introduction to security in computing
DESCRIPTION
Introduction to Security in Computing. 01204427 Computer and Network Security Semester 1, 2011. Lecture #01. What’s about Security. Why to secure something? Valuable assets to protect How to secure? Place in a safe place Guarding How strong of protection? May implement several layers - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/1.jpg)
Introduction to Security in Computing
01204427 Computer and Network SecuritySemester 1, 2011
Lecture #01
![Page 2: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/2.jpg)
What’s about Security Why to secure something?
Valuable assets to protect How to secure?
Place in a safe place Guarding
How strong of protection? May implement several layers May be complex locks system May need multiple parties to grant access
![Page 3: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/3.jpg)
Principle of Adequate Protection
Computer items must be protected to a degree consistent
with their value
![Page 4: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/4.jpg)
Security in Computing System Computing System
Collection of HW SW Storage Data People
![Page 5: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/5.jpg)
Threats, Controls, and Vulnerabilities
A threat is blocked by control of a vulnerability
![Page 6: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/6.jpg)
System Security Threats
![Page 7: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/7.jpg)
Security Goals
![Page 8: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/8.jpg)
Security Goal: Confidentiality
Only authorized people or system can access protected data
Ensuring the confidentiality can be difficult!
More to concern Access : a single bit or the whole collection? Disclose to other parties prohibit?
![Page 9: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/9.jpg)
Security Goal: Integrity Several meanings
Precise Accurate Unmodified Modified in acceptable way Consistent
May cover two or more of above properties
![Page 10: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/10.jpg)
Security Goal: Availability Several properties
Present in a usable form Enough capacity to meet the service’s needs Bounded waiting time Completed services in an acceptable period of time
System is well available if :- Timely response to a request Generalized fairly allocate resources Fault tolerance (graceful cessation instead of crash or
abrupt) Easily to be used Concurrency is controlled (simultaneous, deadlock
management, exclusive access)
![Page 11: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/11.jpg)
Vulnerabilities of Computing System
![Page 12: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/12.jpg)
Some of software modifications Logic Bomb Trojan Virus Trapdoor Information Leaks
![Page 13: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/13.jpg)
Security of Data
![Page 14: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/14.jpg)
Computer Criminal Armatures Crackers Career Criminals Terrorists
![Page 15: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/15.jpg)
Method of Defense Prevent
Blocking the attack Closing the vulnerability
Deter Making the attack harder
Deflect Making another target more attractive
Detect Discover real-time or off-line
Recover From its effects
![Page 16: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/16.jpg)
Multiple Controls
![Page 17: Introduction to Security in Computing](https://reader035.vdocuments.net/reader035/viewer/2022062315/56815ebc550346895dcd40f4/html5/thumbnails/17.jpg)
Q&A