IT-SECURITY (SECURITY AND ITS NEED)

SECURITY AND ITS NEED

What needs to be protected, against whom and how? Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impactof security incidents are minimized. A threat is a danger which could affect the security (confidentiality, integrity, availability) of assets, leading to a potential loss or damage. Writing secure applications takes a very scrutinous and pessimistic outlook on life. Applications should be run with the principle of ―least privilege‖ so that no process is ever running with more than the bare minimum access that it needs to accomplish its function. Previously tested code should be reused whenever possible to avoid common mistakes that others may have already fixed.

SECURITY

A state of well-being of information and infrastructure in which the possibility of successful yet undetected theft, tampering, and disruption of information and services can be judged is the scenario of security.

Security is of increasing concern in the modern world. Not only is our physical security becoming more difficult to maintain, even in the developed world, but with the advent of the information age, our information and the infrastructure via which it is stored, processed and communicated, is increasingly important to control. Security rests on confidentiality, authenticity, integrity, and availability.

ASPECTS OF SECURITY

  • Strong encryption. Prevention of off-site access using an unencrypted connection.
  • Firewalls. Limiting which network protocols can communicate with which machines in your network.
  • Programs that have security as a main design consideration. These are programs that are algorithmically secure and have been written in a secure manner.
  • Physical security. Ensuring that physical access to the device you want to secure is restricted to authorized personnel.
  • Procedural security. Organizational policies and procedures in place to prevent unauthorized access to equipment.

There are two areas where security is a concern: denial of service attacks, and compromises. The latter category has two sub-categories: local compromises, where the attack originates from a user who is logged in to the machine, and remote compromises, when the attack originates from a remote machine (be it on the same network, or half way around the world). A denial of service occurs when the attacker makes the services you offer unavailable, by crashing your web server, for example, or saturating your network connection with bogus requests.

A compromise occurs when an unauthorized person gains access to one or more of your machines. If that access is as a privileged user (the root account on UNIX® boxes), then attackers can do whatever they like to the machine, from deleting all your files to copying confidential data, to even using the machine as a platform from which to attack other machines, either in your network, or at other sites. Languages like Java use a sandbox to help ensure their security, but what can C programmers do to make their programs as secure as possible? Following is a discussion about some common programming mistakes and how to correct them, and then some tips on how to write secure programs.

SECURITY ISN‘T ABOUT HARDWARE AND SOFTWARE

Many businesses believe that if they purchase enough equipment, they can create a secure infrastructure. Firewalls, intrusion detection systems, antivirus programs, and two-factor authentication products are just some of the tools available to assist in protecting a network and its data. It is important to keep in mind that no product or combination of products will create a secure organization by itself. Security is a process; there is no tool that you can ― set and forget. All security products are only as secure as the people who configure and maintain them.

The purchasing and implementation of security products should be only a percentage of the security budget. The employees tasked with maintaining the security devices should be provided with enough time, training, and equipment to properly support the products. Unfortunately, in many organizations security activities take a back seat to support activities.It is important to recognize that all operating systems have embedded tools to assist with security. They often require a little research to find, but the time spent in identifying them is less than the money spent on purchasing additional security products or recovering from a security breach.

NEED FOR ENHANCED SECURITY

An examination of the potential problems that can arise on a poorly secured system will help in understanding the need for security. Three basic kinds of malicious behavior are:

  • Denial of service.
  • Compromising the integrity of the information.
  • Disclosure of information.

Denial of Service

Denial of service occurs when a hostile entity uses a critical service of the computer system in such a way that no service or severely degraded service is available to others. Denial of service is a difficult attack to detect and protect against, because it is difficult to distinguish when a program is being malicious or is simply greedy.

An example of denial of service is an Internet attack, where an attacker requests a large number of connections to an Internet server. Through the use of an improper protocol, the attacker can leave a number of the connections half open. Most systems can handle only a small number of half-open connections before they are no longer able to communicate with other systems on the net. The attack completely disables the Internet server.

Compromising the Integrity of the Information

Most people take for granted that the information stored on the computer system is accurate, or at least has not been modified with a malicious intent. If the information loses its accuracy, the consequences can be extreme. For example, if competitors hacked into a company‘s data base and deleted customer records, a significant loss of revenues could result. Users must be able to trust that data are accurate and complete.

Disclosure of Information

Probably the most serious attack is disclosure of information. If the information taken off a system is important to the success of an organization, it has considerable value to a competitor. Corporate espionage is a real threat, especially from foreign companies, where the legal reprisals are much more difficult to enforce. Insiders also pose a significant threat. Limiting user access to the information needed to perform specific jobs increases data security dramatically.

Due to forceful interference in systems or due to any security breaches, great aftereffects can be seen. If the data is altered or stolen, a company may risk losing credibility and the trust of their customers. Businesses most at risk, experts say, are those handling online financial transactions.

“Hackers don’t care what kind of business you are; they just want to use your computer”

Thus we can imagine how much importance security is holding whether a person is in a business or using information for any other means.

For any query or issue, feel free to discuss on http://discuss.eduguru.in