Thursday, September 22, 2011

Common Security Terms

I thought about mentioning some important computer security terms. It would be good if you know and understand these terms which are commonly used in computer security. See my video, Cyber Security Basic Terms and Concepts or read on.

1. Authentication
It is the process of confirming the genuineness of an entity or data. For example, when a user logs into a website, the website tries to confirm if the user is genuine. That is, he is using the correct user name and password which are active in the site database. There can be other user data involved in authentication e.g. security token, Personal Identification Number (PIN) or finger prints/ retina print.

2. Authorization
It is the grant of permissions to do certain actions. For example on a website, a general user may view their transactions and modify their profile. But, if the general user is inactive, he may only activate his account and not even view his own profile. An admin user may view and modify the settings of the website, but may not view any user's data.

3. Cryptography
It is the use of techniques to assure secure communication. Such techniques include using encryption algorithms and digital signatures. For example, a website may require encrypted data sent from the server to the client browser. This data is decrypted in the client and then rendered to the user.

4. Exploit
An exploit can be a wide range of items e.g. a set of commands, a set of data or even a particular system. It is possible to use an exploit against an insecure information system with the purpose of generating undesirable behavior in the system. Exploits always target a vulnerability (see below) in the system. For example, an attacker places exploit code on a trusted website. A user accesses the site from an insecure client machine which results in the user's browser executing the exploit code. The attacker then runs some attack using the user's machine with user credentials.

5. Firewall
A firewall is a software-based or hardware-based device that can be configured to allow genuine network traffic to go through and stop malicious traffic. For example, a firewall may intercept all network packets sent to an application, such as a browser. If the traffic originates from a known dangerous source, it may drop all the packets preventing harm to the client machine.

6. Identity
It is the set of data that is unique to a person. The digital identity of a person is the identity that is used on-line. For example, the identity of an employee may comprise of attributes such as Employee number, Date of joining, First name and Last name. The employee is then required to use this identity within the organization throughout their stay.

7. Penetration test
It is a test to check the security of a network while pretending to be an external attacker. It is also called a pentest. The goal of a pentest is to gain access and some level of control over a device within the network. Valuable information is discovered by a pentest e.g. vulnerabilities present in the network and the effectiveness of automatic network scanning software.

8. Physical security
It is the presence of physical barriers to information resources of an organization. Examples include gated access manned by security guards, access card swipes required to enter the premises and logged access to restricted areas within the premises.

9. Threat
It is a danger to the information resources of an organization. It can be intentional e.g. an external attacker or accidental e.g. an earthquake. There are usually numerous threats to the information resources e.g. natural catastrophes, power outages, hardware/ software failures and malicious individuals/ organizations. Information resources of different organizations may face the same threats.

10. Vulnerability
It is a weakness within the information system of an organization. For example, software vulnerability arising from insufficient testing, hardware vulnerability arising from its insecure storage and physical site vulnerability arising from its location within a natural disaster prone area.

If you are interested to know about many more computer security terms, you can visit the SANS glossary of terms here.