Security and Protection Flashcards
Difference between protection and security
Security measures deal with threats to resources that come from outside a computer system.
Protection measures deal with internal threats.
Computer Security Triad
Confidentiality
Integrity
Availability
Interception
Interception refers to the unauthorized access or capture of data during its transmission or communication across a network or system.
Example: intercepting unencrypted communication to obtain confidential data or passwords.
Interruption
Interruption involves attacks or actions that disrupt or deny access to legitimate users or resources within the system.
Example: Denial-of-service (DoS) attacks that flood a system with traffic to overload and disrupt its services.
Modification
Modification refers to unauthorized changes made to data, programs, or system configurations by an attacker.
Example: altering the content of files
Fabrication
Fabrication involves the creation or insertion of false or unauthorized data or activities within the system.
For example, creating forged user identities or generating false log entries to deceive system administrators.
Authentication
Authentication verifies the identity of users or entities attempting to access a system, ensuring they are who they claim to be. It confirms the validity of credentials, such as usernames, passwords, biometric data, or digital certificates.
Authorization
Authorization defines and enforces what actions or resources a user or process is permitted to access or perform within the system after successful authentication.
Example: File-level authorization specifies permissions (read, write, execute) for different user groups
Security Violation Categories
Breach of confidentiality
Breach of integrity
Breach of availability
Theft of service
Denial of service
What are the two steps in authentication?
Identification
Verification
