Introduction

Introduction - Computer Security Introduction 11/07/11 1...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
11/07/11 1 Computer Security Introduction
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 2 Introduction What is the goal of Computer Security? A first definition: To prevent or detect unauthorized actions by users of the system.
Background image of page 2
11/07/11 3 Introduction How do we achieve Computer Security: 1. Security principles/concepts: explore general principles/concepts that can be used as a guide to design secure information processing systems. 2. Security mechanisms: explore some of the security mechanisms that can be used to secure information processing systems. 3. Physical/Organizational security: consider physical & organizational security measures (policies)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 4 Security Security is about protecting assets. This involves: Prevention Detection Reaction (recover/restore assets)
Background image of page 4
11/07/11 5 Computer Security 1. Confidentiality: prevent unauthorized disclosure of information. 2. Integrity: prevent unauthorized modification of information. 3. Availability: prevent unauthorized withholding of information. Additionally: Authenticity, accountability, reliability, safety, dependability, survivability . . .
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 6 Computer Security Even at this general level there is disagreement on the precise definitions of some of the required security aspects. References: TCSEC or Orange book – US Dept of Defense, Trusted Computer System Evaluation Criteria. ITSEC – European Trusted Computer System Product Criteria. CTCPEC – Canadian Trusted Computer System Product Criteria
Background image of page 6
11/07/11 7 Confidentiality Historically, security is closely linked to secrecy . Security involved a few organizations dealing mainly with classified data. However, nowadays security extends far beyond confidentiality. Confidentiality involves: privacy: protection of private data, secrecy: protection of organizational data.
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 8 Integrity “Making sure that everything is as it is supposed to be.” For Computer Security this means: Preventing unauthorized writing or modifications.
Background image of page 8
11/07/11 9 Availability
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 32

Introduction - Computer Security Introduction 11/07/11 1...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online