A resource should be protected in both ways - externally and internally. Internal harms include unauthorized access, transfer of data and changing or destroying some important piece of information. Stress is mostly given to internal security of software and data. But for a system to be 100% secure, external security is also equally important. External security provides different ensuring ways to secure both computing system and its data from outside attacks of the system. Threats may be physical damage, non-technical threats or operational system faults. Let me explain some of the common external threats and how they can be overcame.
Physical security:
Even if the system is internally secured, it should be kept away from external damages or stealing. i.e. A system should be physically secure and its parts should never be damaged or removed without the consent of its owner. The whole internal security measures go futile, if the system is not kept protected against external theft or physical damage.
Non-technical threats:
A common technique involved in this type of threat is social engineering, which is more harmful even than the internal security threats. Here, the persons who are involved with secure data can be brainwashed and given promises of money or good offers and prompt them to reveal important information about that firm. By this way, important passwords, access codes and even security measures can be cracked.
Operational security:
Some of the precautions should be done to secure the most important piece of information. It include backups and auditing. Always keep a copy of important piece of information,somewhere away from the system. If so, even if the system is damaged by a natural calamity,fire, disk failure, system error and even if the system is stolen or damaged by intruders,important information can be recovered. But, one should take care about backups of important piece of information. Such backups should be protected from unauthorized access by providing some access code or passwords. Another method is auditing. Periodically, internal data has to be checked, verified and recorded to find whether the system security is breached and this process contains an audit record known as audit log. i.e. Accurate records are keptand each entry in the log should record the name of the user or user_id who initiated a particular operation in the system, with the login time and his motive.
Cryptography for computer security
Cryptography is the process of encoding an important information before sending and later decoded by the trusted user or associate. The word is derived from a Greek word meaning 'secret writing'. Cryptography has been used from ancient period itself which purposefully helped a sender to send some piece of information in a hidden format. Since the message is changed according to certain pre-determined code, only the person who knows it can decode it and hence it would be a useless message if it is accidently handed over to a stranger or enemy.
Thus cryptography helps to communicate information secretly. Cryptography has been termed as 'modern cryptography' and has been developed for computer-based uses before 50 years which gives us certain unbreakable encoding systems.
Let 'Msg' be the message with a sequence of bits. 'Msg' is called plain text which can be read and is not changed yet. Let 'EF' be the encryption function which takes the message and an encryption key E_key which produces an encrypted message CT, called the cipher text.
Ef( Msg, E_key ) = CT
Df, the decryption function reverses the process using D_key, the decryption key.
Df( CT, D_key ) = Msg
i.e. The encrypted message is decrypted to get the original message.
Very often, encryption and decryption functions are same. Also, both the keys are either same or very closely related. Such a system is called a private key cryptosystem where both the keys are kept private due to security reasons. If only one of them is kept secret, then it is termed as public key cryptosystem. Best example is installation codes of certain software, which is provided along with the CD, which may be often very lengthy and contains both alphabets and numbers.
Often cryptography is used for privacy or keeping data private. It helps the user to keep files in the system, thus preventing anyone else to read. It is most applicable in the case of networks, where data can be transferred from one system to another easily. Often cryptography helps in system authentication based on the principle of digital signature. All the bits in the document are made related to one another. Thus we can't change just one or two of those bits. Bits of the message undergo encryption which mixes all of them in different complicated ways. Even, crypography is used for authenticating public keys.