Computer and Network Security          Lecture 1        Richard Newman

Computer and Network Security Lecture 1 Richard Newman PowerPoint PPT Presentation


  • 172 Views
  • Uploaded on
  • Presentation posted in: General

Computer and Network Security Lecture 1 Richard Newman. 2.Why/How 3.From whom4.How5.Costs and Losses 6. Risk Safety. Computer and Network Security Lecture 1 Richard Newman. Assets - Valuables , liability, ability to function / competeExposures -

Download Presentation

Computer and Network Security Lecture 1 Richard Newman

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


1. Computer and Network Security Lecture 1 Richard Newman Security Protection against unauthorized access 1.What H/W, S/W, Data H/W CPU cycles RAM / EPROM Disk space I/O S/W File system Programs Operating system, Utilities, application Data Configuration files Password files log files ...

2. Computer and Network Security Lecture 1 Richard Newman 2.Why/How 3.From whom 4.How 5.Costs and Losses 6. Risk Safety

3. Computer and Network Security Lecture 1 Richard Newman Assets - Valuables , liability, ability to function / compete Exposures - Forms of losses Vulnerability - Weakness that could lead to a loss Attack - Attempt to exploit a vulnerability Threat - Source of attack/circumstance by which loss may occur Control - Means of reducing vulnerability (Physical, Procedural, Logical) Cost - Up front and ongoing overhead to implement controls in terms of $, time, space, convenience

4. Computer and Network Security Lecture 1 Richard Newman Goals Confidentiality (Who can read it ? ) Right accessibility(read, view, print, know of existence) by authorized party. Integrity (Who can write it ? - Consistency / accuracy) Modify assets in authorized ways only by authorized party. Availability (How readily the asset may be accessed - How/when/where ...) Assets accessible to authorized parties without disruption Secondary Goals Reliability Safety Non-repudiation

5. Computer and Network Security Lecture 1 Richard Newman Principle of easiest penetration An intruder must be expected to use any available means of penetration. Exposures 1. Interception A B 2. Modification A B 3. Interruption A B 4. Fabrication A B (may include spoofing)

  • Login