Computer Security Lecture 1

What does the CIA Triad stand for in computer security?

Confidentiality, Integrity, Availability.

What is Confidentiality in the CIA Triad?

Keeping information and resources secret from unauthorized parties.

What is Integrity in the CIA Triad?

Ensuring correctness and trustworthiness of data and its origin.

What is Availability in the CIA Triad?

Ensuring information and services are accessible and usable when needed.

Why is availability equally important as confidentiality and integrity?

Because an unavailable system is as useless as no system at all.

What are mechanisms used to ensure confidentiality?

Cryptography, metadata minimization, and system-level access controls.

Why can the existence of data itself be sensitive?

Because metadata or traffic analysis can reveal events even without reading the data (e.g., emergency activity).

Why must cryptographic keys themselves be protected?

Because they grant access to encrypted data; if keys are stolen, encryption fails.

What are common failure modes for confidentiality?

Bypassed controls, side-channel leaks, and key exposure.

What are the two aspects of integrity?

Data integrity (unaltered content) and data origin integrity (correct source).

What are the two main types of integrity mechanisms?

Prevention (block unauthorized changes) and Detection (signal loss of trust using hashes or logs).

How is integrity different from confidentiality?

Integrity deals with correctness and trustworthiness, not just secrecy.

What’s the difference between correctness and trustworthiness?

Correctness: data matches reality; Trustworthiness: data origin and chain-of-custody can be relied on.

Give an example of “correct but not trustworthy” data.

A legitimate-looking invoice PDF received from an unknown sender.

Give an example of “trustworthy but incorrect” data.

A signed sensor report with perfect provenance but faulty readings.

What does availability mean in computer security?

Ensuring reliable, timely access to data and services.

What is a Denial of Service (DoS) attack?

An attack that exhausts resources or disrupts services to block access.

Why is system availability more than just measuring uptime?

Because true availability also depends on performance, usability, and fault tolerance, not just whether the system is running.

How can improving one CIA property weaken another?

Example: Encrypting everything (C↑) can slow access (A↓) and hinder validation (I↓).

What is graceful degradation?

Designing systems to fail safely and partially instead of completely breaking.

What are the four main classes of threats?

Disclosure (violates C), Deception (violates I), Disruption (violates A), and Usurpation (violates all by taking control).

What are Advanced Persistent Threats (APTs)?

Long-term, organized attacks by well-funded groups (often nation-states).

What’s the difference between a policy and a mechanism in security?

Policy defines what is allowed; Mechanism enforces the policy.

What are the three goals of security mechanisms?

Prevention, Detection, and Recovery.

Why do assumptions matter in security?

Wrong assumptions about environment or requirements invalidate security.

What’s the difference between trusted and trustworthy?

Trusted means relied upon; Trustworthy means deserving of that trust.

What is assurance in computer security?

Evidence that a system deserves to be trusted for its purpose.

Why can’t testing alone prove security?

Testing only gives confidence after the fact and can’t cover all conditions.

Why is “security by design” better than “security as a patch”?

Built-in security is cheaper and more effective than adding it later.

Why is usability important in security design?

If controls are too complex, users bypass them, defeating security.