Computer Security | Part 1

Computer Security | Part 1

Computer Security

Computer security is the branch of computing that deals with the protection of computer systems from potential risks and / or breaches of data. The main aspects of data protection are confidentiality, data integrity and availability.

The protection against attacks is achieved by acting at multiple levels, primarily in the physical and material, with servers in places as secure as possible, with supervision and / or access control, even if this device is part of normal security not the “security” is always a chance to see how often the fact of adopting the more sophisticated techniques to generate a false sense of security that can lead to neglect that simple. The second level is usually the logic that provides authentication and authorization of an entity that represents the user in the system. After the authentication process, the operations performed by the user are plotted in log files. This is the process of monitoring the activities and that audit or accountability.

Many corporate leaders are now ex-hacker/cracker of computer security or responsible for this large multinational. This shows what many say and write, to understand the best strategies for information security, you must first enter the mindset of the attacker to be able to predict and prevent the move.

Types Of Security And Attacks

Just on the basis of these observations, when we speak of “security” often distinguish the concepts of passive safety and active safety.

Passive Safety

For passive safety usually means the techniques and defensive tools, namely the set of solutions whose objective is to prevent unauthorized users from accessing resources, systems, facilities, information and data is confidential. The concept of passive safety is therefore very general: for example, to access the protected spaces, the use of armored doors, together with the use of personal identification systems, are considered components of passive safety.

Active Safety

For active safety means, however, the techniques and instruments through which the information and sensitive data are made intrinsically safe, protecting themselves and the possibility that an unauthorized user can access (confidentiality) and by the possibility that an unauthorized user can modify them (integrity).

It is clear that the passive and active safety are complementary and both necessary to achieve the desired level of security of a system.

The possible attack techniques are varied, so it is necessary to use simultaneously several defensive techniques to protect a computer system, creating more barriers between the attacker and the goal.

Often the goal of the attacker is not represented by computer systems per se, but rather by the data they contain, and then have to worry about computer security to prevent access to unauthorized users, but also to persons with limited permission to some operations , so that the data belonging to the computer system being copied, modified or deleted.

Violations can be manifold: there can be no attempt unauthorized access to private areas, theft of digital identity or confidential files, use of resources that the user should be able to use ECC. Computer security is also involved to prevent any denial of service (DoS). The DoS attacks are the system with the aim of making use no resources in order to harm the system users.

Continued…

Sharing

Leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.