Security

Both protection and security are vital to computer systems. We distinguish between these two concepts in the following way: Security is a measure of con- fidence that the integrity of a system and its data will be preserved. Protection is the set of mechanisms that control the access of processes and users to the resources defined by a computer system. We focus on security in this chapter and address protection in Chapter 17.

Security involves guarding computer resources against unauthorized access, malicious destruction or alteration, and accidental introduction of inconsistency. Computer resources include the information stored in the system (both data and code), as well as the CPU, memory, secondary storage, tertiary storage, and networking that compose the computer facility. In this chapter, we start by examining ways in which resources may be accidentally or purposely misused.We then explore a key security enabler—cryptography. Finally, we look at mechanisms to guard against or detect attacks.

CHAPTER OBJECTIVES

• Discuss security threats and attacks.

• Explain the fundamentals of encryption, authentication, and hashing.

• Examine the uses of cryptography in computing.

• Describe various countermeasures to security attacks.