UNIT – I
INTRODUCTION
Security mindset, Computer Security Concepts (CIA), Threats, Attacks, and Assets, Software
Security: Vulnerabilities and protections, malware, program analysis.
OVERVIEW OF SECURITY MINDSET
A computing system: is a collection of hardware, software, data, and people that an organization
uses to do computing tasks.
Security Mindset - Means the ability to be able to look for and identify potential or actual
compromise. This could be compromise or potential compromise of a process, system,
application, operating system, platform, infrastructure and even a person.
Computer security mindset is focused to protect our computing system.
The main aspects are:
Prevention:- Prevent your assets from being damaged
Detection :- Detect when assets has been damage
Reaction:- Recover your assets
It ensures that the data stored in a computer cannot be read or compromised by an individual‘s
without authorization. Most computer security measures involve data encryption and passwords.
, COMPUTER SECURITY CONCEPTS
Computer Security: Measures and controls that ensure confidentiality, integrity, and
availability of information system assets including hardware, software, firmware, and
information being processed, stored, and communicated.
Why is computer security important?
Computer security is important, primarily to keep your information protected, allowing programs
to run smoothly and to keep up your computer‘s overall health by preventing from viruses and
malware etc.,
Security is needed due to the following reasons :
Privacy
Accuracy
Dishonest employ
Computer crimes
Natural disaster
Privacy - The right of individuals to hold information about themselves in secret, free from the
knowledge of others.
Accuracy - Most of damages of data is caused by errors and omissions.
Threats by dishonest employ - Dishonesty of any employee in organization leads to data threat.
Computer Crimes - When computer resources can be misused for unauthorized or illegal
function.
Threats of fire and Natural Disasters - Fire and natural disasters like floods, storms, lightening
etc.,
CIA CONCEPT IN COMPUTER SECURITY
What is CIA concept?
The CIA concept denotes the triad of computer security which are considered as the major goals
of achieving secured system.
The CIA triad is as follows :
C - Confidentiality
I - Integrity
A – Availability
, There are three key objectives that are at the heart of computer security:
C - Confidentiality:
Preserving authorized restrictions on information access and disclosure, including means for
protecting personal privacy and proprietary information. A loss of confidentiality is the
unauthorized disclosure of information.
It ensures that computer-related assets are accessed only by authorized parties and no other
which is sometimes termed as secrecy or privacy. It is the ability to hide information from those
people unauthorized to view it.
This term covers two related concepts:
Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information related to them
maybe collected and stored and by whom and to whom that information may be
disclosed.
Various methods are used such as:
Authentication
Password protection
Two-factor authentication
Bio-metric verification
Security tokens/keys, etc.,
INTRODUCTION
Security mindset, Computer Security Concepts (CIA), Threats, Attacks, and Assets, Software
Security: Vulnerabilities and protections, malware, program analysis.
OVERVIEW OF SECURITY MINDSET
A computing system: is a collection of hardware, software, data, and people that an organization
uses to do computing tasks.
Security Mindset - Means the ability to be able to look for and identify potential or actual
compromise. This could be compromise or potential compromise of a process, system,
application, operating system, platform, infrastructure and even a person.
Computer security mindset is focused to protect our computing system.
The main aspects are:
Prevention:- Prevent your assets from being damaged
Detection :- Detect when assets has been damage
Reaction:- Recover your assets
It ensures that the data stored in a computer cannot be read or compromised by an individual‘s
without authorization. Most computer security measures involve data encryption and passwords.
, COMPUTER SECURITY CONCEPTS
Computer Security: Measures and controls that ensure confidentiality, integrity, and
availability of information system assets including hardware, software, firmware, and
information being processed, stored, and communicated.
Why is computer security important?
Computer security is important, primarily to keep your information protected, allowing programs
to run smoothly and to keep up your computer‘s overall health by preventing from viruses and
malware etc.,
Security is needed due to the following reasons :
Privacy
Accuracy
Dishonest employ
Computer crimes
Natural disaster
Privacy - The right of individuals to hold information about themselves in secret, free from the
knowledge of others.
Accuracy - Most of damages of data is caused by errors and omissions.
Threats by dishonest employ - Dishonesty of any employee in organization leads to data threat.
Computer Crimes - When computer resources can be misused for unauthorized or illegal
function.
Threats of fire and Natural Disasters - Fire and natural disasters like floods, storms, lightening
etc.,
CIA CONCEPT IN COMPUTER SECURITY
What is CIA concept?
The CIA concept denotes the triad of computer security which are considered as the major goals
of achieving secured system.
The CIA triad is as follows :
C - Confidentiality
I - Integrity
A – Availability
, There are three key objectives that are at the heart of computer security:
C - Confidentiality:
Preserving authorized restrictions on information access and disclosure, including means for
protecting personal privacy and proprietary information. A loss of confidentiality is the
unauthorized disclosure of information.
It ensures that computer-related assets are accessed only by authorized parties and no other
which is sometimes termed as secrecy or privacy. It is the ability to hide information from those
people unauthorized to view it.
This term covers two related concepts:
Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information related to them
maybe collected and stored and by whom and to whom that information may be
disclosed.
Various methods are used such as:
Authentication
Password protection
Two-factor authentication
Bio-metric verification
Security tokens/keys, etc.,
