Understanding Security Capability of Information

System
The word security means that to be secure, to be free from danger. In information systems
security of the data that are kept in several components of the system should be kept secure
avoiding unauthorized access maintaining confidentiality and integrity of the information. it
is important to for a system to keep a close look at numerous aspects of
information system. Information systems and networks can be subjected to four generic
vulnerabilities. The first being unauthorized access to information. Moreover,
even more harm might occur if the fact of unauthorized access to information has
gone neglected, because it'd be impossible to take remedial action. The second generic
vulnerability is an alteration of information. For example, alteration
of logistics data might significantly disrupt deployments if troops or supplies were re-routed
to the wrong destinations or supply requests were deleted. The other vulnerability is the denial
of service. By denying or delaying access to electronic services, an adversary might compromise
operational planning and execution, especially for time crucial tasks. For example, the attacks
that resulted in the unavailability of weather information systems might delay the planning for
military operations. Denial of service is, in the view of many, the most serious
vulnerability, because the denial of service attacks comparatively simple to do and
sometimes require relatively little technical sophistication. Having the information of the
vulnerabilities one should also be able to understand the security capabilities of the
data systems. The security capabilities of data system include memory protection, virtualization,
interfaces and fault tolerance.

MEMORY PROTECTION

Memory that belongs to a process is implicitly protected by its private virtual address space.
Additionally, Windows provides memory protection by using the virtual memory hardware. The
implementation of this protection varies with the processor, for example, code pages in the
address space of a process can be marked read-only and protected from modification by user –
mode threads.

VIRTUALIZATION

In computing, virtualization refers to the act of creating a virtual (rather than actual) version of
something, together with virtual computer hardware platforms, operating systems, storage
devices, and computer network resources. Virtualization is the method of creating a software-
based (or virtual) representing of something rather than a physical one. A virtual computer
system is known as a “virtual machine” (VM): a tightly isolated software container with an OS
and application within. Every self-contained VM is totally independent. Putting multiple VMs on
a single computer allows many operational systems and applications to run on just one physical
server, or “host”. A thin layer of software referred to as a hypervisor decouples the virtual
machines from the host and dynamically allocated computing resources to every virtual machine
as needed.

THE VIRTUAL MACHINE

A virtual computer system is known as a virtual machine. Each self contained VM is completely
independent.

TRUSTED PLATFORM MODULE

Trusted Platform Module (TPM) is an international standard for a secure crypto processor, which
may be a dedicated microcontroller designed to secure hardware by integrating cryptographic
keys into devices. Trusted Platform Module offers facilities for the secure generation of
cryptographic keys, and limitation of their use, additionally to a random number generator.

FAULT

Fault system fails when it cannot meet its promises (specifications). An error is part of a system
state that may lead to a failure. A fault is a reason behind the error.

Faults can be classified into one of 3 categories:

Transient faults: These occur once and then disappear. For example, a network message
transmission times out but works fine when attempted a second time.
Intermittent faults: These are the most annoying of component faults. This fault is
characterized by a fault occurring, then vanishing again, then occurring. An example of this kind
of fault is a loose connection.

Permanent faults: This fault is persistent: it continues to exist until the faulty component is
repaired or replaced. Examples of this fault are disk head crashes, software bugs, and burnt-out
hardware. Any of these faults may be either a fail-silent failure (also referred to as fail-stop) or a
Byzantine failure. A fail-silent fault is one where the faulty unit stops functioning and produces
no ill output (it produces no output or produces output to indicate failure).

FAULT TOLERANCE

Fault tolerance is the property that allows a system to continue in operation properly in the event
of the failure of (or one or more faults within) some of its components. If its operating quality
decreases at all, the decrease is proportional to the severity of the failure, as compared to a
naively designed system in which even a small failure will cause the total breakdown. Fault
tolerance is particularly asked for in high-availability or life-critical systems. The ability to
maintain functionality when portions of a system break down is referred to as graceful
degradation.

HARDWARE

Computer hardware is the physical parts or components of a computer, such as a monitor,

keyboard,

Computer data storage, hard disk drive (HDD), graphic card, sound card, memory (RAM),

Motherboard, and so on, all of which are tangible physical objects. It is best described as any

The physical component of a computer system that contains a circuit board, ICs, or other
electronics.

PROCESSOR
A processor is the logic circuitry that responds to and processes the basic instructions that drive
a computer. The four primary functions of a processor are fetching, decode, execute and write
back.

MULTITASKING

In computing, multitasking may be a conception of performing multiple tasks (also called

processes) over a particular period of time by executing them concurrently. New tasks start and
interrupt already started ones before they have reached completion, rather than executing the
tasks sequentially so every started task must reach its end before a new one is started. As a result,
a computer executes segments of multiple tasks in an interleaved manner, while the tasks share
common processing resources like central processing units (CPUs) and main memory.

MULTIPROCESSING

Multiprocessing is the use of two or more central processing units (CPUs) within a single
computer system. The term also refers to the capability of a system to support over one
processor and/or the capability to assign tasks between them. There are several variations on
this basic theme, and the definition of multiprocessing will vary with context, mostly as a function
of how CPUs are defined (multiple cores on one die, multiple dies in one package, multiple
packages in one system unit, etc.).

MULTITHREADING

In computer architecture, multithreading is the ability of a central processing unit (CPU) or a

single core in a multi-core processor to execute multiple processes or threads at the same time,
suitably supported by the OS. This approach differs from multiprocessing, like multithreading the
processes and threads have to share the resources of a single or multiple cores: the computing
units, the CPU caches, and the translation look aside buffer (TLB).

Where multiprocessing systems include multiple complete processing units, multithreading aims
to increase utilization of a single core by using thread-level additionally as instruction-level
parallelism. As the two techniques are complementary, they're generally combined in systems
with multiple multithreading CPUs and in CPUs with multiple multithreading cores.

MULTIPROGRAMMING

Multiprogramming could be a basic type of parallel processing in which several programs are run
at the same time on a uniprocessor. Since there is just one processor, there can be no true
concurrent execution of various programs. Instead, the OS executes a part of one program, then
a part of another, and so on. To the user, it seems that all programs are executing at the same
time.

If the machine has the capability of inflicting an interrupt after a specified time interval, then the
OS can execute every program for a given length of time, regain control, and then execute
another program for a given length of time, and so on. In the absence of this mechanism, the OS
has no choice but to start to execute a program with the expectation, but not the certainty, that
the program can eventually return control to the OS.

Hardware and Software vulnerabilities

Hardware Vulnerabilities

Hardware is more visible than software, mostly because it's composed of physical objects.
because we can able to} see what devices are hooked to the system, it is rather easy to attack by
adding devices, changing them, removing them, intercepting the traffic to them, or flooding them
with traffic until they can no longer function. However, designers will usually put safeguards in
situ.

Software Vulnerabilities

Computing equipment is of little use without the software (operating system, controllers, utility
programs, and application programs) that users expect. The software can be replaced, changed,
or destroyed maliciously, or it can be modified, deleted, or misplaced accidentally. Whether
intentional or not, these attacks exploit the software’s vulnerabilities. Sometimes, the attacks are
obvious, as once the software package not runs.