Biomedical Engineering Reference
In-Depth Information
functions address the need to restrict access and
limit the authority to have access; the last three
are responses to unauthorized intrusions, abuse, or
destruction of assets.
These security functions can be defined as
follows:
mental to the interests of the organization,
whether or not any specific damage resulted.
Damage
. The modification or destruction of
physical or
•
logical computer and network
assets.
In summary, the goal of computer and network
security systems is to prevent unauthorized access
to IT and communications systems and facilities.
If such access does occur, misuse of or damage
to the computer and communications assets must
be prevented. If, despite such precautions, access
is gained and damage occurs, it is necessary to
recover the systems and networks from the intru-
sion and violation of assets and to take action to
prevent recurrence.
Avoidance
. Removal or elimination of any
threat to assets, the protection or removal
of threatened assets from actual or potential
danger, and not creating surplus vulnerable
assets.
•
Deterrence
. Discouragement of action that
threatens system security. Publicizing disci-
plinary actions previously taken or that will be
taken if such actions are discovered.
•
Prevention
. Implementation of measures to
protect assets from security breaches and from
intentional or accidental misuse.
•
Control of Access, Misuse, or Damage
Some security functions relate specifically to
access control and are directed at preventing unau-
thorized intrusion. However, misuse and damage
can result from a variety of causes, each of which
may require different preventative measures and
recovery procedures. Misuse or damage can be
caused by either intentional misbehavior, negli-
gence, or accident. Based on the six-stage break-
down of security functions previously outlined,
Figure F.1 shows which security functions are
effective for controlling access and which work to
limit misuse and damage.
As shown in Figure F.1, the only security func-
tion that can be used to control authorized access
is detection. That is, no preventative measures
are taken if access is detected and observed to
be legitimate. However, for unauthorized access,
all available security control should be applied.
If unauthorized access is detected, backup secu-
rity should be implemented to prevent the potential
recurrence of similar unauthorized access. As a
simple example, if current security access codes,
such as passwords, are used by someone not autho-
rized to use the system, the codes should be
changed immediately, and authorized users should
be informed of the change. If users are responsible
for changing their own passwords, they should be
notified to make immediate changes.
Detection
. Implementation of means to recog-
nize potential threats to asset. Monitoring the
computer and network environment to deter-
mine whether such a threat is imminent, is in
process, or has already breached the preventa-
tive measures. Detection can include raising an
alarm in event of a security breach.
•
•
Recovery
. Effort to return the system and
networks to an operating condition.
Correction
. Introduction of new measures or
improvement of existing measures to avoid,
deter, or to prevent recurrences of secu-
rity breaches and misuse of or damage to
the computer systems and communications
networks.
•
Data security systems should protect the following
three major areas of vulnerability: access, misuse,
and damage. Each area can be briefly described as
follows:
•
Access
. The gaining of entry, physically or
electronically, to computer resources, including
software, data, the IT facility, or the communi-
cations network.
Misuse
. The manipulation of computer and
network assets in a manner outside of or detri-
•
