Professional Documents
Culture Documents
Computer security
Moudle-1
Need for Security, Security Approaches, Principles of
Security, Types of Attacks
Security Models
An organization can take several approaches to implement its security
model.
• No security the approach could be a decision to implement no
security at all
• Security through obscurity In this model, a system is secure simply
because nobody knows about its existence and contents.
• Host security In this scheme, the security for each host is enforced
individually.
• Network security In this technique, the focus is to control network
access to various hosts and their services, rather than individual host
security
Security Management Practices
A good security policy and its proper implementation go a long way in
ensuring adequate security management practices.
Key aspects are:
➢ Affordability: Cost and effort in security implementation.
➢Functionality: Mechanism of providing security.
➢Cultural issues: Whether the policy gels well with people’s
expectations, working style and beliefs.
➢Legality: Whether the policy meets the legal requirements
1.3 SECURITY POLICY
• Risk ->Secure->Action
• To control the threats
• Providing techniques & measures(e.g Audit)
• Developing a secure computing platform to restrict the users
to perform the only particular actions that is permitted.
• At the same time restrict this user to misuse their rights to
use the system.
1. External Approach:- for external attacker
2. Internal Approach:- for inside environmental attack
1.4 SECURITY TECHNIQUES
• Cryptographic Techniques:- Confidentiality & integrity of data
• Authentication Techniques:- to guarantee that communication
end-points.
E.g:- who they say the are.