Foundation Of Computer Security. Foundation of computer security. Reliability : accidental failures. Usability : operating mistakes. Security: intentional failures. Security. Security is about the protection of assets.
Prevention of unauthorised disclosure of information
prevention of unauthorized modification of information
prevention of unauthorised withholding of information or resources
In a given application (i.e. a cash machine), should the protection mechanism in a computer system focus on:
Second Design Decision:
In which layer of the computer system should a security mechanism be placed?
more generic simple machine-oriented
more specific complex man-oriented
Fourth Design Decision:
Centralized OR decentralized?
2. Unix treats I/O devices and physical memory devices like files. If access permissions are defined badly, e.g. if read access is given to a disk containing read protected files, then an attacker can read the disk contents and reconstruct the files.
3. Object reuse: in a single processor system, when a new process becomes active, it gets access to memory positions used by the previous process. You have to avoid storage residues, i.e. data left behind in the memory area allocated to the new process.
4. Buffer Overruns: a value is assigned to a variable that is too large for the memory buffer allocated to that variable , so that memory allocated to other variables is overwritten.