Securing Linux, Part 1: Introduction
By Mario Eberlein, Rene Auberger, Wolfram Andreas Richter2005-04-21
Security Defined
|
|
Security is an important topic in today's IT-related headlines. Frequent system vulnerabilities and security patches as well as viruses and worms are common ground for everyone using computers. As nearly every computer system is interconnected to other computers or to the Internet, securing these computers is critical to mitigate break-ins, data theft or loss, misuse, or even liabilities to third parties.
Even securing a stand-alone computer, one not connected to a network, is not trivial. Applications have to be installed from trustworthy sources, such as from a verified and virus-checked CD-ROM. You have to be equally cautious with application data. For example, software packages (office suites, etc.) can execute powerful macro languages or present malformed data and can be used to execute arbitrary code by exploiting software flaws. Therefore, application data has to be checked for integrity before you copy it to the computer. Access to the system can be controlled by placing the data in a secured area (disregarding attacks from authorized personnel, of course).
Things get even more difficult when a system is connected to a network and offers services to other computers –- intentionally or unintentionally. In that case, the system administrator might not be the only source of data, as client programs make use of the offered services, and system vulnerabilities might allow an intruder to take control of the computer.
That's why dealing with security is essential throughout the entire life cycle of a system, from the planning stages until it is dismantled. But what does security exactly mean?
In general, data security and system security can be separately distinguished. Data security is commonly understood to refer to all efforts taken to ensure:
• Confidentiality
• Integrity
• Availability
Taken together, these are referred to as the "CIA" of data stored on a computer. Protection of configuration data such as /etc/passwd can be subsumed under data security. System security refers to the computing platform itself. The U.S. National Information Systems Security Glossary (see Resources for a link) defines system security as follows:
System Security. The protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.
It is important to realize that system security enforces an iterative process consisting of applying security patches, regular audits, and controls, as well as having a secure system configuration to begin with. In this context, it is impossible to guarantee absolute security, as it is impossible to provide a 100% secure service. The goal is rather to find a tradeoff between security, usability of the system, and efforts required to maintain this security level. This compromise is influenced by the importance of the data stored on the computer to be secured and its intended usage scenario (read Secrets and Lies by Bruce Schneier, John Wiley & Sons, 2000; see Resources for a link).
Tutorial Pages:
» A Consideration of What it Means to be Secure
» Security Defined
» Integrity
» Confidentiality
» Availability
» Linux System Security
» Next in the Series
» Resources
First published by IBM DeveloperWorks
|
| Related Tutorials: » How to Install PHP 5 on Linux » How to Install Apache 2 on Linux » How to Install MySQL 5.0 on Linux » SMB Caching » Mound --Bind » Tar Wild Card Interpretation |