing and transactions online. SECURITY To examine web security we need to look at all the main components of a connection, which are the browser and the Server and then examine the connection between the two. The user, via their web Browser, connects to a remote web server and requests a document. The server then Returns the document, and the browser displays it. This seems a simple enough process, So what could go wrong? From the users point of...

Words: 2106 - Pages: 9

Computer Security

...The term cybercrime became often term being heard by people nowadays. In the early world, it was not a big deal and still can be controlled. Unfortunately, when there is a tremendous increasing number of connected people and devices, it is a bigger risk there to be resolved. A rough definition for the term cybercrime is a crime which is influenced by some kind of computer or cyber aspect. To be more specific, it is a crime that has illegal activities through it by using computers or network or hardware devices as its primary medium for some commissions. The commissions depend on how huge the illegal activities are. There are lots of cases that the performers of the cybercrime gained millions or even billions from the activities that illegally conduct by them. Sounds so good to be a rich mankind? It won’t be long. Just remember, justice always strikes the best at the end. One of the facts to discuss about cybercrime that is highly appropriate to talk about is how it surpassed illegal drug trafficking as an instant criminal moneymaker. Apart from that, it is so surprising to know that somebody’s identity is stolen so quickly as fast as within only 3 seconds due to cybercrime. Besides that, for us to deeply concern, we need to realize that our unprotected PCs can become affected in a bad way and it takes only four minutes right after it connect to the internet. To those who never worried about these matters before, the moment you knew it, you should really be careful when you......

Words: 1413 - Pages: 6

Computer Security

...CHAPTER 3 CO M P U TE R A N D I NT E R N E T C R IME QUOTE In view of all the deadly computer viruses that have been spreading lately, Weekend Update would like to remind you: when you link up to another computer, you’re linking up to every computer that that computer has ever linked up to. —Dennis Miller, Saturday Night Live, U.S. television show VIGNETTE Treatment of Sasser Worm Author Sends Wrong Message Unleashed in April 2004, the Sasser worm hit IT systems around the world hard and fast. Unlike most computer viruses before it, the Sasser worm didn’t spread through e-mail, but moved undetected across the Internet from computer to computer. It exploited a weakness in Microsoft Windows XP and Windows 2000 operating systems. By the first weekend in May, American Express, the Associated Press, the British Coast Guard, universities, and hospitals reported that the Sasser worm had swamped their systems. Computer troubles led Delta Airlines to cancel 40 flights and delay many others. Microsoft quickly posted a $250,000 reward, and by mid-May, authorities apprehended Sven Jaschen, a German teenager. Jaschen confessed and was convicted after a three-day trial. Jaschen could have received up to five years in prison, but because he was tried as a minor, the court suspended his 21-month sentence, leaving him with only 30 hours of community service. Copyright © 2007 by Thomson Course Technology. All rights reserved. This publication is protected by federal......

Words: 18526 - Pages: 75

Computer Security

...Computer Network Security Alternatives Computer network security and integrity is a large concern among all types and sizes of companies. The options for solving security risks are as varied as the companies themselves. However, it is possible to break down the methods for dealing with security risks into three major categories. Companies have the option to: 1. Select best of breed products for their various security needs and assemble the products together to form their own customized solutions. 2. Purchase a security suite that contains security products that will address their various security needs. 3. Outsource security to another company rather than handle it internally. This paper will summarize primary research conducted by Kang-hun Lee, Yonghoon Choi, Mike Loveridge, Tom Gonzales and David Linford over a three month period to determine market trends in the security software industry. A survey instrument was prepared to capture the following data. 1. What do companies consider threats to their network environment? 2. What preferences do they have regarding specific security services? 3. What sort of security option do they prefer when choosing between: best of breed, suites or outsourcing. Findings and analysis Once the data were collected, we were able to organize and analyze the results. This section will both specify the analytical procedures we used as well as report on the findings. There are three (will be more when......

