Computer Security

Computer Security

 

Why do you think the terms computer security, cyber security and information assurance are used interchangeably?

Computer security refers to the protection of information and data stored in computers by ensuring security of all computer related mechanisms and processes (Vacca, 2009). Thus computer security involves protection of computer hardware and software with the general aim of protecting information in the computer. Protection of computer hardware and software involves protection from physical destruction and protection from unauthorized and unintended access hence preventing change or destruction of information contained therein or in the networks which the computer is connected to. It also involves keeping the computer hardware in secured locations where only authorized people have access to hence preventing intruders from physically destroying the computer hardware. The place must be secure from floods and other natural calamities.

Cyber security is a form of computer security. Cyber works through network connections in which information is shared between different computers from any part of the world as long as they are connected to the network. Internet networks are prone to attack and interference hence security is important as network connections are vital in the communication world hence are important in a stable economy. Thus cyber security involves creating secure computer software that protects information transfer and sharing throughout the networks (U.S Department of Homeland Security, 2012). It ensures that unauthorized and unintended people do not gain access to the information and data transmitted through networks as this would lead to disruption of business and government operations as well as exposing sensitive personal information costing the economy a great price.

Information assurance involves assuring security of information contained in computer systems and networks and managing the risks arising from the processing and transmission of data and information (Vacca, 2009). It also involves assuring the safety of the systems used in transmission of the data. Information assurance works at ensuring that information input into computers is correct and goes ahead to ensure that no hitches occur in the processing, storage and transmission of the data. Information assurance involves use of physical means as well as installing administrative control to ensure availability, authenticity and confidentiality of information (Vacca, 2009). It also involves use of technical means to ensure that the systems are running at all times which gives rise to dependable and consistent information.

An interrelation exists between computer security, cyber security and information assurance. One reason is because the aim of the three processes is protection of information contained in computers, on external storage systems and in the network systems. Cyber security is involved in the security of data and information of network systems which ensures that it does not undergo manipulation, alteration or destruction (U.S Department of Homeland Security). Whereas the scope of computer security is bigger involving protection of computer hardware, external storage systems and software hence network security is of its aims. Thus cyber security is a component of computer security. Information assurance aims at ensuring that systems allowing information flow are functional and efficient at all times among other things. Thus one function of information assurance is ensuring computer security thus resulting in the efficient flow and transfer of information. Therefore, where one system is functional the other two systems are also working at the same time. Thus when there is efficient information assurance, the computer’s hardware and software is secure resulting in guaranteed cyber security. Hence, information security becomes the binding factor between the three systems.

Define Data Communication vs. Telecommunication. How do security objectives differ for each?

Data communication is the transmission of digital message outside of the local circuitry of a computer that’s the source. In data communication, data is transmitted through a communication channel where data is transmitted in form of data bits that may be inform of multi-bit units of a message. By encapsulating data into bits, bytes and frames, handling of data in the complex communications network is possible. In data communication transmission is bound to encounter distortion and obstruction hence its accuracy deteriorates with the increase in distance and the level of noise it encounters (Freescale Semiconductor, Inc., 2004). Therefore the signal power weakens with the increase in distance and noise in the channel. Thus the rate of transmission of data through digital messages to other independently powered circuitry is proportional to the signal power and is affected by noise in the transmission channel.

Telecommunication on the other hand is communication via technological means through transmission of electronic signals to other computers a considerable distance away. Whereas data communication is the means in which data is transmitted in digital signals, telecommunication is the how the data signals transmitted are connected to create meaningful messages. Hence, telecommunications is communication at a distance which takes place through transmission of impulses. This takes place through a telecommunications network that is a connection of links, terminals and nodes. It involves the transmitters and receivers that allow the transmission of messages from one terminal to the other.

The security objectives of data communications in regards to security are creation of secure networks through which digital data can be transmitted. One way of ensuring security is by encryption of the data to ensure that only the authorized people can manage to decrypt it. Other than that networking equipment should be secured. This equipment such as wireless access points, virtual private network routers must have security protocols.

In data communications network, security is ensured through three processes which are authentication, ensuring integrity and confidentiality of data transmissions (Freescale Semiconductor, Inc., 2004). Authentication is necessary to ensure correct identification of the origin of data to enable various services such as network access control and access to secret keys to virtual private network tunnels. These are based on the encryption algorithms set such as elliptic curve cryptography. Integrity ensures that unauthorized modification of data does not occur. This relies on cryptographic checksums to detect such modifications. Data transmission security also ensures confidentiality by ensuring that only authorized personnel. Confidentiality is ensured by use of encryption algorithms such as Advanced Encryption Standard and DES.

