What Does Security Mean?

Human beings understand well what security means in real world. First and foremost it means one's physical security from any harm. It further means security of one's property, so it does not get stolen or damaged.

In a broader sense, the following is a list of some requirements in real world:

  • One's physical security from any harm (e.g., being hurt, feeling scared)
  • Security of one's property from theft, damage, misuse (e.g., what if someone uses my house to throw water balloons on others) or trespassing
  • Verifiable identities of all persons that matter to oneself (bank tellers, police officers, friends)
  • Ability to minimize or eliminate unwanted interactions (e.g., solicitation phone calls, begging, asking for petition signatures)
  • Ability to freely move and engage in activities (e.g., visit a favorite park or restaurant, take a fast road into the city)

Notice that some of these requirements relate to one's safety and others relate to convenience, i.e. we both want to be safe and to go about our business with minimal distraction from others.

In computing and networking one can find the similar cobmination of security requirements that blend the need for safety with the need for uninterupted operation. Making a parallel with physical security requirements, in the Internet I may want:

  • Physical security of my machine (my machine will not be broken into)
  • Security of my data from theft, damage
  • My machine will not be misused to harm others (e.g., DDoS, phishing)
  • My machine, its programs and any physical devices it may control will behave as I expect them to
  • I will be able to verify identity of remote machines/institutions, origin of remote data
  • I will not waste time nor machine/network resources on unwanted tasks (spam, phishing, DDoS)
  • I will be able to communicate to any chosen server at any time, barring accidental networking/server failures

Computer vs Network Security

Many people have heard about computer security (e.g., security from intrusion, viruses, worms, etc.) How does it relate to network security? Computer security aims to protect a single machine and data residing on it. Networking goal is to enable communication between any pair of machines, in any scenario. Thus the goal of network security is to protect this communication and all participants. The focus of network security is thus on threats that require network access to be perpetrated.

Robustness or Fault Tolerance

Another issue that often arises is whether security means robustness (e.g., no one can break into my computer), or fault-tolerance (e.g., fast detection of intrusions and patching). In real world security is achieved by combining techniques that achieve robustness and fault-tolerance. Known and distinct threats should be prevented, while new and stealthy threats should be quickly detected and handled.

Questions & Comments: Prof. Mirkovic at USC-ISI (sunshine at isi.edu)