Computing Security Issues.
Computing & Information Services
University of New Hampshire
editor: jim.cerny@unh.edu
(skip to list of URLs)
Computing security involves many issues and levels including: physical security of work spaces; securing network traffic; prevention of incidents and intrusions; stopping intrusions and damage in real-time; preventing, detecting, and removing viruses; ethics and acceptable use policies; and the legal context (export laws, censorship, liabilities for slander or libel, copyrights).
Many recent attacks on systems have been denial of service attacks that exploit weaknesses in the way TCP/IP protocols are implemented on some systems. To effectively combat these attacks requires applying appropriate patches to individual systems plus network filtering to block bogus packets.
High on the wish list of security features are firewalls and authentication/authorization. Authenticatication is used to verify the identity of servers, clients, and users of those systems -- that they are who they say they are. Authorization controls are then used to determine what an authenticated user can do (or in the case of e-mail to authenticate the identity of the sender and that the message contents are uncorrupted).
It is a cliche to say that computer security involves everyone, but it is true. What we really want is for everyone to "be nice," if it were that easy! Organization-scale solutions include education, implementation of password controls, network monitoring, firewalls to protect selected resources, and Kerberos-type authentication for high-security servers and clients.
Current Issues.
|
Archives of alerts and bulletins.
Assorted background information.
Censorship issues.
Client-server authentication systems.
Copyright and intellectural property issues.
Cryptography.
Ethics and acceptable use policies.
Hacker Tools and Information.
Hoaxes and fraud.
Law.
Other general lists of security resources and archives.
Privacy.
Spam and anti-spamming.
Threats.
Viruses.
|