Chapter 3. Computer System Security and Access Controls

Computer security covers a lot of territory: locking your server and telecommunications rooms, locking your machine, protecting your login accounts with strong passwords, using file protection and adhering to a regular backup schedule to keep your data from being destroyed, encrypting network communications lines, and using special shields to keep electromagnetic emanations from leaking out of your computer (TEMPEST). But when people talk about computer security, they usually mean what is called computer system security, which is a fancy way of saying data protection.

What Makes a System Secure?

In the most basic sense, computer system security ensures that your computer does what it’s supposed to do—even if its users don’t do what they’re supposed to do. It protects the information stored in it from being lost, changed either maliciously or accidentally, or read or modified by those not authorized to access it.

How does computer system security provide protection? There are four primary methods:

System access controls

These methods ensure that unauthorized users don’t get into the system and encourage (sometimes force) authorized users to be security-conscious—for example, by changing their passwords on a regular basis. The system also protects password data and keeps track of who’s doing what in the system, especially if what they’re doing is security-related (e.g., logging in, trying to open a file, using special privileges). ...

Get Computer Security Basics, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.