Computer security is a branch of computer technology known as information security Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. Mainly the Information Security Consultants are associated with it as applied to computers A computer is a programmable machine that receives input, stores and manipulates data//information, and provides output in a useful format and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. The strategies and methodologies of computer security often differ from most other computer technologies because of its somewhat eluding objective of preventing unwanted computer behavior instead of enabling wanted computer behavior.

Contents 1 Security by design 1.1 Early history of security by design 2 Security architecture 3 Hardware mechanisms that protect computers and data 4 Secure operating systems 5 Secure coding 6 Capabilities vs. ACLs 7 Applications 7.1 In aviation 7.1.1 Notable system accidents 8 Terminology 9 Notes 10 See also 11 References 12 External links

Security by design

Main article: Security by design Secure by design, in software engineering, means that the software has been designed from the ground up to be secure. Malicious practices are taken for granted and care is taken to minimize impact when a security vulnerability is discovered or on invalid user input

The technologies of computer security are based on logic Logic is the study of reasoning. Logic is used in most intellectual activities, but is studied primarily in the disciplines of philosophy, mathematics, and computer science. Logic examines general forms which arguments may take, which forms are valid, and which are fallacies. It is one kind of critical thinking. In philosophy, the study of logic. As security is not necessarily the primary goal of most computer applications, designing a program with security in mind often imposes restrictions on that program's behavior.

There are 4 approaches to security Security has to be compared to related concepts: safety, continuity, reliability. The key difference between security and reliability is that security must take into account the actions of people attempting to cause destruction in computing Computing, also known as computer science, is usually defined as the activity of using and improving computer technology, computer hardware and software. It is the computer-specific part of information technology. Computer science is the study and the science of the theoretical foundations of information and computation and their implementation, sometimes a combination of approaches is valid:

1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity Many current computer systems have only limited security precautions in place. This computer insecurity article describes the current battlefield of computer security exploits and defenses. Please see the computer security article for an alternative approach, based on security engineering principles).
2. Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious branch and path analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity Many current computer systems have only limited security precautions in place. This computer insecurity article describes the current battlefield of computer security exploits and defenses. Please see the computer security article for an alternative approach, based on security engineering principles).
4. Trust no software but enforce a security policy with trustworthy hardware mechanisms.

Computers consist of software executing atop hardware, and a "computer system" is, by frank definition, a combination of hardware, software (and, arguably, firmware, should one choose so separately to categorize it) that provides specific functionality, to include either an explicitly expressed or (as is more often the case) implicitly carried along security policy. Indeed, citing the Department of Defense Trusted Computer System Evaluation Criteria (the TCSEC, or Orange Book)—archaic though that may be —the inclusion of specially designed hardware features, to include such approaches as tagged architectures and (to particularly address "stack smashing" attacks of recent notoriety) restriction of executable text to specific memory regions and/or register groups, was a sine qua non of the higher evaluation classes, to wit, B2 and above.)

Many systems have unintentionally resulted in the first possibility. Since approach two is expensive and non-deterministic, its use is very limited. Approaches one and three lead to failure. Because approach number four is often based on hardware mechanisms and avoids abstractions and a multiplicity of degrees of freedom, it is more practical. Combinations of approaches two and four are often used in a layered architecture with thin layers of two and thick layers of four.

There are various strategies and techniques used to design security systems. However there are few, if any, effective strategies to enhance security after design. One technique enforces the principle of least privilege In information security, computer science, and other fields, the principle of least privilege, also known as the principle of minimal privilege or just least privilege, requires that in a particular abstraction layer of a computing environment, every module must be able to access only such information and resources that are necessary to its to great extent, where an entity has only the privileges that are needed for its function. That way even if an attacker gains access to one part of the system, fine-grained security ensures that it is just as difficult for them to access the rest.

