what is computer security
play

What is Computer Security? CSM27 Computer Security Dr Hans Georg - PowerPoint PPT Presentation

Aug 27, 2022 •330 likes •923 views

What is Computer Security? CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Autumn 2009 Week 1 Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 Week 1 1 / 38 The module Security in our Department

  1. What is Computer Security? CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Autumn 2009 – Week 1 Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 1 / 38

  2. The module Security in our Department Introduction to Multimedia Security Watermarking Cryptography Network Security Computer Security Web Security Many modules ⇒ Very specialised Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 2 / 38

  3. The module Module Objectives understand and be able to use formal models for computer security be able to avoid the many security pitfalls in computer system and software development apply defences against obvious and less obvious threats be able critically to evaluate security at each stage of the development process Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 3 / 38

  4. The module This module We will not deal with network security cryptography Our focus will tend towards The general and high-level The theoretical and formal Unfortunately, this means relatively few hands-on activities Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 4 / 38

  5. The module This module We will not deal with network security cryptography Our focus will tend towards The general and high-level The theoretical and formal Unfortunately, this means relatively few hands-on activities Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 4 / 38

  6. The module This module We will not deal with network security cryptography Our focus will tend towards The general and high-level The theoretical and formal Unfortunately, this means relatively few hands-on activities Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 4 / 38

  7. The session Session objectives Establish a common terminology to discuss (computer) security Be able to distinguish between vulnerabilities , threats , and attacks Get a glimpse of the wide range of threats Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 5 / 38

  8. The problem Yellow Stickers Exercise Sit in groups of 3-5. Write down all computer security problems that you can think of. One problem per yellow sticker. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 6 / 38

  9. The problem Three faces of security Outline The module 1 The session 2 The problem 3 Three faces of security Two companions of security Risk analysis 4 Risk analysis Threats and Vulnerabilities Attacks Solutions Defining Computer Security Exercise 5 Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 7 / 38

  10. The problem Three faces of security Confidentiality Talking of security, we often mean confidentiality. Unauthorised entities cannot get information. Is it sufficient that they cannot get all the information? Are we allowed to leak a single bit? Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 8 / 38

  11. The problem Three faces of security Confidentiality Talking of security, we often mean confidentiality. Unauthorised entities cannot get information. Is it sufficient that they cannot get all the information? Are we allowed to leak a single bit? Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 8 / 38

  12. � � The problem Three faces of security Complete confidentiality Put the computer in a locked steel box, set it in concrete, and sink it in the ocean. � � � � Data � � � � � Is this good enough? The information is no good to anyone. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 9 / 38

  13. � � The problem Three faces of security Complete confidentiality Put the computer in a locked steel box, set it in concrete, and sink it in the ocean. � � � � Data � � � � � Is this good enough? The information is no good to anyone. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 9 / 38

  14. � � The problem Three faces of security Complete confidentiality Put the computer in a locked steel box, set it in concrete, and sink it in the ocean. � � � � Data � � � � � Is this good enough? The information is no good to anyone. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 9 / 38

  15. � � The problem Three faces of security Complete confidentiality Put the computer in a locked steel box, set it in concrete, and sink it in the ocean. � � � � Data � � � � � Is this good enough? The information is no good to anyone. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 9 / 38

  16. The problem Three faces of security Availability Definition (Availability) The system is accessible and useable upon demand by an authorised entity. Can we maintain availability and confidentiality at the same time? Denial of Service (DoS) attacks violate availability. E.g. a horde of computers send dummy request to a web server, causing a congestion which prevents legitimate users from using the web services in a timely fasion. Potentially costly damage. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 10 / 38

  17. The problem Three faces of security Availability Definition (Availability) The system is accessible and useable upon demand by an authorised entity. Can we maintain availability and confidentiality at the same time? Denial of Service (DoS) attacks violate availability. E.g. a horde of computers send dummy request to a web server, causing a congestion which prevents legitimate users from using the web services in a timely fasion. Potentially costly damage. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 10 / 38

