University of Gondar,

College of Informatics

Département of computer science

Course code: CoSc4035

Course Title: Computer Security

Chapter 1
Lecture Notes

Computer Security Introduction

Department of Computer Science

05/03/2025 this slide is in 2017/24 academic year

Objectives

Chapter 1: Introduction to Computer Security

1. Basic concepts of computer security
2. Threats, vulnerabilities, controls, risk
3. Goals of computer security
4. Security attack
5. Security policies and mechanisms
6. Prevention, detection, and deterrence
7. Software security assurance

05/03/2025 this slide is in 2017/24 academic year

1. Introduction Basic concepts of computer security

• basic security-related services that protect against threats to the security

of computer system information.

• Computer security is the process of preventing and detecting unauthorized

use of your computer.

• Privacy Is the process of protecting he’s or her own personal files against
any intrusion.

• Prevention measures help you to stop unauthorized users (also known as

"intruders") from accessing any part of your computer system.

• Detection helps you to determine whether or not someone attempted to break

into your system, if they were
05/03/2025 this slidesuccessful, andyearwhat they may have done.
is in 2017/24 academic
 Cont..

Data Security

• Data security is the practice of keeping data protected from

corruption and Unauthorized access.

• The focus behind data security is to ensure privacy while

protecting personal or corporate data.

Information Technology Security

• Information technology security is the process of protecting

computers, networks, programs and data from unintended or
05/03/2025 this slide is in 2017/24 academic year
unauthorized access, change or destruction.
Why Do we care about Computer Security?

• Our modern ways of communication provide a lot of

examples of critical situations involving security issues.

✓ Communicating by phone,

✓by e-mail, or by fax,

✓ Getting connected to a bank via the Internet and performing

transactions

✓ Digital payment systems,

✓e-voting systems, etc. demands confidentiality and integrity of

05/03/2025 this slide is in 2017/24 academic year
 Caring about computer security is essential for
1. Protection of Sensitive Information:
several reasons:
Personal data, financial information, and business secrets are at risk of theft. Protecting this information helps prevent

identity theft and financial loss.

2. Maintaining Privacy:

With increasing data collection, ensuring computer security helps safeguard individuals' privacy and prevents

unauthorized access to personal information.

3. Preventing Financial Loss:

Cyberattacks can lead to significant financial losses for individuals and businesses, including theft, fraud, and recovery

costs.

4. Ensuring Business Continuity:

Companies rely on secure systems to operate. A security breach can disrupt operations, leading to downtime and lost

revenue.

5. Safeguarding Reputation:

A security incident can damage an organization’s reputation, leading to loss of customer trust and potential long-term
05/03/2025 this slide is in 2017/24 academic year
effects on business relationships.
 Con …
6. Compliance with Regulations:

Many industries are subject to regulations that require data protection. Non-compliance can result in legal

penalties and fines.

7. Protecting Intellectual Property:

Businesses need to protect their innovations and proprietary information from competitors and cybercriminals.

8. Supporting National Security:

Cybersecurity is crucial for protecting national infrastructure, government systems, and sensitive information

from foreign adversaries.

9. Encouraging Technological Advancement:

A secure digital environment fosters innovation and confidence in adopting new technologies.

10. Mitigating Risks from Evolving Threats:

As technology evolves, so do cyber threats. Staying vigilant helps organizations and individuals adapt to new
05/03/2025 this slide is in 2017/24 academic year
risks.
1.2 Goals of computer Security (pillars)
• The goals of computer security are often summarized by
the "CIA" triad, which consists of three main pillars:
• Confidentiality
• Integrity
• Availability

Fig 1 security goals

05/03/2025 this slide is in 2017/24 academic year

1.Confidentiality: Ensuring that sensitive information is accessible only to those authorized to
have access. This involves protecting data from unauthorized users and preventing disclosure
of private information.
2.Integrity: Maintaining the accuracy and completeness of data. This means protecting data
from being altered or tampered with by unauthorized individuals, ensuring that it remains
trustworthy and reliable.
3.Availability: Ensuring that information and resources are accessible to authorized users
when needed. This involves protecting against disruptions, such as attacks, hardware failures,
or natural disasters, that could render systems unavailable.
Beyond the CIA triad, other important principles include:
•Authenticity: Verifying the identity of users, devices, and systems to ensure they are who
they claim to be.
•Non-repudiation: Ensuring that actions or transactions cannot be denied by the parties
involved, often through logging and auditing mechanisms.
These principles collectively help to create a secure computing environment, safeguarding data
and resources from various threats and vulnerabilities.
05/03/2025 this slide is in 2017/24 academic year
 Confidentiality
.

• Confidentiality is the concealment of information or resources.

• The need for keeping information secret arises from the use of computers in
sensitive fields such as government and industry.