Furthermore, by breaking the system up into smaller components, the complexity of individual components is reduced, opening up the possibility of using techniques such as automated theorem proving Automated theorem proving or automated deduction, currently the most well-developed subfield of automated reasoning (AR), is the proving of mathematical theorems by a computer program to prove the correctness of crucial software subsystems. This enables a closed form solution In mathematics, an expression is said to be a closed-form expression if, and only if, it can be expressed analytically in terms of a bounded number of certain "well-known" functions. Typically, these well-known functions are defined to be elementary functions – constants, one variable x, elementary operations of arithmetic , nth roots, to security that works well when only a single well-characterized property can be isolated as critical, and that property is also assessible to math. Not surprisingly, it is impractical for generalized correctness, which probably cannot even be defined, much less proven. Where formal correctness proofs are not possible, rigorous use of code review Code review is systematic examination of computer source code intended to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developers' skills and unit testing In computer programming, unit testing is a software verification and validation method in which a programmer tests if individual units of source code are fit for use. A unit is the smallest testable part of an application. In procedural programming a unit may be an individual function or procedure represent a best-effort approach to make modules secure.

The design should use "defense in depth Defense in Depth is an Information Assurance strategy in which multiple layers of defense are placed throughout an Information Technology (IT) system. It addresses security vulnerabilities in personnel, technology and operations for the duration of the system's lifecycle", where more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds. Defense in depth works when the breaching of one security measure does not provide a platform to facilitate subverting another. Also, the cascading principle acknowledges that several low hurdles does not make a high hurdle. So cascading several weak mechanisms does not provide the safety of a single stronger mechanism.

Subsystems should default to secure settings, and wherever possible should be designed to "fail secure" rather than "fail insecure" (see fail-safe Fail-safe or fail-secure describes a device or feature which, in the event of failure, responds in a way that will cause no harm, or at least a minimum of harm, to other devices or danger to personnel. Fail-safe components of a system are distinguished from fail-secure components in that, in the former, component failure allows, but does not cause for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.

In addition, security should not be an all or nothing issue. The designers and operators of systems should assume that security breaches are inevitable. Full audit trails Audit records typically result from activities such as transactions or communications by individual people, systems, accounts or other entities should be kept of system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks. Finally, full disclosure In computer security, full disclosure means to disclose all the details of a security problem which are known. It is a philosophy of security management completely opposed to the idea of security through obscurity. The concept of full disclosure is controversial, but not new; it has been an issue for locksmiths since the 19th century helps to ensure that when bugs are found the "window of vulnerability Vulnerability is the susceptibility to physical or emotional injury or attack. It also means to have one's guard down, open to censure or criticism; assailable. Vulnerability refers to a person's state of being liable to succumb, as to persuasion or temptation" is kept as short as possible.

Early history of security by design

The early Multics Multics was an extremely influential early time-sharing operating system. The project was started in 1964. The last known running Multics installation was shut down on October 30, 2000 at the Canadian Department of National Defense in Halifax, Nova Scotia, Canada operating system was notable for its early emphasis on computer security by design, and Multics was possibly the very first operating system to be designed as a secure system from the ground up. In spite of this, Multics' security was broken, not once, but repeatedly. The strategy was known as 'penetrate and test' and has become widely known as a non-terminating process that fails to produce computer security.^{[citation needed]} This led to further work on computer security that prefigured modern security engineering Security engineering is a specialized field of engineering that deals with the development of detailed engineering plans and designs for security features, controls and systems. It is similar to other systems engineering activities in that its primary motivation is to support the delivery of engineering solutions that satisfy pre-defined techniques producing closed form processes that terminate.

Security architecture

Main article: Security architecture Security provided by IT Systems can be defined as the IT system’s ability to being able to protect confidentiality and integrity of processed data, as well as to be able to provide availability of the system and data

Security Architecture can be defined as the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall information technology architecture. These controls serve the purpose to maintain the system's quality attributes, among them confidentiality Confidentiality is an ethical principle associated with several professions . In ethics, and (in some places) in law and alternative forms of legal dispute resolution such as mediation, some types of communication between a person and one of these professionals are "privileged" and may not be discussed or divulged to third parties. In, integrity Integrity is a concept of consistency of actions, values, methods, measures, principles, expectations and outcomes. In western ethics, integrity is regarded as the quality of having an intuitive sense of honesty and truthfulness in regard to the motivations for one's actions.[citation needed] Integrity can be regarded as the opposite of hypocrisy,, availability 1. The degree to which a system, subsystem, or equipment is operable and in a committable state at the start of a mission, when the mission is called for at an unknown, i.e., a random, time. Simply put, availability is the proportion of time a system is in a functioning condition, accountability Accountability is a concept in ethics and governance with several meanings. It is often used synonymously with such concepts as responsibility, answerability, blameworthiness, liability, and other terms associated with the expectation of account-giving. As an aspect of governance, it has been central to discussions related to problems in the and assurance."^[1]. A security architecture is the plan that shows where security measures need to be placed. If the plan describes a specific solution then, prior to building such a plan, one would make a risk analysis. If the plan describes a generic high level design (reference architecture) then the plan should be based on a threat analysis.^{[citation needed]}

