Last Articles


Most popular password

Network Information Security: Myths and Realities Omnipotence hackers

Hackers and crackers, or what is good and what is bad?

Chronology of the ARPANET - INTERNET

Protection system in Windows - Fact or Fiction

The basic principles of security

Manager SAM and Active Directory

Administrative boundaries: the forest or domain?

Can you trust a domain that is connected to the Internet?

Идентификаторы защиты (SID)

Why can not I log in as an administrator from any location?

Network security model and resource sharing

Remote attacks on distributed computing systems

Characteristics and mechanisms of implementation of standard remote attacks

Fake ARP-server on the Internet

False DNS-server on the Internet

Substitution of one of the subjects TCP-connections on the Internet

Malfunction host on the network

Mythical remote attacks on the Internet

Dedicated channel communication between objects distributed CS

Basic concepts of computer security

  In order to be considered in future security issues in the Internet, we need to recall the basic concepts, which operates on the theory of computer security. Generally speaking, there are only three: the threats, vulnerabilities and attacks. Although sophisticated readers, and so their meaning is well understood, informally try to explain it.

  Thus, the threat to the security of computer systems is a potential incident, whether intentional or not, which may adversely affect the system itself, as well as information stored in it. In other words, the threat is something bad that when something can happen.

  The vulnerability of computer systems - it's sort of unfortunate characteristic that makes possible the emergence of the threat. In other words, precisely because of the vulnerabilities in the system there are adverse events.

  Finally, the attack on computer system - is the action taken by an attacker, which is to search for and use of a particular vulnerability. Thus, the attack - is the realization of the threat. Note that this interpretation of the attack (with the participation of someone with malicious intent) excludes the presence in the definition of the threat element of chance, but, as experience shows, it is often impossible to distinguish between intentional and random actions, and a good security system should respond adequately to any of them.

  Furthermore, researchers usually distinguish three major types of security threats - the threats of disclosure, integrity, and denial of service.

  The threat of disclosure is that information becomes known to him to whom should not have to know it. In terms of computer security threat of disclosure occurs whenever the access to some confidential information stored in a computer system, or transmitted from one system to another. Sometimes, instead of the word disclosure uses the terms theft or diversion.

  Threat to the integrity includes any intentional change (modification or deletion) of data stored in computer system, or transmitted from one system to another. It is usually assumed that the threat of disclosure are subject to a greater degree of governmental structures, and threat to the integrity - a business or commercial.

  The threat of denial of service occurs whenever a result of certain actions of blocking access to some computing resources system. Actually block may be permanent, so that the requested resource was never received, or it may cause only delay requested resource, long enough for it to become useless. In such cases we say that the resource is exhausted.

Top 5 most read

The basic rules of safe behavior on the Internet

Manager SAM and Active Directory

You forget your password. What should I do? Part 3

Social engineering as a way of committing crimes in the sphere of computer information

Идентификаторы защиты (SID)

Copyright © 2010 BRV ISTCOM S.R.L.- раскрутка сайта