Chapter 1: Introduction

Uploaded by

kashokcse16

0% found this document useful (0 votes)

5 views12 pages

Original Title

01.ppt

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

5 views12 pages

Chapter 1: Introduction

Uploaded by

kashokcse16

Copyright:

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 12

Search inside document

Chapter 1: Introduction

• Components of computer security

• Threats
• Policies and mechanisms
• The role of trust
• Assurance
• Operational Issues
• Human Issues
July 1, 2004 Computer Security: Art and Science Slide #1-1
©2002-2004 Matt Bishop
Basic Components
• Confidentiality
– Keeping data and resources hidden
• Integrity
– Data integrity (integrity)
– Origin integrity (authentication)
• Availability
– Enabling access to data and resources

July 1, 2004 Computer Security: Art and Science Slide #1-2

©2002-2004 Matt Bishop
Classes of Threats
• Disclosure
– Snooping
• Deception
– Modification, spoofing, repudiation of origin, denial of
receipt
• Disruption
– Modification
• Usurpation
– Modification, spoofing, delay, denial of service

July 1, 2004 Computer Security: Art and Science Slide #1-3

©2002-2004 Matt Bishop
Policies and Mechanisms
• Policy says what is, and is not, allowed
– This defines “security” for the site/system/etc.
• Mechanisms enforce policies
• Composition of policies
– If policies conflict, discrepancies may create
security vulnerabilities

July 1, 2004 Computer Security: Art and Science Slide #1-4

©2002-2004 Matt Bishop
Goals of Security
• Prevention
– Prevent attackers from violating security policy
• Detection
– Detect attackers’ violation of security policy
• Recovery
– Stop attack, assess and repair damage
– Continue to function correctly even if attack
succeeds

July 1, 2004 Computer Security: Art and Science Slide #1-5

©2002-2004 Matt Bishop
Trust and Assumptions
• Underlie all aspects of security
• Policies
– Unambiguously partition system states
– Correctly capture security requirements
• Mechanisms
– Assumed to enforce policy
– Support mechanisms work correctly

July 1, 2004 Computer Security: Art and Science Slide #1-6

secure precise broad

set of reachable states set of secure states

July 1, 2004 Computer Security: Art and Science Slide #1-7

©2002-2004 Matt Bishop
Assurance
• Specification
– Requirements analysis
– Statement of desired functionality
• Design
– How system will meet specification
• Implementation
– Programs/systems that carry out design

July 1, 2004 Computer Security: Art and Science Slide #1-8

©2002-2004 Matt Bishop
Operational Issues
• Cost-Benefit Analysis
– Is it cheaper to prevent or recover?
• Risk Analysis
– Should we protect something?
– How much should we protect this thing?
• Laws and Customs
– Are desired security measures illegal?
– Will people do them?
July 1, 2004 Computer Security: Art and Science Slide #1-9
©2002-2004 Matt Bishop
Human Issues
• Organizational Problems
– Power and responsibility
– Financial benefits
• People problems
– Outsiders and insiders
– Social engineering

July 1, 2004 Computer Security: Art and Science Slide #1-10

Design

Implementation

Operation

July 1, 2004 Computer Security: Art and Science Slide #1-11

©2002-2004 Matt Bishop
Key Points
• Policy defines security, and mechanisms
enforce security
– Confidentiality
– Integrity
– Availability
• Trust and knowing assumptions
• Importance of assurance
• The human factor
July 1, 2004 Computer Security: Art and Science Slide #1-12
©2002-2004 Matt Bishop

