Computer Network Security Introduction
With the developed world we are more into technological devices such as computers to do our day to day work. And with the advancement of these devices, we have to search more on the security too. In this article, I will explain to you the basic components of computer security along with the explanations of threats which can occur. And also about the policies, mechanism. And when it comes to security there is a significant key point to remember too. Trust and assurance are a few of them. I will explain to you about them along with the issues which can be occurred. There are two types of issues. Operational and human. Keep reading to know the basic details of computer network security.
There are 3 main basic components in computer security. They are,
These 3 components are very straightforward terms. And these are the direct measurements of computer security. Confidentiality explains the resources and the related data keeping hidden from others. The relevant information will only be shown and visible to the correct person or the authorities. Integrity devices into 2 categories.
Data integrity means the data or the necessary information cannot be modified without relevant access. And origin integrity means the data needs to have the authorized person. Which means it needs to have an origin in order to protect the data integrity of not modifying data.
The 3rd component – availability explains the data should be enabled to access when in need by the authorized person. If the data is not available then there is a security breach. Whereas, if the data has been modified unknowingly and if confidential information is leaked and visible to the public there has been a security breach.
What is a threat?
The threat is basically a risk or a hazard in computer security. And a security breach can be a threat. Threats can be divided into several classes.
Disclosure is a security threat. Which means exposure of data using snooping techniques. Deception and disruptions are also security threats which can be occurred. These threats are caused by modifying the data, spoofing, etc. And also a repudiation of origin or denial of receipt are also caused by these threats. As an example if a person has sent a message to another, and if the recipient denials of receiving the information it is a deception. And also if a certain person has got a message and if the sender rejects that he has sent the main, then it is also a deception. Which is a security threat in computer networks.
Denial of service and delaying to provide necessary information is also a threat in security. If the government needs certain information from a company and if they delay the process this can cause a threat to the government in their process.
Do you know about Policies and Mechanisms?
Actually, Policy and the word mechanism are interconnected. And these are two important words you should be aware of computer security. The policy is a straightforward sentence which defines what to do and what not to do. Which is allowed and which is not allowed. The policies are the key points which define the security margin of a certain system.
Mechanisms describe how the policies should be secured. As an example, if the policy says “Imprisinate is a violation” then the mechanism is defined to check the id before the exams. The mechanism is what we do to keep the policy.
If the mechanism is violated the policy is affected and may cause a threat. And also if there are any conflicts in the policy, it may create a vulnerability in the security. To explain more, the policy says lectures can view marks and students cannot view marks. But if there is a person who is a lecturer and a student at the same time in the same institute, there is a vulnerability in the policy. So, therefore, the policy needs to be added as a person cannot be a lecturer and a student at the same time, etc.
What is the purpose of Computer Network Security?
There is always a certain purpose to do anything. And for the security, there are purposes or goals which needs to be achieved. Mainly prevention, detection, and recovery are the main purposes of security. If I explained you more, security should be able to prevent the attackers from harming, violating the policies and the security should be able to detect the people or the threats which attack the system and violates the policies. And also the security should be able to recover if any threat or attack has been caused. If should assess and repair if any damage has occurred. And also should fix any issue soon even if the attack succeeds before stopping. This recovery is named as preventive care and curative care.
The other key aspects – Trust and Assumption. What are they?
The trust and assumptions underlie all the aspects of computer network security. Because if we are to create a policy we need to trust the system. We need to trust the created policy. These policies are created unambiguously by partitioning the system states. And then the security requirements can be captured. And also the mechanisms are assumed in order to enforce the related policy. This policy can be changed accordingly to the latest technology and era changes. But this supports the system to work in a secure environment.
How assurance affect computer security?
Mainly assurance is that we are marking a guarantee line in the system. In other words, we promise the system is secured in certain conditions. To gain the assurance we need to follow 3 main steps. First, we need to specify the requirements for the security system. And then we should design the system which meets the specification for an assured system. And finally, we implement the system and assure it meets all the requirements as listed.
What are the issues occurred in Computer Network Security?
Basically, the issues can be categories into two parts. Operational and Human issues to be precise. The operational issues are analyzed in cost-benefit analysis, risk analysis and according to laws and customs. The human issues are analyzed as organizational problems such as responsibility, financial matters, etc. and peoples problems such as social engineering and other human-related matters which affects computer security. If we do the analysis to identify these issues the system would be more secure and can be prepared for future threats too.
In this article, we discussed, the basic components of the Computer Network Security and how the threats occur. To avoid these, policies and mechanisms are defined according to trust assumption and assurance. And by analyzing the issues occurred in the systems we can prepare for any threats, preventions, and recoveries.