Monday, December 9, 2013

Computer security

Computer security (Also known as cybersecurity or IT Security) is information security as applied to computers and networks.
The field covers all the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction. Computer security also includes protection from unplanned events and natural disasters.

One way to think of computer security is to reflect security as one of the main features.
Some of the techniques in this approach include:
The principle of least privilege, where each part of the system has only the privileges that are needed for its function. That way even if an attacker gains access to that part, they have only limited access to the whole system.
Automated theorem proving to prove the correctness of crucial software subsystems.
Code reviews and unit testing are approaches to make modules more secure where formal correctness proofs are not possible.
Defense in depth, where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds.
Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.
Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
Full disclosure to ensure that when bugs are found the "window of vulnerability" is kept as short as possible.

Security architecture:

Security Architecture can be defined as the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall information technology architecture. These controls serve to maintain the system's quality attributes: confidentiality, integrity, availability, accountability and assurance services.

Hardware mechanisms that protect computers and data:

While hardware may be a source of insecurity, hardware based or assisted computer security also offers an alternative to software-only computer security. Devices such as dongles, trusted platform modules, case intrusion detection, drive locks, disabling USB ports, and other hardware may be considered more secure due to the physical access (or sophisticated backdoors) required in order to be compromised.

No comments:

Operating system - Part 1:

 In our blog, we published several articles on OS concepts which mostly on the perspective for malware analysis/security research. In few in...