Computer Security / Information Security

Computer Security / Information Security: Information security means protecting information and information systems from unauthorized access, use, modification, or destruction. The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information.

Computer Security / Information Security:

Information security means protecting information and information systems from unauthorized access, use, modification, or destruction. The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information.

With the introduction of the computer, the need for automated tools for protecting the files and other information stored on the computer became evident. This is especially the case for a shared system as like internet. Thus, computer security is the generic name for the collection of tools designed to protect data and to prevent hackers.

Computer Security rests on confidentiality, integrity and availability.

Confidentiality:

Confidentiality is the concealment of information or resources. Cryptography can be the better choice for maintaining the privacy of information, which traditionally is used to protect the secret messages. Similarly, privacy of resources, i.e. resource hiding can be maintained by using proper firewalls.  Confidentiality is sometimes called secrecy or privacy.

Integrity:
Integrity ensures the correctness as well as trustworthiness of data or resources. For example, if we say that we have preserved the integrity of an item, we may mean that the item is: precise, accurate, unmodified, modified only in acceptable ways, modified only by authorized people, modified only by authorized processes, consistent, meaningful and usable.
Integrity mechanisms fall into two classes; prevention mechanisms and detection mechanisms. Prevention mechanisms are responsible to maintain the integrity of data by blocking any unauthorized attempts to change the data or any attempts to change data in unauthorized ways.  While detection mechanisms; rather than preventing the violations of integrity; they simply analyze the data’s integrity is no longer trustworthy. Such mechanisms may analyze the system events or the data itself to see if required constraints still hold.
Availability:
Availability refers to the ability to use the information or resource desired. An unavailable system is as bad as no system at all. An object or service is thought to be available if;
·         It is present in a usable form.
·         It has capacity enough to meet the service's needs.
·         It is making clear progress, and, if in wait mode, it has a bounded waiting time.
·         The service is completed in an acceptable period of time.
Availability is usually defined in terms of “quality of service,” in which authorized users are expected to receive a specific level of service. The aspect of availability that is relevant to security is that someone may intentionally arrange to deny access to data or to service by making it unavailable
Fig 1. : Relationship between Confidentiality, Integrity and Availability
Threats:

A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. It is a potential violation of security, means that it is a possible danger that might exploit vulnerability.

Attack is an assault on system security that derives from an intelligent threat, i.e. attack is an intelligent act that is an intentional attempt to evade security services and violate the security policy of a system. 

Threats can be categorized into four classes:

Disclosure- Unauthorized access to information
                                           Snooping
                                    Deception- Acceptance of false data
                                          Modification, Spoofing, denial of receipt, Repudiation of origin
                                    Disruption- Interruption of correct operation
                                          Modification
Usurpation- Unauthorized control of some part of system   
                                         Modification, Spoofing, denial of service, delay

Snooping- It is an unauthorized interception of information. It is passive, means that some entity is listening to communications or browsing the system information. Passive wiretapping is an example of snooping where attackers monitors the network communications.

Modification- It is an unauthorized change of information. It is active, means that some entity is changing the information. Active wiretapping is an example of modification where data across the network is altered by the attackers.

Spoofing / Masquerading- It is an impersonation of one entity by another. E.g.:  if a user tries to log into a computer across the internet but instead reaches another computer that claims to be the desired one, the user has been spoofed. Delegation is basically authorized spoofing. The difference is that the ones to which authority is delegated does not impersonate the delegator; he/she simply asserts authority to act as an agent for the delegator. So masquerading is a violation of security, whereas delegation is not.

Repudiation of origin- A false denial that an entity sent something, is a form of deception.

Denial of receipt- A false denial that an entity received some message or information, is a form of deception.

Delay- It is a temporal forbiddance of service. E.g.: If delivery of a message or a service requires time t; if an attacker can force the delivery time to be more than t, then there is delayed delivery.

Denial of service- It is an infinite delay i.e., a long term inhibition of service. E.g., an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade the performance.

Security Policy:

Policy is a set of mechanisms by means of which your information security objectives can be defined and attained. Security policy governs a set of rules and objectives need by an organization.

The purpose of the information security policy is:

  • To prescribe mechanisms that help identify and prevent the compromise of information security and the misuse of data, applications, networks and computer systems.
  • To define mechanisms that protect the reputation of the organization and allow the organization to satisfy its legal and ethical responsibilities with regard to its networks' and computer systems' connectivity to worldwide networks.
  • To prescribe an effective mechanism for responding to external complaints and queries about real or perceived non-compliance with this policy.

You May Also Like...

Socialize with Us