Download
introduction to security in computing n.
Skip this Video
Loading SlideShow in 5 Seconds..
Introduction to Security in Computing PowerPoint Presentation
Download Presentation
Introduction to Security in Computing

Introduction to Security in Computing

108 Views Download Presentation
Download Presentation

Introduction to Security in Computing

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01

  2. What’s about Security • Why to secure something? • Valuable assets to protect • How to secure? • Place in a safe place • Guarding • How strong of protection? • May implement several layers • May be complex locks system • May need multiple parties to grant access

  3. Principle of Adequate Protection Computer items must be protected to a degree consistent with their value

  4. Security in Computing System • Computing System • Collection of • HW • SW • Storage • Data • People

  5. Threats, Controls, and Vulnerabilities • A threat is blocked by control of a vulnerability

  6. System Security Threats

  7. Security Goals

  8. Security Goal: Confidentiality • Only authorized people or system can access protected data • Ensuring the confidentiality can be difficult! • More to concern • Access : a single bit or the whole collection? • Disclose to other parties prohibit?

  9. Security Goal: Integrity • Several meanings • Precise • Accurate • Unmodified • Modified in acceptable way • Consistent • May cover two or more of above properties

  10. Security Goal: Availability • Several properties • Present in a usable form • Enough capacity to meet the service’s needs • Bounded waiting time • Completed services in an acceptable period of time • System is well available if :- • Timely response to a request • Generalized fairly allocate resources • Fault tolerance (graceful cessation instead of crash or abrupt) • Easily to be used • Concurrency is controlled (simultaneous, deadlock management, exclusive access)

  11. Vulnerabilities of Computing System

  12. Some of software modifications • Logic Bomb • Trojan • Virus • Trapdoor • Information Leaks

  13. Security of Data

  14. Computer Criminal • Armatures • Crackers • Career Criminals • Terrorists

  15. Method of Defense • Prevent • Blocking the attack • Closing the vulnerability • Deter • Making the attack harder • Deflect • Making another target more attractive • Detect • Discover real-time or off-line • Recover • From its effects

  16. Multiple Controls

  17. Q&A