Bishop, Chapter 1 Overview - PowerPoint PPT Presentation

1 / 3
About This Presentation
Title:

Bishop, Chapter 1 Overview

Description:

Bishop, Chapter 1 (Overview) Basic components: confidentiality, integrity, availability ... That's the first sentence of the chapter. ... – PowerPoint PPT presentation

Number of Views:16
Avg rating:3.0/5.0
Slides: 4
Provided by: Steve57
Category:

less

Transcript and Presenter's Notes

Title: Bishop, Chapter 1 Overview


1
Bishop, Chapter 1 (Overview)
  • Basic components confidentiality, integrity,
    availability
  • Threats
  • Policy and Mechanism
  • Assumptions, Trust, Assurance
  • Operational Issues costs versus benefits

2
Reading Bishop, Chapter 1 (Overview)
  • What is computer security (that might not lend
    itself to a short answer!)
  • Computer security rests on confidentiality,
    integrity, and availability. Thats the first
    sentence of the chapter. What does it mean
    define the three terms, define rests on, and
    explain why those three things are the basis of
    CS
  • Thus, assumptions and trust underlie
    confidentiality mechanisms. Explain.
  • What is credibility, and what is its
    relationship to integrity?
  • Why is detection mentioned in the discussion of
    integrity, but not in the discussion of
    confidentiality?
  • Why is availability a fundamental aspect of
    security?
  • A threat is a potential violation of security.
    Why the emphasis on potential?
  • Briefly describe the four classes of threats, and
    give an example of each. Is each a violation of
    confidentiality, integrity, availability? All,
    none?
  • Define spoofing, give an example, and explain
    why it is a form of usurpation
  • Give an example of a security policy and a
    mechanism that enforces it.

3
Bishop, Chapter 1, Questions (cont.)
  • The text lists prevention, detection, and
    recovery as three goals for a security mechanism.
    Give an example of each. Why are the last two
    even necessary, if you have prevention?
  • How do we determine if the policy correctly
    describes the appropriate security for the
    site? Is this question unique to security
    policies? If not, where else does it arise?
  • What role does cost-benefit analysis play in
    security policy?
  • Whats the difference between a privacy policy
    and a security policy where do they overlap?
  • Summarize the social / people issues associated
    with designing and implementing a secure system
  • What is meant in the summary by people consider
    security to be a relative attribute?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Bishop, Chapter 1 Overview" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!