Computer Security in the Age of the Internet.Computer security prior to the Internet was relatively easy. Few organizations had the capability to access computer systems outside of their organization. There was little chance that those computer systems that did have access outside the organization could be infected in·fecttr.v. in·fect·ed, in·fect·ing, in·fects 1. To contaminate with a pathogenic microorganism or agent. 2. To communicate a pathogen or disease to. 3. To invade and produce infection in. with a computer virus. The arrival of the internet provides easy access to and rapid dissemination dissemination Medtalk The spread of a pernicious process–eg, CA, acute infection Oncology Metastasis, see there of information from a variety of sources, http://www.asc.wpafb.af.mil/cbt/content/iabasics/slide30.html. The key now is to provide users with maximum internet availability; when using computer systems for performing official organizational business, while safeguarding against security risks. This article will provide insights concerning establishing a computer security program. The term information assurance is used by government agencies in addition to the term "computer security". The components of information assurance are that only authorized users authorized user Radiation physics A person who, having satisfied the applicable training and experience requirements, is granted authority to order radioactive material and accepts responsibility for its safe receipt, storage, use, transfer and disposal have access to systems http://ase50.wpafb.af.mil/cbt/content/iabasics. that these computer systems operate correctly and that the data provided by these computer systems is accurate. Information assurance is not a program, but the integration of people, policy, technology, procedures and doctrine. As we evaluate computer security in our organizations, it is important to look at identifying computer system vulnerabilities and correcting these vulnerabilities. This is known as risk management. We will look at risk management, the physical and software aspects of computer security, and computer security tools users and organizations can use in identifying and eliminating securities vulnerabilities. Risk Management A fundamental aspect of risk management is the identification of vulnerabilities and their associated threats. The following chart identifies the different types of vulnerabilities and the threat levels associated with these vulnerabilities. An example of this is viruses. All viruses attack potential system vulnerabilities; however, the associated risk with a particular virus can be low, medium, or high depending on the damage that can be done. You should also realize that computer systems are not just subject to vulnerabilities which are intentionally in·ten·tion·al adj. 1. Done deliberately; intended: an intentional slight. See Synonyms at voluntary. 2. Having to do with intention. inflicted by hackers or disgruntled dis·grun·tle tr.v. dis·grun·tled, dis·grun·tling, dis·grun·tles To make discontented. [dis- + gruntle, to grumble (from Middle English gruntelen; see employees but may result from natural disasters, such as floods or fires. In addition, there are also unintentional vulnerabilities, such as a employee mistakenly deleting an important file needed by the organization. Computer Security The most important elements of computer security are physical security, security provided by the operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. the computer system uses, computer security software applications and encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. , and combinations of both physical and security software applications. Physical security relates to the physical barriers that may be in place to prevent unauthorized access to computers. Doors, dead bolts, and key control systems are example of physical security devices for facilities. The operating system that the computer system uses to process commands or instructions also has built-in security features, such as password protection for user accounts and screen savers Screen Savers may refer to:
Hackers, however, have discovered vulnerabilities in the operating system software, especially computer systems that are used as web servers, and they have exploited these vulnerabilities to gain unauthorized access to computer systems. Microsoft and other operating system software developers continuously provide software releases to correct these vulnerabilities. The reader should be aware of which operating system software is being used on your computer system and should ensure that the latest service releases are installed. Software applications such as Norton or McAffee anti-virus products are examples of computer security software applications. Additionally, software used in enabling public key and other encryption technologies are also examples of computer security software applications. Firewall and proxy servers Also called a "proxy," it is a computer system or router that breaks the connection between sender and receiver. Functioning as a relay between client and server, proxy servers are used to help prevent an attacker from invading the private network. can use both physical hardware and software to protect computer users. A firewall protects all computer systems within a defined boundary and allows only authorized users outside the boundary to access computer systems within the boundary; users not listed in the firewall server's access list are excluded from computer systems within the boundary. Think of a computer firewall in the same regards as a car firewall. A firewall in a car is designed to protect the occupants of the car from injury by preventing the spread of an engine fire to the driver and passenger compartments In developmental