انت هنا الان : شبكة جامعة بابل > موقع الكلية > نظام التعليم الالكتروني > مشاهدة المحاضرة
الكلية كلية العلوم للبنات
القسم قسم الحاسبات
المرحلة 4
أستاذ المادة محمد عبد الله ناصر الزبيدي
22/10/2017 06:59:40
Lecture 2 overview:
• Computer Security Challenges
• Important terms of Computer Security
• Model for Computer Security
5. Computer Security Challenges
1. Computer security is not simple (the mechanisms used to satisfy the security requirements can be quite complex).
2. One must consider potential (unexpected) attacks (i.e. Attack can exploit an unexpected weakness in the security mechanism).
3. Procedures used are often counter-intuitive.
4. Must decide where to deploy mechanisms.
5. Involve algorithms and secret info (keys).
6. A battle of wits between attacker / admin.
7. It is not perceived on benefit until fails.
8. Requires constant monitoring.
9. Too often an after-thought (security still not integral in design of system).
10. Regarded as impediment(عائق) to using system.
6. Important terms of Computer Security
There are different terms used in computer security:
• Unauthorized access: this means not to be allow to have access to some data.
• Adversary (threat agent): An entity that attacks, or is a threat to, a system.
• Hacker: Is a Person that tries and exploits a computer system for a reason which can be money, a social cause, fun etc.
• Threat: Is an action or event that might compromise the security (i.e. potential for violation of security).
• Vulnerability: It is a weakness, a design problem or implementation error in a system that can lead to an unexpected and undesirable event regarding security system.
• Attack: Is an assault on the system security that is delivered by a person or a machine to a system. It violates security.
• Countermeasure: An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.
• Risk: An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.
• Security Policy: A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
• System Resource: (Asset)- Data contained in an information system; or a service provided by a system; or a system capability, such as processing power or communication bandwidth; or an item of system equipment (i.e., a system component— hardware, firmware, software, or documentation); or a facility that houses system operations and equipment.
• Antivirus or Antimalware: Is a software that operates on different OS which is used to prevent from malicious software.
المادة المعروضة اعلاه هي مدخل الى المحاضرة المرفوعة بواسطة استاذ(ة) المادة . وقد تبدو لك غير متكاملة . حيث يضع استاذ المادة في بعض الاحيان فقط الجزء الاول من المحاضرة من اجل الاطلاع على ما ستقوم بتحميله لاحقا . في نظام التعليم الالكتروني نوفر هذه الخدمة لكي نبقيك على اطلاع حول محتوى الملف الذي ستقوم بتحميله .
الرجوع الى لوحة التحكم
|