security (14) - COP 4600 Summer 2011 Introduction To...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
COP 4600: Intro To OS (Security) Page 1 © Dr. Mark Llewellyn COP 4600 – Summer 2011 Introduction To Operating Systems Security Department of Electrical Engineering and Computer Science Computer Science Division University of Central Florida Instructor : Dr. Mark Llewellyn [email protected] HEC 236, 407-823-2790 http://www.cs.ucf.edu/courses/cop4600/sum2011
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
COP 4600: Intro To OS (Security) Page 2 © Dr. Mark Llewellyn The Security Problem Protection is strictly an internal problem: how to control access to programs and data stored in a computer system. Security, on the other hand, requires not only an adequate protection system but also consideration of the external environment in which the computer system operates. A protection system is ineffective if user authentication is compromised or a program is run by an unauthorized user. Computer systems must be guarded against unauthorized access, malicious destruction or alteration, and accidental introduction of inconsistency . Intruders (crackers) attempt to breach security. A threat is a potential security violation. An attack is attempt to breach security. Attacks can be accidental or malicious. It is easier to protect against accidental misuse than malicious misuse.
Background image of page 2
COP 4600: Intro To OS (Security) Page 3 © Dr. Mark Llewellyn The Security Problem (cont.)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
COP 4600: Intro To OS (Security) Page 4 © Dr. Mark Llewellyn Types of Threats - Interruption Interruption An asset of the system is destroyed or becomes unavailable or unusable Attack on availability Destruction of hardware Cutting of a communication line Disabling the file management system
Background image of page 4
COP 4600: Intro To OS (Security) Page 5 © Dr. Mark Llewellyn Types of Threats - Interception Interception An unauthorized party gains access to an asset Attack on confidentiality Wiretapping to capture data in a network Illicit copying of files or programs
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
COP 4600: Intro To OS (Security) Page 6 © Dr. Mark Llewellyn Types of Threats - Modification Modification An unauthorized party not only gains access but tampers with an asset Attack on integrity Changing values in a data file Altering a program so that it performs differently Modifying the content of messages being transmitted in a network
Background image of page 6
COP 4600: Intro To OS (Security) Page 7 © Dr. Mark Llewellyn Types of Threats - Fabrication Fabrication An unauthorized party inserts counterfeit objects into the system Attack on authenticity Insertion of spurious messages in a network Addition of records to a file
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
COP 4600: Intro To OS (Security) Page 8 © Dr. Mark Llewellyn Categories of Attacks Breach of confidentiality – involves the unauthorized reading of data (or theft of information). Typically, a breach of confidentiality is the goal of an intruder, i.e., credit-card information theft. Breach of integrity
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 41

security (14) - COP 4600 Summer 2011 Introduction To...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online