Navigating the Landscape of Computer Security

Computer Security: Protecting Sensitive Data

Computer and internet usage is always on the rise in this technological age therefore necessitating individuals and organizations to protect their sensitive data. In this paper, I will be looking at the computer security which refers to the security of computing devices and computer networks. The increasing ease of access to hacking tools and hacking manuals makes the threat on those using computers more eminent. There is need for organization to implement security measures to ensure protection not only external threat but also internal ones. Some disappointed employees may take advantage of the weak security protocols implemented in the intranet to access sensitive data.

System Backdoor: Bypassing Security Protocols

A system backdoor is the method of bypassing security protocols implemented in a system which can enable unauthorized person to access information undetected. The backdoor may take an already installed program form or a hardware device. Vulnerabilities in the system enables the attackers to find points of weaknesses to which they can use. Direct access attack requires the unauthorized user to physically gain access to the target computer from where they can perform different functions which compromise the device security (Ogawa & Yoshioka, 2016, p. 70). The attackers can modify the operating system, convert the computers into listening devices or even download the data in it into back up devices such as a flash disk. This is the only threat that stand alone computers face.

Denial of Service Attack: Rendering a Computer Unusable

Denial of service attack renders a computer unusable. The attacker denies access to those with the require authorization and may allow access to those without authorization, for instance, they may overload a machine or a network which makes it unable to respond to requests. In case of a network denial of service, prevention is hard as it requires the analysis of the whole network which entails small pieces of code. Distributed denial of service is an attack whereby large number of hosts are compromised and used to flood a particular target system with requests which at the long run renders it unusable due to resource exhaustion.

Eavesdropping and Spoofing: Threats to Privacy and Identity

Eavesdropping is whereby an attacker listens to private conversation between hosts mostly through the network. For instance, NSA and FBI have been known in the past to use programs such as carnivore to eavesdrop on internet service providers (Wykes & Harcus, n.d., p. 10). Spoofing is whereby an attacker assumes a legitimate user and use their information to gain access to a system. Repudiation is a case in which the authenticity of the security protocol used is challenged.

Principles of Computer Security

Principles of computer security include: confidentiality, integrity, authentication, availability and access control. Confidentiality principle specifies that the message being sent should only be accessed by the sender and the intended recipient while integrity principle specifies that information being sent should not be accessed by an authorized third party. If A is sending a message to B, a third party C should not access the message without the permission of A and B. Authentication is the mode of proofing identity and ensuring the receiver is the actual intended one(Vacca, 2017, p. 30). Access control specifies the users and the information they can be able to access. A user should not be able to access the information they do have permission and assets should also be accessible to the all the authorized parties.

Types of Attacks and Ensuring Secure Communication

Attack can either be passive or active. In passive attacks, the message contents are only viewed and no modifications are made to the original message while in active there is modification of the original message in some way (Zhou, 2016, p. 8). A secure system should ensure unauthorized persons have no access to the data in any way. The data should not also be modified in any way as it is being send to the receiver and should also ensure that the legitimate users can be able to access data.

Encryption: Protecting Data in Transit

Encryption is the process of ensuring the message being transmitted is encoded so that its contents are not obvious and decryption is the process of converting the encrypted message back to the original one. This system of encryption and decryption is known as a cryptosystem.

Substitution and Transposition Cipher

The original message being sent is called a plaintext and a message that which has been encrypted is a cypher text. The message is encrypted to prevent access by intruders and the receiver should be able to convert it back to the original message and read it properly.

Cryptosystem entails a set of rules on how to encrypt a plain text and decrypt the cypher text that was encrypted. The algorithm for decryption and encryption often use a key, so that the resulting cypher text in any encryption depends on the plain text, the algorithm and the key used. Cryptanalyst tries to break an encryption by studying the encrypted message and the encryption used and tries to deduce the hidden message.

Firewall: Filtering Network Traffic

Substitution cypher involves substituting all the plain text characters with a cipher text character and can either be mono alphabetic or poly alphabetic substitution. In mono alphabetic, the relationship between the plain text and cipher text is 1:1 while in polyalphabetic, a character in the plain text can have a variety of substitution in the cipher text. The relationship between the two is 1 to many. Transposition cipher is a mode of encryption in which the characters or group of characters in the plain text are shifted in a regular manner so that the resulting cipher text is a permutation of the plain text. In asymmetric cryptography, a private and public keys are used in the encryption process. The public key s known by the public and the private key is known b only the receiver. The sender encrypts the message using the public key which is available to everyone. Once the message has been encrypted, it can only be decrypted by the private key. A good encryption algorithm depends on the use to which it is intended for.

