security

n., pl. -ties.

1. Freedom from risk or danger; safety.
2. Freedom from doubt, anxiety, or fear; confidence.
3. Something that gives or assures safety, as:
   1. A group or department of private guards: Call building security if a visitor acts suspicious.
   2. Measures adopted by a government to prevent espionage, sabotage, or attack.
   3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant.
   4. Measures adopted to prevent escape: Security in the prison is very tight.
4. Something deposited or given as assurance of the fulfillment of an obligation; a pledge.
5. One who undertakes to fulfill the obligation of another; a surety.
6. A document indicating ownership or creditorship; a stock certificate or bond.

[Middle English securite, from Old French, from Latin sēcūritās, from sēcūrus, secure. See secure.]

The process of ensuring confidentiality, integrity, and availability of computers, their programs, hardware devices, and data. Lack of security results from a failure of one of these three properties. The lack of confidentiality is unauthorized disclosure of data or unauthorized access to a computing system or a program. A failure of integrity results from unauthorized modification of data or damage to a computing system or program. A lack of availability of computing resources results in what is called denial of service.

An act or event that has the potential to cause a failure of computer security is called a threat. Some threats are effectively deflected by countermeasures called controls. Kinds of controls are physical, administrative, logical, cryptographic, legal, and ethical. Threats that are not countered by controls are called vulnerabilities.

Encryption

Encryption is a very effective technique for preserving the secrecy of computer data, and in some cases it can also be employed to ensure integrity and availability. An encrypted message is converted to a form presumed unrecognizable to unauthorized individuals. The principal advantage of encryption is that it renders interception useless. See also Cryptography.

Access control

Computer security implies that access be limited to authorized users. Therefore, techniques are required to control access and to securely identify users. Access controls are typically logical controls designed into the hardware and software of a computing system. Identification is accomplished both under program control and by using physical controls.

Typically, access within a computing system is limited by an access control matrix administered by the operating system or a processing program. All users are represented as subjects by programs executing on behalf of the users; the resources, called the objects of a computing system, consist of files, programs, devices, and other items to which users' accesses are to be controlled. The matrix specifies for each subject the objects that can be accessed and the kinds of access that are allowed.

Access control as described above relates to individual permissions. Typically, such access is called discretionary access control because the control is applied at the discretion of the object's owner or someone else with permission. With a second type of access control, called mandatory access control, each object in the system is assigned a sensitivity level, which is a rating of how serious would be the consequences if the object were lost, modified, or disclosed, and each subject is assigned a level of trust.

Access control is not necessarily as direct as just described. Unauthorized access can occur through a covert channel. One process can signal something to another by opening and closing files, creating records, causing a device to be busy, or changing the size of an object. All of these are acceptable actions, and so their use for covert communication is essentially impossible to detect, let alone prevent.

Security of programs

Computer programs are the first line of defense in computer security, since programs provide logical controls. Programs, however, are subject to error, which can affect computer security.

A computer program is correct if it meets the requirements for which it was designed. A program is complete if it meets all requirements. Finally, a program is exact if it performs only those operations specified by requirements.

Simple programmer errors are the cause of most program failures. Fortunately, the quality of software produced under rigorous design and production standards is likely to be quite high. However, a programmer who intends to create a faulty program can do so, in spite of development controls. See also Software engineering.

A salami attack is a method in which an accounting program reduces some accounts by a small amount, while increasing one other account by the sum of the amounts subtracted. The amount reduced is expected to be insignificant; yet, the net amount summed over all accounts is much larger.

Some programs have intentional trapdoors, additional undocumented entry points. If these trapdoors remain in operational systems, they can be used illicitly by the programmer or discovered accidentally by others.

A Trojan horse is an intentional program error by which a program performs some function in addition to its advertised use. For example, a program that ostensibly produces a formatted listing of stored files may write copies of those files on a second device to which a malicious programmer has access.

