The three “knights” of Computer Security

Come children and listen to this story.

Once there was a kingdom. All kingdoms have something that  makes them special. Some have a fair princess, other brave knights, or others are cursed by an evil witch. What made this kingdom special, was the amount of information it had about the world in it’s huge library. And not just about the world, but of all the people that lived or even visited this place.

15361704293_ce103fb634_k
Picture by dilettantiquity hosted at Flickr. License of CC: https://creativecommons.org/licenses/by-sa/2.0/legalcode Thi picture was not modified in any way.

And as in all stories, something bad must happen. Some people say that knowledge is power, and maybe that’s the reason why bad things started happening in the kingdom. Sometimes it were small things that were annoying, like not finding information; it being in use or reserved always or simply not there because it was taken for long periods of time. Some other times the information was overwritten, making people believe things that were not true and causing confusion. And sometimes, the information was made to extorsion or hurt them.

Trying to act quickly to prevent the chaos, the king called forward three knights to protect information: Cooney, Inbern and Avery. The first knight, would safeguard the personal information of the kingdom’s citizen’s and the travelers, so it wouldn’t be used with bad purposes again, by making only authorized people able to look at this info. The second, Inbern, was assigned to check and protect the books in the way that no one without the ones with the permissions to do so could change their content. And last but not least, Avery was assigned to make public data available, managing it and preventing it’s loss.

g7nt5naposaxq
Found at https://giphy.com/gifs/if-youre-reading-this-its-too-late-g7nT5NAPosaxq

I think that’s enouh story for today, though we might see this guardians in some other story another day.

Now, bringing them to reality, in the “kingdom” called the Internet, this “knights” would be the CIA triad. And no, they are not this CIA:

150612_cia_drogas
Image found at: http://3.bp.blogspot.com/-YRJwlak-xxU/VhUt74WYWAI/AAAAAAACHu4/Mw8UMtfzkCY/s640/150612_cia_drogas.gif

But this one:

ciatriad
Image found at: https://www.cocc.edu/uploadedimages/departments_/its/infosec_administration/ciatriad.png

It’s basic concepts are the following:

CConfidentialityassurance of data privacy and protection of data against unauthorized disclosure. This data are things like credit cards, employee records and those kind of personal and business information. (Imagine if a hacker got acces to this kind of data! Oh the damage he could do!)

Leaks are not always evident, so actions must be taken to ensure Confidentiality, like for example using authentications like usernames/passwords and pins, and controlling which users can access what. Another defense for confidentiality is encryption (something I already talked about with some classmates in this el machetero blog post ).

IIntegrity: it means protecting data from unauthorized modification. Safe from unauthorized changes. Data becomes compromised when it is altered or destroyed either malliciously or accidentally.

A AvailabilityIt means ensuring data and services are available to authorized users when needed.The attack it may suffer is the denial of service attack, something we will talk about in a future post, bu some ways to protect availability is by  monitoring attacks and keeping systems current and upgraded, and backup data regularly and store it in offsite location.

This three are the basic concepts of computing security, so I think it was a great place to start. I should mention that it isn’t entirely neccesary that everything on the internet on things like appa should provide the thee of them (though might be preferable, and probably don’t).

So this is all for today, Audray out!

Information taken from tutorials at Lynda

Picture at top taken from Flickr, i was taken by Brad and it was not modified in any way. CC License

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s