Words: 766 - Pages: 4

Computer Security

...Computer Security Assignment 2 Solutions ECE568, Winter 2011 Introduction Answer the following questions. When a word count restriction is given for a question, exceeding it will result in marks being deducted. If your answer is more than twice the maximum length, you will get zero for the question. Please include a word count for all your answers. We recommend that you use a utility like wc on ECF to count the number of words in your answer. Your answers should be written in proper English, with full sentences. We reserve the right to deduct marks for poor English, unintelligible answers or illegible handwriting. All answers should be written in your own words - no copy-pasting! The completed assignments should be submitted in hardcopy during class on April 4, 2011. Note that all written assignments should be done individually. 1 DES and differential cryptanalysis Read http://securespeech.cs.cmu.edu/reports/coppersmith.pdf and answer the following questions: 1. Out of the 3 types of attacks an adversary can mount on a cryptographic algorithm, which ones does differential cryptanalysis utilize? [1 mark] 2. When was differential cryptanalysis first discovered? Which organization had knowledge of it at the time? [2 marks] 3. When did differential cryptanalysis first appear in public literature? List the title and the authors of the paper. [2 marks] 4. What is an active S-box as described in the article? Why is it important to maximize the number of active S-boxes? What property,...

Words: 2608 - Pages: 11

Computer Security

...Foundations of Network Security Fundamentals of Network Security 2 Firewall Fundamentals 43 VPN Fundamentals 79 Network Security Threats and Issues 111 CHAPTer Fundamentals of Network Security 1 C OMPUTER NETWORK......

Words: 16205 - Pages: 65

Computer Security

...Minwossi Zerbo Mrs. Jensen English 1A-21 14 November 2015 Computer Security: Worms and viruses Nowadays, in the domain of computer sciences, there is a big problem to face: Worms and viruses. Being in the technology is a good thing, but being n the technology without knowing how to avoid the consequences of the technology is worse. Viruses and worms affect the computer and damage, or in other words corrupt some files that are important to the good functioning of the computer. Viruses have many ways of penetration that computers user ignore, and that’s what makes the damage even more severe. First of all, let’s start by defining a viruses and a worm. A virus is a malware program (not a computer program), that auto run, and replicates by adding copies of their code into other computer program, any other type of data that it comes across. This will create an overall corruption of your database and your computer. In reality, there are three categories of computer infections malwares and we defined the first one which is viruses. The two second malwares are worms and Trojan horses. In a questions of codes or designs they are all similar, but the differences come in the way these three categories act. Contrarily to viruses that need a human action to spread, such as sharing files, running an infected program, and so on, worms have the ability to auto spread themselves, which mean that they don’t require the action of a human. They can travel by themselves by taking......

Words: 1076 - Pages: 5

Computer Security

...TITLE: PERSONAL NETWORK SECURITY INTRODUCTION: Computer security is the process of detecting unauthorised use of your computer or PC . As the old saying goes “prevention is better than cure” , going by this we realise that if we learn about the possible loopholes in the security we can prevent it in the first place. But the big question is 'why should i care about my computer security?' . We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs.Although we may not consider our communiction a 'top secret' ,but you dont want others to eavesdrop on you conversations, read your mails, use your computer to attack others system , send forged mails from your computer to others or check the stuff from your computer hard drive. There are many people who whould want to break into you computer system they are generally known as hackers or crackers . More often they do this because they want to launch an attack on some computer system through your computer and other times it is done by some teenage kid who want to showcase his skills and feel proud of himself and maybe even gain some limelight. If your computer is connected to the internet then you dont need some hacker to personally attack your system . There are thousand of computer programs to do this job on the net. Even if you use your internet just to check your e-mails you could still be a huge target for attackers. Is it easy to break into......