  18. The problem Three faces of security Availability Definition (Availability) The system is accessible and useable upon demand by an authorised entity. Can we maintain availability and confidentiality at the same time? Denial of Service (DoS) attacks violate availability. E.g. a horde of computers send dummy request to a web server, causing a congestion which prevents legitimate users from using the web services in a timely fasion. Potentially costly damage. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 10 / 38

  19. The problem Three faces of security Integrity Definition (Integrity) The state of the system or data can only be changed by an authorised entity. If integrity is not ensured. I could change your bank account to send money to my Swiss bank account. We could forge a file to incriminate the PM. You cannot trust your computer. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 11 / 38

  20. The problem Three faces of security Integrity Definition (Integrity) The state of the system or data can only be changed by an authorised entity. If integrity is not ensured. I could change your bank account to send money to my Swiss bank account. We could forge a file to incriminate the PM. You cannot trust your computer. Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 11 / 38

  21. The problem Three faces of security The three faces of security Integrity Availability Security Confidentiality Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 12 / 38

  22. The problem Three faces of security Exercise Return to your groups. Take a handful of yellow stickers (not necessarily your own) For each one decide what kind of security problem it is, Integrity, Confidentiality, Availability? Two or three of the above? Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 13 / 38

  23. The problem Two companions of security Outline The module 1 The session 2 The problem 3 Three faces of security Two companions of security Risk analysis 4 Risk analysis Threats and Vulnerabilities Attacks Solutions Defining Computer Security Exercise 5 Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 14 / 38

  24. The problem Two companions of security Security threats Security is concerned with Intentional attacks Security is not (usually) concerned with Accidental mistakes (human error) Random, accidental events Yet, the three kinds of events are similar Similar protection Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 15 / 38

  25. The problem Two companions of security Reliability Reliability is concerned with damage or loss due to accidental and random events Reliability and security issues may overlap Fire can be accidental (reliability); or it can be arson (security) Reliability and security issues can enforce eachother A laptop with confidential data is lost on the train; the finder happens to have criminal intent Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 16 / 38

  26. The problem Two companions of security Reliability Reliability is concerned with damage or loss due to accidental and random events Reliability and security issues may overlap Fire can be accidental (reliability); or it can be arson (security) Reliability and security issues can enforce eachother A laptop with confidential data is lost on the train; the finder happens to have criminal intent Dr Hans Georg Schaathun What is Computer Security? Autumn 2009 – Week 1 16 / 38

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer Security? Generally concerned with protection of computer related assets Risk analysis and management! Manage could mean prevention of

537 views • 26 slides
Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure

Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure

IN3210 Network Security Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure Computer Security Security of computers and networks Protection of digital assets Axioms of Computer Security:

240 views • 23 slides
Basic Ciphers Computer Security: Ensure security of data kept on the computer Ahmet Burak

Basic Ciphers Computer Security: Ensure security of data kept on the computer Ahmet Burak

8.10.2019 Information Security Basic Ciphers Computer Security: Ensure security of data kept on the computer Ahmet Burak Can Network Security: Hacettepe University Ensure security of communication over insecure medium

267 views • 10 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #2 Aug 25 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Economist Survey Please read it Main points Security is a MUCH

600 views • 27 slides
CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human

CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human

Overview CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human Security 3.Program Security Security Computer security threats Unintentional: - Coding faults - Operational faults -

238 views • 8 slides
CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL:

CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL:

CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 OS Security An secure OS should provide the

873 views • 28 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 3:

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 3:

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives

839 views • 38 slides
Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives Confidentiality

1.08k views • 42 slides
Computer Security 3e Security.di.unimi.it/sicurezza1516 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1516 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1516 Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives Confidentiality

553 views • 39 slides
CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL:

CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL:

CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Mandatory Access Control Is about administration

462 views • 19 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #13 Oct 11 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Quiz #2 later today Allocate last 30 mins No Class

