Computer security is a branch of information security applied to both theoretical and actual computer systems. Computer security is a branch of computer science that addresses enforcement of 'secure' behavior on the operation of computers. The definition of 'secure' varies by application, and is typically defined implicitly or explicitly by a security policy that addresses confidentiality, integrity and availability of electronic information that is processed by or stored on computer systems.
The traditional approach is to create a trusted security kernel that exploits special-purpose hardware mechanisms in the microprocessor to constrain the operating system and the application programs to conform to the security policy. These systems can isolate processes and data to specifier domains and restrict access and privileges of users. This approach avoids trusting most of the operating system and applications.
In addition to restricting actions to a secure subset, a secure system should still permit authorized users to carry out legitimate and useful tasks. It might be possible to secure a computer against misuse using extreme measures:
| “ | The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts. | ” |
It is important to distinguish the techniques used to increase a system's security from the issue of that system's security status. In particular, systems which contain fundamental flaws in their security designs cannot be made secure without compromising their usability.[citation needed] Most computer systems cannot be made secure even after the application of extensive "computer security" measures. Furthermore, if they are made secure, functionality and ease of use often decreases.
Computer security can also be seen as a subfield of security engineering, which looks at broader security issues in addition to computer security.
No comments:
Post a Comment