Words: 1142 - Pages: 5

Computer Security

...appropriate behavior in order to avert the cybercrime. Many of these policies are just adopted, but till many companies find it necessary to be tailored so that it is tailored to an organization security needs and most till need to be updated to reflect ever changing impact of the cyberspace transactions in everyday activities. Like all company document, cyberspace follows good design and various format in order to make the document not be vague and follow government policies on security design. These policies also need to be reviewed regularly to ensure that they conform to the business needs that are ever changing gin the business environment. The following are the major items involved in the cybercrime plan actions. 1. Establish security roles and responsibilities Establishing security roles and responsibility in a company is one step towards combating cybercrime. The policies should clearly define the separation of roles with responsibility depending on the system in place. This means that a system will be designed on role based control which might not be well utilized when the procedures and policies are not well defined. The extend of employees can go with a system should show how much they can access in the system and the policies should be maintained at minimum. This means that: The security procedure clearly identifies data ownership in the company and employee roles are well defined. The employees should not inherit privileges from other users. This means that......

Words: 2072 - Pages: 9

Computer Security

...“addicted” to hacking. What is the legal significance of that claim?Question #02: Kevin is sent to jail and scheduled to be sent to Preston prison. He appeals the California Young Authority decision to send him to Preston. The hearing arbitrator agrees and sends him to Karl Holton prison instead. Kevin is very proud of winning the grievance and associates his win with the lyrics of a song. What were the lyrics and who was the singer?Question #03: Kevin realizes that when he turns 21, he will no longer be under the jurisdiction of the Juvenile Court. He decides to hide and picks a name to use while hiding. What is the name and where did he get the name?Question #04: Kevin continues to hack Pacific Bell. His target is the Switching Control Center System (SCCS). Why did he choose that target? | | NIST 800-12 discussion of cryptography is remarkably up to date and correctly points out that cryptography depends on other controls for effective implementation.Question #05: Numerically list the 5 security controls that cryptography requires. In your own words, explain each control. | | Question #06: What is the main idea behind cryptography?Question #07: What is the main problem with symmetric cryptography?Question #08: What is the basic idea in asymmetric cryptography?Question #09: What does key length have to do with security?Question #10: What is a one-way hash function? Why is it used? SHA-1 is discussed by Bruce, but has been replaced by what current......

Words: 1379 - Pages: 6

Computer Security

...Computer Security Protecting Your Computer System Do’s and Don’ts Abstract This paper explores the computer security process of preventing and detecting unauthorized use of computers. I will also discuss: A. The prevention measures (do’s and don’ts) to help you stop unauthorized users (also known as “intruders”) from accessing any part of your computer system. B. Detections methods that help you to determine whether or not someone attempted to break into your system; a. If an attack was successful b. If so, what they may have done.   Computer Security Protecting Your Computer System Do’s and Don’ts We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although you may not consider your communications “top secret,” you probably do not want strangers reading your email, using your computer to attack other systems, sending forged emails from your computer, or examining personal information stored on your computer (such as financial statements). Intruders (also referred to as hackers, attackers, or crackers) may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems. Once an intruder takes control of your computer, they have the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. Even if you......

Words: 1909 - Pages: 8

Computer Security

... 1. Consider the information stored on your personal computer. Do you, at this moment, have information stored in your computer that is critical to your personal life? If that information became compromised or lost, what effect would it have on you? (150 - 200 words) I do have personal information stored on my computer that is very critical to my personal life. My personal computer holds credit card numbers, bank account details, passwords, medical information, websites I have visited, personal family pictures, some private letters and all my business ideas. Basically my whole life is on my personal computer and if it fell into the wrong hands someone might use it to commit fraud against me. I will have to take action quickly to minimize the potential for the theft of my identity. I will have to close compromised credit card accounts immediately and put an initial fraud alert on my credit report. I will have to place new passwords on old and new accounts that I open. I think getting my personal information compromised would leave me very paranoid and I will be watching for signs that my information is being misused and I think at the end it will leave me feeling much violated. 2. What is a mission statement? What is a vision statement? What is a values statement? Why are they important? What do they contain? Provide an example of one of the three. (150 - 200 words) A mission statement is a clear definition of what an organization is, the reason for their existence and...

Words: 651 - Pages: 3

[UWF] Utawarerumono - Itsuwari no Kamen - 25 [521F3A70].mkv | The Predator | Family Guy S14E16 HDTV x264-KILLERS[ettv]