• For example, military and civilian institutions in the government often restrict
access to information to those who need that information
• It ensures that computer-related assets are accessed only by authorized
parties.
• Confidentiality is sometimes called secrecy or privacy.
 Only authorized entities are allowed to view
 Only sender, intended receiver should “understand” message
contents
• confidentiality covers two related concepts
 Data confidentiality
 Privacy
05/03/2025 this slide is in 2017/24 academic year
 Integrity

• Integrity refers to the trustworthiness of data or resources, and it is usually phrased in

terms of preventing improper or unauthorized change.

• Integrity includes data integrity (the content of the information) and origin integrity (the
source of the data, often called authentication).Information needs to be changed constantly.

• Integrity means that changes need to be done only by authorized entities and through
authorized mechanisms or assets can be modified only by authorized parties or only in
authorized ways.

 Ensures the message was not altered by unauthorized individuals.

 sender, receiver want to ensure message not altered (in transit, or afterwards) without
detection

• Integrity can be
 Data integrity
05/03/2025 this slide is in 2017/24 academic year
 System integrity
 Availability

• Availability refers to the ability to use the information or resource desired.

Availability is an important aspect of reliability as well as of system
design because an unavailable system is at least as bad as no system at all.

• it means that assets are accessible to authorized parties at appropriate

times

• The information created and stored by an organization needs to be

available to authorized entities. Information needs to be constantly
changed, which means it must be accessible to authorized entities.

• It assures that system works promptly and service is not denied for
05/03/2025 this slide is in 2017/24 academic year
authorized user.
1.3 Threats.Vulnerability,Controls.risk
• Vulnerability is a weakness in the security system.
• Weaknesses can appear in any element of a computer, both in the
hardware, operating system, and the software.

Fig 2 vulnerability of computing system

05/03/2025 this slide is in 2017/24 academic year

 Hardware Vulnerabilities
..

• Hardware is more visible than software

• it is rather simple to attack by adding devices,

changing them, removing them, intercepting the
traffic to them, or flooding them with traffic until
they can no longer function.

• Computers have been drenched with water, burned,

frozen, gassed, and electrocuted with power surges.
05/03/2025 this slide is in 2017/24 academic year
 Software vulnerability

• Software can be replaced, changed, or destroyed

maliciously, or it can be modified, deleted, or
misplaced accidentally. Whether intentional or not,
these attacks exploit the software’s vulnerabilities.

• Sometimes, the attacks are obvious, as when the

software no longer runs. More subtle are attacks in
which the software has been altered but seems to run
normally
05/03/2025 this slide is in 2017/24 academic year
 Data vulnerability

• a data attack is a more widespread and

serious problem than either a hardware or
software attack.
• data items have greater public value than
hardware and software because more people
know how to use or interpret data.
05/03/2025 this slide is in 2017/24 academic year
 Threats ,Control and risk

• When you are new to the information security industry,

you may use the words vulnerability, threat, and risk
interchangeably, though they actually have very different
meanings.

• As you read, think about the differences between these

terms and try to explain each term in the context of
information security.
05/03/2025 this slide is in 2017/24 academic year
 Threat and Risk

• Threat Any potential danger to information or systems.

• A threat is a possibility that someone (person, s/w) would identify and exploit the
vulnerability.

• The entity that takes advantage of vulnerability is referred to as a threat agent. E.g.:
A threat agent could be an intruder accessing the network through a port on the
firewall.

• Risk is the likelihood of a threat agent taking advantage of vulnerability and the
corresponding business impact. Reducing vulnerability and/or threat reduces the risk

• E.g.: If a firewall has several ports open, there is a higher likelihood that an

intruder will use one to access the network in an unauthorized method.

05/03/2025 this slide is in 2017/24 academic year
 Policies and mechanisms

• Policy is a statement of what is, and what is

not allowed by users of a system.
• Mechanisms is a method, tool or procedure
for enforcing a security policy.

05/03/2025 this slide is in 2017/24 academic year

 Security controls
• controls or countermeasures that attempt to prevent exploiting a computing

system's vulnerabilities.

a. Authentication

• Is a process of binding an identity to a subject.

• Validates the source of a message, to ensure the sender is properly identified

• sender, receiver want to confirm identity of each other

b. Encryption

c. Auditing

d. Standards
05/03/2025 etc. this slide is in 2017/24 academic year
 1.4 Security Attack
• The Open Systems Interconnection (OSI) security
architecture provides a systematic framework for defining
security attacks, mechanisms, and services.

◆ Security attacks are classified as either passive attacks,

which include unauthorized reading of a message of file
and traffic analysis or active attacks, such as modification
of messages or files, and denial of service
05/03/2025 this slide is in 2017/24 academic year
 Con..

Security attack: Any action that compromises the security of

information owned by an organization.

• Security mechanism: A process (or a device incorporating such a

process) that is designed to detect, prevent, or recover from a
security attack.

