Computer security
Computer security is the effort to create a secure computing platform, designed so that agents (users or programs) cannot perform actions that they are not allowed to perform, but can perform the actions that they are allowed to. This involves specifying and implementing a security policy. The actions in question can be reduced to operations of access, modification and deletion. Computer security can be seen as a subfield of security engineering, which looks at broader security issues in addition to computer security.
It is also important to distinguish the techniques employed to increase a system's security from the issue of that system's security status. In particular, systems which contain fundamental flaws in their security designs cannot be made secure without compromising their utility. Consequently, most computer systems cannot be made secure even after the application of extensive "computer security" measures.
Techniques for creating secure systems
The following techniques can be used in engineering secure systems. Note that these techniques, though useful, do not of themselves ensure security -- a security system is no stronger than its weakest link.
Cryptographic
techniques involve transforming information, scrambling it so it
becomes unreadable during transmission. The intended recipient can
unscramble the message, but eavesdroppers cannot.
Cryptographic techniques can be used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified.
Strong authentication techniques can be used to ensure that communication end-points are who they say they are.
Secure cryptoprocessors can be used to leverage physical security techniques into protecting the security of the computer system.
Chain of trust techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system's designers.
Mandatory access control can be used to ensure that privileged access is withdrawn when privileges are revoked. For example, deleting a user account should also stop any processes that are running with that user's privileges.
Capability and access control list techniques can be used to ensure privilege separation and mandatory access control.
Notable persons in computer security
Dan Geer
Bruce Schneier
Edward Felten
12. “Input-output devices”
Alphanumeric keyboards include typewriter and computer keyboards. An alphanumeric keyboard is a device with many keys (usually marked with the letters of the alphabet, the numerical digits, and various extra keys.)
After punchcards and paper tape, interaction via teletype-style keyboards became the main input device for computers. During the 1980s and 1990s almost all computers came equipped with them as the main form of interaction, and most users are familiar with using them.
There are different types of keyboard technologies.
The layout of keys on the modern-day English keyboard is called the QWERTY design, based on the most popular typewriter keyboard layout. This has been further extended to the standard 101-key PC keyboard layout, with the addition of cursor keys, a calculator-style numeric keypad, and two groups of special function keys, and keys for the Windows menu (on IBM and clones) or Apple menu (on Macintoshes). In the late 1990s, computer manufacturers, such as Dell, add keys specifically related to the Internet and e-mail, but these have not yet become standard.
There is another kind of computer keyboard known as a chorded keyboard. These are rarely used.
Despite the development of alternative input devices such as the mouse, touch sensitive screens, pen devices, character recognition, voice recognition, and improvements in computer speed and memory size, the keyboard remains the most commonly used and most versatile device used for direct human input into computers.