Globalization Lesson Plan
Document5 pages
Globalization Lesson Plan
Ramzen
81% (16)
Abinitio Components PDF
Document36 pages
Abinitio Components PDF
anil krishna
100% (2)
Principles of Information Security 4th Edition Whitman Chapter 1 Solutions PDF
Document51 pages
Principles of Information Security 4th Edition Whitman Chapter 1 Solutions PDF
BreanaAndreiFlorin
No ratings yet
Metrics For Responsible Property Investing: Developing and Maintaining A High Performance Portfolio
Document43 pages
Metrics For Responsible Property Investing: Developing and Maintaining A High Performance Portfolio
Lisa Michelle Galley
No ratings yet
Chapter 1: Introduction: - Components of Computer Security
Document22 pages
Chapter 1: Introduction: - Components of Computer Security
Lawrence Mutambuwa
No ratings yet
Chapter 1: Introduction
Document14 pages
Chapter 1: Introduction
Khawar Zulfiqar
No ratings yet
Lecture 2
Document8 pages
Lecture 2
Khawar Zulfiqar
No ratings yet
Chapter 4: Security Policies: - Overview - The Nature of Policies
Document27 pages
Chapter 4: Security Policies: - Overview - The Nature of Policies
Vicky Malik
No ratings yet
13 PDF
Document11 pages
13 PDF
Keerthana Muniappan
No ratings yet
Overview of Computer Security
Document21 pages
Overview of Computer Security
lpham74
100% (2)
Chapter 18: Introduction To Assurance: - Overview - Why Assurance? - Trust and Assurance - Life Cycle and Assurance
Document21 pages
Chapter 18: Introduction To Assurance: - Overview - Why Assurance? - Trust and Assurance - Life Cycle and Assurance
Keerthana Muniappan
No ratings yet
Computer Networks and Internets With Internet Applications, 4e by Douglas E. Comer
Document42 pages
Computer Networks and Internets With Internet Applications, 4e by Douglas E. Comer
Kiril Delovski
No ratings yet
Principles of Information Security 4th Edition Whitman Chapter 1 Solutions
Document51 pages
Principles of Information Security 4th Edition Whitman Chapter 1 Solutions
Jen Lee
73% (11)
CS461 01.overview
Document30 pages
CS461 01.overview
pawaryogesh
No ratings yet
Introduction To Computer Security Slide Set 1: CS498IA Spring 2007 Nikita Borisov
Document30 pages
Introduction To Computer Security Slide Set 1: CS498IA Spring 2007 Nikita Borisov
kashokcse16
No ratings yet
Introduction To Information Security Chapter 1
Document55 pages
Introduction To Information Security Chapter 1
spannclann
100% (1)
About The Presentations
Document55 pages
About The Presentations
perihelioness
No ratings yet
Unit 1 - CS
Document79 pages
Unit 1 - CS
yuydokosta
No ratings yet
Rancangan Pelajarn Tahun 2014 Form 4
Document7 pages
Rancangan Pelajarn Tahun 2014 Form 4
Jiro Birong
No ratings yet
Chapter 1 - PPT - ch01
Document58 pages
Chapter 1 - PPT - ch01
Fifa FIFA
No ratings yet
About The Presentations
Document55 pages
About The Presentations
alva yonara
No ratings yet
Principles of Information Security, Fourth Edition
Document54 pages
Principles of Information Security, Fourth Edition
moazzam kiani
No ratings yet
Principals of Information Security, Fourth Edition
Document54 pages
Principals of Information Security, Fourth Edition
Ira Ras
No ratings yet
Class 1 Sept 12, 2021
Document34 pages
Class 1 Sept 12, 2021
Angel Rivera
No ratings yet
CH 01
Document55 pages
CH 01
Mashael AlQasabi
No ratings yet
01 TEB2193 IAS - Intro Computer Security and IAS
Document38 pages
01 TEB2193 IAS - Intro Computer Security and IAS
Mandeep Singh
No ratings yet
Innovative Ideas in Privacy Research: Bb@cs - Purdue.edu
Document168 pages
Innovative Ideas in Privacy Research: Bb@cs - Purdue.edu
