- A branch of information security applied to both theoretical and actual computer systems.
- A branch of computer science that addresses enforcement of 'secure' behavior on the operation of computers.
The prevention of or protection against access to information by unauthorized recipients, and the unauthorized destruction of or alteration of information. Another way to state it is to say that computer security is the ability of a computer system to protect information with respect to confidentiality and integrity. Computer security is often associated with three core areas, summarized with the CIA acronym: Confidentiality (ensuring that information is not accessed by unauthorized individuals; Integrity (ensuring that information is not altered by unauthorized individuals in a way not detectable by authorized users); and Authentication (ensuring that users are the individuals they say they are).
To prevent crackers from accessing a computer system, computer security individuals need to block noncritical incoming ports on the firewalls. Moreover, the ports remaining open need to be protected by patching the services utilizing those ports—email, Web services, and FTP.
The CERT Website lists updated vulnerability data about services that may be running, so this listing should be consulted regularly. Also, to assess whether a cracker is utilizing tools to access the system, computer security individuals should use logging tools that record port scans, failed login attempts, and fingerprinting. Snort, a freeware Intrusion Detection System (IDS), can detect intrusions that it is aware of and properly understands, but is unable to prevent them. Furthermore, the logfiles need to be reviewed to determine which machines appear to be probing the system.
Habersetzer, V. Thwarting Hacker Techniques: Probing and Fingerprinting. [Online, January 17, 2005.] TechTarget Website. http://searchsecurity .techtarget.com/tip/1,289483,sid14_gci1045248,00.html; Ross, S. Computer Security: A Practical Definition. McGraw-Hill. New York, NY. 1999.] Amazon Website. http://www .amazon.com/exec/obidos/ASIN/0079137881/albioncom/104-5091337-0075114.
The protection of data, networks and computing power. The protection of data (information security) is the most important. The protection of networks is important to prevent loss of server resources as well as to protect the network from being used for illegal purposes. The protection of computing power is relevant only to expensive machines such as large supercomputers. See information security and COMPUSEC.