488 views • 30 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #25 Dec 1 st 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Remainder of the semester: Quiz #3 is Today 40 mins

414 views • 20 slides
CM 38 -DAQ report Y. Karadzhov UNIGE - DPNC February 25, 2014 Y. Karadzhov (UNIGE - DPNC) CM

CM 38 -DAQ report Y. Karadzhov UNIGE - DPNC February 25, 2014 Y. Karadzhov (UNIGE - DPNC) CM

CM 38 -DAQ report Y. Karadzhov UNIGE - DPNC February 25, 2014 Y. Karadzhov (UNIGE - DPNC) CM 38 -DAQ report February 25, 2014 1 / 4 EMR cismic data Software EMR readout software was extensively tested exploating cosmics. Some minor bugs

71 views • 4 slides
BACKGROUND Major International and Domestic Tourist Destination Huge Growth in visitor

BACKGROUND Major International and Domestic Tourist Destination Huge Growth in visitor

BACKGROUND Major International and Domestic Tourist Destination Huge Growth in visitor numbers to Hahei and Hot Water Beach Comprehensive report by traffic consultants MWH in August 2016 Since then extensive discussion and

511 views • 30 slides
Encrypted Search: Intro & Basics Seny Kamara 2 14,717,618,286* 4% * since 2013 3 Why so

Encrypted Search: Intro & Basics Seny Kamara 2 14,717,618,286* 4% * since 2013 3 Why so

SAC Summer School 2019 Encrypted Search: Intro & Basics Seny Kamara 2 14,717,618,286* 4% * since 2013 3 Why so Few? Incompetence? Lazyness? Cost? because it would have hurt Yahoos ability to index and search message

924 views • 54 slides
Designing a Training Program VIDEO #1 The Levels of Learning Framework 1. Levels of Learning

Designing a Training Program VIDEO #1 The Levels of Learning Framework 1. Levels of Learning

Designing a Training Program VIDEO #1 The Levels of Learning Framework 1. Levels of Learning 2. Designing and Running a Training Needs Analysis 3. Building an Individual and Overall Training Plan 4. Running Exceptional Training Sessions

643 views • 25 slides
Acts 2:32 -38 This Jesus hath God raised up, whereof we all are witnesses. Therefore being by the

Acts 2:32 -38 This Jesus hath God raised up, whereof we all are witnesses. Therefore being by the

Acts 2:32 -38 This Jesus hath God raised up, whereof we all are witnesses. Therefore being by the right hand of God exalted, and having received of the Father the promise of the Holy Ghost, he hath shed forth this, which ye now see and hear. For

393 views • 12 slides
Tensor decompositions of II 1 factors arising Introduction Motivation Results from AFP Groups

Tensor decompositions of II 1 factors arising Introduction Motivation Results from AFP Groups

Tensor decompositions of II1 factors arising from AFP Groups R. de Santiago Tensor decompositions of II 1 factors arising Introduction Motivation Results from AFP Groups Product Rigidity Classification of Tensor Decomposition New

1.08k views • 74 slides
Safeguarding about making people aware of Adults their rights, protecting them Section 42

Safeguarding about making people aware of Adults their rights, protecting them Section 42

Safeguarding is Safeguarding about making people aware of Adults their rights, protecting them Section 42 and preventing abuse. Enquiries Delivered by: Jane Hughes Safeguarding Consultant on behalf of Hampshire Safeguarding Adults

665 views • 38 slides
Space-efficient Indexing of Spaced Seeds for Accurate Overlap Computation of Raw Optical Mapping

Space-efficient Indexing of Spaced Seeds for Accurate Overlap Computation of Raw Optical Mapping

Space-efficient Indexing of Spaced Seeds for Accurate Overlap Computation of Raw Optical Mapping Data Riku Walve 1 Simon J. Puglisi 1 Leena Salmela 1 Helsinki Institute for Information Technology HIIT Department of Computer Science, University

1.05k views • 24 slides

More recommend