2022-08-10 04:08

Security in Computing

1. Characteristics of Computer Intrusion and Kinds of Security Breaches

1.1 Characteristics of Computer Intrusion

The target of a crime involving computers may be any piece of the computing system. A computing system is a collection of hardware, software, storage media, data, and persons that an organization uses to do computing tasks. Whereas the obvious target of a bank robbery is cash, a list of names and addresses of depositors might be valuable to a competing bank. The list might be on paper, recorded on a magnetic medium, stored in internal computer memory, or transmitted electronically across a medium such as a telephone line.This multiplicity of targets makes computer security difficult.

In any security system, the weakest point is the most serious vulnerability. A robber intent on stealing something from your house will not attempt to penetrate a two-inch thick metal door if a window gives easier access. A sophisticated perimeter physical security system does not compensate for unguarded access by means of a simple telephone line and a modem. The “weakest point' philosophy can be restated as the following principle.

Principle of Easiest Penetration. An intruder must be expected to use any available means of penetration. This will not necessarily be the most obvious means, nor will it necessarily be the one against which the most solid defense has been installed.

This principle says that computer security specialists must consider all possible means of penetration, because strengthening one may just make another means moreappealing to intruders. We now consider what these means of penetration are.

1.2 Kinds of Security Breaches

In security, an exposure is a form of possible loss or harm in a computing system; examples of exposures are unauthorized disclosure of data, modification of data, or denial of legitimate access to computing. A vulnerability is a weakness in the security system that might be exploited to cause loss or harm. A human who exploits a vulnerability perpetrates an attack on the system. Threats to computing systems are circumstances that have the potential to cause loss or harm; human attacks are examples of threats, as are natural disasters, inadvertent human errors, and internal hardware or software flaws. Finally, a control is a protective measure—an action, a device, a procedure, or a technique—that reduces a vulnerability.

The major assets of computing systems are hardware, software, and data. There are four kinds of threats to the security of a computing system: interruption, interception, modification, and fabrication. The four threats all exploit vulnerabilities of the assets in computing systems. These four threats are shown in Fig. 1.

Fig.1 Four Classes of System Security Failures

(1) In an interruption, an asset of the system becomes lost or unavailable or unusable. An example is malicious destruction of a hardware device, erasure of a program or data file, or failure of an operating system file manager so that it cannot find a particular disk file.

(2) An interception means that some unauthorized party has gained access to an asset. The outside party can be a person, a program, or a computing system. Examples of this type of failure are illicit copying of program or data files, or wiretapping to obtain data in a network. While a loss may be discovered fairly quickly, a silent interceptor may leave no traces by which the interception can be readily detected.

(3) If an unauthorized party not only accesses but tampers with an asset, the failure becomes a modification. For example, someone might modify the values in a database ,alter a program so that it performs an additional computation, or modify data being transmitted electronically. It is even possible for hardware to be modified. Some cases of modification can be detected with simple measures, while other more subtle changes may be almost impossible to detect.

(4) Finally, an unauthorized party might fabricate counterfeit objects for a computing system. The intruder may wish to add spurious transactions to a network communication system, or add records to an existing data base. Sometimes these additions can be detected as forgeries, but if skillfully done, they are virtually indistinguishable from the real thing.

These four classes of interference with computer activity—interruption, interception, modification, and fabrication—can describe the kinds of exposures possible. Examples of these kinds of interferences are shown in Fig.2.

Fig. 2 Types of Abuse in Computing Systems


Computer crime is certain to continue. The goal of computer security is to institute controls that preserve secrecy, integrity, and availability. Sometimes these controls are able to prevent attacks; other less powerful methods can only detect a breach as or after it occurs.

In this section we will survey the controls that attempt to prevent exploitation of the vulnerabilities of computing systems.

2.1 Encryption

The most powerful tool in providing computer security is coding. By transforming data so that it is unintelligible to the outside observer, the value of an interception and the possibility of a modification or a fabrication are almost nullified.

Encryption provides secrecy for data. Additionally, encryption can be used to achieve integrity, since data that cannot be read generally also cannot be changed. Furthermore, encryption is important in protocols, which are agreed-upon sequences of actions to accomplish some task. Some protocols ensure availability of resources. Thus, encryption is at the heart of methods for ensuring all three goals of c



  1. 计算机入侵的特点和各种各样的安全漏洞
    1. 计算机入侵的特点





    1. 各种各样的安全漏洞



图1 四类系统安全故障

(1) 在中断中,系统的某一个资源产生丢失、不可用或不能用。例如,硬件设备 的恶意破坏、程序或者数据文件的删除,或操作系统文件管理器出现故障,以致于无法找到特定的磁盘文件。

(2) 拦截意味着某些未授权方获得某个资源的使用权。外部方可以是个人、程序或计算机系统。这类故障的例子有,非法复制程序或者数据文件,或窃听以获取网络中的数据,虽然损失可能被很快的发现,但是由于拦截能被很快检测到,因此静态拦截器可能不会留下痕迹。

(3) 如果未授权方不仅访问了并且还篡改了资源,则故障变为修改。例如,有人可能修改数据库中的值,更改程序为了让它能够执行额外的计算,或者修改以电子方式传输的数据。甚至可以修改硬件。一些修改能够被简单的措施检测到,而其他更不易察觉的变化几乎不可能检测到

(4) 最后,未经授权方可能为计算机系统制造假冒的对象。入侵者可能希望将虚假的事务添加到网络通信系统,或者添加数据到现存的数据库中。有时,这些添加的数据可以被检测为伪造,但如果巧妙的做这些,它们事实上与真实的内容是无法区分的。


图2 计算机系统中的滥用类型




2.1 加密




2.2 软件控制



  • 开发控制,是程序设计、编码、测试和维护的标准。
  • 操作系统控制,是操作系统强制实施的限制,以保护每一个用户不受其他用户的攻击。
  • 内部程序控制强制安全限制,如数据库管理程序中的访问控制。


2.3 硬件控制


1) 策略




2) 物理控制


3) 控制的有效性








2.4 重叠控制


图3 重叠控制

2.5 定期审查


3 计算机病毒






图4 描述病毒基本行为的流程图


4 网络防火墙










●双宿主网关—— 一些防火墙通过在专用网络和互联网上放置一个系统并禁用TCP/IP转发,来实现不用屏蔽路由器。






原文和译文剩余内容已隐藏,您需要先支付 20元 才能查看原文和译文全部内容!立即支付