The process of the detection and prevention of the unauthorized access to the computer is known as computer security. It is to ensure that the data stored in the computer cannot be compromised or read by any unauthorized individual. Several security measures are used for providing computer security like data encryption and password. Also known as IT security or Cyber security, computer security provides protection of the information system from misuse, misdirection or disruption of the services provided by them. It also ensures protection from theft or damage to the software and the hardware. Computer security is essential these days as Internet is connected through Wi-Fi wireless networks and Bluetooth and a wide variety of devices like smart phones, tablets, laptops and televisions etc. are used.
Importance of Computer Security
Since computer is the main source of storing and transferring information these days, prevention of theft of data like passwords, bank account numbers, personal documents and sheets, documents related to work, credit card information etc. is very essential these days. Any unauthorized access to the computer may lead to misuse of the data like changing the program source code, creation of derogatory content like images pornography though access of pictures or emails etc. Another important factor in computer security may be malicious intent like usage of a computer for attacking other websites or computers, crashing someone's computer to create data loss, DOS attacks to crash the server so that access to websites is prevented. All these factors imply that data stored in the computer should be confidential and safe. So, it is essential to secure our computer and thus the need for computer security arises.
Threats and Vulnerabilities to the Computer Security
Following are various threats to the Computer system:
Threats: Most common threats to the computers these days are software attacks, equipment theft, information theft, identity theft, destruction of information, extortion of information, and intellectual property theft. Since information of military, government offices, businesses, financial corporations, hospitals etc. are very confidential and sent from one computer to the other in the computer network, leakage of any kind of this information can prove out to be very dangerous for the organizations.
Vulnerabilities to the Computer security system.
1. Denial of service attack is one of the major vulnerability to the information system where access to the computer or network is prevented to the authenticated user by interrupting his/her services. In order to ensure that the computer system access is not prevented to the authenticated and legitimate user, information security is needed.
2. Data made available to an unauthorized user: Any unauthorized user can use the data for his/her own interest and against the interest of the organization which can be very dangerous. Thus, computer security is needed to prevent any unauthorized access to the computer system.
3. Modification or alteration of the Data: Data moving across the network can be altered by any unauthorized user. He/she can alter the data of the organization and can play with the final execution plan or project reports. This would be misleading for any organization and create problems during final execution. So, computer security is very essential to prevent any unauthorized access.
Risk management is also needed to be done in organizations and corporations to prevent computer systems from all these above mentioned threats and vulnerabilities. Risk is defined as the possibility that something bad might happen with the information stored in the computer system due to these threats and vulnerabilities. During the Risk assessment, following points are examined; IT system access, Organization and Security policies, Human resources security, Security from environmental and physical factors, Communication and operations management, Management of assets.
Basic Components of Computer Security
Considering all the vulnerabilities and threats mentioned above, Computer security is needed mainly to provide three basic components of data: Data Confidentiality, Data Availability and Data Integrity
1. Data Confidentiality: Data confidentiality ensures that data stored on the system is prevented from unauthorized access. It is the concealment of resources and information. It ensures that data is available and readable to authorized user only. Access control mechanisms helps in providing data like computer systems use cryptography to change useful information into a form that cannot be read or understood by any unauthorized person. It mainly scrambles the data to make it incomprehensible. This is done using a cryptographic key. Cryptography protects the information in any form whether it is in storage or in transit. All the mechanisms need supporting services from the system in order to provide data confidentiality.
2. Data Integrity: Integrity is basically the trustworthiness of the data. It deals with the validity and accuracy of the data. Data should be complete and accurate over its entire transmission and storage cycle. This is to ensure that data is not manipulated by any undetected or unauthorized user. Message integrity is typically provided by computer security systems. It ensures that message sent by the user is not changed by any unauthorized user at any intermediate node at all stages.
3. Data Availability: The ability to use the desired resources or information is called data availability. Even if Denial of service attacks are ongoing on the computer systems, the data and required network services should always available to the authorized. Data should be available in all the situations ranging from disastrous to normal. In order to ensure where the data is stored and how it can be reached, redundancy is required to achieve the data availability.
Access Control in Computer Network System
Access control's function is to control the access to the resources of the system like who all persons or machines or processes can access which files of the system, how the data can be shared, what all programs can be executed etc. Access control function is executed at a number of levels as shown in the Figure1 below. Access control at application level is a very complex and rich security policy which may require online authorization from a third party like credit card transactions or refunds may need dual control. These applications are written on top of middleware, through which a number of protection policies are applied like charging the same amount of money for all the book ledgers by the bookkeeping software.
Figure 1 Access Control at different levels in a system
The operating system controls the access which relies on hardware features provided by the memory or the processor. The Access control is more complex and less reliable as we move up from hardware to the application level.
Implementing IDS Systems for Controlling Access to the Computer Systems
Intrusion detection system (IDS) is used in computer security for monitoring computer and network activities and analyzing these events to verify the signs of intrusion into the system. The information and content from the header of the IP packet is analyzed by the IDS system which is then compared with the signatures of the known attacks. Since, an IDS only warns of the suspicious activity and does not prevent them, it is a passive-monitoring system. Host-based and Network-based Intrusion detection systems are the two types of IDS system. Network-based IDS detector analyses all the incoming and outgoing traffic through the network passively and generates alarms when end of the packet is detected dangerous. Host-based IDS detector is installed on the local host and analyzes the traffic to that host and identifies any intrusion attempts. Thus, IDS systems helps in raising alarms in case of any unauthorized activity in the system.
Target Credit Card Theft, 2013
One of the incident breaching the Information security system happened in 2013 when information of the Target corporation's customer was stolen by the Credit-card and Debit-card breaches. An extensive theft of the Target corporation's customers' Debit-card and Credit-card happened over the Friday weekend, it was a breach of a major retailer's information security. The theft happened in stores only and not online. The machines that are used by the customers to swipe their cards for making purchases were tampered. The magnetic stripe on the back of the Credit-card and Debit-card contains all the information like account-number, expiration dates, secret CVV code etc. and the thieves gained access to that.
Hackers, after getting all the valuable information sold the information in bulk to the black market where people could use it to produce fake debit and credit cards. They can then use these fake cards to buy gift cards from retailers which could eventually be converted into cash.
Thus, to prevent such incidents which are breaching the information security systems, computer security is must these days.
Conclusion
Computer security attempts to ensure the integrity, availability and confidentiality of the data and information system. Thus, computer security is needed to prevent the data from unauthorized access, modification, usage, copy, or destruction of any kind. Since, computer system is the major requirement in government offices, corporations, organizations, military, banking, billing, hospitals, entertainment etc. these days, so all the necessary steps for the security of the computer system should be taken.
Works Cited
Bishop, Matt. Introduction to Computer Security. New Delhi: Pearson Education, 2006.
Feruza Y., Sattarova and Tao-hoon Kim. "IT Security review: Privacy Protection, Access Control, Assurance and System Security." International Journal of Multimedia and Ubiquitous Engineering (2007): 17-32.
IJCSI.org. "Implementation of an Intrusion Detection System ." IJCSI International Journal of Computer Science (2012): 420-424.
Sidel, Robin, Danny Yadron and Sara Germano. "Target Hit by Credit-Card Breach." The Wall Street Journal (2013): 3-8.
