COMPUTER SECURITY
- 1. COMPUTER SECURITY Prof. Neeraj Bhargava Mrs.Shubha Chaturvedi Department of Computer Science, School of Engineering & System Science MDS University Ajmer, Rajasthan
- 2. The NIST Computer Security defines the term computer security as: The protection afforded to an automated information of system in order to attain the applicable objectives preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information /data and telecommunications).
- 4. This term covers two related concepts: Data Confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
- 5. This term covers two related concepts: Data integrity: Assures that information and programs are changed only in a specified and authorized manner. System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
- 6. Assures that systems work promptly and service is not denied to authorized users.
- 8. Although the use of the CIA triad to define security objectives is well estab-lished, some in the security field feel that additional concepts are needed to present a complete picture. Authenticity: Accountability:
- 9. Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source.
- 10. Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. Because truly secure systems are not yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes.
- 11. The OSI security architecture is useful to managers as a way of organizing the task of providing security. Furthermore, because this architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to this structured definition of services and mechanisms.
- 12. The OSI security architecture focuses on security Attacks, Mechanisms and Services. These can be defined briefly as: Security Attack: Any action that compromises the security of information owned by an organization. Security Mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security Service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.