Computer Security and Protection Basics

Protection and security requires that ______ resources such as CPU, software, and memory are protected against unauthorized access, viruses, worms etc. This can be done by ensuring integrity, confidentiality and availability in the operating system. Integrity - Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. When unauthorized modification and destruction of data occurs, integrity is lost. Confidentiality - Preserving authorized restrictions on information access and disclosure. A loss of confidentiality is the unauthorized information disclosure. Availability - Ensuring timely and reliable access to and use of information. When access to or use of information is disrupted, availability is lost. What Needs To Be Protected. Threats and Attacks Passive Attacks vs. Active Attacks Passive attacks - attempt to learn or make use of the information from the system but does not affect system resources. They are very difficult to detect because they don’t involve alteration of data. Active attacks - attempt to alter system resources or affect their operation. They involve some alteration on the data stream or the creation of a false stream. Unauthorized Disclosure – Threat to confidentiality. It is a circumstance where an unauthorized entity gains access to data.

Integrity - Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. When unauthorized modification and destruction of data occurs, integrity is lost. Confidentiality - Preserving authorized restrictions on information access and disclosure. A loss of ______ is the unauthorized information disclosure. Availability - Ensuring timely and reliable access to and use of information. When access to or use of information is disrupted, availability is lost. What Needs To Be Protected. Threats and Attacks Passive Attacks vs. Active Attacks Passive attacks - attempt to learn or make use of the information from the system but does not affect system resources. They are very difficult to detect because they don’t involve alteration of data. Active attacks - attempt to alter system resources or affect their operation. They involve some alteration on the data stream or the creation of a false stream. Unauthorized Disclosure – Threat to ______. It is a circumstance where an unauthorized entity gains access to data.

Integrity - Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. When unauthorized modification and destruction of data occurs, integrity is lost. Confidentiality - Preserving authorized restrictions on information access and disclosure. A loss of confidentiality is the unauthorized information disclosure. Availability - Ensuring timely and reliable access to and use of information. When access to or use of information is disrupted, ______ is lost. What Needs To Be Protected. Threats and Attacks Passive Attacks vs. Active Attacks Passive attacks - attempt to learn or make use of the information from the system but does not affect system resources. They are very difficult to detect because they don’t involve alteration of data. Active attacks - attempt to alter system resources or affect their operation. They involve some alteration on the data stream or the creation of a false stream. Unauthorized Disclosure – Threat to confidentiality. It is a circumstance where an unauthorized entity gains access to data.

Integrity - Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. When unauthorized modification and destruction of data occurs, integrity is lost. Confidentiality - Preserving authorized restrictions on information access and disclosure. A loss of confidentiality is the unauthorized information disclosure. Availability - Ensuring timely and reliable access to and use of information. When access to or use of information is disrupted, availability is lost. What Needs To Be Protected. Threats and Attacks Passive Attacks vs. Active Attacks Passive attacks - attempt to learn or make use of the information from the ______ but does not affect ______ resources. They are very difficult to detect because they don’t involve alteration of data. Active attacks - attempt to alter ______ resources or affect their operation. They involve some alteration on the data stream or the creation of a false stream. Unauthorized Disclosure – Threat to confidentiality. It is a circumstance where an unauthorized entity gains access to data.

Integrity - Guarding against improper ______ modification or destruction, including ensuring ______ nonrepudiation and authenticity. When unauthorized modification and destruction of data occurs, integrity is lost. Confidentiality - Preserving authorized restrictions on ______ access and disclosure. A loss of confidentiality is the unauthorized ______ disclosure. Availability - Ensuring timely and reliable access to and use of ______. When access to or use of ______ is disrupted, availability is lost. What Needs To Be Protected. Threats and Attacks Passive Attacks vs. Active Attacks Passive attacks - attempt to learn or make use of the ______ from the system but does not affect system resources. They are very difficult to detect because they don’t involve alteration of data. Active attacks - attempt to alter system resources or affect their operation. They involve some alteration on the data stream or the creation of a false stream. Unauthorized Disclosure – Threat to confidentiality. It is a circumstance where an unauthorized entity gains access to data.