Hardware mechanisms that protect computers and data

Hardware based or assisted computer security offers an alternative to software-only computer security. Devices such as dongles A dongle is a small piece of hardware that connects to a laptop or desktop computer. It is a portable device and is often close to the appearance of a USB flash drive. Although earlier use of dongles was to authenticate a piece of software, the word dongle is now widely used to refer to a broadband wireless adaptor may be considered more secure due to the physical access required in order to be compromised.

While many software based security solutions encrypt the data to prevent data from being stolen, a malicious program or a hacker may corrupt the data in order to make it unrecoverable or unusable. Similarly, encrypted operating systems can be corrupted by a malicious program or a hacker, making the system unusable. Hardware-based security solutions can prevent read and write access to data and hence offers very strong protection against tampering and unauthorized access.^{[citation needed]}

Working of hardware based security: A hardware device allows a user to login, logout and to set different privilege levels by doing manual actions. The device uses biometric technology to prevent malicious users from logging in, logging out, and changing privilege levels. The current state of a user of the device is read both by a computer and controllers in peripheral devices such as harddisks. Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by harddisk and DVD controllers making illegal access to data impossible. Hardware based access control is more secure than logging in and logging out using operating systems as operating systems are vulnerable to malicious attacks. Since software cannot manipulate the user privilege levels, it is impossible for a hacker or a malicious program to gain access to secure data protected by hardware or perform unauthorized privileged operations. The hardware protects the operating system image and file system privileges from being tampered. Therefore, a completely secure system can be created using a combination of hardware based security and secure system administration policies.

Secure operating systems

Main article: Secure operating systems

One use of the term computer security refers to technology to implement a secure operating system An operating system is the software on a computer that manages the way different programs use its hardware, and regulates the ways that a user controls the computer. Operating systems are found on almost any device that contains a computer with multiple programs—from cellular phones and video game consoles to supercomputers and web servers. Some. Much of this technology is based on science developed in the 1980s and used to produce what may be some of the most impenetrable operating systems ever. Though still valid, the technology is in limited use today, primarily because it imposes some changes to system management and also because it is not widely understood. Such ultra-strong secure operating systems are based on operating system kernel In computing, the 'kernel' is the central component of most computer operating systems; it can be thought of as the bridge between applications and the actual data processing done at the hardware level. The kernel's responsibilities include managing the system's resources . Usually as a basic component of an operating system, a kernel can provide technology that can guarantee that certain security policies are absolutely enforced in an operating environment. An example of such a Computer security policy is the Bell-La Padula model. The strategy is based on a coupling of special microprocessor A microprocessor incorporates most or all of the functions of a computer's central processing unit on a single integrated circuit (IC, or microchip). The first microprocessors emerged in the early 1970s and were used for electronic calculators, using binary-coded decimal (BCD) arithmetic in 4-bit words. Other embedded uses of 4-bit and 8-bit hardware features, often involving the memory management unit A memory management unit , sometimes called paged memory management unit (PMMU), is a computer hardware component responsible for handling accesses to memory requested by the central processing unit (CPU). Its functions include translation of virtual addresses to physical addresses (i.e., virtual memory management), memory protection, cache, to a special correctly implemented operating system kernel. This forms the foundation for a secure operating system which, if certain critical parts are designed and implemented correctly, can ensure the absolute impossibility of penetration by hostile elements. This capability is enabled because the configuration not only imposes a security policy, but in theory completely protects itself from corruption. Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. The design methodology to produce such secure systems is precise, deterministic and logical.