• Security service: A processing or communication service that

enhances the security of the data processing systems and the
information transfers of an organization. The services are intended to
counter security attacks, and they make use of one or more security
05/03/2025 this slide is in 2017/24 academic year
1.5 Security police and mechanisms
• A computer systems provide security mechanisms and policies
that can protect users to a great degree, users must also take
security precautions for a variety of reasons.

• First, although system controls limit the access of unauthorized

users to the system, such controls often are flawed and may not
prevent all such access. Second, someone with access to the
system may want to attack an authorized user—for example, by
reading confidential or private data or by altering files
05/03/2025 this slide is in 2017/24 academic year
 Con..

• The components of users’ policies that we focus on are as follows.

• U1. Only users have access to their accounts.

• U2. No other user can read or change a file without the owner’s
permission.

• U3. Users shall protect the integrity, confidentiality, and

availability of their files.

• U4. Users shall be aware of all commands that they enter, or that
are entered on their behalf
05/03/2025 this slide is in 2017/24 academic year
1.6 Prevention,Detection,and Deterrence
• Prevention, detection, and deterrence are key strategies in computer
security that work together to protect systems and data

1. Prevention:-Definition: Measures taken to stop security incidents

before they occur.

• Examples:
• Access Controls: Implementing user authentication and authorization
mechanisms e.g .password,MFA,Token A and timestampe certification
• Firewalls: Blocking unauthorized access to networks.

• Encryption: Protecting data by making it unreadable to unauthorized users.

•05/03/2025
Security Policies: Establishing
this slide is inrules and guidelines
2017/24 academic year for secure behavior
 2. Detection
• Definition: Identifying and recognizing security incidents as they occur.

• Examples:

• Intrusion Detection Systems (IDS): Monitoring network traffic for suspicious

activity.

• Log Analysis: Reviewing system and application logs to identify anomalies.

• Alerting Mechanisms: Notifying administrators of potential breaches or threats in

real-time.

• Anomaly Detection: Using machine learning to identify unusual patterns that could

indicate
05/03/2025 a security issue. this slide is in 2017/24 academic year
 3. Deterrence
…

• Definition: Discouraging potential attackers from committing security breaches.

• Examples:
• Awareness Training: Educating users about security risks and safe practices to reduce the
likelihood of human error.

• Visible Security Measures: Installing surveillance cameras or security personnel to make

potential attackers think twice.

• Legal and Policy Enforcement: Implementing strict policies and consequences for
violations to discourage malicious behavior.

• Publicizing Security Incidents: Sharing information about breaches to raise awareness of

risks and consequences.

• Together, these strategies form a comprehensive approach to securing information

systems,
05/03/2025 minimizing risks, and ensuring
this slide that
is in 2017/24 anyyear
academic security incidents can be
 1.7 Software security assurance
• Software security assurance refers to the processes,
practices, and measures implemented to ensure that
software is developed, maintained, and operated in a
secure manner.

• The goal is to minimize vulnerabilities and reduce the

risk of security breaches throughout the software
development lifecycle (SDLC).

• Here are key components of software security assurance:

05/03/2025 this slide is in 2017/24 academic year
 Con..

2. Security Testing
Static Analysis: Analyzing source code for
vulnerabilities without executing it, often using
automated tools.
Dynamic Analysis: Testing running applications for
security flaws, including penetration testing and
vulnerability assessments.
Fuzz Testing: Inputting random or unexpected data to
05/03/2025 this slide is in 2017/24 academic year
 Con..
• 3. Risk Management

• Vulnerability Management: Regularly identifying, prioritizing,

and addressing security vulnerabilities in software.

• Patch Management: Ensuring timely updates and patches are

applied to fix known security issues.

• 4. Compliance and Standards

• Regulatory Compliance: Adhering to relevant regulations and

industry standards (e.g., OWASP, ISO/IEC 27001) to ensure a
05/03/2025 this slide is in 2017/24 academic year
baseline level of security.
 Con..
• 5. Training and Awareness

• Developer Training: Providing training on secure coding practices and the

importance of security in the development process.

• Awareness Programs: Keeping all stakeholders informed about potential security

risks and best practices.

• 6. Post-Deployment Practices

• Monitoring: Continuously monitoring applications for unusual activities or

potential breaches.

• Incident Response: Having a plan in place for responding to security incidents

05/03/2025 this slide is in 2017/24 academic year
when they occur.
• 7. Documentation and Reporting
• Documentation: Maintaining records of security
measures taken, vulnerabilities found, and actions
taken to mitigate them.
• Reporting: Regularly communicating security posture
to stakeholders, including vulnerabilities, risks, and
mitigation strategies.
• By integrating these practices throughout the
software development lifecycle, organizations can
enhance the security of their applications and reduce
the likelihood of successful attacks.
05/03/2025 this slide is in 2017/24 academic year
 • Thank you!

05/03/2025 this slide is in 2017/24 academic year