Computer security: Difference between revisions
imported>Eric M Gearhart (Added blurb about Information Assurance) |
imported>Howard C. Berkowitz No edit summary |
||
Line 1: | Line 1: | ||
{{subpages}} | {{subpages}} | ||
'''Computer security ''' is a branch of technology known as [[information security]] as applied to [[computer]]s. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy. [[Information | '''Computer security ''' is a branch of technology known as [[information security]] as applied to [[computer]]s. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy. [[Information assurance]] discusses a related topic - how "sure" someone can be that the data stored on automations equipment (such as a computer or server) has not been maliciously tampered with or read by untrusted third parties (i.e. a [[hacker]]). | ||
Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do. This makes computer security particularly challenging because we find it hard enough just to make computer programs do everything they are designed to do correctly. Furthermore, negative requirements are deceptively complicated to satisfy and require exhaustive testing to verify, which is impractical for most computer programs. Computer security provides a technical strategy to convert negative requirements to positive enforceable rules. For this reason, computer security is often more technical and mathematical than some [[computer science]] fields. | Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do. This makes computer security particularly challenging because we find it hard enough just to make computer programs do everything they are designed to do correctly. Furthermore, negative requirements are deceptively complicated to satisfy and require exhaustive testing to verify, which is impractical for most computer programs. Computer security provides a technical strategy to convert negative requirements to positive enforceable rules. For this reason, computer security is often more technical and mathematical than some [[computer science]] fields. | ||
Line 7: | Line 7: | ||
Typical approaches to improving computer security (in approximate order of strength) can include the following: | Typical approaches to improving computer security (in approximate order of strength) can include the following: | ||
*Physically limit access to computers to only those who will not compromise security. | *[[Physical security|Physically limit access]] to computers to only those who will not compromise security. | ||
*Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security. | *Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security. | ||
*Operating system mechanisms that impose rules on programs to avoid trusting computer programs. | *[[Operating system security|Operating system mechanisms]] that impose rules on programs to avoid trusting computer programs. | ||
*Programming strategies to make computer programs dependable and resist subversion. | *Programming strategies to make computer programs dependable and resist subversion. |
Revision as of 10:36, 27 February 2010
Computer security is a branch of technology known as information security as applied to computers. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy. Information assurance discusses a related topic - how "sure" someone can be that the data stored on automations equipment (such as a computer or server) has not been maliciously tampered with or read by untrusted third parties (i.e. a hacker).
Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do. This makes computer security particularly challenging because we find it hard enough just to make computer programs do everything they are designed to do correctly. Furthermore, negative requirements are deceptively complicated to satisfy and require exhaustive testing to verify, which is impractical for most computer programs. Computer security provides a technical strategy to convert negative requirements to positive enforceable rules. For this reason, computer security is often more technical and mathematical than some computer science fields.
Typical approaches to improving computer security (in approximate order of strength) can include the following:
- Physically limit access to computers to only those who will not compromise security.
- Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security.
- Operating system mechanisms that impose rules on programs to avoid trusting computer programs.
- Programming strategies to make computer programs dependable and resist subversion.