Systems designed with such methodology represent the state of the art^{[clarification needed]} of computer security although products using such security are not widely known. In sharp contrast to most kinds of software, they meet specifications with verifiable certainty comparable to specifications for size, weight and power. Secure operating systems designed this way are used primarily to protect national security information, military secrets, and the data of international financial institutions. These are very powerful security tools and very few secure operating systems have been certified at the highest level (Orange Book Trusted Computer System Evaluation Criteria is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify and select computer systems being considered for the processing, storage and A-1) to operate over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only on the soundness of the design strategy, but also on the assurance of correctness of the implementation, and therefore there are degrees of security strength defined for COMPUSEC. The Common Criteria The Common Criteria for Information Technology Security Evaluation is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1 quantifies security strength of products in terms of two components, security functionality and assurance level (such as EAL levels), and these are specified in a Protection Profile A Protection Profile is a document used as part of the certification process according to the Common Criteria (CC). As the generic form of a Security Target (ST), it is typically created by a user or user community and provides is an implementation independent specification of information assurance security requirements. A PP is a combination of for requirements and a Security Target In an IT product certification process according to the Common Criteria , a Security Target (ST) is the central document, typically provided by the developer of the product, that specifies security evaluation criteria to substantiate the vendor's claims for the product's security properties for product descriptions. None of these ultra-high assurance secure general purpose operating systems have been produced for decades or certified under the Common Criteria.

In USA parlance, the term High Assurance usually suggests the system has the right security functions that are implemented robustly enough to protect DoD and DoE classified information. Medium assurance suggests it can protect less valuable information, such as income tax information. Secure operating systems designed to meet medium robustness levels of security functionality and assurance have seen wider use within both government and commercial markets. Medium robust systems may provide the same security functions as high assurance secure operating systems but do so at a lower assurance level (such as Common Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security functions are implemented flawlessly, and therefore less dependable. These systems are found in use on web servers, guards, database servers, and management hosts and are used not only to protect the data stored on these systems but also to provide a high level of protection for network connections and routing services.

Secure coding

Main article: Secure coding History has proven that software defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities. Through the analysis of thousands of reported vulnerabilities, security professionals have discovered that most vulnerabilities stem from a relatively small number of common software programming errors

If the operating environment is not based on a secure operating system capable of maintaining a domain for its own execution, and capable of protecting application code from malicious subversion, and capable of protecting the system from subverted code, then high degrees of security are understandably not possible. While such secure operating systems are possible and have been implemented, most commercial systems fall in a 'low security' category because they rely on features not supported by secure operating systems (like portability, et al.). In low security operating environments, applications must be relied on to participate in their own protection. There are 'best effort' secure coding practices that can be followed to make an application more resistant to malicious subversion.

In commercial environments, the majority of software subversion vulnerabilities In computer security, the term vulnerability is applied to a weakness in a system which allows an attacker to violate the integrity of that system. Vulnerabilities may result from weak passwords, software bugs, a computer virus or other malware, a script code injection, a SQL injection or misconfiguration result from a few known kinds of coding defects. Common software defects include buffer overflows In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it. The extra data overwrites adjacent memory, which may contain other data, including program variables and program flow control data. This may result in erratic program, format string vulnerabilities, integer overflow In computer programming, an integer overflow occurs when an arithmetic operation attempts to create a numeric value that is larger than can be represented within the available storage space. For instance, adding 1 to the largest value that can be represented constitutes an integer overflow. The most common result in these cases is for the least, and code/command injection Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by an attacker to introduce code into a computer program to change the course of execution. The results of a Code Injection attack can be disastrous. For instance, code injection is used by some Computer worms to propagate. It is to be immediately noted that all of the foregoing are specific instances of a general class of attacks, where situations in which putative "data" actually contains implicit or explicit, executable instructions are cleverly exploited.

Some common languages such as C and C++ are vulnerable to all of these defects (see Seacord, "Secure Coding in C and C++"). Other languages, such as Java, are more resistant to some of these defects, but are still prone to code/command injection and other software defects which facilitate subversion.