A program virus is a particular type of Trojan horse that is self-replicating. In addition to performing some illicit act, the program creates a copy of itself which it then embeds in other, innocent programs. Each time the innocent program is run, the attached virus code is activated as well; the virus can then replicate and spread itself to other, uninfected programs. Trojan horses and viruses can cause serious harm to computing resources, and there is no known feasible countermeasure to halt or even detect their presence.

Security of operating systems

Operating systems are the heart of computer security enforcement. They perform most access control mediation, most identification and authentication, and most assurance of data and program integrity and continuity of service.

Operating systems structured specifically for security are built in a kernelized manner, embodying the reference monitor concept. A kernelized operating system is designed in layers. The innermost layer provides direct access to the hardware facilities of the computing system and exports very primitive abstract objects to the next layer. Each successive layer builds more complex objects and exports them to the next layer. The reference monitor is effectively a gate between subjects and objects. See also Operating system.

Security of databases

Integrity is a much more encompassing issue for databases than for general applications programs, because of the shared nature of the data. Integrity has many interpretations, such as assurance that data are not inadvertently overwritten, lost, or scrambled; that data are changed only by authorized individuals; that when authorized individuals change data, they do so correctly; that if several people access data at a time, their uses will not conflict; and that if data are somehow damaged, they can be recovered.

Database systems are especially prone to inference and aggregation. Through inference, a user may be able to derive a sensitive or prohibited piece of information by deduction from nonsensitive results without accessing the sensitive information itself. Aggregation is the ability of two or more separate data items to be more (or less) sensitive together than separately. Various statistical methods make it very difficult to prevent inference, and aggregation is also extremely difficult to prevent, since users can access great volumes of data from a database over long periods of time and then correlate the data independently.

Security of networks

As computing needs expand, users interconnect computers. Network connectivity, however, increases the security risks in computing. Whereas users of one machine are protected by some physical controls, with network access, a user can easily be thousands of miles from the actual computer. Furthermore, message routing may involve many intermediate machines, called hosts, each of which is a possible point where the message can be modified or deleted, or a new message fabricated. A serious threat is the possibility of one machine's impersonating another on a network in order to be able to intercept communications passing through the impersonated machine.

The principal method for improving security of communications within a network is encryption. Messages can be encrypted link or end-to-end. With link encryption, the message is decrypted at each intermediate host and reencrypted before being transmitted to the next host. End-to-end encryption is applied by the originator of a message and removed only by the ultimate recipient.

To benefit from sharing access to computing systems that are not all located together, organizations have established virtual private networks (VPNs). These networks approach the security of a private network at costs closer to those of shared public resources. The primary security technique used is encryption.

The Internet, or any similar public network, is subject to threats to its availability, integrity, and confidentiality. A complicating feature is that there is effectively no control on transmissions over the Internet. Consequently, a system connected to the Internet is exposed to any malicious attack that any other Internet user wants to launch.

Security perimeter

A security perimeter is a logical boundary surrounding all resources that are controlled and protected. The protected resources are called a domain (or enclave or protected subnetwork). There may be overlapping domains of varying protection, so that the most sensitive resources are in the innermost domain, which is the best protected. Protecting the security perimeter may be physical controls, identification and authentication, encryption, and other forms of access control. Two controls that relate especially to the security perimeter are network vulnerability scanning and firewalls.

A network vulnerability scan is the process of determining the connectivity of the subnetwork within a security perimeter, and then testing the strength of protection at all the access points to the subnetwork. With a network domain, if a forgotten access point is not secured, its weakness can undermine the protection of the rest of the domain. A network scanner maps the connectivity of a domain, typically by probing from outside the domain, to determine what resources are visible from the outside. Once all outside connections are identified, each is tested with a range of attacks to determine the vulnerabilities to which it is susceptible and from which it needs to be better protected.

A firewall is a host that fuctions as a secured gateway between a protected enclave and the outside. The firewall controls all traffic according to a predefined access policy. For example, many firewalls are configured to allow unhindered communication outbound (from the protected domain to a destination outside the domain) but to allow only certain kinds of inbound communication. A firewall can be a separate computer, or firewall functionality can be built into the communications switch connecting the enclave to the external network.

