CoSc 315

Computer Security

degree in (Computer Science)

Year - 4

MR.Negasi Chere
negasichere1981@gmail.com
Fundamentals of computer security & privacy

2
 Computer Security

-Computer Security is the protection of computing systems and

the data that they store or access.

-Computer security basically is the protection of computer

systems and information from harm, theft, and unauthorized use.

-The protection of data against unauthorized access. 

 Computer Security and its types?

One way to ascertain the similarities and differences among Computer Security is
by asking what is being secured. For example,
-Information security is securing information from unauthorized access,
modification & deletion
-Application Security is securing an application by building security features to
prevent from Cyber Threats such as SQL injection, DoS attacks, data breaches
and etc.
-Computer Security means securing a standalone machine by keeping it updated
and patched
-Network Security is by securing both the software and hardware technologies
-Cyber security is defined as protecting computer systems, which communicate
over the computer networks
 Why is Computer Security Important?

-In this digital era, we all want to keep our computers and our personal information
secure and hence computer security is important to keep our personal information
protected. It is also important to maintain our computer security and its overall
health by preventing viruses and malware which would impact on the system
performance.

-Security relates to a “security objective” or “security policy”, i.e. what is being

prevented? What activities or events should be prevented/ detected?

 Why is this important?

To prevent theft of or damage to the hardware,
To prevent theft of or damage to the information, and
To prevent disruption or interruption of service .
 Security Terminology
• Attacks & Security Threats
– An attempt to gain unauthorized access to system resources
and information.
– Attempt to compromise system integrity.
– Any kind of malicious activity that is used to collect, disrupt,
deny, degrade or destroy information system resources or
information itself.

• Cyber Security
– Process and practice designed to protect, network, computer,
program and data from attacks, damage and unauthorized
access.
• Keys & Password
– A Credential.
– The network/Computer security key is the password or
pass phrase that you use to authenticate with your
network/ computer.
• Authentication
– The process or action of proving or showing something
to be true, genuine, or valid.
– The process or action of verifying the identity of a user
or process
• Encryption
– The process of converting information or data into a
code, especially to prevent unauthorized access.
• Integrity
– Data integrity is the assurance that digital information is
uncorrupted and can only be accessed or modified by those
authorized to do so. 
– Integrity involves maintaining the consistency, accuracy and
trustworthiness of data over its entire lifecycle.
• Access Control
Access control is a security technique that can be used to regulate
who or what can view or use resources in a computing environment.
• Decipher (decrypt) - recovering cipher text from plaintext.
• Cryptography - study of encryption principles/methods.
• Cryptanalysis (code breaking) - the study of principles/
methods of deciphering cipher text without knowing key.
• Cryptology - the field of both cryptography and cryptanalysis.
Asset
Anything that needs to be protected because it has value and
contributes to the successful achievement of the organization’s
objectives
Threat
Any circumstance or event with the potential to cause harm to an
asset and result in harm to organization.
Vulnerability
The weakness in an asset that can e exploited by threat
Risk
Probability of a threat acting upon a vulnerability causing harm
to an asset
 Confidentiality, Integrity, and Availability (CIA Triad)
“The Fundamental Objectives of Information Security “

Computer security is mainly concerned with three main areas:

Security policies(goals) often fall into one of three catagories
• Confidentiality: Information should not be disclosed to
unauthorized parties.
• Integrity: information should not be modified in an unauthorized
manner .
• Availability: system or resource shall be available for use as
intended.
 Confidentiality
Ensures that data or an information system is accessed by only an
authorized person.
– User Id’s and passwords, access control lists (ACL) and policy
based security are some of the methods through which
confidentiality is achieved.

– Confidentiality is roughly equivalent to privacy. Measures

undertaken to ensure confidentiality are designed to prevent
sensitive information from reaching the wrong people, while
making sure that the right people can in fact get it.

A good example of methods used to ensure confidentiality is an Account Number or

PIN Number when banking online. User IDs and passwords constitute a standard
procedure; two-factor authentication is becoming the norm. Other options include
biometric verification and security tokens, and soft tokens.
 Integrity
Integrity assures that the data or information system, can be trusted.
Ensures that, it is edited by only authorized persons and remains in
its original state when at rest.
– Data encryption and hashing algorithms are key processes in
providing integrity.
– Integrity involves maintaining the consistency, accuracy, and
trustworthiness of data over its entire life cycle.
– Data must not be changed in transit, and steps must be taken to
ensure that data cannot be altered by unauthorized people (for
example, in a breach of confidentiality).
– Some data might include checksums, even cryptographic checksums,
for verification of integrity.
– Backups or redundancies must be available to restore the affected
data to its correct state.
 Availability
Data and information systems are available when required.

