DEBRE MARKOS UNIVERSITY

BURIE CAMPUS
DEPARTMENT OF COMPUTER SCIENCE
Computer Security
By:
Amare W.

1
 2

Chapter One

1.1 Basic concepts of computer security:

♥ Security is “the quality or state of being secure—to be free
from danger.”
♥ In other words, protection against adversaries—from those who
would do harm, intentionally or otherwise—is the objective.
♥ Computer security protection of computer system and
information from harm, theft and unauthorized use.
 3 01/27/2025

♥ Computer facilities have been physically protected for three

reasons:
♥ To prevent theft of or damage to the hardware
♥ To prevent theft of or damage to the information
♥ To prevent disruption of service

3/2/2018
 4 01/27/2025

1.2 threats, vulnerabilities, controls, risk

♥ A threat is a potential violation of security. The violation need
not actually occur for there to be a threat.
♥ The fact that the violation might occur means that those
actions that could cause it to occur must be guarded against (or
prepared for).
♥ Those actions are called attacks. Those who execute such
actions, or cause them to be executed, are called attackers.
3/2/2018
 5 01/27/2025

♥ The three security services—confidentiality, integrity, and

availability—counter threats to the security of a system.
♥ Confidentiality: is the prevention of unauthorised disclosure of
information. In other words, confidentiality means keeping
information private or safe.
♥ The principle of confidentiality specifies that only the sender and
the intended recipient should be able to access the content of the
message.
3/2/2018
 6 01/27/2025

♥ Integrity: is the prevention of unauthorised writing or modification of

information. Data integrity means that the data
stored on the computer is the same as what is intended.
♥ The confidential information sent by source to destination which is
accessed by other parties without the permission or knowledge of sender
and receiver.
♥ Availability: is the prevention of unauthorised with-holding of
information. Information should be accessible and usable upon
appropriate demand by an authorised user.
♥ It means that assets are accessible to authorized parties at 3/2/2018
appropriate
times.
 7 01/27/2025

♥ Shirey [823] divides threats into four broad classes: disclosure,

or unauthorized access to information;
♥ deception, or acceptance of false data; disruption, or
interruption or prevention of correct operation;
♥ and usurpation, or unauthorized control of some part of a
system. These four broad classes encompass many common
threats.

3/2/2018
 8 01/27/2025

♥ Vulnerability---a weakness of an asset (resource) or a group of

assets that can be exploited by one or more threats
♥ Risk---potential for loss, damage, or destruction of an asset as a
result of a threat exploiting a vulnerability
♥ Example: In a system that allows weak passwords,
– Vulnerability---password is vulnerable for dictionary or exhaustive
key attacks
Threat---An intruder can exploit the password weakness to break into
the system
Risk---the resources within the system are prone for illegal
access/modify/damage by the intruder. 3/2/2018
 9 01/27/2025

1.3 Goals of computer security

♥ Given a security policy’s specification of “secure” and

“nonsecure” actions, these security mechanisms can prevent
the attack, detect the attack, or recover from the attack.
♥ Prevention means that an attack will fail. Typically,
prevention involves implementation of mechanisms that users
cannot override and that are trusted to be implemented in a
correct, unalterable way, so that the attacker cannot defeat the
mechanism by changing it.
3/2/2018
 10 01/27/2025

♥ Detection is most useful when an attack cannot be prevented,

but it can also indicate the effectiveness of preventative
measures.
♥ Detection mechanisms accept that an attack will occur; the
goal is to determine that an attack is under way, or has
occurred, and report it.
♥ The resource protected by the detection mechanism is
continuously or periodically monitored for security problems.
3/2/2018
 11 01/27/2025

♥ Recovery has two forms. The first is to stop an attack and to

assess and repair any damage caused by that attack.
♥ One recovery mechanism would be to restore the file from
backup tapes. so recovery involves identification and fixing of
the vulnerabilities used by the attacker to enter the system. By
definition, recovery requires resumption of correct operation.
♥ In a second form of recovery, the system continues to function
correctly while an attack is under way.
3/2/2018
 12 01/27/2025

1.4 Security attack

♥ There are a number of ways in which an attacker can disrupt

communications.
♥ Normally, information goes from the source to the destination.
source destination

♥ Communication is interrupted if the attacker does not allow

the information to reach the destination.
source destination

attacker
3/2/2018
 13 01/27/2025

♥ Communication is intercepted if the attacker interrupts the

communication and receives the source information.
source destination
attacker
♥ Modification occurs when the attacker intercepts the
communication, alters it in some way, and then sends it on to the
destination. The attacker intends to deceive the destination into
thinking that the modified communication has come directly from
the source. This is also known as a Man-in-the-middle attack.
source destination
3/2/2018
attacker
 14 01/27/2025

♥ An attacker may also make up a communication and send it to

the destination pretending that it has come from the source.
This is called fabrication.

source destination

attacker

3/2/2018
 15 01/27/2025

1.5 Security policies and mechanisms

♥ A security policy is a statement of what is, and what is not,

allowed.
♥ A security mechanism is a method, tool, or procedure for
enforcing a security policy.
♥ Mechanisms can be nontechnical, such as requiring proof of
identity before changing a password; in fact, policies often
require some procedural mechanisms that technology cannot
enforce.
3/2/2018
 16 01/27/2025

1.7 Software security assurance

♥ An entity is trustworthy if there is sufficient credible evidence

leading one to believe that the system will meet a set of given
requirements.
♥ Trust is a measure of trustworthiness, relying on the evidence
provided.
♥ Security assurance, or simply assurance, is confidence that an
entity meets its security requirements, based on specific evidence
provided by the application of assurance techniques.
♥ Assurance techniques include the use of a development
3/2/2018

methodology, formal methods for design analysis, and testing.

 17 01/27/2025

♥ Security assurance is acquired by applying a variety of

assurance techniques that provide justification and evidence
that the mechanism, as implemented and operated,
♥ meets the security requirements described in the security
policy for the mechanism (or collection of mechanisms).
♥ information assurance, refers to the ability to access
information and preserve the quality and security of that
information.
3/2/2018
 18 01/27/2025

♥ It differs from security assurance, because the focus is on the

threats to information and the mechanisms used to protect
information and not on the correctness, consistency, or
completeness of the requirements and implementation of those
mechanisms.

3/2/2018
 19

Thank you