Logesh E
No ratings yet
A Security Business Case For Common Criteria
Document34 pages
A Security Business Case For Common Criteria
Abdul Rasheed
No ratings yet
Chapter 1 - PPT - ch01 Fa LL 2016
Document58 pages
Chapter 1 - PPT - ch01 Fa LL 2016
Fifa FIFA
No ratings yet
UNIT 1 Part-I
Document54 pages
UNIT 1 Part-I
245120733020
No ratings yet
Information Security Fundamentals Leture 01 Part 2
Document25 pages
Information Security Fundamentals Leture 01 Part 2
fsamreen30970
No ratings yet
TDS 1341 Lab 1 Question
Document11 pages
TDS 1341 Lab 1 Question
鲁肃津
No ratings yet
P311-Security Management Practices
Document4 pages
P311-Security Management Practices
Devika Tibrewal
No ratings yet
Chapter 26: Network Security
Document70 pages
Chapter 26: Network Security
Keerthana Muniappan
No ratings yet
Security+ Ch01
Document47 pages
Security+ Ch01
redlankan
No ratings yet
2007 11 00 Larry Clinton Globalized Supply Chain Conference
Document22 pages
2007 11 00 Larry Clinton Globalized Supply Chain Conference
isalliance
No ratings yet
Strawman IAS
Document12 pages
Strawman IAS
wallofklein
No ratings yet
Week 10 Cybersecurity
Document47 pages
Week 10 Cybersecurity
Joya Labao Macario-Balquin
No ratings yet
Fundamentals of Information Security
Document23 pages
Fundamentals of Information Security
Saniya Salim
No ratings yet
Information Security Challenges in Emerging Market
Document26 pages
Information Security Challenges in Emerging Market
Dandoch
No ratings yet
2007 11 28 Larry Clinton ISA Overview For Secure Manufacturing in The Age of Globalization Workshop
Document22 pages
2007 11 28 Larry Clinton ISA Overview For Secure Manufacturing in The Age of Globalization Workshop
isalliance
No ratings yet
Chapter 14: Identity
Document69 pages
Chapter 14: Identity
Keerthana Muniappan
No ratings yet
FALLSEM2022-23 CSE3501 ETH VL2022230103403 Reference Material I 08-08-2022 Lect 6
Document38 pages
FALLSEM2022-23 CSE3501 ETH VL2022230103403 Reference Material I 08-08-2022 Lect 6
Rajarshi Bose
No ratings yet
Lecture01 New
Document22 pages
Lecture01 New
AOWN RAZA HASHMI
No ratings yet
CH 01
Document9 pages
CH 01
Rovic Dimacali
No ratings yet
ch01 2
Document23 pages
ch01 2
Jener James B. Masibay
No ratings yet
UCA 2021 L01 Intro Basics (8 Files Merged)
Document390 pages
UCA 2021 L01 Intro Basics (8 Files Merged)
Gullayaz
No ratings yet
Data Security, Data Privacy, Ethics in Database
Document32 pages
Data Security, Data Privacy, Ethics in Database
ilham.ahmad.kamil-2020
No ratings yet
SANS MGT414 10 Course Book
Document100 pages
SANS MGT414 10 Course Book
rmriazur.ca
No ratings yet
Introductory Computer Security: CS461/ECE422 Fall 2010 Susan Hinrichs
Document27 pages
Introductory Computer Security: CS461/ECE422 Fall 2010 Susan Hinrichs
LIAWAS BARUKANG -
No ratings yet
Cyber Law and Security: UNIT-2
Document48 pages
Cyber Law and Security: UNIT-2
Vishal Gupta
No ratings yet
01 - Lecture 1-Introduction - EV - Privacy
Document36 pages
01 - Lecture 1-Introduction - EV - Privacy
Taif Alkaabi
No ratings yet
Information Security - FUNDAMENTALS
Document29 pages
Information Security - FUNDAMENTALS
Muneer Umar
No ratings yet
3 Telecom+Network Part1
Document105 pages
3 Telecom+Network Part1
花繼利
No ratings yet
PPT Ch01
Document65 pages
PPT Ch01
Charlito Mikolli
No ratings yet
2.critical Characteristics of Information
Document29 pages
2.critical Characteristics of Information
Vairavel Chenniyappan
No ratings yet
Unit 1 Information Security Concerns: Structure 1.1 1.2 1.3
Document20 pages
Unit 1 Information Security Concerns: Structure 1.1 1.2 1.3
