Computer Systems Security
Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset.
CIA
Computer security is about CIA:
- Confidentiality: Keeping data hidden and protected from unauthorized disclosure.
- Integrity: Data and programs are modified in specified and authorized ways. (meaning that they are honest)
- Availability: Systems and networks are available for use by legitimate users.
Why computer security it hard?
- Security often is not a primary consideration.
- Feature-rich systems tend to be complex.
- Implementations are buggy.
- Networks are more open and accessible than ever.
- Many attacks exploit the weakest link in the chain which are humans.
- Security is hard to test for.
- It requires a deep understanding of all technologies involved in the design and implementation of a system.
- Asymmetry between attack and defense.