RSS
Home
Computer Security: a brief primer
Print
Email
RSS
Subscribe
For those that aren't exactly Computer savvy, but want to ensure that their computer's are secured, this brief primer on the explanation of computer security should get you started on the right path. Bear in mind, this primer IS very brief and could appear scattered at times, but rest assured that this author will continue to produce quality articles for better understanding and reading.
The first thing to understand is that computer security has been and always will be a branch of information security. The primary objective of computer security is to include the protection of information and property from theft, corruption, or natural disaster. However, natural disaster isn't exactly something that can be truly avoided, but there are steps that can be taken to ensure that the physical aspect of natural disasters is protected against. The concepts of computer security are designed and based on logic. For this to happen, the computer software that is designed has to be designed to impose certain restrictions to program behavior. We now look to the architecture of computer security.
Such an architecture can be defined as the design artifacts that describe how the security controls are positioned and how they relate to overall information technology. These controls serve as the parent of maintenance. Maintaining the system's quality attributes. These attributes follow:
- Confidentiality
- Integrity
- Availability
- Accountability
- Assurance
That's what it's all about. To the lay-man. The confidentiality of your system includes your personal files. Homework, bank statements, emails, photo's, hidden family secrets, et cetera. The integrity of your system is your systems strength to ensure the confidentiality of your system. The availability of your system is more cornered and concerned with the computer's users (which we'll discuss in a little bit). The accountability of your system is more the "monitor" of your system so that way systems administrators can see what's going on with the computer whenever they check the logs for it. The assurance of your system is the assurances you can have and willing understand and acknowledge that your computer is just fine. The first thing when considering computer security is to consider the operating system (more commonly referred to as "Your OS"). Much of the technology used today to secure an OS is based on science developed in the 1980's and used to produce what may be some of the most impenetrable operating systems ever. Such technology, though it is still valid, has a very limited use in today's technologicly advanced world. The imposed changes to system management and widely misunderstood features are what set the downfall of such systems.
Breaking that down, we must understand that such ultra-strong OS's are based and built on what's called the operating systems kernel. You can kind of compare the OS kernel to a piece of kernel from corn. The kernel on the corn is the product of the genetic makeup of corn. The product of the OS kernel is the visual genetic make up of the OS kernel. Though the common user doesn't really have need for something that is so strong, the US Governemnt does and employs such systems on an every day basis. Now, understand that brief synopsus of systems that aren't in wide use nowadays, we move onto what is considered the secure coding. Consider this, if the OS is not based on a secure OS capable of maintaining the domain demands for its own execution, how can we possible seek to have it secure what we need? Well, that's the good part. The common OS is based on a secure OS capable of maintaining the domain demands for its own execution. Therefore, the capabilities of protection the application code from malicious subversion (worms, virus', hacks, etc) are all considered high degree's of security. Considering that, be assured that to purchase such a machine would be considerably expensive. To counter-act such a thing, the commercial world produced what is considered the "low security" catagory machine. It still relies on the same features as its big brother, but not without help. And this help comes in the form of various softwares (which will be discussed at a later time).
To bring this brief article to a close, I set down some terminology that I've gone and looked up. This is all standard terminology, just given out in the lay-man terms.
- Authentication techniques can be used to ensure that communication end-points are who they say they are.
- Capability and access control list techniques can be used to ensure privilege separation and mandatory access control. The next sections discuss their use.
- Chain of trust techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system's designers.
- Cryptographic techniques can be used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified.
- Firewalls can provide some protection from online intrusion.
- Mandatory access control can be used to ensure that privileged access is withdrawn when privileges are revoked. For example, deleting a user account should also stop any processes that are running with that user's privileges.
- Secure cryptoprocessors can be used to leverage physical security techniques into protecting the security of the computer system.
- Microkernels can be reliable against errors: eg EROS and Coyotos.
- Access authorization restricts access to a computer to group of users through the use of authentication systems. These systems can protect either the whole computer - such as through an interactive logon screen - or individual services, such as an FTP server. There are many methods for identifying and authenticating users, such as passwords, identification cards, and, more recently, smart cards and biometric systems.
- Anti-virus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).
- Backups are a way of securing information; they are another copy of all the important computer files kept in another location. These files are kept on hard disks, CD-Rs, CD-RWs, and tapes. Suggested locations for backups are a fireproof, waterproof, and heat proof safe, or in a separate, offsite location than that in which the original files are contained. Some individuals and companies also keep their backups in safe deposit boxes inside bank vaults. There is also a fourth option, which involves using one of the file hosting services that backs up files over the Internet for both business and individuals.
- Encryption is used to protect the message from the eyes of others. It can be done in several ways by switching the characters around, replacing characters with others, and even removing characters from the message. These have to be used in combination to make the encryption secure enough, that is to say, sufficiently difficult to crack. Public key encryption is a refined and practical way of doing encryption. It allows for example anyone to write a message for a list of recipients, and only those recipients will be able to read that message.
- Firewalls are systems which help protect computers and computer networks from attack and subsequent intrusion by restricting the network traffic which can pass through them, based on a set of system administrator defined rules.
- Honey pots are computers that are either intentionally or unintentionally left vulnerable to attack by crackers. They can be used to catch crackers or fix vulnerabilities.
- Intrusion-detection systems can scan a network for people that are on the network but who should not be there or are doing things that they should not be doing, for example trying a lot of passwords to gain access to the network.
- Pinging: The ping application can be used by potential crackers to find if an IP address is reachable. If a cracker finds a computer they can try a port scan to detect and attack services on that computer.
- File Integrity Monitors are tools used to detect changes in the integrity of systems and files.
Stay tuned in for more articles. In the coming days, I'll be reviewing the possible catastrophy of Norton re-releasing "Norton Classic" as well as writing a few more articles offering more detail on what little we've gone over today.
