Let's Generalize Computer Security
What is Security ?What is Computer Security ?
What is Security made of ?
Difference between Security and Computer Security?
How can i generalize Security ?
Computer Security
(NetworkSecurity/SecurityProtocols(ipsec/ssl)/Firewall/Cryptography/Secureboot/SecureProcessor/Hack/Crack/Malware/Viruses/Trojens/Blackhats/Whitehats/exploits/encryption/Hash/Encoders-Decoders/Secure-software/Anti-Viruses/OS security/Stack-overflows/Heap-overflows/Integer-overflows/Exploits/Keygens/ Key managements/Worms/Pentesting/Boot-sector-virus/....bla bla bla millions of terms [lets say DOTS(.)].AIM:-
To Create a graph which relates different terminologies in the world of Computer Security.
======================================================================
Question-----
How can i join these dots , find a connection between all these words and reach the final goal of Security ?
=======================================================================
Sharing my experience ..... If you feel i am wrong and have some opinions , please do correct me , because learning is never done alone. Sorry for my english. :-)
=======================================================================
What is Security ?
Wiki Says :
"Security is the degree of resistance to, or protection from harm.It applies to any vulnerable and valuable asset, such as a person, dwelling, community, item, nation, or organization."
What is Computer Security ?
Wiki Says :
"Computer security, also known as cyber-security or IT security, is the protection of information systems from theft or damage to the hardware,the software and to the information on them, as well as from disruption or misdirection of the services they provide."
[if my valuable assets are the hardware, the software and the information on them.
Than it makes Computer Security a subdivision of Security.]
=======================================================================
Joining DOTS(.)
Security(.)<------->(.)Computer Security
=======================================================================
=======================================================================
Enough of technical terms ,... Lets go easy !!! :-)
=======================================================================
Lets Forget Computer Security for Now.
Go to Normal World's day-today life.
=======================================================================
I feel any kind of Security has 3 parts .
1>Authentication:
Example Q:- Why do you sign your legal documents ?
2>Integrity Check:
Example Q:- If your signed legal document is editable , Will your signature verify that someone has edited this document(i.e. check its content-data integrity ) ?
3>Data hiding :
Example Q:- Will your signature hide the content of your legal documents ?Whether anyone holding the legal documents can read and gain information ?
4> ha ha ha ...leaving space for the 4th part if i get ???
=======================================================================
Some funny Question ?
1.Why does your mum say not to eat food outside ?
----> Because she checks the integrity of the food which is given to you .I don't think shopkeepers will care about you so much ?
2.Why do you call your mom as mom, not any other lady which is passing by you?
----->Because that's authentication. You are authenticating a single lady as your mum.
3.What does the lock on your door give ?
---->Since you have the only key . So that lock will only authenticate you to open the lock.
4.Why do you wear clothes or eat food ?
----->in one sense i can say, they protect the integrity of your health.
Similarly Everything can be broken into the above 3 parts of Security.........
Why use curtains ? <--- Data hiding
Why wash hands before eating ? <--- authenticating you are secure of germs.
Why we require police ?<--What will you do if somebody stole your authentication, disrupted the integrity of your valuable assets ?
why you feel secure between known people ? <--authenticity
and many, many, many, many, more.. . . . . almost everything.
=======================================================================
Now if Computer hardware and software are my valuable assets... How do i implement the above (authentication/integrity/data-hiding)parts in it ?
Let me bring in the TERMS...
[Only considering the basics now ... we will correct the flaws and get detailed <---with some fun]
1>Authentication :-- You can't put your hand written signatures. Let's bring a term [Username/Passwords and Hash].
2>Integrity :--- How will you provide integrity. Let's bring the same term [HASH].
3>Data-hiding :-- Encryption/Decryption ,Encoders/Decoders(doesn't hide data in one sense..later we will see.).
[---"<@ Don't get nervous by seeing the later tasks [because its easy]]..
=======================================================================
Joining DOTS(.)
Hash , Encryption/Decryption, Encoders/Decoders <-----Belongs to cryptography
Security(.)<------->(.)Computer Security<------>(.)Cryptography<---(to be continued)
=======================================================================
In part-1 we got to the above final graph
next part-2 we will go into basic Cryptography (.)<----> next (.)
=======================================================================
In part-1 we got to the above final graph
next part-2 we will go into basic Cryptography (.)<----> next (.)
=======================================================================
