What is Secure Computing?
security (Also known as cyber security or IT Security) is information security as applied to computers and networks. The field covers all the
processes and mechanisms by which computer-based equipment, information and
services are protected from unintended or unauthorized access, change or
destruction. Computer security also includes protection from unplanned events
and natural disasters.
Diagram clearly explain the
about the secure computing
Working conditions and basic needs in the secure computing:
If you don’t take basic steps to protect your work
computer, you put it and all the information on it at risk. You can
potentially compromise the operation of other computers on your
organization’s network, or even the functioning of the network as a
measures like login passwords, anti-virus are essential. (More about those
below) However, a secure physical space is the first and more important
line of defense.
the place you keep your workplace computer secure enough to prevent theft or
access to it while you are away? While the Security
Department provides coverage across the Medical center, it only takes
seconds to steal a computer, particularly a portable device like a laptop
or a PDA. A computer should be secured like any other valuable possession
when you are not present.
threats are not the only concern. Computers can be compromised by
environmental mishaps (e.g., water, coffee) or physical trauma. Make
sure the physical location of your computer takes
account of those risks as well.
University’s networks and shared information systems are protected in part
by login credentials (user-IDs and passwords). Access passwords are
also an essential protection for personal computers in most
circumstances. Offices are usually open and shared spaces, so physical access
to computers cannot be completely controlled.
your computer, you should consider setting passwords for particularly
sensitive applications resident on the computer (e.g., data analysis
software), if the software provides that capability.
Because we deal
with all facets of clinical, research, educational and administrative data here
on the medical campus, it is important to do everything possible to minimize
exposure of data to unauthorized individuals.
properly configured anti-virus software is essential. While
we have server-side anti-virus software on our
network computers, you still need it on the client side (your computer).
inspect files on your computer and in email. Firewall software and
hardware monitor communications between your computer and the outside
world. That is essential for any networked computer.
critical to keep software up to date, especially the operating system,
anti-virus and anti-spyware, email and browser software. The newest
versions will contain fixes for discovered vulnerabilities.
anti-virus have automatic update features (including SAV). Keeping the
“signatures” (digital patterns) of malicious software detectors
up-to-date is essential for these products to be effective.
Keep secure backups:
Even if you
take all these security steps, bad things can still happen. Be
prepared for the worst by making backup copies of critical data, and keeping
those backup copies in a separate, secure location. For example, use
supplemental hard drives, CDs/DVDs,
or flash drives to store
critical, hard-to-replace data.
believe that your computer or any data on it has been compromised, your
should make a information
security incident report. That is required by University
policy for all data on our systems, and legally required for health, education,
financial and any other kind of record containing identifiable personal
Benefits of secure computing:
Protect yourself – Civil liability:
You may be held legally liable to compensate a third party should they
experience financial damage or distress as a result of their personal data
being stolen from you or leaked by you.
Protect your credibility – Compliance:
You may require compliancy with the Data Protection Act, the FSA, SOX or other
regulatory standards. Each of these bodies stipulates that certain measures be
taken to protect the data on your network.
Protect your reputation – Spam:
A common use for infected systems is to join them to a botnet (a
collection of infected machines which takes orders from a command server) and
use them to send out spam. This spam can be traced back to you, your server
could be blacklisted and you could be unable to send email.
Protect your income – Competitive advantage:
There are a number of “hackers-for-hire” advertising their services on the
internet selling their skills in breaking into company’s servers to steal
client databases, proprietary software, merger and acquisition information,
personnel detail set all.
Protect your business – Blackmail:
A seldom-reported source of income for “hackers” is to break into your server,
change all your passwords and lock you out of it. The password is then sold
back to you. Note: the “hackers” may implant a backdoor program on your server
so that they can repeat the exercise at will.
Protect your investment – Free storage:
Your server’s hard drive space is used (or sold on) to house the
hacker’s video clips, music collections, pirated software or worse. Your server
or computer then becomes continuously slow and your internet connection speeds
deteriorate due to the number of people connecting to your server in order to
download the offered wares.
data provenance methodology, in the form of robust watermarking techniques or
adding fake data, has already been suggested in the literature and employed by
et al. present a system that enforces logging of read and write actions in a
tamper-proof provenance chain. This creates the possibility of verifying the
origin of information in a document.
addresses the problem of accountable data transfer with untrusted senders using
the term fair content tracing. He presents a general framework to compare
different approaches and splits protocols into four categories depending on
their utilization of trusted third parties, i.e., no trusted third parties,
offline trusted third parties, online trusted third parties and trusted
hardware. Furthermore, he introduces the additional properties of recipient
anonymity and fairness in association with payment.
DISADVANTAGES OF EXISTING
some cases, identification of the leaker is made possible by forensic
techniques, but these are usually expensive and do not always generate the
efforts have been ad-hoc in nature and there is no formal model available.
most of these approaches only allow identification of the leaker in a
non-provable manner, which is not sufficient in many cases.
attacker is able to strip of the provenance information of a file, the problem
of data leakage in malicious environments is not tackled by their approach.
point out the need for a general accountability mechanism in data transfers.
This accountability can be directly associated with provably detecting a
transmission history of data across multiple entities starting from its origin.
This is known as data provenance, data lineage or source tracing.
this paper, we formalize this problem of provably associating the guilty party
to the leakages, and work on the data lineage methodologies to solve the
problem of information leakage in various leakage scenarios.
system defines LIME, a generic data lineage framework for data flow across
multiple entities in the malicious environment.
observe that entities in data flows assume one of two roles: owner or consumer.
We introduce an additional role in the form of auditor, whose task is to
determine a guilty party for any data leak, and define the exact properties for
communication between these roles.