it-e-17 Computer System Security

Please notice that the term computer system here includes hardware, software, network
transmission paths, and people who interact with these components. By this definition,
everything from a desktop workstation to the Internet qualifies as a computer system.
An attacker is a person who tries to gain an advantage by exploiting a security hole.
Attackers are misfeasors, masqueraders, or clandestine users.
Misfeasors

These authorized users gain additional but unauthorized access to resources on
a system or otherwise misuse their authorization. Examples include programmers who use their
accounts to exploit operating system (OS) vulnerabilities and gain administrative privileges, or
accountants who embezzlemoney by falsifying records in a database to which they have regular
access. A misfeasor is an "inside" person, someone within an organization who introduces a
security risk or poses a threat.
Masqueraders

These people use authorized user access privileges to enter a system and
then, posing as that user, attack the system. Examples include hackers who obtain usernames and
passwords by cracking password files, and then use that information to gain entry to the system.
Masqueraders are usually persons outside the organization.
Clandestine Users

These individuals are insiders or outsiders who obtain their own, distinct
unauthorized access to a system. Examples include hackers who obtain administrative access to a
system long enough to create their own user accounts for subsequent access.
The concepts of access and authorization are not necessarily limited to user accounts within
an OS. Physical access to an equipment closet or authorization to place orders for new telephony
service are examples of other types of access and authorization. All persons who have any degree
of physical or logical interaction with a system, its components, or its processes are capable of
compromising system security.

The goals of an attacker range from innocuous to severely damaging:
Trophy Grabbing

Most thrill-seeking attackers are trophy grabbing. Their intent is not to
disrupt or damage a system, but to prove that they can enter the system. Such accomplishments
are badges of achievement in the hacker community.
Information Theft

The most common goal of a security attack is information theft. Intruders
seek sensitive information such as credit card numbers, usernames, passwords, and medical records.
Service Theft

This type of attack involves attackers who use computer resources without
paying for them. Software pirates who crack systems to host stolen software, or warez, for others
to download are guilty of service theft. Clandestine users also commit service theft by having
unauthorized accounts on a server.
Identity Theft

This is the act of illegally assuming the identity of another person, or
masquerading, to gain control of that person's resources (usually computer and economic
privileges). An example of this is an attacker who uses stolen social security numbers and credit
histories to establish and exercise unauthorized lines of credit. Identity theft does not necessarily
involve information theft. For example, an attacker can commit e-mail forgerywithout stealing
sensitive information about the e-mail address owner.
Tampering

This attack is more serious than information theft because the attacker alters
data rather than simply copying it. A student who changes a grade in a university registrar's
database is tampering. This example is stealthy tampering/the attack is not intended to draw
attention. A more extreme form of tampering is defacement, in which a hacker alters a system in
a very noticeable way, usually to make a personal or political statement. The disgruntled
computer operator who, upon dismissal, embeds nasty messages about management in a login
script, or the activist group that hacks into a corporate Web site are typical examples.
Denial of Service (DoS)

DoS can be the most damaging type of security attack. It
diminishes server capacity for authorized clients and temporarily disrupts access to the system. In
the worst cases, DoS attacks render a system unusable for a protracted period by destroying not
only its ability to communicate, but also any data that has been entrusted to it. DoS also can
occur as an unintentional side effect of service theft. For example, hosting pirated warez can
bring down a system because of the excessive download activity.

Although attackers continue to create new methods for violating computer system security,
the vulnerabilities they exploit remain the same. These vulnerabilities can be divided into five
types:
Implicit Trust

The unquestioning, unchecked acceptance of a person or agent. Attacks that
exploit this vulnerability include: compromised system utilities, e-mail forgery, IP spoofing,
keystroke monitoring, logic bomb, masquerading, shoulder surfing, social engineering, Trojan
horse, trapdoor.

A defense is a countermeasurefor dealing with security attacks. Administrators can employ
five types of defenses:
ObfuscationConfusing the attacker by obscuring publicly available information that exposes
vulnerability. Examples include: anonymity, encryption, packet stuffing, public key cryptography,
shielding, steganography, trash disposal.
Authentication and Authorization Ensuring that a person or system claiming an identity is
the real owner of the identity, and granting access on a "must have" basis. Examples include:
badges and cards, biometrics, password, shared secret, signature, watermark.
Monitoring and Auditing Observing system vulnerabilities, either in real time or through
audit tools, to detect attacks. Examples include: filtering, firewall, integrity check, intrusion
detection, misuse detection, password checker, peer review, process review, security audit tools,
virus detection.
Currency Consistently using tested software updates and periodically reviewing human
processes and procedures. Examples include: patching, process review, upgrading.
Education and Enforcement Effectively equipping system designers and users with
knowledge of security risks, and then enforcing application of this knowledge. Examples include:
reminders, tip of the day, training.
The key to preventing security attacks from diminishing system performance is knowledge.
IT administrators can develop their security strategies by studying historical and contemporary
attacks, appropriate defenses, and the evolving trends in the computer security industry.

1, misfeasor  [,mis'fi:zə]
n. 违法行为者;滥用职权者
2, masquerader  [,mæskə'reidə]
n. 冒充者;戴假面具者;参加假面舞会的人
3, clandestine  [klæn'destin]
a. 秘密的
4, embezzle  [im'bezl]
v. 盗用,挪用
5, falsify  [fɔ:lsifai]
vt. 伪造;篡改;歪曲;证明...虚假
vi. 撒谎
6, compromising  
折衷
7, innocuous  [i'nɔkjuəs]
a. 无害的,无毒的
8, trophy  ['trəufi]
n. 奖品,战利品
9, intruders  
n. 入侵者;闯入者(intruder的复数形式);爱管闲事的人
10, forgery  ['fɔ:dʒəri]
n. 伪造,伪造罪,伪造物
11, tampering  ['tæmpəriŋ]
a. 干预的,干涉的
12, defacement  [di'feismənt]
n. 损坏外表;乱涂;损毁物
13, dismissal  [dis'misəl]
n. 免职,解雇
14, nasty  ['næsti]
a. 污秽的,下流的,险恶的,(气味等)另人作呕的,脾气不好的,恶意的,
15, exploit  [iks'plɔit]
n. 功绩,勋绩
v. 开发,利用,开拓
16, countermeasure  ['kauntə,meʒə]
n. 对策
17, obfuscation  [,ɔbfʌ'skeiʃən]
n. 困惑;模糊;昏迷
18, obscuring  
n. 模糊
v. 使…含糊;隐藏(obscure的ing形式)


Total views.

© 2013 - 2024. All rights reserved.

Powered by Hydejack v6.6.1