Introduction to Computer Security - Module 1

Lecture notes covering fundamental cybersecurity principles, the CIA triad, access control mechanisms, cryptography basics, physical security, and computer forensics.

Confidentiality

The avoidance of the unauthorized disclosure of information.

Integrity

The avoidance of the unauthorized modification of information.

Availability

Ensuring that information and resources are accessible to authorized users when needed, often through physical protections and computational redundancies.

Assurance

A security concept involving Policies (behavioral expectations), Permissions (behaviors allowed for agents), and Protections (mechanisms to enforce policies).

Authentication

The determination of the identity or role that someone has, based on something you are, something you know, or something you have.

Anonymity

The property of being unidentifiable within a set of subjects; maintained through tools like aggregation, mixing, proxies, and pseudonyms.

Repudiation

An attack where a party involves an attempt to back out of a contract or a protocol.

Access Control Matrix

A table where each row is a subject (user/group), each column is an object (file/device), and cells contain specific access rights.

Capabilities

A subject-centered approach to access control where lists of permissions are associated with specific users or systems.

Access Control List (ACL)

An object-centered approach to access control where permissions for different subjects are stored with the object itself.

Symmetric Key Distribution

A system where each pair of communicating parties requires a separate secret key, totaling $n(n-1)/2$ keys for $n$ parties.

Public Key Distribution

A system where only one key pair is needed for each recipient, totaling $n$ key pairs for $n$ parties.

Collision-resistant

A property of cryptographic hash functions where it is hard to find two different messages, $M$ and $N$, such that $H(M) = H(N)$.

Message Authentication Codes (MAC)

A tool for data integrity where shared secret key $K$ is used to compute a hash $H(K||M)$ for a message $M$.

Digital Certificates

A binding between an identity and a public key that is digitally signed by a certificate authority (CA).

ICCID

Integrated circuit card ID; a unique 18-digit number for hardware identification found on SIM cards.

IMSI

International mobile subscriber identity; identifying information stored on SIM cards for network authentication.

TEMPEST

A U.S. government code word for standards establishing protection zones based on an attacker's distance from equipment to mitigate electronic emanation risks.

Faraday Cage

An enclosure of metallic conductive shielding or mesh designed to block electromagnetic emanations.

Computer Forensics

The scientific process of preserving, identifying, extracting, documenting, and interpreting data on a computer to obtain potential legal evidence.

Priority by Volatility

The forensic principle of capturing data in order of how quickly it is lost: RAM > swap > disk > CDs/DVDs.

Slack Space

The empty space between the actual end of a file and the end of the last physical sector allocated to that file on a hard drive.

Steganography

The process of hiding data inside other data, such as embedding secrets within image files.

Bitstream Copy

A forensic bit-for-bit duplicate of digital media that captures all data, including hidden, residual, and deleted files.

Disk Wiping

A process for secure data deletion that involves overwriting file data with random data before marking the segments as available.