Computer Security/The Basics of Computer Security

From Wikibooks, open books for an open world
Jump to navigation Jump to search

So, why am I reading this?[edit]

Keeping secrets is cool. Keeping secrets is also pretty important. Imagine how awkward it'll get if someone read you personal diary. Pretty disastrous right? Then again, imagine if someone got the password of your email account. They'll come to know an awful lot they must not know of, i'm guessing. Still, think of what will happen if someone got access of you credit card. You might end up with an empty bank account.

Security and privacy are needs natural to us human beings. A feeling of having control over your secrets and information is required for a happy life. There's nothing new about information security. Kings and warlords of antiquity have been known to have used it to keep their war strategies from the enemy's generals.

If privacy is nice to have when you're at war, it's absolutely fun to have when you're in love. Especially if you're living in ancient India. Vatsyayan, an ancient Indian dude wrote in his famous book the Kamasutra, that among the qualities a hot girl must have are:

"a girl needs to have certain attributes and learn certain arts and tricks, including how to cook, how to read and write, and how to send her lover secret messages which no one else would be able to decipher."

So he went ahead to suggest a way for pre-medieval chicks to encrypt their messages, which in this case was a shift cipher(included in chapters ahead), where a message like,

"HEY, I'LL BE AT THE BRIDGE BY THE RIVER AT MIDNIGHT!"

will turn into,

"MJD, N'QQ GJ FY YMJ GWNILJ GD YMJ WNAJW FY RNISNLMY!"

pretty cool, huh?

If in the past few years, you haven't lived in some isolated cave in the Taklamakan dessert, you might just be aware of the omnipresence of computing devices in our day to day lives. The large repositories of data in storage facilities and the ease with which it can be accessed makes every one of us vulnerable to our self esteem being lost, identity getting stolen or worst of all, a life time of work going down the drain.

And since everything works thanks to management by computers: stock markets, aircraft systems, trains, traffic, electric supply, river dams, everything can be made to go kaput by someone with a laptop and a malicious intent.

Security of systems ensures that our life remains normal. The algorithms and methods given in this book are widely used throughout the computational world.

This book might be used as a textbook for students doing their Degree course in Computer Science, but also for anyone who is inquisitive to know about how systems are kept safe. In the process, you shall become a better warrior, a superior lover, and be better ready to face the next apocalyptic event that only a chosen few shall survive.

The Objectives of Cyber Security[edit]

Any network or computational system is said to be secure if it ensures these 3 things

  • Confidentiality
  • Integrity
  • Availability

Confidentiality[edit]

Confidentiality is when only those authorized to access, transfer or modify the data, only those, can do so. All others are deemed unauthorized, so the information is said to be confidential.

Encryption is the tool used to maintain confidentiality.

Integrity[edit]

Integrity i.e. integrity of data is basically the correctness of the information. If information is sent from one person to another, while the received message turns out to be different from what is sent, integrity is absent.

To achieve integrity, error correction methods and are used. Checksum or Hashing methods such as MD5, SHA-1 and Tiger Hash are used. We shall see what these are later in the book.

Availability[edit]

What is the use of having a highly secure super-system which nobody, not even the owner, can access? A system so secure, nobody might use it! Well, to me, such a computer is as good as its price in potatoes by weight. Availability is the ease by which the authority might access his or her own data.