Recently another bad coding practice has come under scrutiny; dangling pointers Dangling pointers and wild pointers in computer programming are pointers that do not point to a valid object of the appropriate type. Dangling pointers arise when an object is deleted or deallocated, without modifying the value of the pointer, so that the pointer still points to the memory location of the deallocated memory. As the system may. The first known exploit for this particular problem was presented in July 2007. Before this publication the problem was known but considered to be academic and not practically exploitable.^[2]

Unfortunately, there is no theoretical model of "secure coding" practices, nor is one practically achievable, insofar as the variety of mechanisms are too wide and the manners in which they can be exploited are too variegated. It is interesting to note, however, that such vulnerabilities often arise from archaic philosophies in which computers were assumed to be narrowly disseminated entities used by a chosen few, all of whom were likely highly educated, solidly trained academics with naught but the goodness of mankind in mind. Thus, it was considered quite harmless if, for (fictitious) example, a FORMAT string in a FORTRAN program could contain the J format specifier to mean "shut down system after printing." After all, who would use such a feature but a well-intentioned system programmer? It was simply beyond conception that software could be deployed in a destructive fashion.

It is worth noting that, in some languages, the distinction between code (ideally, read-only) and data (generally read/write) is blurred. In LISP, particularly, there is no distinction whatsoever between code and data, both taking the same form: an S-expression can be code, or data, or both, and the "user" of a LISP program who manages to insert an executable LAMBDA segment into putative "data" can achieve arbitrarily general and dangerous functionality. Even something as "modern" as Perl offers the eval() function, which enables one to generate Perl code and submit it to the interpreter, disguised as string data.

Capabilities vs. ACLs

Main articles: Access control list An access control list , with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation. For instance, if a file has an and Capability (computers) Capability-based security is a concept in the design of secure computing systems. A capability is a communicable, unforgeable token of authority. It refers to a value that references an object along with an associated set of access rights. A user program on a capability-based operating system must use a capability to access an object. Capability-

Within computer systems, two security models capable of enforcing privilege separation are access control lists An access control list , with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation. For instance, if a file has an (ACLs) and capabilities Capability-based security is a concept in the design of secure computing systems. A capability is a communicable, unforgeable token of authority. It refers to a value that references an object along with an associated set of access rights. A user program on a capability-based operating system must use a capability to access an object. Capability-. The semantics of ACLs have been proven to be insecure in many situations (e.g., Confused deputy problem). It has also been shown that ACL's promise of giving access to an object to only one person can never be guaranteed in practice. Both of these problems are resolved by capabilities. This does not mean practical flaws exist in all ACL-based systems, but only that the designers of certain utilities must take responsibility to ensure that they do not introduce flaws.

Capabilities have been mostly restricted to research operating systems An operating system is the software on a computer that manages the way different programs use its hardware, and regulates the ways that a user controls the computer. Operating systems are found on almost any device that contains a computer with multiple programs—from cellular phones and video game consoles to supercomputers and web servers. Some and commercial OSs still use ACLs. Capabilities can, however, also be implemented at the language level, leading to a style of programming that is essentially a refinement of standard object-oriented design. An open source project in the area is the E language E is an object-oriented programming language for secure distributed computing, created by Mark S. Miller, Dan Bornstein, and others at Electric Communities in 1997. E is mainly descended from the concurrent language Joule and from Original-E, a set of extensions to Java for secure distributed programming. E combines message-based computation with.

First the Plessey System 250 The Plessey 250 was a computer system manufactured by the Plessey company. It was successfully deployed by the MOD for the British Army Ptarmigan project and served in the 1st Gulf War as a tactical mobile communication switch. It was only a moderate commercial success for the public telecommunication industry. System 250 is notable historically and then Cambridge CAP computer demonstrated the use of capabilities, both in hardware and software, in the 1970s. A reason for the lack of adoption of capabilities may be that ACLs appeared to offer a 'quick fix' for security without pervasive redesign of the operating system and hardware.^{[citation needed]}

The most secure computers are those not connected to the Internet and shielded from any interference. In the real world, the most security comes from operating systems An operating system is the software on a computer that manages the way different programs use its hardware, and regulates the ways that a user controls the computer. Operating systems are found on almost any device that contains a computer with multiple programs—from cellular phones and video game consoles to supercomputers and web servers. Some where security Security has to be compared to related concepts: safety, continuity, reliability. The key difference between security and reliability is that security must take into account the actions of people attempting to cause destruction is not an add-on.

