Scribd
Upload
6 views

fundamentals of CS

Computer security, also known as cybersecurity, involves protecting computing systems and data from theft, damage, and unauthorized use. It is essential for safeguarding sensitive information, supporting critical business processes, and ensuring the integrity and availability of data. The CIA model—confidentiality, integrity, and availability—guides security policies, while non-repudiation ensures the authenticity of information exchanged.

Uploaded by

Om Tapdiya
Copyright
© © All Rights Reserved
Available Formats
Download as KEY, PDF, TXT or read online on Scribd
6 views

fundamentals of CS

Computer security, also known as cybersecurity, involves protecting computing systems and data from theft, damage, and unauthorized use. It is essential for safeguarding sensitive information, supporting critical business processes, and ensuring the integrity and availability of data. The CIA model—confidentiality, integrity, and availability—guides security policies, while non-repudiation ensures the authenticity of information exchanged.

Uploaded by

Om Tapdiya
Copyright
© © All Rights Reserved
Available Formats
Download as KEY, PDF, TXT or read online on Scribd
You are on page 1/ 18

COMPUTER SECURITY

LEARNING OUTCOMES :
1) What is Computer security?

2) Need of computer security

3) Importance of Computer Security

4) Security Problems in cyber field

5) Computer security objectives


Computer Security
Computer Security is the protection of
computing systems and the data that
they store or access.
Computer Security, also
called cybersecurity, the protection of
computer systems and information from
harm, theft, and unauthorized use
Need of computer security
Computer security is necessary
because it helps in securing
data from theft, such as data
theft or misuse, also safeguards
your system from viruses.
It also deals with natural
disaster like fire,floods,accidents
etc..
Importance of computer security

Enabling people to carry out their


jobs, education, and research
activities
Supporting critical business
processes
Protecting personal and sensitive
information
CYBER SECURITY
Cyber security is the body of technologies,
processes, and practices designed to protect
networks, computers, programs and data
from attack, damage or unauthorized access.
The term cyber security refers to techniques
and practices designed to protect digital data.
The data that is stored, transmitted or used
on an information system. After all, that is
what criminal wants, data. The network,
servers, computers are just mechanisms to
get to the data.
Effective cyber security reduces the risk of
cyber-attacks and protects organizations and
individuals from the unauthorized exploitation
of systems, networks, and technologies.
Computer SECURITY CIA MODEL
Confidentiality, integrity, and availability,
also known as the CIA triad, is a model designed
to guide companies and organizations to form
their security policies.

Technically, cyber security means


protecting information from
unauthorized access,
unauthorized modification,
and unauthorized deletion
in order to provide
confidentiality, integrity,
and availability.
CONFIDENTIALITY
Confidentiality is about preventing the
disclosure of data to unauthorized parties.
It also means trying to keep the identity of
authorized parties involved in sharing and
holding data private and anonymous.
Often confidentiality is compromised by
cracking poorly encrypted data, Man-in-the-
middle(MITM) attacks, disclosing sensitive
data.
Confidentiality makes sure that only
authorized personnel are given access or
permission to modify data.
Example in real life − Good example
of confidentiality is the personal
information of e-commerce customers.
Sensitive information like credit card
details, contact information, shipping
details, or other personal information
needs to be secured to prevent
unauthorized access and exposure.
CONFIDENTIALITY
Standard measures to establish
confidentiality include:
Data encryption
Two-factor authentication
Biometric verification
Security tokens
Integrity
Integrity refers to protecting information
from being modified by unauthorized
parties.
It is a requirement that information and
programs are changed only in a specified
and authorized manner.
Challenges that could endanger integrity
include turning a machine into a “zombie
computer”, embedding malware into web
pages.
Example in real life − For example, in
e-commerce, customers expect
products, pricing, and other related
details to be accurate and that it will
not be altered once the order is placed.
Similarly, in banking, a sense of trust
regarding banking information and
account balances has to be established
by ensuring that these details are
authentic and have not been tampered
with.
Integrity
Standard measures to guarantee
integrity include:
Cryptographic checksums
Using file permissions
Uninterrupted power supplies
Data backups
Availability
Availability is making sure that authorized parties
are able to access the information when needed.
Data only has value if the right people can access
it at the right time. Information unavailability can
occur due to security incidents such as DDoS
attacks, hardware failures, programming errors,
human errors.
Standard measures to guarantee availability
include:
Backing up data to external drives
Implementing firewalls
Having backup power supplies
Data redundancy
Example of CIA Triad
consider an ATM that allows users to access
bank balances and other information. An ATM
incorporates measures to cover the principles of
the triad:
The two-factor authentication (debit card with
the PIN code) provides confidentiality before
authorizing access to sensitive data.
The ATM and bank software ensure
data integrity by maintaining all transfer and
withdrawal records made via the ATM in the
user’s bank accounting.
The ATM provides availability as it is for public
use and is accessible at all times.
Non repudiation
Non repudiation refers to the concept of
ensuring that a message or other
information is genuine.
In cyber security, information received
must be verified as coming from the
actual sending source indicated.
It is also important that neither sender nor
receiver can later deny that they sent or
received the information.
Non repudiation is implemented through
digital signatures and transactional logs.

You might also like