Please enable JavaScript.
Coggle requires JavaScript to display documents.
Basics of Computer Segurity - Coggle Diagram
Basics of Computer Segurity
Vulnerability
One of the challenges in building a secure system is finding the right balance among the goals, which often conflict.
The types of vulnerabilities we might find as they apply to the assets of hardware, software, and data.
Hardware Vulnerability
It is rather simple to attack by adding devices, changing them, removing them, intercepting the traffic to them, or flooding them with traffic until they can no longer function.
Computers have been drenched with water, burned, frozen, gassed, and electrocuted with power surges.
Other ways that computer hardware can be attacked physically.
Software Vulnerability
Software can be replaced, changed, or destroyed maliciously, or it can be modified, deleted, or misplaced accidentally. Whether intentional or not, these attacks exploit the software’s vulnerabilities.
Sometimes, the attacks are obvious, as when the software no longer runs. More subtle are attacks in which the software has been altered but seems to run normally.
Data Vulnerability
A data attack is a more widespread and serious problem than either a hardware or software attack.
Data items have greater public value than hardware and software because more people know how to use or interpret data.
Computer security is refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization.
These are the three goals in
computing Security:
Confidentiality
Ensures that computer-related assets are accessed only by authorized parties. Confidentiality is sometimes called secrecy or privacy.
Integrity
It means that assets can be modified only by authorized parties or only in authorized ways.
Availability
It means that assets are accessible to authorized parties at appropriate times.
Threats
A threat to a computing system is a set of circumstances that has the potential to cause loss or harm.
We can view any threat as being one of four kinds such as interception, interruption, modification, and fabrication.
An unauthorized party might create a fabrication of
counterfeit objects on a computing system.
The intruder may insert spurious transactions to a network communication system or add records to an existing database.
Attacks
A human who exploits a vulnerability perpetrates an attack on the system. An attack can also be launched by another system..
System sends an overwhelming set of messages to another, virtually shutting down the second system's ability to function.