SECURITY:
Security is a system attribute that reflects the ability of the system to protect itself from external attacks, which may be accidental or deliberate. These external attacks are possible because most general purpose computers are now networked and are therefore accessible by outsiders. Examples of attacks might be the installation of viruses and Trojan horses, unauthorized use of system services or unauthorized modification of a system or its data. If you really want a secure system, it is best not to connect it to the Internet. Then, your security problems are limited to ensuring that authorized users do not abuse the system. In practice, however, there are huge benefits from networked access for most large systems so disconnecting from the Internet is not cost effective.
In any networked system, there are three main types of security threats:
1. Threats to the confidentiality of the system and its data: These can disclose information to people or programs that are not authorized to have access to that information.
2. Threats to the integrity of the system and its data: These threats can damage or corrupt the software or its data.
3. Threats to the availability of the system and its data: These threats can restrict access to the software or its data for authorized users.
The controls that you might put in place to enhance system security are comparable to those for reliability and safety:
1. Vulnerability avoidance: Controls that are intended to ensure that attacks are unsuccessful. The strategy here is to design the system so that security problems are avoided. For example, sensitive military systems are not connected to public networks so that external access is impossible. You should also think of encryption as a control based on avoidance. Any unauthorized access to encrypted data means that it cannot be read by the attacker. In practice, it is very expensive and time consuming to crack strong encryption.
2. Attack detection and neutralization: Controls that are intended to detect and repel attacks. These controls involve including functionality in a system that monitors its operation and checks for unusual patterns of activity. If these are detected, then action may be taken, such as shutting down parts of the system, restricting access to certain users, etc.
3. Exposure limitation and recovery: Controls that support recovery from problems. These can range from automated backup strategies and information ‘mirroring’ to insurance policies that cover the costs associated with a successful attack on the system.
