Presentation on theme: "Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01."— Presentation transcript:
Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01
What’s about Security Why to secure something? Valuable assets to protect How to secure? Place in a safe place Guarding How strong of protection? May implement several layers May be complex locks system May need multiple parties to grant access
Principle of Adequate Protection Computer items must be protected to a degree consistent with their value
Security in Computing System Computing System Collection of HW SW Storage Data People
Threats, Controls, and Vulnerabilities A threat is blocked by control of a vulnerability
Security Goal: Confidentiality Only authorized people or system can access protected data Ensuring the confidentiality can be difficult! More to concern Access : a single bit or the whole collection? Disclose to other parties prohibit?
Security Goal: Integrity Several meanings Precise Accurate Unmodified Modified in acceptable way Consistent May cover two or more of above properties
Security Goal: Availability Several properties Present in a usable form Enough capacity to meet the service’s needs Bounded waiting time Completed services in an acceptable period of time System is well available if :- Timely response to a request Generalized fairly allocate resources Fault tolerance (graceful cessation instead of crash or abrupt) Easily to be used Concurrency is controlled (simultaneous, deadlock management, exclusive access)
Method of Defense Prevent Blocking the attack Closing the vulnerability Deter Making the attack harder Deflect Making another target more attractive Detect Discover real-time or off-line Recover From its effects
Your consent to our cookies if you continue to use this website.