Applications

Computer security is critical in almost any technology-driven industry which operates on computer systems.Computer security can also be referred to as computer safety. The issues of computer based systems and addressing their countless vulnerabilities are an integral part of maintaining an operational industry.^[3]

In aviation

The aviation industry is especially important when analyzing computer security because the involved risks include human life, expensive equipment, cargo, and transportation infrastructure. Security can be compromised by hardware and software malpractice, human error, and faulty operating environments. Threats that exploit computer vulnerabilities can stem from sabotage, espionage, industrial competition, terrorist attack, mechanical malfunction, and human error.^[4]

The consequences of a successful deliberate or inadvertent misuse of a computer system in the aviation industry range from loss of confidentiality to loss of system integrity, which may lead to more serious concerns such as data theft or loss, network and air traffic control Air traffic control is a service provided by ground-based controllers who direct aircraft on the ground and in the air. The primary purpose of ATC systems worldwide is to separate aircraft to prevent collisions, to organize and expedite the flow of traffic, and to provide information and other support for pilots when able. In some countries, ATC outages, which in turn can lead to airport closures, loss of aircraft, loss of passenger life. Military systems that control munitions can pose an even greater risk.

A proper attack does not need to be very high tech or well funded; for a power outage at an airport alone can cause repercussions worldwide.^[5]. One of the easiest and, arguably, the most difficult to trace security vulnerabilities is achievable by transmitting unauthorized communications over specific radio frequencies. These transmissions may spoof air traffic controllers or simply disrupt communications altogether. These incidents are very common, having altered flight courses of commercial aircraft and caused panic and confusion in the past.^{[citation needed]} Controlling aircraft over oceans is especially dangerous because radar surveillance only extends 175 to 225 miles offshore. Beyond the radar's sight controllers must rely on periodic radio communications with a third party.

Lightning, power fluctuations, surges, brown-outs, blown fuses, and various other power outages instantly disable all computer systems, since they are dependent on an electrical source. Other accidental and intentional faults have caused significant disruption of safety critical systems throughout the last few decades and dependence on reliable communication and electrical power only jeopardizes computer safety.^{[citation needed]}

Notable system accidents

In 1994, over a hundred intrusions were made by unidentified crackers into the Rome Laboratory, the US Air Force's main command and research facility. Using trojan horse viruses, hackers were able to obtain unrestricted access to Rome's networking systems and remove traces of their activities. The intruders were able to obtain classified files, such as air tasking order systems data and furthermore able to penetrate connected networks of National Aeronautics and Space Administration's Goddard Space Flight Center, Wright-Patterson Air Force Base, some Defense contractors, and other private sector organizations, by posing as a trusted Rome center user.^[6] Now, a technique called Ethical hack testing is used to remediate these issues.^{[citation needed]}

Electromagnetic interference is another threat to computer safety and in 1989, a United States Air Force F-16 jet accidentally dropped a 230 kg bomb in West Georgia after unspecified interference caused the jet's computers to release it. ^[7]

A similar telecommunications accident also happened in 1994, when two UH-60 Blackhawk helicopters were destroyed by F-15 aircraft in Iraq because the IFF system's encryption system malfunctioned.^{[citation needed]}

Terminology

The following terms used in engineering secure systems are explained below.

• Authentication techniques can be used to ensure that communication end-points are who they say they are.
• Automated theorem proving and other verification tools can enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications.
• Capability and access control list techniques can be used to ensure privilege separation and mandatory access control. This section discusses their use.
• Chain of trust techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system's designers.
• Cryptographic techniques can be used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified.
• Firewalls can provide some protection from online intrusion.

• A microkernel is a carefully crafted, deliberately small corpus of software that underlies the operating system per se and is used solely to provide very low-level, very precisely defined primitives upon which an operating system can be developed. A simple example with considerable didactic value is the early '90s GEMSOS (Gemini Computers), which provided extremely low-level primitives, such as "segment" management, atop which an operating system could be built. The theory (in the case of "segments") was that—rather than have the operating system itself worry about mandatory access separation by means of military-style labeling—it is safer if a low-level, independently scrutinized module can be charged solely with the management of individually labeled segments, be they memory "segments" or file system "segments" or executable text "segments." If software below the visibility of the operating system is (as in this case) charged with labeling, there is no theoretically viable means for a clever hacker to subvert the labeling scheme, since the operating system per se does not provide mechanisms for interfering with labeling: the operating system is, essentially, a client (an "application," arguably) atop the microkernel and, as such, subject to its restrictions.

