Chapter Summary

Chapter Summary

Chapter Summary
(See related pages)

Security Basics and Terminology

Information assurance and information security place the security focus on the information and not the hardware or software used to process it.

The original goal of computer and network security was to provide confidentiality, integrity, and availability—the “CIA” of security.

As a result of the increased reliance on networks for commerce, authentication and nonrepudiation have been added to the original CIA of security.

The operational model of computer security tells us that protection is provided by prevention, detection, and response.

Host security focuses on protecting each computer and device individually instead of addressing protection of the network as a whole.

Least privilege means that an object should have only the necessary rights and privileges to perform its task, with no additional permissions.

Diversity of defense is a concept that complements the idea of various layers of security. It means to make the layers dissimilar so that if one layer is penetrated, the next layer can’t also be penetrated using the same method.

Access is the ability of a subject to interact with an object. Access controls are those devices and methods used to limit which subjects may interact with specific objects.

Authentication mechanisms ensure that only valid users are provided access to the computer system or network.

The three general methods used in authentication involve the users providing either something they know, something they have, or something unique about them (something they are).

Multifactor is a term used to describe the use of more than one authentication mechanism at the same time.

Mutual authentication is a term used to describe a process in which each side of an electronic communication verifies the authenticity of the other.

Security Models

Security models enforce the chosen security policy.

There are two basic categories of models: those that ensure confidentiality and those that ensure integrity.

Bell-LaPadula is a confidentiality security model whose development was prompted by the demands of the U.S. military and its security clearance scheme.

The Bell-LaPadula security model enforces “no-read-up” and “no-write-down” rules to avoid the deliberate or accidental disclosure of information to individuals not authorized to receive it.

The Biba security model is an integrity-based model that, in many respects, implements the opposite of what the Bell-LaPadula model does—that is, “no-read-down” and “no-write-up” rules.

The Clark-Wilson security model is an integrity-based model designed to limit the processes an individual may perform as well as require that critical data be modified only through specific transformation processes.

Instructor Edition

Student Edition

Instructor Log In

Notes

Instructor Log In

Log In
You must be a registered user to view the premium content in this website. If you already have a username and password, enter it below. If your textbook came with a card and this is your first visit to this site, you can use your registration code to register.
Username:
Password:
	Forgot your password?

Instructor Log In

Site Preferences	(Log out)

		Send mail as:

TA email:
Other email:

"Floating" navigation?
Drawer speed:

Notes		(What is this?)

Add a note
1.	(optional) Enter a note here:
2.	(optional) Select some text on the page (or do this before you open the "Notes" drawer).
3.	Highlighter Color:
4.

Search
Search for:
Search in:

Home > Chapter 2 > Chapter Summary

	Course-wide Content
		Glossary Textbook Updates

	Quizzes
		Multiple Choice Quiz
	More Resources
		Chapter Outline Chapter Summary

	Instructor Resources
		Projects Updates for Instructors NWCET Info

	Course-wide Content
		Glossary Textbook Updates

	Instructor Resources
		Instructors' Manual PowerPoint Presentation Answer Key NWCET Activity Image Library

	Quizzes
		Multiple Choice Quiz
	More Resources
		Chapter Outline Chapter Summary