In telecommunications, security objectives are varied and they include access control to ensure that only authorized personnel gain access to the information. This will involve physical, technical and administrative control. The other factor to be considered is communication security. It involves maintaining integrity and confidentiality of the information by identification of threats and creating countermeasures (Handbook of Information Security Management., 2012). The third factor to be considered is risk management and planning to ensure business continuity. It involves assessment, inputting protective measures to ensure risk reduction. The fourth factor is creation of business standards, policy and organization. This ensures consistency of security by introducing an organizational structure to ensure that the objectives are met.

The other is factor is creation of aspects of computer architecture to achieve security in the computer system by curbing PC and LAN issues. In the architecture use of cryptography should be implemented to achieve confidentiality and integrity (Handbook of Information Security Management., 2012).  Therefore security measures in data communication focus only on the security of the data and information being transmitted whereas security measures in telecommunication take into place sustainability of the while business from the administrative body, to the data access and distribution and the security if data in transit.

What is the function of a computer operating system (OS)? Discuss security issues associated with OS.

The computer operating system is a group of computer programs which coordinates the activities in a computer. One of the functions of a computer operating system is booting the computer. The OS is the first program loaded in the computer and helps to restart up the computer. The OS is also responsible managing the various devices used by a computer such as a keyboard, mouse, printer or joystick. It enables file management in the computer system determining how the system processes, saves, stores and retrieves data (NSW HSC online, 2012).  The operating system handles processes such as sharing of central processing unit time by the programs and applications running concurrently. It also handles the running of the computer memory. It handles the organization of the files and tracking of files in case one needs to access an already saved file.

The computer operating system provides the user interface enabling the user to work on the computer while hiding the complexities of the hardware from the user. It therefore manages the interaction between the user and the computer. There are generally two types of user interfaces; command line user interface and graphical user interface. The command line user interface allows one to enter a command in form of a sentence and the interface relays to the user each step of the process as it occurs. An example is the disk operating system. In the graphical user interface, the user interacts with the computer using the mouse by clicking on icons contained on the desktop to initiate a command. An example is Windows 7 and Ubuntu.

Operating systems are subject to various security threats and these include malware. These refer to malicious software that attackers use to make an operating system to perform tasks for them (NSW HSC online, 2012). They may be in form of viruses, spyware and Trojan horses which undermine the operating system’s security controls. Hackers attack many computers with weak security and when they seize operating systems, they force them to perform tasks through the commands they install to perform larger tasks of attacking business or government networks. A user has to be physically involved in downloading and running infected files on the attacked systems.

A computer virus is a destructive software program that can replicate itself to be transmitted from one computer to another. Viruses perform their task by either deleting or corrupting computer files. They make use of email programs to transmit to other computers by attaching themselves in attachments being sent through emails. Worms are forms of virus that are spread through email attachment and once opened; they scan files such as address books. It then sends infected messages to the addresses in the address book and mimics the sender address such that the recipients think that the message is from someone they know. Trojan horses are also a threat to a computer’s operating system. A Trojan horse is a malicious code hidden inside a harmless looking program that performs file corruption in secret.

References

Freescale Semiconductor, Inc. (2004). The Security Objectives of PowerQUICC Secure Communications Processors. Retrieved from: http://www.google.co.ke/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CDIQFjAA&url=http%3A%2F%2Fcache.freescale.com%2Ffiles%2Fnetcomm%2Fdoc%2Freports_presentations%2FPQSECBKGRNDRPT.pdf&ei=G2I4UfHNOMmSONuKgaAG&usg=AFQjCNHunEONkwcq-H6mGA_uTd08mgey4w&bvm=bv.43287494,d.ZWU

Handbook of Information Security Management. (2012). Introduction. Retrieved from: https://www.cccure.org/Documents/HISM/index.html

NSW HSC online. (2012). Information Technology: Basic functions of an operating system. Retrieved from: http://hsc.csu.edu.au/info_tech/compulsory/os/4014/basic_functions.htm

U.S Department of Homeland Security. (2012). Cybersecurity Overview. Retrieved from: http://www.dhs.gov/cybersecurity-overview

Vacca, J. R. (2009). Computer and information security handbook. Morgan Kaufmann Publishers. Print.

Use the order calculator below and get started! Contact our live support team for any assistance or inquiry.

[order_calculator]