Professional Documents
Culture Documents
235150307111032-Fadlan Umar Rozikin-TK C - B Ing
235150307111032-Fadlan Umar Rozikin-TK C - B Ing
NIM:235150307111032
KELAS:TK -C
“The term “security” describes techniques that control who may use or modify the computer or
the information contained in it”. Security specialists (e.g., Anderson [ 61 ) have found it useful to
place potential security violations in three categories:
First Unauthorized information release: an unauthorized person is able to read and take
advantage of information stored in the computer. This category of concern sometimes extends to
“traffic analysis,” in which the intruder observes only the patterns of information use and from
those patterns can infer some information content. It also includes unauthorized use of a
proprietary program. Second Unauthorized information modification: an unauthorized person is
able to make changes in stored information-a form of sabotage. Note that this kind of violation
does not require that the intruder see the information he has changed.Third Unauthorized denial
of use: an intruder can prevent an authorized user from referring to or modifying information,
even though the intruder may not be able to refer to or modify the information.
Causing a system “crash,” disrupting a scheduling algorithm, or firing a bullet into a computer
are examples of denial of use. This is another form of sabotage. The term “unauthorized” in the
three categories listed above means that release, modification, or denial of use occurs contrary to
the desire of the person who controls the information, possibly even contrary to the constraints
supposedly enforced by the system. The biggest complication in a general-purpose remote
accessed computer system is that the “intruder” in these definitions may be an otherwise
legitimate user of the computer system. Examples of security techniques sometimes applied to
computer systems are the following:
The First Tips is Labeling files with lists of authorized users: involves associating specific files
or data with a list of individuals who are authorized to access or modify them. It helps in
controlling and monitoring access to sensitive information.
The Second Tips is Verifying the identity of a prospective user by demanding a password:Entails
authenticating a user's identity through the use of a password before granting access.
The Third Tips is Shielding the computer to prevent interception and sub sequent interpretation
of electromagnetic radiation:could mean protecting the computer system from interception or
subversion attempts. involve implementing security measures such as firewalls, intrusion
detection systems, and encryption to safeguard against unauthorized access or attacks.
The Fourth Tips Enciphering information sent over telephone lines:Encrypting information
transmitted over telephone lines ensures that the data is secure and cannot be easily intercepted
or understood by unauthorized parties. This is particularly important for sensitive
communications to maintain confidentiality.
The five tips is Locking room containing the computer:Locking the room containing a computer
system helps prevent unauthorized physical access. This is an essential measure to protect
against tampering or theft of hardware.
The six tips is Controlling who is allowed to make changes to the computer system (both its
hardware and software):Restricting access to individuals authorized to make changes helps
ensure the integrity of the system. Unauthorized modifications, whether to hardware or software,
can pose significant security risks.
The seven tips is Using redundant circuits or programmed cross-checks that maintain security in
the face of hardware or software failures: Implements redundancy and cross-check mechanisms
to ensure system security, especially during hardware or software failures.
The eight tips is Certifying that the hardware and software are actually implemented as intended:
Certifying that the hardware and software are actually implemented as intended is an important
step to ensure that the system operates securely and as designed.
As an conclusion, it can be stated that ensuring data security in computer systems is very
important. The term "security" encompasses a number of access and modification control
techniques and classifies potential security breaches into unauthorized disclosure, modification,
and denial of access. Implementation of security measures is critical to protect data and maintain
the desired authority in a computer system.
References:
[ 1] A. Westin, Privacy and Freedom. New York: Atheneum, 1967. (IA1, SFR)
[2] A,Miller The Assault of Privacy. Ann Arbor, Mich.: Univ. of Mich. Press, 1971 ; also New
York: Signet, 1972, Paperback (I-Al, SFR) W4934. (EA1, SFR).
[ 3] Dept. of -Health, Education, and Welfare, Records, Computers, and the Rights of
citizens. Cambridge, Mass.: M.I.T. Press, 1973.(IA, SFR)
[4] R. Turn and W. Ware, “privacy and security in computer systems,” Am-. Scienrin, vot 63,
pp. 196-203, Mar.-Apr. 1975 (I-A1).
[5][SI W. Ware. “Security and privacy in computer systems,” in 1967 SJCC, AFIPS Cons
hoc., vol. 30, pp. 287-290. (I-A1)