System Security and System Protection in Cybersecurity

Table of Contents

• Introduction to System Security
• Violation of System Security
• Categories of System Security
  • A) Accidental Threats
  • B) Malicious Threats
• Goals of System Security
• Introduction to System Protection
• Goals of System Protection in Cyber Security
• Aspects of System Protection
• Difference between System Security and System Protection
• FAQ
• Recent Articles on Computer Networks
• Related Articles on Linux

Introduction to System Security

System security is a crucial aspect of cybersecurity that focuses on protecting computer systems, networks, and data from unauthorized access, attacks, and other potential threats.

It involves implementing various measures and strategies to ensure the confidentiality, integrity, and availability of information and resources.

A computer system’s security is a crucial concern. It is a procedure for protecting the OS’s integrity and confidentiality.

One of the most crucial and significant responsibilities is maintaining security in order to prevent threats, other malicious activities, attacks, and programs from entering the computer’s software system.

A system is considered secure if all of its resources are used and accessed as intended, however, no system can completely protect users from harmful attacks and unauthorized access.

Violation of System Security

The security of a system can be threatened by two violations:

A) Threat:

A piece of software or a program that could seriously harm the system.

B) Attack

An attempt to break security and make unauthorized use of an asset.

Categories of System Security

Violations of System Security can be categorized into two parts:

A) Accidental Threats

Accidental threats refer to security incidents or breaches that occur unintentionally or as a result of human error. These threats typically arise from mistakes, negligence, or lack of awareness by authorized users within an organization. Some common examples of accidental threats include:

Data loss or leakage:

Accidental deletion of files, misconfigured cloud storage, or sending sensitive information to the wrong recipient

Misdelivery or misaddressing:

Sending confidential data or emails to unintended recipients due to human error.

Physical damage:

Accidentally damaging hardware, such as servers or networking equipment, results in system downtime or data loss.

Insider accidents:

Employees unintentionally install malware-infected software, fall for phishing attacks, or have the wrong security settings.

Preventing accidental threats requires a combination of user education, awareness training, and implementing security controls and policies to mitigate the risk of human error.

B) Malicious Threats

Malicious threats involve deliberate actions by individuals or groups with the intention of causing harm, compromising systems, or gaining unauthorized access to sensitive information.

These threats are often driven by criminal motives or the desire to disrupt systems and networks.

Some Examples of Malicious Threats are Malware attacks and denial of service (DOS).

Security can be compromised via any of the breaches mentioned:

1. Breach of Confidentiality: This kind of offense entails reading data without authorization.
2. Breach of integrity:  Unauthorised data modification is a violation.
3. Breach of availability:  It involves unauthorized destruction of data.
4. Theft of service: Involves unauthorized use of resources.
5. Denial of service: It involves preventing appropriate system utilization. As previously stated, such attacks may be accidental.

Goals of System Security

The goals of system security are to protect computer systems, networks, and data from unauthorized access, use, disclosure, disruption, modification, or destruction. System security aims to ensure the confidentiality, integrity, and availability of information and resources within a system. Here are the primary goals of system security:

A) Confidentiality:

Confidentiality focuses on preventing unauthorized access to sensitive information. It ensures that only authorized individuals or entities can access and view sensitive data. Techniques such as encryption, access controls, and secure communication channels are used to maintain confidentiality.

B) Integrity:

Integrity ensures that data remains accurate, complete, and unaltered throughout its lifecycle. It involves protecting data from unauthorized modification, deletion, or tampering. Measures such as data validation, checksums, digital signatures, and secure backups are employed to maintain data integrity.

C) Availability:

Availability aims to ensure that computer systems and resources are accessible and usable by authorized users when needed. It involves protecting systems against disruptions, failures, and attacks that may result in downtime or unavailability. Redundancy, fault tolerance, disaster recovery plans, and network monitoring are employed to maintain system availability.

D) Authentication:

Authentication is the process of verifying the identity of users or entities accessing a system or resource. It ensures that only legitimate users can gain access to authorized resources. Usernames and passwords, biometric authentication, two-factor authentication, and digital certificates are commonly used authentication mechanisms.

E) Authorization:

Authorization determines the level of access and permissions granted to authenticated users. It ensures that users have appropriate privileges and restrictions based on their roles and responsibilities within the system. Access control lists, role-based access control, and privilege management are used for effective authorization.

F) Auditing and Accountability:

Auditing involves monitoring and logging system activities to detect security breaches, track events, and establish accountability. It helps in identifying security incidents, investigating potential threats, and providing an audit trail for forensic analysis and compliance purposes.

Introduction to System Protection

System protection in cybersecurity involves implementing various measures and best practices to safeguard computer systems from unauthorized access, attacks, and data breaches.

These measures aim to prevent security vulnerabilities, detect and respond to threats, and minimize the potential impact of security incidents.

