Many of the steps taken to ensure computer security are: automated theorem proving; writing of secure micro-kernels within OSes; cryptographic techniques, including encryption; strong authentication techniques...
The first computers were devised to work as research tools in universities, and in defense laboratories. Therefore, since the beginning of computing, security has been a concern. One tenet of security says that the security of any system is only as good as its weakest link. The moment more and more people are working - and networking increases the connectivity interfaces - the number of weak links increase. The primary function of security is to ensure that security breaches do not take place.
Like security in other fields, computer security is the science of preventing risks related to computer use, and if that is not possible, controlling such risks. Since every computer system is designed to allow certain actions and disallow others, computer security tries to ensure that the allowed actions take place without problems, and the disallowed ones do not take place. Control over access to, and use of, computer systems is implemented through the incorporation of a security policy. The policy might consist of several actions – and the actions in question can be reduced to operations of access, modification and deletion. Computer security can be seen as a subfield of security engineering, which looks at broader security issues in addition to computer security. In a secure system the legitimate users of that system are still able to do what they should be able to do.
Many of the steps taken to ensure computer security are: automated theorem proving; writing of secure micro-kernels within OSes; cryptographic techniques, including encryption; strong authentication techniques; chain of trust techniques; mandatory access control; capability and access control lists (ACL); regular backups; antivirus software and firewalls; intrusion detection system; social engineering awareness (letting users know of vulnerabilities, so as to keep window of breach to the minimum). In most of these techniques, it is privilege separation and access control that form the main plank of security.
However, data transfer is inevitable, and ensuring safe data transfer is crucial. One plank of this is encryption, in which the data sent is scrambled so as to be unreadable during transit, and its decryption at the user end.
In this section of the directory, we provide links to various security and encryption resources, from emergent technologies to anti-virus vendors, from accepted security standards to guides.