Welcome to the Microsoft Encyclopedia of Security, a general survey of computer security concepts, technologies, and tools. This work is intended to be a comprehensive, accurate, and up-to-date resource for students and practitioners, for policy and decision makers, for system and network administrators, and anyone else who works with computer, network, and information systems security. What Is Computer Security?
Before we outline the scope of this work, let’s begin with a simple question that has a surprisingly broad answer: What is computer security? We’ll consider this question from seven different perspectives.
Threats and Vulnerabilities
Perhaps the most visible aspect of computer security today is the constant media attention surrounding vulnerabilities in software and the proliferation of viruses and other threats on the Internet. So one way of answering our question is that computer security is the science (and art) of dealing with threats and vulnerabilities.
Vulnerabilities generally arise from coding errors or bugs in software systems. This is not always the result of poor quality control of code development but instead is due to the ingenuity of hackers (good and bad) who explore and tinker with products looking for ways to circumvent security controls or simply see “what if” when unusual conditions or data arise. Some of the common vulnerabilities affecting software systems include ...