biology, compartments are fields of cells of distinct cell lineage, cell affinity, and genetic identity. In a developing organ, all cells within a compartment possess similar affinities, and so intermingle with each other. of the car. A computer firewall protects computer systems within the designated boundary and prevents access to these systems by unauthorized users. A proxy server is slightly different from a firewall in that a proxy server does not allow direct access to an authorized au·thor·ize tr.v. au·thor·ized, au·thor·iz·ing, au·thor·iz·es 1. To grant authority or power to. 2. To give permission for; sanction: computer system. Instead, a proxy server is used in conjunction with web servers to retrieve pages a user requests. When a user attempts to access the web server, the proxy server intercepts the request. The proxy server then requests the pages from the web server and sends the requested pages to the user. The user in this case never accesses the web server directly; however, the user does receive the requested information. This processes ensures that users cannot connect to the web server and introduce computer viruses or malicious code to the web server. Computer Security Tools A virus is a self-replicating, malicious program introduced to computer systems and leaves no obvious signs of its presence. A virus can destroy all the data on your hard drive and leave the drive inoperable inoperable /in·op·er·a·ble/ (in-op´er-ah-b'l) not susceptible to treatment by surgery. in·op·er·a·ble adj. Unsuitable for a surgical procedure. . The four steps to virus protection are to prevent viruses, detect viruses, eradicate Eradicate To completely do away with something, eliminate it, end its existence. Mentioned in: Smallpox viruses, and to report virus incidents. Computers system that display the following signs could be infected with a computer virus: * Unable to operate * Unusual messages displayed * Files are missing, have increased in size, or are corrupt * System operates slowly * Sudden lack of disk space * Unable to save or access a file The most important security tool is virus protection software. Make sure it is installed on your computer system and make sure you have the most current virus definitions. Virus definitions are updated when new viruses discovered. The virus definition files are released whenever necessary to combat against new known viruses, so it is important that the current virus definition file is installed on your computer system. You need to remember that a virus definition may not have been released for a computer virus that was recently discovered. Thus the battle to create new definitions is never ending. You have to wait until the anti-virus manufacturer has found a cure for the virus and released a new virus definition file. Other computer security tools are monitoring event logs on servers, ensuring that file and account permissions are properly set, that computer systems use password protection and that passwords are composed of at least eight characters and that the password combination includes both letters and numbers (alphanumeric alphanumeric (ăl'fən  mĕr`ĭk) or alphameric (ăl'fəmĕr`ĭk), the set of letters and numbers. ) and has at least one special character. Physical security is also very important and should not be overlooked. Access should be limited to the area where the network servers and communications equipment (network hubs See hub and hub vs. switch. , switches, routers, etc.) are kept. Individuals who depart the organization should no longer have unescorted access to the building or to the computer systems in the building. Summary It was indicated at the beginning of this article that the internet provides us with instant access to a vast amount of data; however, it has created security vulnerabilities. The following table is a visual representation of some computer security elements you should consider when implementing a computer security program. In conclusion, you should remember that if you can see other computer systems on the internet, then users of those computer systems can see or even access your computer system as well. An effective computer security program is designed around the concept of identifying computer vulnerabilities and providing computer system users with guidance on how to eliminate, or at least reduce, these vulnerabilities. About the Author Timothy Reardon is an assistant professor at DISAM DISAM Defense Institute of Security Assistance Management DISAM Direct Indexed Sequential Access Method and has served on the DISAM faculty for ten years. He is the functional manager for the DISAM network and is the organization's computer security officer. Timothy has Timothy Ha Wing-ho MBE, JP (Chinese: 夏永豪, Pinyin: Xia Yonghao), born in 1937, is the former Supervisor and Principal of St. Paul's College, Hong Kong, as well as Education Secretary of the Hong Kong Sheng Kung Hui (Hong Kong Anglican Church (Episcopal)) and designed and installed local area networks for several security assistance field activities and has over seventeen years of computer networking
Computer networking is the engineering discipline concerned with communication between computer systems or devices. experience. Timothy graduated from Park college with a B.S. in management. He is also an adjunct adjunct (aj´ungkt), n a drug or other substance that serves a supplemental purpose in therapy. adjunct faculty member of Miami Jacobs College. You may contact Tim at DSN DSN - Digital Switched Network 785-8524, or (937)-255-8524, or by e-mail timothy.reardon@disam.dsca.osd.mil An Internet address domain name for a military agency. See Internet address. (networking) mil - The top-level domain for entities affiliated with US armed forces. . |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion