Hardening: Theory and General Practice - What Is Security?
(Page 2 of 6 )
To protect the well-being or integrity of something, to ensure the safety of property or interests in an object from intrusion, or to keep a concept or object private, you’ll need to secure a system. In the hostile environment of the Internet, system administrators need to restrict access to assets. To grant access to a selected group of users, you need to know who to trust and how to verify the credentials of—authenticate—those you allow to use your systems.
The cornerstones of any security policy include the following:
- Privacy, or the ability to keep things private and confidential
- Trust, or the question of whether you should take data or objects at face value
- Authenticity, or verifying that contacts are made with people who are accurately representing their identity
- Integrity, or the process of ensuring a system hasn’t yet been compromised and will remain secure
This book will focus entirely on the practical aspects of hardening a Windows-based computer. What are these practical checkpoints, which comprise the rest of this book, designed to do? What is the underlying motivation? Focusing for a bit on the more general aspects of computer security allows you to harden your systems in ways that you might otherwise ignore or fail to imagine. Therefore, I’ll discuss security and its associated theoretical issues, and then move into practical considerations that aren’t limited to just Windows machines—suggestions that are appropriate for any connected machine.
 This chapter is from Hardening Windows, by Jonathan Hassell (Apress, 2004, ISBN: 1-59059-266-2). Check it out at your favorite bookstore today.
Buy this book now. |
Next: The Security Dilemma >>
More Windows Security Articles
More By Jonathan Hassell