Intrusion detection

It is most effective to eliminate vulnerabilities, but if that is not possible, it is then desirable to recognize that an attack is occuring or has occured, and take action to prevent future attacks or limit the damage from the current one. Intrusion detection can be either anomaly detection, which seeks to identify an attack by behavior that is out of the norm, or misuse detection, to identify an attack by its attempted effect on sensitive resources. Intrusion detection systems monitor a computing system in order to warn of an attack that is imminent, is under way, or has occurred.

---

noun

1. The quality or state of being safe: assurance, safeness, safety. See safety/danger.
2. Reliability in withstanding pressure, force, or stress: fastness, firmness, hardness, soundness, stability, stableness, steadiness, strength, sturdiness, sureness. See better/worse, change/persist, continue/stop/pause.
3. The act or a means of defending: defense, guard, preservation, protection, protector, safeguard, shield, ward. See attack/defend.
4. Something given to guarantee the repayment of a loan or the fulfillment of an obligation: earnest², guaranty, pawn¹, pledge, token, warrant. See transactions.

Idioms beginning with security:
security blanket

In addition to the idiom beginning with security, also see lull into (false sense of security).

---

n

Definition: peace of mind
Antonyms: insecurity, uncertainty, worry

n

Definition: safety, protection
Antonyms: danger, insecurity, peril, trouble, vulnerability

---

For more information on security, visit Britannica.com.

This entry contains information applicable to United States law only.

Protection; assurance; indem- nification.

The term security is usually applied to a deposit, lien, or mortgage voluntarily given by a debtor to a creditor to guarantee payment of a debt. Security furnishes the creditor with a resource to be sold or possessed in case of the debtor's failure to meet his or her financial obligation. In addition, a person who becomes a surety for another is sometimes referred to as a "security."

(DOD) 1. Measures taken by a military unit, activity, or installation to protect itself against all acts designed to, or which may, impair its effectiveness. 2. A condition that results from the establishment and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences. 3. With respect to classified matter, the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of national security. See also national security.

IN BRIEF: The condition of being safe; the condition of having enough money.

The thirst of soul is sweeter than the wine of material things, and the fear of spirit is dearer than the security of the body. — Kahlil Gibran (1883-1931), Lebanese poet.

Quotes:

"Security... it's simply the recognition that changes will take place and the knowledge that you're willing to deal with whatever happens." - Harry Browne

"When you know that you're capable of dealing with whatever comes, you have the only security the world has to offer." - Harry Browne

"Too many people are thinking of security instead of opportunity. They seem more afraid of life than death." - James F. Byrnes

"Without a measureless and perpetual uncertainty, the drama of human life would be destroyed." - Winston Churchill

"Security represents your sense of worth, your identity, your emotional anchorage, your self-esteem, your basic personal strength or lack of it." - Stephen R. Covey

"I don't want expensive gifts; I don't want to be bought. I have everything I want. I just want someone to be there for me, to make me feel safe and secure." - Princess of Wales Diana

See more famous quotes about Security

This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)

Dansk (Danish)
n. - sikkerhed, tryghed, kaution, dækning, sikring, sikkerhedsforanstaltninger

idioms:

• on security of    mod sikkerhed i
• security blanket    nyhedstæppe, "mørklægning"
• Security Council    sikkerhedsrådet i FN
• security risk    sikkerhedsrisiko

Nederlands (Dutch)
zekerheid, veiligheidsdienst, geborgenheid, waarborg, waardepapier, obligatie, beveiliging, veiligheid

Français (French)
n. - sécurité, service de sécurité, garantie, (Fin) valeur (boursière), titre

idioms:

• on security of    sous la garantie de
• security blanket    (Psych) doudou, objet transitionnel
• Security Council    Conseil de Sécurité
• security risk    danger pour la sécurité

Deutsch (German)
n. - Sicherheit, Wertpapier, Garantie, Pfand

idioms:

