Computer security can be viewed as a set of mechanisms that protect computer systems from unauthorized access, theft, damage and disruption of the services they provide. It includes protection from both internal and external threats. Internal threats can be flaws in a software program or operating system. External threats are unauthorized access or human error. Much of computer security is based on the principle of separation which states that one thing cannot affect another if they are suitably separated. The main mechanisms for achieving separation are physical, temporal, logical and cryptographic. Each of these four basic techniques is in widespread use today and security by separation is one of the fundamental principles of computer security.
From an implementation standpoint, however, computer security is usually attained by a suitable set of mechanisms to provide confidentiality, integrity and availability of systems and data.
Confidentiality: is the principle that information is not disclosed unless intended. One of the primary techniques to achieve confidentiality is through the use of cryptography. Cryptographic techniques involve scrambling information so it becomes unreadable by anyone who does not possess the encryption key.
Integrity: is assuring the accuracy and completeness of data over its entire life cycle. This means that data cannot be modified in an unauthorized or undetected manner. The mechanism to ensure integrity often involves the use of a hash function, a one-way mathematical function that provides a digital signature of the data to be protected.
Availability: For any information system to serve its purpose the stored data must be available when it is needed. High availability systems are designed to remain available at all times avoiding service disruptions due to power outages, hardware failures and system upgrades. Ensuring availability also includes the ability to handle denial-of-service attacks which send a flood of messages to a target system in an attempt to shut it down or block access.