 |
| Challanges of computer security |
Computer security is both fascinating and complex. Some of the reasons follow
- Computer security is not as easy as it might seem to a beginner. The requirements seem simple; In fact, most of the key security service requirements can be summed up in self-explanatory one-word terms: confidentiality, authentication, non-repudiation, integrity. But the mechanisms used to meet these requirements can be quite complex, and understanding them can require quite subtle thought.
- When developing a particular security mechanism or algorithm, one should always consider possible attacks on these security features. In many cases, successful attacks are designed to look at the problem in a completely different way and therefore exploit an unexpected weakness in the mechanism.
- Due to point 2, the procedures for providing specific services are often contradictory. Typically, a security mechanism is complex and it is not obvious from the specification of a specific requirement that such extensive measures are required. Comfortable security mechanisms only make sense when the various aspects of the threat are considered.
- Once various security mechanisms have been designed, it is necessary to decide where to use them. This applies both in terms of physical location (e.g. where in a network certain security mechanisms are needed) and in a logical sense[e.g., at what layer or layers of an architecture such as TCP/IP(Transmission Control Protocol/Internet Protocol) should mechanisms be placed.
- Security mechanisms generally involve more than a specific algorithm or protocol. They also require participants to be in possession of certain secret information (such as an encryption key), raising questions about the creation, distribution, and protection of that secret information.
- There may also be a dependency on communication protocols, the behavior of which may complicate the development of the security mechanism.If, for example, the proper functioning of the security mechanism requires the imposition of time constraints on the transmission time of a message from the sender to the receiver, any protocol or network that introduces variable and unpredictable delays may cause such time constraints to be of importance.
- Computer security is essentially a battle between an attacker trying to find holes and the designer or administrator trying to fix them. only weakness while the designer must find and eliminate all weakness to achieve perfect security.
- There is a natural tendency for users and system administrators to get little value from security investments until a security failure occurs.
- Security requires regular, even constant, monitoring, and this is difficult in today's overload short-term environment.
- Security is still too often an afterthought to be built into a system after the design is complete, rather than being an integral part of the design process
- Many users and even security administrators see strong security as a barrier to the efficient and user-friendly operation of an information system or the use of information.
- The difficulties just enumerated will be encountered in numerous ways as we examine the various security threats and mechanisms
ليست هناك تعليقات:
إرسال تعليق