Link to class - începe pe 20 oct.
Overview:
correctness -> computers should do
security -> what computers should not do
Undesired behavior:
- confidentiality (storing some information ...)
- integrity (spyware, delete records)
- availability (unable to access ...)
Exploitation of a vulnerability
- defect sw - incorrect behavior
- flaw : defect in design
- bug : defect in implementation
* considering mis-using cases - edge cases
Sw security -> focus on the code
OS security - cannot control all (ex. DBMS)
Firewall - block traffic from particular hosts or TCP ports
IDS = intrusion detection system - more fine-grained, but can hurt performance
Anti virus scanners - operate on files
Overview:
correctness -> computers should do
security -> what computers should not do
Undesired behavior:
- confidentiality (storing some information ...)
- integrity (spyware, delete records)
- availability (unable to access ...)
Exploitation of a vulnerability
- defect sw - incorrect behavior
- flaw : defect in design
- bug : defect in implementation
* considering mis-using cases - edge cases
Sw security -> focus on the code
OS security - cannot control all (ex. DBMS)
Firewall - block traffic from particular hosts or TCP ports
IDS = intrusion detection system - more fine-grained, but can hurt performance
Anti virus scanners - operate on files
Niciun comentariu:
Trimiteți un comentariu