Security Glossary

Details

Category: Security

Published on Monday, 08 August 2011 01:04

Written by Kinda Strange

Hits: 132

Adversary (threat agent)
An entity that attacks, or is a threat to, a system.

Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.

Countermeasure
An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.

Risk
An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.

Security Policy
A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.

System Resource (Asset)
Data contained in an information system; or a service provided by a system; or a system capability, such as processing power or communication bandwidth; or an item of system equipment (i.e., a system component— hardware, firmware, software, or documentation); or a facility that houses system operations and equipment.

Threat
A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.That is, a threat is a possible danger that might exploit a vulnerability.

Vulnerability
A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy.

Practice Safe Cyber

Details

Category: Security

Published on Sunday, 07 August 2011 16:05

Written by Kinda Strange

Hits: 194

Home Internet users are in increased danger from cyber attacks.  Research indicates that the majority of internet-based attacks are now aimed at home users due to their poor security measures.  Data theft and fraud can generate large amounts of wealth for online attackers. 

It is important for the home user to educate themselves about the different methods of protection to ensure their information remains safe.  Installing a firewall is an important step to prevent additional attacks against a home system.  Using both systems prevents there from being a single point of failure in an attack, creating a better defense for the home system.

A firewall cannot protect against problems that already exist on the system or problems that do not originate from outside the system.  For this reason, it is important to also have anti-virus and anti-mal-ware systems installed on the computer and kept up to date.  These systems should be set to update and run automatically and often to keep abreast of new threats.

Simple detection is not sufficient when dealing with fast attacks; prevention is also a necessity.  A network intrusion prevention system inspects network traffic to identify malicious, harmful, and/or illegitimate activity and then blocks that activity from accessing or using the system.  This system works in conjunction with a firewall to prevent attacks.

Read more: Practice Safe Cyber

What is Computer Security?

Details

Category: Security

Published on Sunday, 07 August 2011 22:39

Written by Kinda Strange

Hits: 122

Computer Security is the protection afforded to an automated information system.  This protection is intended to preserve the integrity, availability, and confidentiality of all system resources.  System resources include hardware, software, firmware, data, and telecommunications.

At the heart of computer security are the objectives of confidentiality, integrity, and availability. 

Confidentiality assures the confidentiality of data and the privacy of users.  Private and/or confidential information should not be made available or disclosed to unauthorized individuals.  Users should be able to control or influence the information related to them that is collected and stored by the system.  Users should also be able to control who can disclose that information as well as to whom that information can be disclosed.  If the information is disclosed in an unauthorized fashion, the system has lost confidentiality.  Confidentiality protects personal privacy and proprietary information.

Data integrity assures that all changes are made in a specified manner as authorized.  System integrity assures that the system remains unimpaired by deliberate, inadvertent, and/or unauthorized manipulation of the system.  Unauthorized modification or destruction of the system results in the loss of integrity.  Integrity ensures that the information is authentic and beyond repute. 

Confidentiality and integrity must go hand in hand with availability.  The systems must be available to authorized users and work promptly.  The disruption of access to or use of information results in a loss of availability.  Availability ensures that access to and use of the information is timely and reliable.

It is vital to ensure the authenticity of the system.  All traffic through and changes made to the system must be genuine and able to be verified and trusted.  A method must be put into place to ensure that users are who they claim to be and that all input comes from trusted sources.  The validity of all transmissions must be validated.

All activity must be traces back to an entity.  Any security breach must be traces back to a responsible party, necessitating records of all system activities for forensic analysis.

Computer Security: Principles and Practice, by William Stallings and Lawrie Brown. Published by Prentice Hall. Copyright © 2008 by Pearson Education, Inc.