Computer Security Introduction. Introduction. What is the goal of Computer Security? A first definition: To prevent or detect unauthorized actions by users of the system. Introduction. How do we achieve Computer Security:
What is the goal of Computer Security?
A first definition:
To prevent or detect unauthorized actions by users
of the system.
How do we achieve Computer Security:
Security is about protecting assets.
Authenticity, accountability, reliability, safety,
dependability, survivability . . .
Even at this general level there is disagreement on
the precise definitions of some of the required security
Historically, security is closely linked to secrecy.
Security involved a few organizations dealing mainly
with classified data.
However, nowadays security extends far beyond
“Making sure that everything is as it is supposed to be.”
For Computer Security this means:
Preventing unauthorized writing or modifications.
For Computer Systems this means that:
Services are accessible and useable (without undue
Delay) whenever needed by an authorized entity.
For this we need fault-tolerance.
Faults may be accidental or malicious (Byzantine).
Denial of Service attacks are an example of malicious
Actions affecting security must be traceable
to the responsible party.
If I must give a definition…. (again)
Computer Security deals with the prevention and
detection of unauthorized actions by users of the
Functionality or Assurance: which one?
(subject) | (object)
The dimensions of Computer Security
Integrity = compliance with a given set of rules.
Should protection focus on data, operations
In which layer should security be placed?
3rd Design decision
Should security focus on simplicity or security?
4th Design decision
Should security control tasks be given to a central entity of left to individual components?
Physical and organizational security mechanisms
define a security perimeter or boundary.
Attackers may try to bypass this boundary.
Physical and organizational security measures protection boundary
Access to the layer below is controlled through
physical and organizational security measures.
How to prevent the attacker from accessing the layer below the protection boundary?
Hardware is more visible, so it is more easy to
add/remove/change devices, intercept traffic, flood
with traffic and generally control their functionality.
Attacks: physical damage
Hardware security is usually the concern of a relatively
small number of staff. Software extends to programmers
and analysts who create an modify programs.
However data can be readily interpreted by the general
Because of its visibility data attacks are much more