Core Principles of Computer Security and Network Defense

Posted on Mar 11, 2026 in Mathematics and Computer Science

Fundamentals of Computer Security

Computer security protects automated information system resources to preserve CIA (Confidentiality, Integrity, Availability), plus authenticity and non-repudiation, through effective risk management (Probability × Impact).

  • Confidentiality: Prevents unauthorized disclosure; privacy ensures control over personal information.
  • Integrity: Ensures authorized changes only; data and system integrity prevent tampering.
  • Availability: Guarantees timely, reliable access for authorized users.
  • Authenticity: Verifies genuine identity or data origin.
  • Non-repudiation: Prevents a sender from denying an action via digital signatures and logs.

Security Challenges and Risk

Security is complex, requiring an assumption of attacks. Attackers need only one weakness, while defenders must secure all points. Risk is calculated as: Expected Loss = P(threat exploits vulnerability) × Harm.

Design Principles

Key strategies include: least privilege, fail-safe defaults, complete mediation, economy of mechanism, open design, separation of privilege, defense-in-depth, and psychological acceptability.

Authentication and Identity Management

Authentication involves two steps: enrollment and verification. Modern systems use three factors: something you know, have, or are.

  • Password Security: Modern OSs use salted, slow hashes to mitigate offline cracking.
  • Biometrics: Iris scanning offers the highest accuracy, followed by fingerprints and facial recognition.
  • Tokens: Challenge-response protocols using nonces allow authentication without internet or clock synchronization.

Cryptography Essentials

Symmetric encryption uses a shared key, while asymmetric encryption is used for key exchange and signatures. AES is the preferred standard, replacing obsolete DES and 3DES.

  • MAC (Message Authentication Code): Provides integrity and origin authentication.
  • Digital Signatures: Uses private keys to sign hashes, ensuring non-repudiation.
  • Certificate Validation: Verify chains to trusted CAs, expiration dates, and revocation status (CRL/OCSP).

Access Control and Authorization

Access control enforces policies through authentication, authorization, and auditing. Common models include:

  • DAC (Discretionary): Owner controls permissions.
  • MAC (Mandatory): Central policy via labels and clearances.
  • RBAC/ABAC: Role-based or attribute-based access control for scalable, context-aware security.

SQL Injection and Database Security

SQLi techniques include tautologies and piggybacked queries. Countermeasures include:

  • Using parameterized queries and prepared statements.
  • Implementing allowlist validation and least-privilege database access.
  • Utilizing WAFs and safe error handling.

Malware and Social Engineering

Malware includes viruses, worms, and rootkits. Defenses include patching, least privilege, behavior monitoring, and user training. Social engineering exploits psychological triggers like urgency and authority.

Denial of Service (DoS) and Intrusion Detection

DoS attacks exhaust resources. Defenses include rate limiting, SYN cookies, and anycasting to distribute traffic. Intrusion detection (IDS) monitors for masqueraders, misfeasors, and clandestine users using signature or anomaly-based analysis.

Firewall Architectures

Firewalls enforce network boundaries. Modern NGFW (Next-Generation Firewalls) and UTM (Unified Threat Management) appliances provide deep packet inspection (DPI) and integrated security services like AV and IDS/IPS.