• Endpoint Security software helps networks to prevent data theft and virus infection through portable storage devices, such as USB drives.

Some of the following items may belong to the computer insecurity article:

• Access authorization restricts access to a computer to group of users through the use of authentication systems. These systems can protect either the whole computer – such as through an interactive logon screen – or individual services, such as an FTP server. There are many methods for identifying and authenticating users, such as passwords, identification cards, and, more recently, smart cards and biometric systems.
• Anti-virus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).
• Applications with known security flaws should not be run. Either leave it turned off until it can be patched or otherwise fixed, or delete it and replace it with some other application. Publicly known flaws are the main entry used by worms to automatically break into a system and then spread to other systems connected to it. The security website Secunia provides a search tool for unpatched known flaws in popular products.
• Backups are a way of securing information; they are another copy of all the important computer files kept in another location. These files are kept on hard disks, CD-Rs, CD-RWs, and tapes. Suggested locations for backups are a fireproof, waterproof, and heat proof safe, or in a separate, offsite location than that in which the original files are contained. Some individuals and companies also keep their backups in safe deposit boxes inside bank vaults. There is also a fourth option, which involves using one of the file hosting services that backs up files over the Internet for both business and individuals.
  • Backups are also important for reasons other than security. Natural disasters, such as earthquakes, hurricanes, or tornadoes, may strike the building where the computer is located. The building can be on fire, or an explosion may occur. There needs to be a recent backup at an alternate secure location, in case of such kind of disaster. Further, it is recommended that the alternate location be placed where the same disaster would not affect both locations. Examples of alternate disaster recovery sites being compromised by the same disaster that affected the primary site include having had a primary site in World Trade Center I and the recovery site in 7 World Trade Center, both of which were destroyed in the 9/11 attack, and having one's primary site and recovery site in the same coastal region, which leads to both being vulnerable to hurricane damage (e.g. primary site in New Orleans and recovery site in Jefferson Parish, both of which were hit by Hurricane Katrina in 2005). The backup media should be moved between the geographic sites in a secure manner, in order to prevent them from being stolen.

Cryptographic techniques involve transforming information, scrambling it so it becomes unreadable during transmission. The intended recipient can unscramble the message, but eavesdroppers cannot.

• Encryption is used to protect the message from the eyes of others. It can be done in several ways by switching the characters around, replacing characters with others, and even removing characters from the message. These have to be used in combination to make the encryption secure enough, that is to say, sufficiently difficult to crack. Public key encryption is a refined and practical way of doing encryption. It allows for example anyone to write a message for a list of recipients, and only those recipients will be able to read that message.
• Firewalls are systems which help protect computers and computer networks from attack and subsequent intrusion by restricting the network traffic which can pass through them, based on a set of system administrator defined rules.
• Honey pots are computers that are either intentionally or unintentionally left vulnerable to attack by crackers. They can be used to catch crackers or fix vulnerabilities.
• Intrusion-detection systems can scan a network for people that are on the network but who should not be there or are doing things that they should not be doing, for example trying a lot of passwords to gain access to the network.
• Pinging The ping application can be used by potential crackers to find if an IP address is reachable. If a cracker finds a computer they can try a port scan to detect and attack services on that computer.
• Social engineering awareness keeps employees aware of the dangers of social engineering and/or having a policy in place to prevent social engineering can reduce successful breaches of the network and servers.
• File Integrity Monitors are tools used to detect changes in the integrity of systems and files.

Notes

1. ^ Definitions: IT Security Architecture. SecurityArchitecture.org, Jan, 2008
2. ^ New hacking technique exploits common programming error. SearchSecurity.com, July 2007
3. ^ J. C. Willemssen, "FAA Computer Security". GAO/T-AIMD-00-330. Presented at Committee on Science, House of Representatives, 2000.
4. ^ P. G. Neumann, "Computer Security in Aviation," presented at International Conference on Aviation Safety and Security in the 21st Century, White House Commission on Safety and Security, 1997.
5. ^ J. Zellan, Aviation Security. Hauppauge, NY: Nova Science, 2003, pp. 65–70.
6. ^ Information Security. United States Department of Defense, 1986
7. ^ Air Force Bombs Georgia. The Risks Digest, vol. 8, no. 72, May 1989