– Hardware maintenance, software patching/upgrading and

network optimization ensures availability.
– It’s also important to keep current all necessary system upgrades.
 
– Providing adequate communication bandwidth and preventing
the occurrence of bottlenecks are equally important.
– Redundancy, failover, RAID even high-availability clusters can
mitigate serious consequences when hardware issues do occur.
– Fast and adaptive disaster recovery is essential for the worst case
scenarios;
 SECURITY ASSETS
• In information security, computer security and network security,
an asset is any data, device, or other component of the
environment that supports information-related activities.
• Assets generally include hardware (e.g. servers and switches),
software (e.g. mission critical applications and support systems)
and confidential information.
• Assets should be protected from illicit access, use, disclosure,
alteration, destruction, and/or theft, otherwise, resulting in loss to
the organization.
• We can broadly classify assets in the following categories:
1. Information Assets,
2. Software Assets, and
3. Physical Assets
 Information Assets
Every piece of information about your organization falls in this
category. This information has been collected, classified, organized and
stored in various forms:
•Databases: Information about your customers, personnel, production,
sales, marketing, finances. This information is critical for your business.
It's confidentiality, integrity and availability is of utmost importance.
•Data files: Transactional data giving up-to-date information about
each event.
•Operational and support procedures: These have been developed
over the years and provide detailed instructions on how to perform
various activities.
•Archived information: Old information that may be required to be
maintained by law.
 Software Assets
These can be divided into two categories:
• Application software: Application software implements business
rules of the organization. Creation of application software is a time
consuming task. Integrity of application software is very important.
Any flaw in the application software could impact the business
adversely.
• System software: An organization would invest in various packaged
software programs like operating systems, DBMS, development
tools and utilities, software packages, office productivity suites etc.

Most of the software under this category would be ‘available’, and

‘off the shelf’, unless the software is obsolete or non-standard.
 Physical Assets

These are the visible and tangible equipment and could comprise of:
•Computer equipment: Mainframe computers, servers, desktops and
notebook computers.
•Communication equipment: Modems, routers, EPABXs and fax
machines.
•Storage media: Magnetic tapes, disks, CDs and DATs.
•Technical equipment: Power supplies, air conditioners.
•Furniture and fixtures
Security Attacks
Security Attacks
 Classify Security Attacks as
• Passive attacks - eavesdropping on or monitoring of
transmissions to:
– obtain message contents, or
– monitor traffic flows

• Active attacks – modification of data stream to:

– masquerade of one entity as some other: man-in-the-middle
– replay previous messages
– modify messages in transit
– Denial of Service
Model for Network Security
 Security Control/Mechanism
• Security Control (“security Mechanism”) is a component,
technique, or method to achieve or enforce security policy. For
example:
– smart card for voter
– password for sys-admin
– digital signature on email
– locked cabinet for server
• Security controls are safeguards or countermeasures to avoid,
detect, counteract, or minimize security risks to physical property,
information, computer systems, or other assets.
• Security controls are Administrative or Technical safeguards to
avoid, to minimize loss or to unavailability of resources due to
threats.
•
25
• Administrative Controls are the actions that people take.
• Technical Controls are carried out or managed by computer
systems.
• Both kind of controls can be classified in to :
Preventative controls: These exist to prevent the threat from
coming in contact with the weakness.
Detective controls: These exist to identify that the threat has
landed in our systems.
Corrective controls: These exist to mitigate or lessen the
effects of the threat being manifested.

26
 Computer Security Practices
Some preventive steps you can take include:
• Secure your computer physically by:
– Installing reliable, reputable security and anti-virus software

– Activating your firewall, because a firewall acts as a security guard between the internet
and your local area network 
• Stay up-to-date on the latest software and news surrounding your devices and perform
software updates as soon as they become available
• Avoid clicking on email attachments unless you know the source 
• Change passwords regularly, using a unique combination of numbers, letters and cases
• Use the internet with caution and ignore pop-ups, drive-by downloads while surfing
• Taking the time to research the basic aspects of computer security and educate yourself on
evolving cyber-threats
• Perform daily full system scans and create a periodic system backup schedule to ensure
your data is retrievable should something happen to your computer.
 Review Questions & Problem
• Define computer security.
• Explain about CIA Triad.
• What are different kind of Security Assets?
• What is the difference between passive and active security
threats?
• List and briefly define categories of passive and active network
security attacks.
• Consider an Automated Teller Machine (ATM) in which users
provide a personal identification number (PIN) and a card for
account access. Give examples of confidentiality, integrity, and
availability requirements associated with the system and, in
each case, indicate the degree of importance of the
requirement.
28
Thank You