03-07-2012, 03:43 PM
Security Goals:
Confidentiality ensures that computer-related assets are accessed only by authorized parties. That is, only those who should have access to something will actually get that access. By “access,” we mean not only reading but also viewing,printing, or simply knowing that a particular asset exists. Confidentiality is sometimes called secrecy or privacy.
• Integrity means that assets can be modified only by authorized parties or only in authorized ways. In this context, modification includes writing, changing,changing status, deleting, and creating.
• Availability means that assets are accessible to authorized parties at appropriate times. In other words, if some person or system has legitimate access to a particular set of objects, that access should not be prevented. For this reason, availability is sometimes known by its opposite, denial of service.
Why balance is needed:
Security in computing addresses these three goals. One of the challenges in building a secure system is finding the right balance among the goals, which often conflict. For example, it is easy to preserve a particular object’s confidentiality in a secure system
simply by preventing everyone from reading that object. However, this system is not secure, because it does not meet the requirement of availability for proper access. That is, there must be a balance between confidentiality and availability.
But balance is not all. In fact, these three characteristics can be independent, can overlap , and can even be mutually exclusive. For example, we have seen that strong protection of confidentiality can severely restrict availability
(leave space for diagram..copy nahi ho raha I will help u in drawing)
A vulnerability is a weakness in the security system, for example, in procedures, design, or implementation, that might be exploited
to cause loss or harm. For instance, a particular system may be vulnerable to unauthorized data manipulation because the system does not verify a user’s identity before
allowing data access.
A threat to a computing system is a set of circumstances that has the potential tocause loss or harm. To see the difference between a threat and a vulnerability, consider the illustration in Figure 1-1.
Here, a wall is holding water back. The water to the left
of the wall is a threat to the man on the right of the wall: the water could rise, overflowing onto the man, or it could stay beneath the height of the wall, causing it to collapse.So the threat of harm is the potential for the man to get wet, get hurt, or drown. For now, the wall is intact, so the threat to the man is unrealized.
However, we can see a small crack in the wall—a vulnerability that threatens the man’s security. If the water rises to or beyond the level of the crack, it will exploit the vulnerability and harm the man.
There are many threats to a computer system, including human-initiated and computer-initiated ones. We have all experienced the results of inadvertent human errors,hardware design flaws, and software failures. But natural disasters are threats, too; they
can bring a system down when the computer room is flooded or the data center collapsesfrom an earthquake, for example.A human who exploits a vulnerability perpetrates an attack on the system. An attackcan also be launched by another system, as when one system sends an overwhelming set of messages to another, virtually shutting down the second system’s ability to function. Unfortunately, we have seen this type of attack frequently, as denial-ofservice attacks flood servers with more messages than they can handle.
We use a control as a protective measure. That is, a control is an action, device, procedure, or technique that removes or reduces a vulnerability.
In Figure 1-1, the man is placing his finger in the hole, controlling the threat of water leaks until he finds a more permanent solution to the problem. In general, we
can describe the relationship among threats, controls, and vulnerabilities in this way:
A threat is blocked by control of a vulnerability.