Introduction

• This is from chapter 1 of the book. You should read that chapter.
• What is computer security?
  • Answer
    According to our book computer security is the protection of the assets of a computer or computer system.
• But what are these assets?
  • Answer
  • Items we value
    • Hardware
    • Software
    • Data
• Do all assets have value?
  • Can you think of something that might be of low value in a computer system?
  • Something that might be of extremely high value?
  • Something that the value might change over time?
  • Are there some things that might be considered irreplaceable?
• In computer security there are a number of different identified patterns that they discuss.
• The Vulnerability - Threat - Control paradigm
  • A paradigm is a typical example or pattern of something; a model. (Oxford Languages)
  • Vulnerability a weakness in the system that might be exploited to cause harm.
  • Threat a set of circumstances that has the potential to cause loss or harm.
  • Control an action, procedure, or technique that removes or reduces a vulnerability.
• Pwnkit
  • Check out a threat from last spring, Pwnkit
  • And the Exploit code
  • And the NIST page
    • What is the vulnerability?
    • What is a threat associated with this vulnerability?
    • What is a control for this threat?