Thursday, October 1, 2009

Linux Securirty Notes 1: Information Security


    Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction

Key concepts

     For over twenty years, information security has held confidentiality, integrity and availability (known as the CIA triad) as the core principles of information security.
C = Confidentiality
I   = Integrity
A = Availability
    (For eg:- gpg allows to encrypt the contents of the packages, ssh provides C & I)


Confidentiality is the of preventing disclosure of information to unauthorized individuals or systems.
For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred.
    Breaches of confidentiality take many forms. Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality. If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality. Giving out confidential information over the telephone is a breach of confidentiality if the caller is not authorized to have the information.

Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose personal information a system holds.


    In information security, integrity means that data cannot be modified without authorization. This is not the same thing as referential integrity in  databases. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a  computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able  to cast a very large number of votes in an online poll, and so on.
    There are many ways in which integrity could be violated without malicious intent. In the simplest case, a user on a system could mis-type someone's address. On a larger scale, if an automated process is not written and tested correctly, bulk updates to a database could alter data in an  incorrect way, leaving the integrity of the data compromised. Information security professionals are tasked with finding ways to implement controls that prevent errors of integrity.


For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly.
High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks.

In 2002, Donn Parker proposed an alternative model for the classic CIA triad that he called the six atomic elements of information. The elements are confidentiality, possession, integrity, authenticity, availability, and utility. The merits of the Parkerian hexad are a subject of debate amongst security professionals.

Reconnaissance(exploration conducted to gain information) tools(nmap) are used to check the services that runs in any machines, as a result the Hackers use it in negative way. Prior to that we have to lock down the security holes.

No comments:

Post a Comment

tag ur valuable ideas below