What is the Goal of Computer Security?

What is the Goal of Computer Security? Goals of Security: Prevention is to prevent the attackers from violating security policy. Prevention means that an attack will fail. Typically, prevention involves implementation of mechanisms that users can not override and that are trusted to be implemented in a correct ways so that the attacker can't defeat the mechanism by changing it.

Goals of Security:


Prevention is to prevent the attackers from violating security policy. Prevention means that an attack will fail. Typically, prevention involves implementation of mechanisms that users can not override and that are trusted to be implemented in a correct ways so that the attacker can't defeat the mechanism by changing it.

Detection is to detect attackers’ violation of security policy. So it occurs after someone violates the policy. The mechanism determines that a violation of the policy has occurred (or is underway) due to attack, and reports it. The system must then respond appropriately. Detection is most useful when an attack can't be prevented.

Recovery is to stop attack and to assess and repair any damage caused by attack. With recovery, it should be such that the system continues to function correctly, possibly after
a period during which it fails to function correctly, due to attacks.
For example if the attacker deletes a file, one recovery mechanism is to restore the file from backup tapes.

Protection State:

The state of a system at any instance is defined by the collection of the current values of all memory locations, all secondary storage, and all registers and other components of the system. The subset of this collection that deals with protection defines the protection state of the system. Access control matrix model is the most precise model used to describe a protection state.

Consider a set of possible protection states P. Suppose there is a subset Q of P consists exactly those states in which system is authorized to reside. So, whenever the system state is in Q, the system is supposed to be secure. When the system state is in P-Q, the system is not secure. So enforcing security means that the system state is always from the subset Q.  Any operations like reading, writing, altering and execution of data or instruction cause the change in state of the system i.e., state transition occurs. We are concerned with only those state transitions that will lead to the authorized states.


You May Also Like...

Subscribe Us