Computer Security in an Information Age
Essay by review • October 3, 2010 • Research Paper • 2,408 Words (10 Pages) • 2,066 Views
Computer Security in the Information Age
Ronald T. Hill
Cameron University
Computer Security in the Information Age
Computers; they are a part of or in millions of homes; they are an intricate part of just about every if not all successful businesses, the government, and the military. Computers have become common place in today's society and the lives of the people who live in it. They have crossed every national, racial, cultural, educational, and financial barrier, which consequently ushered in the information age. A computer is a programmable electronic device that can store, retrieve and process data, and they come in all shapes, and sizes. They can be used for and in just about anything. As stated before, they are used in just about every aspect of modern society. They are so fundamental to modern society that it would be disastrous to society without them. As stated before, there are many areas in modern society that are run by computers. They play an intricate part of millions of homes in the world. Office workers in business, government and the military may use them to write letters, keep rosters, create budgets, find information, manage projects, communicate with workers, and so on. They are used in education, medicine, music, law enforcement, and unfortunately crime. Because computers have become such a part of the world and how it operates, there is a tremendous responsibility for those who are in control of these computers and the vital information that they carry, to manage and protect them properly. This is management and protection is vital because any loss or damage could be disastrous for the affected entity. For example, a mistake or intentional alteration of a personal credit file could affect ones ability to buy a car or home, or can lead to legal actions against the affected person until the mistake or intentional alteration has been corrected. Therefore, with the advent of computers in the information age, and all of the intentional and unintentional violations against them, comes the need to safeguard them and the information they carry with strong systems and policies of computer security.
Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help to stop unauthorized users or intruders from accessing any part of a computer system. Detection helps one to determine whether or not someone attempted to break into a computer system, if they were successful, and what they may have done. Good security would keep strangers from reading one's email, using one's computer to attack other systems, sending forged email from one's computer, or examining personal information stored on one's computer, such as financial statements. There are two main areas of computer security. They are computer network security and Internet security. A computer network consists of communications media, devices, and software needed to connect share information on two or more computer systems and/or devices. It is vitally important to secure computer networks in modern organizations for several reasons. They are:
1. Computer systems that are networked enable organizations to be more flexible and adaptable to meet rapidly changing business conditions.
2. Networks enable companies to share hardware, computer applications, and databases across the organization.
3. Networks make it possible for geographically dispersed employees and workgroups to share documents, ideas, opinions, and creative insights, which encourage teamwork, innovation, and more efficient and effective interactions.
4. The network is increasingly the link between businesses and between businesses and their customers.
The Internet is the largest network in the world. It is known as the network of networks. The Internet is a collection of more than 200,000 individual computer networks owned by governments, universities, nonprofit groups, and companies. These interconnected networks are connected via high-speed, long distance backbone networks. They exchange information using the same open, nonproprietary standards and protocols.
There are three primary and three secondary objectives of computer security. The primary objectives are confidentiality, integrity, and availability. The secondary objectives are authorized, message authentication, and non-repudiation. Confidentiality requires that only authorized persons are able to access the data in a computer system, as well as the data transmitted between computer systems. Integrity specifies that the data in a computer system, as well as the data transmitted between computer systems, be free from unauthorized modification or deletion. For example, the unauthorized insertion of false credit records could jeopardize a person's ability to obtain credit. The availability objective requires that the authorized users of the computer systems and communications media not be denied access when access is desired. The authorized use objective simply states that only authorized individuals may use the computer system and its components. When a message is received one must insure that the individual who the system claims sent the message did truly transmit it. This is called message authentication. Finally, when one wants to know that an individual did in fact, receive a message that was transmitted is called non repudiation. All together, these objectives form the essential foundation of computer and network security.
Now that the foundation has been identified and in place, the system must be implemented. However, there are several factors that hinder implementation and they must be identified and removed. The first factor is the errors or bugs found in the operating system. These bugs can be used as holes or doorways for someone to access a system and wreak havoc. In security this is unacceptable. Also, an intruder needs only to find one of the holes that exists in an operating system in order do damage, but the programmer obviously needs to fix all of the holes in order to seal off the operating system. The second factor is a financial one. When the purchase or development of a computer system is planned, security is seldom considered. In fact, it is often not considered until later when there is a security breach that forces the issue. This problem causes the organization to retrofit the computer system after
...
...