Computer Security Introduction. Basic Components. Confidentiality: Concealment of information (prevent unauthorized disclosure of information). Integrity: Trustworthiness of data/resources (prevent unauthorized modifications). Data integrity
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
(prevent unauthorized disclosure of information).
(prevent unauthorized modifications).
(prevent unauthorized withholding of
Authenticity, accountability, reliability, safety,
dependability, survivability . . .
Historically, security is closely linked to secrecy.
Security involved a few organizations dealing mainly
with classified data.
However, nowadays security extends far beyond
“Making sure that everything is as it is supposed to be.”
For Computer Security this means:
Preventing unauthorized writing or modifications.
For Computer Systems this means that:
Services are accessible and useable (without undue
Delay) whenever needed by an authorized entity.
For this we need fault-tolerance.
Faults may be accidental or malicious (Byzantine).
Denial of Service attacks are an example of malicious
to the responsible party. For this,
Threats – potential violations of security
Attacks – violations
Attackers – those who execute the violations
A mechanism is secure if P ≤ Q
A mechanism is precise if P = Q
A mechanism is broad if there are states in P which
are not in Q
Trust cannot be quantified precisely.
System specifications design and implementation can
provide a basis for how much one can trust a system.
This is called assurance.
Security is about protecting assets.
How to achieve Computer Security:
Even at this general level there is disagreement on
the precise definitions of some of the required security