Scribd
Upload
27 views7 pages

Lecture 1

Uploaded by

Khawar Zulfiqar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
27 views7 pages

Lecture 1

Uploaded by

Khawar Zulfiqar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Chapter 1

Introduction

Introduction to Computer Security 1


November 1, 2004
©2004 Matt Bishop
What Is Security?
• “The quality or state of being secure--to be free
from danger”
• To be protected from adversaries
• A successful organization should have multiple
layers of security in place:
• Physical security
• Personal security
• Operations security
• Communications security
• Network security

Introduction to Computer Security


November 1, 2004 Slide 2
©2004 Matt Bishop
What Is Information Security?
• The protection of information and its critical elements, including the
systems and hardware that use, store, and transmit that information
• Tools, such as policy, awareness, training, education, and technology
are necessary
• The C.I.A. triangle was the standard based on confidentiality, integrity,
and availability
• The C.I.A. triangle has expanded into a list of critical characteristics of
information

Introduction to Computer Security ©2004 Matt


November 1, 2004 Slide 3
Bishop
Basic Components
• Confidentiality
• Keeping data and resources hidden
• Integrity
• Data integrity (integrity)
• Origin integrity (authentication)
• Availability
• Enabling access to data and resources

Introduction to Computer Security


November 1, 2004 4
©2004 Matt Bishop
Classes of Threats
• Disclosure
• Snooping
• Deception
• Modification, spoofing, repudiation of origin, denial of receipt
• Disruption
• Modification
• Usurpation
• Modification, spoofing, delay, denial of service

Introduction to Computer Security


November 1, 2004 Slide #1-5
©2004 Matt Bishop
Policies and Mechanisms
• Policy says what is, and is not, allowed
• This defines “security” for the site/system/etc.
• Mechanisms enforce policies
• Composition of policies
• If policies conflict, discrepancies may create security vulnerabilities

Introduction to Computer Security


November 1, 2004 Slide #1-6
©2004 Matt Bishop
Goals of Security
• Prevention
• Prevent attackers from violating security policy
• Detection
• Detect attackers’ violation of security policy
• Recovery
• Stop attack, assess and repair damage
• Continue to function correctly even if attack succeeds

Introduction to Computer Security


November 1, 2004 Slide #1-7
©2004 Matt Bishop

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy