Editing Computer security (section)

==Terminology==
The following terms used with regards to computer security are explained below:
* Access [[authorization]] restricts access to a computer to a group of users through the use of [[authentication]] systems. These systems can protect either the whole computer, such as through an interactive [[login]] screen, or individual services, such as a [[File Transfer Protocol|FTP]] server. There are many methods for identifying and authenticating users, such as [[passwords]], [[identification card]]s, [[smart card]]s, and [[biometric]] systems.
* [[Anti-virus software]] consists of computer programs that attempt to identify, thwart, and eliminate [[computer viruses]] and other malicious software ([[malware]]).
* [[Application software|Applications]] are [[executable|executable code]], so general corporate practice is to [[Superuser|restrict or block users the power]] to install them; to install them only when there is a demonstrated need (e.g. software needed to perform assignments); to install only those which are known to be reputable (preferably with access [[open source software|to the computer code]] used to create the application), and to reduce the [[attack surface]] by installing as few as possible. They are typically run with [[least privilege]], with a robust process in place to identify, test and install any released [[security patch]]es or updates for them.
** For example, programs can be installed into an individual user's account, which limits the program's potential access, as well as being a means control which users have specific exceptions to policy.  In [[Linux]], [[FreeBSD]], [[OpenBSD]], and other [[Unix]]-like operating systems there is an option to further restrict an application using [[chroot]] or other means of [[Sandbox (computer security)|restricting the application to its own 'sandbox']].  For example. Linux provides [[Linux namespaces|namespaces]], and [[Cgroups]] to further restrict the access of an application to system resources.
** Generalized security frameworks such as [[SELinux]] or [[AppArmor]] help administrators control access.
** Java and other languages which compile to [[Java byte code]] and run in the [[Java virtual machine]] can have their access to other applications controlled at the virtual machine level.
** Some software can be run in [[OS-level virtualization|software containers]] which can even provide their own set of system libraries, limiting the software's, or anyone controlling it, access to the server's versions of the libraries.
* [[Authentication]] techniques can be used to ensure that communication end-points are who they say they are.
* [[Automated theorem proving]] and other verification tools can be used to enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications.
* [[Backup]]s are one or more copies kept of important computer files. Typically, multiple copies will be kept at different locations so that if a copy is stolen or damaged, other copies will still exist.
* [[Capability-based security|Capability]] and [[access control list]] techniques can be used to ensure privilege separation and mandatory access control. [[#Capabilities vs. ACLs|Capabilities vs. ACLs]] discusses their use.
* [[Chain of trust]] techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system's designers.
* [[Confidentiality]] is the nondisclosure of information except to another authorized person.<ref>{{cite web |title=Confidentiality |url=http://medical-dictionary.thefreedictionary.com/confidentiality |access-date=31 October 2011}}</ref>
* [[Cryptography|Cryptographic]] techniques can be used to defend data in transit between systems, reducing the probability that the data exchange between systems can be intercepted or modified.
*[[Cyber attribution]],  is an [[legal attribution|attribution]] of [[cybercrime]], i.e., finding who perpetrated a [[cyberattack]].
* [[Cyberwarfare]] is an Internet-based conflict that involves politically motivated attacks on information and information systems. Such attacks can, for example, disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and cripple financial systems.
* [[Data integrity]] is the accuracy and consistency of stored data, indicated by an absence of any alteration in data between two updates of a data record.<ref>{{cite web |title=Data Integrity |url=http://www.businessdictionary.com/definition/data-integrity.html |access-date=31 October 2011 |url-status=live |archive-url=https://web.archive.org/web/20111106055944/http://www.businessdictionary.com/definition/data-integrity.html |archive-date=6 November 2011  }}</ref>
[[File:Encryption - decryption.svg|thumb|300px|[[Cryptography|Cryptographic]] techniques involve transforming information, scrambling it, so it becomes unreadable during transmission. The intended recipient can unscramble the message; ideally, eavesdroppers cannot.]]
* [[Encryption]] is used to protect the confidentiality of a message. [[Cryptography|Cryptographically]] secure [[cipher]]s are designed to make any practical attempt of [[cryptanalysis|breaking]] them infeasible. [[symmetric-key algorithm|Symmetric-key]] ciphers are suitable for bulk encryption using [[shared key]]s, and [[public-key encryption]] using [[digital certificate]]s can provide a practical solution for the problem of securely communicating when no key is shared in advance.
* [[Endpoint security]] software aids networks in preventing malware infection and data theft at network entry points made vulnerable by the prevalence of potentially infected devices such as laptops, mobile devices, and USB drives.<ref>{{cite web |title=Endpoint Security |date=10 November 2010 |url=http://www.webopedia.com/TERM/E/endpoint_security.html |access-date=15 March 2014 |url-status=live |archive-url=https://web.archive.org/web/20140316021605/http://www.webopedia.com/TERM/E/endpoint_security.html |archive-date=16 March 2014  }}</ref>
* [[Firewall (networking)|Firewalls]] serve as a gatekeeper system between networks, allowing only traffic that matches defined rules. They often include detailed [[Logfile|logging]], and may include [[Intrusion detection system|intrusion detection]] and [[Intrusion detection system#Intrusion prevention|intrusion prevention]] features. They are near-universal between company [[local area networks]] and the Internet, but can also be used internally to impose traffic rules between networks if [[network segmentation]] is configured.
* A [[Security hacker|hacker]] is someone who seeks to breach defenses and exploit weaknesses in a computer system or network.
* [[Honeypot (computing)|Honey pots]] are computers that are intentionally left vulnerable to attack by crackers. They can be used to catch crackers and to identify their techniques.
* [[Intrusion-detection system]]s are devices or software applications that monitor networks or systems for malicious activity or policy violations.
* A [[microkernel]] is an approach to operating system design which has only the near-minimum amount of code running at the most privileged level – and runs other elements of the operating system such as device drivers, protocol stacks and file systems, in the safer, less privileged [[user space]].
* [[Ping (networking utility)|Pinging]]. The standard [[ping (networking utility)|ping application]] can be used to test if an IP address is in use. If it is, attackers may then try a [[port scan]] to detect which services are exposed.
* A [[port scan]] is used to probe an IP address for [[Port (computer networking)|open ports]] to identify accessible network services and applications.
* A [[key logger]] is spyware that silently captures and stores each keystroke that a user types on the computer's keyboard.
* [[Social engineering (security)|Social engineering]] is the use of deception to manipulate individuals to breach security.
* [[Logic bomb]]s is a type of malware added to a legitimate program that lies dormant until it is triggered by a specific event.
* A [[unikernel]] is a computer program that runs on a minimalistic operating system where a single application is allowed to run (as opposed to a general purpose operating system where many applications can run at the same time). This approach to minimizing the attack surface is adopted mostly in [[Cloud computing|cloud]] environments where software is deployed in [[virtual machine]]s.
* [[Zero trust security]] means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network.