Protecting Data in Transit and Virus Protection

Encryption is used to protect the integrity of data in transit, for instance while being transmitted on networks. Encrypting the data helps in securing it as it is difficult to physically secure all networks. It protects the message integrity and can also be used for authentication. Encrypting at the time of creation is secure if the device itself has not been tampered.

Virus is a malicious program that attach itself to other healthy programs and either coexist with them or destroy them. A virus can either be transient or resident. Transient are those viruses whose life depends on its host while resident is that which is located in the memory and can remain active as a stand-alone program. Trojan horse is a code to which in addition to its primary function that the computer user knows, it has other malicious effect. A worm copies itself through a particular network and can affect any computer in that network.

Additional Measures for Computer Security

Firewall helps filter traffic between the less trustworthy outside network and the protected inside network. Its main purpose is to keep the bad things outside the protected environment. Security policy implemented by the firewall address the bad things that might happen, for instance, prevent the access of the network from outside (Hiremath, Malle, & Patil, 2016, p. 7). The policy might also permit access to only few specified people. In protecting a network with a firewall, the challenge is determining the security protocols that meets the installation need.

Intrusion detection system detect the type of attack that the system is facing then come up with a solution to block them. Monitoring parts look for suspicious software and keep track of events triggered. This system helps the network administrators to check the integrity and authenticity of a connection. A virtual private network helps to transmit the data across the internet in a secure way. The network is created between secure networks and is mostly used by small businesses and enterprises.

Antivirus engines helps in reducing the threats of viruses and worms to the computers. Scanning engines have three components in common which are scanning, integrity checking and interception. When a virus is detected, the antivirus produces programs that scan for similar signatures. Integrity checking entail antivirus checking for files manipulated in the OS by the viruses. A computer can also be scanned online for any suspicious functioning.

To prevent the computer from direct access attacks, the user should have strong computer passwords in place. The log ins to the various systems such as the email should be equally strong and different. The passwords should be complicated by combining numbers, letters, special characters and changing them regularly. One should also be careful with the social networks and always ensure profiles are always set to private. The latest updates of the operating system should also be updated regularly to prevent potential vulnerabilities in the older software.

Operating Systems and Security Policies

Operating system is the prime provider of security in any computing system. They permit resource sharing and multiprogramming, enforce restriction on user behavior and installed programs and man programming capabilities. With such great power, they become the targets since after breaking the defenses of an operating system, the attacker will have access to all the secrets of that system (Bock, 2015, p. 40). A secure operating system should be able to ensure memory protection, file protection, user authentication and objects access control.

Security polices provides a basis through which operating systems can be trusted as it states the needs that particular OS is expected to satisfy. Military security policy is majorly based on the security of sensitive data. The data is ranked according to the level of their sensitivity. Commercial security policies also have significant security concern. They want to protect their products under development from competitors. The commercial policies are less hierarchical as compared to the military but they both have some aspects of security.

Conclusion

In conclusion, computer security is very vital affects almost every one. This field of computing requires additional effort to ensure, the security of all the computer users is guaranteed. Everyone from the software programmers to the computer users should play their part in ensuring this. The operating system and other software programmers should ensure strong security protocols are in place while the user should regularly update their software. With this combined effort, the maximum security in the computer systems will surely be attained.

References

Bock, L. (2015). IT Security Foundations: Operating System Security. Carpinteria, Calif.: Lynda.com.

Hiremath, R., Malle, M., & Patil, P. (2016). Cellular Network Fraud & Security, Jamming Attack and Defenses. Procedia Computer Science, 78, 233-240. doi:10.1016/j.procs.2016.02.038

Ogawa, K., & Yoshioka, K. (2016). Advances in Information and Computer Security: 11th International Workshop on Security, IWSEC 2016, Tokyo, Japan, September 12-14, 2016, Proceedings. (Lecture Notes in Computer Science ; 9836.) Cham: Springer International Publishing.

Röpke, C., & Holz, T. (2015). On network operating system security. International Journal of Network Management, 26(1), 6-24. doi:10.1002/nem.1918

Vacca, J. R. (2017). Computer and information security handbook.

Wykes, M., & Harcus, D. (n.d.). Cyber-terror. Handbook of Internet Crime. doi:10.4324/9781843929338.ch11

Zhou, E. M. (2016). On Computer Network Security Management and Technical Measures. Proceedings of the 2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016). doi:10.2991/icence-16.2016.37