Mr. MANTRA
No ratings yet
Lecture 1
Document56 pages
Lecture 1
Alhussain Darbi
No ratings yet
20 Computer Security
Document110 pages
20 Computer Security
lcm3766l
No ratings yet
Ethics in IT
Document13 pages
Ethics in IT
Prachi Agarwal
No ratings yet
IS Solutions
Document3 pages
IS Solutions
rohithatimsi
No ratings yet
Challenges and Ethical Issues in Artificial Intelligence
From Everand
Challenges and Ethical Issues in Artificial Intelligence
akosnemeth
No ratings yet
Security Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals
From Everand
Security Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals
Bob Fahy
No ratings yet
Amlock Leading Non Banking Financial Company Building Society in The UK
Document2 pages
Amlock Leading Non Banking Financial Company Building Society in The UK
Nguyễn Quốc Mạnh
No ratings yet
Answers For Test-secE
Document4 pages
Answers For Test-secE
Abhishek Sharda
100% (1)
Kaossilator Manual PDF
Document80 pages
Kaossilator Manual PDF
ypdea
No ratings yet
Advancedrestservices v1
Document26 pages
Advancedrestservices v1
Mikhail Bykov
No ratings yet
Powerflex 525 Adjustable Frequency Ac Drive: Product Information
Document2 pages
Powerflex 525 Adjustable Frequency Ac Drive: Product Information
OmarAlirioSuarezCañarete
No ratings yet
NURS FPX 6011 Assessment 3 Implementing Evidence-Based Practice
Document5 pages
NURS FPX 6011 Assessment 3 Implementing Evidence-Based Practice
Emma Watson
No ratings yet
Coin Review Guidelines Template
Document5 pages
Coin Review Guidelines Template
Awais Yasin
No ratings yet
Geostatistics in Petroleum Reservoir
Document202 pages
Geostatistics in Petroleum Reservoir
S.Alec Knowle
86% (7)
Maid Visa Process
Document2 pages
Maid Visa Process
Muvinda Jayasinghe
No ratings yet
Rolling of Ships
Document37 pages
Rolling of Ships
Mark Antolino
75% (8)
Datasheet: C P V 5 3 7 5 Compactpci Host Slot Processor Board
Document5 pages
Datasheet: C P V 5 3 7 5 Compactpci Host Slot Processor Board
primaryrate
No ratings yet
School Leadership
Document10 pages
School Leadership
Thea Macatangay Beredo
No ratings yet
Tube and Coupler
Document1 page
Tube and Coupler
Shams Tabrez
No ratings yet
1347875384webfinal - County Seat September 2012 28 Pages
Document28 pages
1347875384webfinal - County Seat September 2012 28 Pages
CoolerAds
No ratings yet
Contracts Forbes 2018 7
Document132 pages
Contracts Forbes 2018 7
Jjjjmmmm
No ratings yet
DAN Aluform Presentation
Document38 pages
DAN Aluform Presentation
ahs
No ratings yet
Cheat Sheet: Python For Data Science
Document1 page
Cheat Sheet: Python For Data Science
Shishir Ray
100% (1)
Arvind Textile Internship Report-Final 2015
Document50 pages
Arvind Textile Internship Report-Final 2015
Divyanshu Sagar
0% (1)
BUCOOL Business Planzzz
Document11 pages
BUCOOL Business Planzzz
Rachelle
100% (1)
Set A - Eteeap
Document16 pages
Set A - Eteeap
Romina Gravamen
No ratings yet
SST Project by Sreyansh Surana
Document16 pages
SST Project by Sreyansh Surana
Shreyansh surana
No ratings yet
1 ....
Document7 pages
1 ....
Cut Hanifah Fardhany
No ratings yet
Declaration of Cyber Advisory
Document5 pages
Declaration of Cyber Advisory
deeptanwar1997
No ratings yet
RC Group Brochure NEXT EVO DX Van DE WIT Datacenterkoeling
Document6 pages
RC Group Brochure NEXT EVO DX Van DE WIT Datacenterkoeling
eep saepudin
No ratings yet
2C00336 60
Document1 page
2C00336 60
Mahesh Khiwal
No ratings yet
Euralille - Centre International D'affaires Lille
Document20 pages
Euralille - Centre International D'affaires Lille
Hafiz Amirrol
No ratings yet