See also

Computer security portal

Attack tree Authentication Authorization CAPTCHA CERT Cloud computing security Computer security model Cryptographic hash function Cryptography Cyber security standards Dancing pigs Data security Differentiated security Ethical hack Fault tolerance Firewalls Formal methods

Human-computer interaction (security) Identity management Information Leak Prevention Internet privacy ISO/IEC 15408 Network Security Toolkit Network security OWASP Penetration test Physical information security Physical security Presumed security Proactive Cyber Defence Sandbox (computer security) Security Architecture Separation of protection and security

References

• Ross J. Anderson: Security Engineering: A Guide to Building Dependable Distributed Systems, ISBN 0-471-38922-6
• Morrie Gasser: Building a secure computer system ISBN 0-442-23022-2 1988
• Stephen Haag, Maeve Cummings, Donald McCubbrey, Alain Pinsonneault, Richard Donovan: Management Information Systems for the information age, ISBN 0-07-091120-7
• E. Stewart Lee: Essays about Computer Security Cambridge, 1999
• Peter G. Neumann: Principled Assuredly Trustworthy Composable Architectures 2004
• Paul A. Karger, Roger R. Schell: Thirty Years Later: Lessons from the Multics Security Evaluation, IBM white paper.
• Bruce Schneier: Secrets & Lies: Digital Security in a Networked World, ISBN 0-471-25311-1
• Robert C. Seacord: Secure Coding in C and C++. Addison Wesley, September, 2005. ISBN 0-321-33572-4
• Clifford Stoll: Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage, Pocket Books, ISBN 0-7434-1146-3
• Network Infrastructure Security, Angus Wong and Alan Yeung, Springer, 2009.

External links

• Security advisories links from the Open directory http://www.dmoz.org/Computers/Security/Advisories_and_Patches/
• Top 5 Security No Brainers for Businesses http://www.networkworld.com/community/node/59971
• Computer Security Tips http://www.21centurysecurity.com/category/categories/computer-security

Categories: Computer security | Electronic commerce | Secure communication | Computer network security | Security | Crime prevention | National security

 

 

See Also:

• Computers: Security: Internet: Privacy: Anonymized Access: Directory
• Computers: Security: Internet: Privacy: Products and Tools: Directory
• Computers: Security: Internet: Privacy: Products and Tools: Free: Directory

 

What Links Here:

 

Recently Viewed Pages:

• Web Search
• Search Terms
• Anonymous Web Browsing
• Computers: Internet: Proxying and Filtering: Hosted Proxy Services: Directory
• Home
• Proxy Lists: Blogs
• Chats and Forums: Images
• Anonymous Web Browsing: Answers
• Anonymous Web Browsing: Encyclopedia
• IP Address: Images

 

Most Popular Pages:

• Proxy Lists: Blogs
• Home
• Socks Lists: Blogs
• Fresh Elite Anonymous: Blogs
• American Hot Girls: Images
• Thai Lotto: Blogs
• Fresh Transparent Proxies: Blogs
• Xnxx: Images
• Computer Security: Web Search
• Www Magicwintip Com: Blogs

Related 'Computer Security' Searches:

related terms:	Secure Operating Systems	Security	Security Architecture	Computers
	Security Policy	Software	Hardware Mechanisms	Hardware Based Security
	Computing	Systems	Hardware Based	Applications

---

top user searches:	►

---

or search for "Computer security" in:		Web:		The Entire Web	Related Sites	Web Directories
		This Site:		Page Titles	Karr Network Sites*
		News:		Headlines	Weather	Events	Blogs
		Reference:		Encyclopedia	Dictionary	eTexts	Quotes
				Local Map	Answers
		Multimedia:		Images	Videos
		People:		Discussion Groups	Social Networking
		Shopping:		General Merch.	Consumer Opinion	Auctions	Classifieds

 

---

The Entire Web Web Directories Related* Sites Karr Network Sites* Page Titles Headlines Weather Events Blogs Encyclopedia Dictionary eTexts Quotes Answers Local Map Videos Images Social Networking Discussion Groups General Items Auctions Classifieds Consumer Opinion

Sitemap News Dictionary Encyclopedia Blogs Answers Videos Images Shopping Directory More…