Computer Security Definition

Computer Security deals withPREVENTION - taking measures to prevent asset from being damagedDETECTION - taking measures to detect who, how and where caused the damage to the assetREACTION - taking measures to recover from the damaged assetIn general it also includes:CONFIDENTIALITY - prevent unauthorized disclosure of informationINTEGRITY - prevent unauthorized modification of informationAVAILABILITY - prevent unauthorized withholding of information/resourceauthentication, authorization, accountability,

CONFIDENTIALITY prevent unauthorized disclosure of informationprevent unauthorized reading of informationsecrecy - protection of personal informationprivacy - protection of company's information

INTEGRITY prevent unauthorized modification of informationprevent unauthorized writing of informationClark & Wilson (Internal Consistency) - No user even if authorized should be allowed to modify assets/account records of a company is lost or corruptedOrange Book (External Consistency)  computerized data is same as the source document has not been exposed to accidental or malicious alteration or destruction

AVAILIBILITY prevent unauthorized witholding of information/resourceDenial of Servicethe prevention of authorised access of resources or the delaying of time-critical operations Distributed DDoS attack

Definitions