Four Basic Concepts in Computer Security Technology

The basic elements of computer security.  

 A layman's primer.

This won't help you much as far as keeping your computer secure. It is a very cursory discussion of some of the underlying security technology concepts, for those who might be interested.

There are other ways to categorize and parse computer security elements.  These seem to be the most useful and simplest to understand, for the average person.  Various computer security functions are accomplished through combinations of these elements.

These basic security elements are Authentication, Authorization, Integrity and Confidentiality.

Authentication – are you who you say you are? 
Most commonly accomplished via passwords.  More sophisticated methods include fingerprints, retinal scans or other biometric Authentication techniques.  But the bottom line is to try to assure that you are not being impersonated.

Authorization – Do you have permission to proceed?
Usually follows from Authentication.  You have identified yourself via Authentication.   Now, what are you permitted to do?  For example can you view financial information or can you change data in this context.

Integrity – Is data intact and untampered with?
Often applied to electronically sent "packages" or "streams" of data(often TCP/IP. ) . Also  for a file or even an email message. Usually accomplished with some sort of check sum, or possibly with a hashing algorithm,

Confidentiality – Is data content hidden from unauthorized access?
Usually considered in the context of data exchange.  Can someone watching (eavesdropping) read what you are sending and receiving?
The simplest case is a password protected file.   The password effectively "unlocks" the data for access only to Authenticated/Authorized users.
Much of this is accomplished through various forms of cryptography and mathematical obfuscation.  That is another subject entirely.

 (Some texts include non-repudiation as a 5th element.  Non-repudiation which says that an electronic transaction has been sufficiently vetted so that those involved cannot say, "It wasn't me". I consider this to be a subset of data Integrity.) 

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *