Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01.

Similar presentations


Presentation on theme: "Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01."— Presentation transcript:

1 Introduction to Security in Computing Computer and Network Security Semester 1, 2011 Lecture #01

2 What’s about Security  Why to secure something?  Valuable assets to protect  How to secure?  Place in a safe place  Guarding  How strong of protection?  May implement several layers  May be complex locks system  May need multiple parties to grant access

3 Principle of Adequate Protection Computer items must be protected to a degree consistent with their value

4 Security in Computing System  Computing System  Collection of  HW  SW  Storage  Data  People

5 Threats, Controls, and Vulnerabilities  A threat is blocked by control of a vulnerability

6 System Security Threats

7 Security Goals

8 Security Goal: Confidentiality  Only authorized people or system can access protected data  Ensuring the confidentiality can be difficult!  More to concern  Access : a single bit or the whole collection?  Disclose to other parties prohibit?

9 Security Goal: Integrity  Several meanings  Precise  Accurate  Unmodified  Modified in acceptable way  Consistent  May cover two or more of above properties

10 Security Goal: Availability  Several properties  Present in a usable form  Enough capacity to meet the service’s needs  Bounded waiting time  Completed services in an acceptable period of time  System is well available if :-  Timely response to a request  Generalized fairly allocate resources  Fault tolerance (graceful cessation instead of crash or abrupt)  Easily to be used  Concurrency is controlled (simultaneous, deadlock management, exclusive access)

11 Vulnerabilities of Computing System

12 Some of software modifications  Logic Bomb  Trojan  Virus  Trapdoor  Information Leaks

13 Security of Data

14 Computer Criminal  Armatures  Crackers  Career Criminals  Terrorists

15 Method of Defense  Prevent  Blocking the attack  Closing the vulnerability  Deter  Making the attack harder  Deflect  Making another target more attractive  Detect  Discover real-time or off-line  Recover  From its effects

16 Multiple Controls

17 Q&A


Download ppt "Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01."

Similar presentations


Ads by Google