Goals of System Protection in Cyber Security

1. Defense in Depth:
   • Implement multiple layers of security controls to ensure a robust defense strategy, making it challenging for attackers to penetrate the system.
2. Threat Detection and Prevention:
   • Continuously monitor systems for unusual activities and potential security threats to proactively detect and prevent security breaches.
3. Malware Protection:
   • Employ robust antivirus and anti-malware solutions to detect, block, and remove malicious software from systems.
4. Network Security:
   • Implement firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and secure configurations to protect the network from unauthorized access and attacks.
5. Endpoint Security:
   • Secure endpoints (devices like computers, and mobile devices) through measures like endpoint protection, application whitelisting, and device encryption.
6. Security Awareness and Training:
   • Educate and train employees and users about cybersecurity best practices, social engineering threats, and how to respond to security incidents.
7. Secure Software Development:
   • Adhere to secure coding practices to minimize vulnerabilities in software and applications.
8. Incident Response and Recovery:
   • Establish incident response procedures to effectively respond to security incidents and recover systems to a secure state.
9. Regular Security Audits and Testing:
   • Conduct regular security assessments, penetration testing, and vulnerability scanning to identify and address security weaknesses.
10. Compliance with Regulations and Standards:
    • Ensure that the system security measures comply with relevant laws, regulations, and industry standards to avoid legal and compliance risks.

Aspects of System Protection

A) Strong Access Controls:

Implementing robust access controls is crucial for system protection. This includes enforcing strong authentication mechanisms, such as passwords, multi-factor authentication, and biometric factors. Additionally, role-based access control (RBAC) should be employed to ensure that users have appropriate permissions based on their roles and responsibilities within the system.

B) Regular Software Updates and Patching:

Keeping software, operating systems, and applications up to date with the latest security patches is vital for system protection. Regularly applying updates helps to address known vulnerabilities and exploits, reducing the risk of successful attacks.

C) Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS):

Firewalls act as a barrier between internal systems and external networks, controlling network traffic and filtering out potentially malicious packets. IDS/IPS systems monitor network traffic for suspicious activities and can automatically block or alert administrators about potential threats.

D) Malware Protection:

Deploying reliable anti-malware software helps detect, prevent, and remove malicious software, including viruses, worms, Trojans, ransomware, and spyware. Regularly updating malware definitions and scanning systems for malware is essential.

E) Data Encryption:

Implementing encryption mechanisms for sensitive data helps protect it from unauthorized access or disclosure. This includes encrypting data at rest (stored on devices or servers) and data in transit (during transmission over networks) using encryption protocols like SSL/TLS.

Difference between System Security and System Protection

System Security	System Protection
Provide system access to authentic users.	Control access to system resources.
The complexity in system protection is authorization.	Threats are internal.
Decides who is allowed to use the system.	Decides which system resource is to be used by a user and when.
Complex queries and logic	Simple queries and logic
Authentication using Encryption and Certificates.	The complexity in system protection is an authorization.

Note: This blog is taken or referred from the GeeksforGeeks.

FAQ

Recent Articles on Computer Networks

1. Introduction to Computer Networking | What is Computer Network
2. What are Topology & Types of Topology in Computer Network
3. What is FootPrinting in Cyber Security and its Types, Purpose
4. Introduction to Cloud Computing | What is Cloud Computing
5. Distributed Shared Memory and Its Advantages and Disadvantages
6. What is a VPN? How does a VPN Work? What VPN should I use?
7. What is an Internet and How the Internet Works
8. What is a Website and How Does a Website or web work?
9. Introduction to Virus and Different Types of Viruses in Computer
10. What is TCP and its Types and What is TCP three-way Handshake
11. What is the UDP Protocol? How does it work and what are its advantages?
12. What is an IP and its Functions, What is IPv4 and IPv6 Address
13. What is MAC Address and its Types and Difference MAC vs IP
14. What is ARP and its Types? How Does it Work and ARP Format
15. Sessions and Cookies and the Difference Between Them
16. What is ICMP Protocol and its Message Format?
17. What is Big Data? Characteristics and Types of Big Data
18. Disciplines of CyberSecurity | What are the goals of CyberSecurity?
19. What is Firewall, Features, Types and How does the Firewall Work?
20. Network Scanning, Types, and Stealth Scan in Computer Network
21. Cryptography and its Types in Ethical Hacking
22. Tor Browser and How Does It Work | Onion Router Tutorial
23. Proxy Server, Advantages, Difference between Proxy Server & VPN
24. DHCP Protocol and What Are the Pros and Cons of DHCP
25. Intrusion Detection System(IDS) and What are the types of IDS
26. Domain Name Server, How Does It Work, and its advantages
27. Telnet: Introduction, How Does it Work, and Its Pros and Cons
28. SOC: Introduction, Functions performed by SOC, and its Pros
29. What is SIEM? | What is the Difference between SIEM and SOC?
30. Application Layer in OSI Model | OSI Model Application Layer
31. What is SSL Protocol or SSL/TLS and SSL Handshake, and Architecture of SSL
32. What are Servers, how do they work, and its different Types
33. Network Devices-Router, Switch, Hub, etc in Computer Network
34. Connection Oriented and Connection-less Services in Network
35. Physical Layer in OSI Model | OSI Model Physical Layer
36. Presentation Layer in OSI Model | OSI Model Presentation Layer
37. Session layer in OSI Model | OSI Model Session layer
38. Transport Layer in OSI Model | Computer Network Transport Layer
39. Network Layer in OSI Model | OSI Model Network Layer
40. Data Link Layer in OSI Model | OSI Model Data Link Layer
41. Block Diagram of Communication System with Detailed Explanation

Related Articles on Linux

1. What is Linux Operating System | Introduction to Linux
2. Directory in Linux Define | Linux Directory & its Commands
3. Explain the chmod command in Linux | Linux chmod command
4. Linux User Management || User Management in Linux
5. Linux Computer Network Advanced Command | Network Command
6. Redirection in Linux I/O| Linux I/O Redirection