17.1 Security at All Levels
The organizational structure of this book follows our big-picture view of a computing system, using the analogy of an onion with multiple layers. Issues related to computer security must be dealt with at all levels in various ways.
Some aspects of security have been discussed in earlier chapters. For example, in Chapter 10 we established that one of the many responsibilities of an operating system is to ensure that one program does not access another program’s area in memory. Chapter 11 discussed protection rights established in a file system, giving a user particular authority to read, modify, and/or delete individual files. Chapter 15 explored firewalls, which are used to protect the resources of a network by filtering the traffic allowed.
Those examples focus on issues that relate to particular aspects of a computing system, specific to a particular layer. This chapter focuses on security issues that span some of the high levels of a computing system. These issues largely deal with application software that runs on a computer, but are intertwined with issues related to programming, web access, and mobile computing. In this chapter, we address a variety of security issues that weren’t covered in previous chapters.
In many instances this chapter examines security issues that you must deal with or be responsible for. Although you don’t have control over some computer security issues, such as the access policy of your network, you are responsible for many aspects of your day-to-day life that relate to how your information is managed and accessed.
Information Security
Many of the high-level issues discussed in this chapter involve information security, the set of techniques and policies enforced by an organization or individual to ensure proper access to protected data. Information security makes certain that data cannot be read or modified by anyone without the proper authorization, and that the data will be available when needed to those who do.
Information security is technically distinct from cyber security, which is the ability to protect or defend the use of cyberspace (resources accessible on the Internet) from attack. See FIGURE 17.1. However, because most information is stored electronically on devices that are accessible via the Internet, the two concepts overlap significantly and the terms are sometimes used interchangeably.
FIGURE 17.1 The overlap of cyber security and information security
Information security can be described as the synthesis of confidentiality, integrity, and availability—the so-called CIA triad, depicted in FIGURE 17.2. Although these aspects of information security overlap and interact, they define three specific ways to look at the problem. Any good solution to the information security problem must adequately address each of these issues.
FIGURE 17.2 The CIA triad of information security
Confidentiality is ensuring that key data remains protected from unauthorized access. For example, you don’t want just anyone to be able to learn how much money you have in your savings account.
Integrity is ensuring that data can be modified only by appropriate mechanisms. It defines the level of trust you can have in the information. You don’t want a hacker to be able to modify your bank balance, of course, but you also don’t want a teller (who has authorized access) to modify your balance in inappropriate ways and without your approval. Furthermore, you wouldn’t want your balance changed by a power surge or compromised during an electronic transmission of the data.
Availability is the degree to which authorized users can access appropriate information for legitimate purposes when needed. Even if data is protected, it isn’t useful if you can’t get to it. A hardware problem such as a disk crash can cause an availability problem if precautions aren’t taken to back up data and maintain redundant access mechanisms. Also, a hacker could launch an attack that “floods” a network with useless transmissions, and thereby keep legitimate users from connecting to remote systems.
From a business point of view, planning for information security requires risk analysis, which is the process of determining which data needs protecting, identifying the risks to that data, and calculating the likelihood that a risk may become reality. Once a risk analysis is complete, plans can be implemented to manage the risks accordingly. A risk is the pairing of a threat to a vulnerability. We want to minimize our vulnerability to threats that put us at the most risk. These threats can be either malicious, such as those posed by a hacker, or accidental, such as a system crash.
Another principle embraced by information security experts is the concept of separating the available data management privileges so that no single individual has the authority to have a significant impact on the system. This principle is often implemented by having redundant checks and/or approvals needed for key activities. For instance, large financial transactions often require a separate authorization process. Administrators should assign to an individual only those privileges needed to carry out his or her job functions.
Central to the confidentiality and integrity of your data is making sure unauthorized users cannot gain access to your account. That’s where we’ll continue our discussion of security issues.