Академический Документы
Профессиональный Документы
Культура Документы
The computers are needed to be protect from the unwanted program threats
.There are many defences against computer attacks, from methodology to
Technology. The broadest tool available to system designers and users is
cryptography.
Security situations
• In an isolated computer, the operating system can reliably determine
sender and recipient of all inter process communication, since it controls
communication channels in the computer.
The above figure shows the process of cryptography techniques. Cleartext is the
simple message need to be sent over the internet. Data is encrypted using the
key1 and creates the ciphertext. The cipher text is not understandable to the
person not possess the corresponding key for key1. The computer with the key2
relating key1 can view this message and decrypt this data into the readable
cleartext.
Encryption:
a) Symmetric encryption: The same key is used for encrypt and decrypt
the information. Symmetric encryption is the oldest and best-known
technique. A secret key, which can be a number, a word, or just a string of
random letters, is applied to the text of a message to change the content
in a particular way. This might be as simple as shifting each letter by a
number of places in the alphabet. As long as both sender and recipient
know the secret key, they can encrypt and decrypt all messages that use
this key.
This means that you do not have to worry about passing public keys over
the Internet (the keys are supposed to be public). A problem with
asymmetric encryption, however, is that it is slower than symmetric
encryption. It requires far more processing power to both encrypt and
decrypt the content of the message.
Ex: E-mail.
Authentication:
Authentication is any process by which you verify that someone is who they
claim they are. This usually involves a username and a password, but can
include any other method of demonstrating identity, such as a smart card, retina
scan, voice recognition, or fingerprints. Authentication is equivalent to showing
your driver’s license at the ticket counter at the airport.
Passwords:
The passwords are so simple that anyone can guess the weak password
depending upon the person’s information. All too frequently, people use obvious
information (such as the names of their cats or spouses) as their passwords. An
attacker can look over the shoulder of a user (shoulder surfing) when the user
is logging in and can learn the password easily by watching the keyboard.
Anyone with access to the network on which a computer resides can seamlessly
add a network monitor, allowing her to watch all data being transferred on the
network (sniffing), including user IDs and passwords.
One-time Passwords:
To avoid the problems of password sniffing and shoulder surfing, a system could
use a set of paired passwords. When a session begins, the system randomly
selects and presents one part of a password pair; the user must supply the other
part. In this system, the user is challenged and must respond with the correct
answer to that challenge.
Biometrics:
There are many security solutions available for network or system security. Most
security professionals follow the theory of defence in depth, which states that
more layers of defence are better than fewer layers. Consider the security of a
house without a door lock, with a door lock, and with a lock and an alarm.
Security Policies:
The first step toward improving the security of any aspect of computing is to
have a security policy. Policies vary widely but generally include a statement of
what is being secured. For example, a policy might state that all outside
accessible applications must have a code review before being deployed, or that
users should not share their passwords, or that all connection points between a
company and the outside must have port scans run every six months. Without a
policy in place, it is impossible for users and administrators to know what is
permissible, what is required, and what is not allowed. The policy is a road map
to security, and if a site is trying to move from less secure to more secure, it
needs a map to know how to get there.
Virus protection:
Virus creates the unwanted environment in the system. Protection from viruses
thus is an important security concern. Antivirus programs are often used to
provide this protection. Some of these programs are effective against only
particular known viruses. They work by searching all the programs on a system
for the specific pattern of instructions known to make up the virus. When they
find a known pattern, they remove the instructions, disinfecting the program.
By verifying these actions before they start, UAC can help prevent malicious
software (malware) and spyware from installing or making changes to your
computer without permission.
A firewall can help prevent hackers or malicious software (such as worms) from
gaining access to your computer through a network or the Internet. A firewall can
also help stop your computer from sending malicious software to other
computers.
Conclusion:
The system security is of at most need in now. since, We spend more time with
the computer. If we are unaware of the things happening around the computer
network security and protection, If lose lot of personal information and data to
the attackers. The amount of protection we need depends on how we want to be
protected and how we use the computer. Security programs are tools to get the
protection we need but not a 100% protection if we don’t apply safe computing
techniques. Stay informed on security and privacy matters that you or your
organization is using or will use to be able to implement security policies or
action in preventing security and privacy problems.