• on security of    aufgrund einer Sicherheit (ein Darlehen bekommen)
• security blanket    Sicherheitsdecke, offiz. Informationsverbot aufgrund der Staatssicherheit
• Security Council    Sicherheitsrat
• security risk    Sicherheitsrisiko

Ελληνική (Greek)
n. - ασφάλεια, ασφάλιση, (νομ.) εγγύηση, εχέγγυο, (οικον.) αξιόγραφο, τίτλος, χρεόγραφο, διαβάθμιση εγγράφου

idioms:

• on security of    με εγγύηση
• security blanket    απαγόρευση δημοσιοποίησης απορρήτων, ψυχολογική στήριξη, ασφάλεια (όπως η κουβέρτα νηπίου)
• Security Council    Συμβούλιο Ασφαλείας (του ΟΗΕ)
• security risk    πιθανός κίνδυνος για την ασφάλεια, ύποπτος διαρροής πληροφοριών

Italiano (Italian)
titoli, sicurezza, titolo, cauzione, garanzia, protezione

idioms:

• on security of    usato come garanzia
• security blanket    censura
• Security Council    consiglio di sicurezza
• security risk    persona rappresentante un rischio alla sicurezza

Português (Portuguese)
n. - segurança (f), estabilidade (f), garantia (f)

idioms:

• on security of    na segurança de
• security blanket    cobertor ou fralda que a criança segura para se sentir bem
• Security Council    Conselho de Segurança
• security risk    pessoa não confiável para certas missões

Русский (Russian)
безопасность, чувство безопасности, защита, охранение, боевое обеспечение, гарантия/залог, ценные бумаги

idioms:

• on security of    под обеспечение, под гарантию
• security blanket    любой знакомый предмет, создающий чувство уверенности, офциальное требование сохранения полной секретности
• Security Council    Совет Безопасности (ООН)
• security risk    неблагонадежный человек, подозрительная личность

Español (Spanish)
n. - valores, títulos, seguridad, obligación, bono, fianza, garantía, prenda, fiador, protección, defensa, salvaguarda, servicio de seguridad

idioms:

• on security of    sobre fianza, con garantía
• security blanket    sanción oficial sobre información en el interés de la seguridad, frazada u objeto similar para tranquilizar a los niños
• Security Council    Consejo de Seguridad (de la ONU)
• security risk    peligro para la seguridad

Svenska (Swedish)
n. - säkerhet, trygghet, trygghetskänsla, skydd, borgen, värdepapper, självsäkerhet

中文（简体）(Chinese (Simplified))
安全, 安全感, 防护, 防御, 防备, 保安, 保证

idioms:

• on security of    以...担保
• security blanket    安全毯, 给小孩抓摸以消除紧张, 带给人安全感的熟悉物体
• Security Council    安全理事会
• security risk    不可靠人物

中文（繁體）(Chinese (Traditional))
n. - 安全, 安全感, 防護, 防禦, 防備, 保安, 保證

idioms:

• on security of    以...擔保
• security blanket    安全毯, 給小孩抓摸以消除緊張, 帶給人安全感的熟悉物體
• Security Council    安全理事會
• security risk    不可靠人物

한국어 (Korean)
n. - 안전, 방심, 담보

日本語 (Japanese)
n. - 安全, 安心, 安全確保, 防護物, 保証, 担保, 機密保護, 防衛
adj. - 安全保障の

idioms:

• on security of    担保にして
• security blanket    お守り毛布, 安全を保障するもの, お守り
• Security Council    安全保障理事会
• security risk    危険人物

العربيه (Arabic)
‏(الاسم) طمأنينه, سلام, أمن‏

עברית (Hebrew)
n. - ‮ביטחון, הגנה, אבטחה, בטיחות, עירבון, משכון, ערובה, ניירות-ערך, אגרות חוב‬

If you are unable to view some languages clearly, click here.

To select your translation preferences click here.

security	Home Security
Security Camera	Security Gates