Intelligence is the set of activities to obtain information in the economic, labor, commercial, financial, military, personal, family, and social fields, among others, of an objective human organization (cooperative or adversary), turning it into knowledge (a useful report for leaders decide on a course of action), with the goal of causing harm or taking precautionary measures. Counterintelligence is protecting yourself from these activities.
Since computer security is the protection of the assets of a computer system where it shields against deliberate threats from adversery agents. On the contrary, computer safety shields against accidents, mishaps and external organizationl disasters. We consider cybersecurity a Intelligence subfield and computer safesty a reliability engineering**.**
Computer security analyzes computer-based systems, which comprise hardware, software, product vendors, algorithms, programs, interfaces, software processes, databases, communication protocols, and designs. The goal is to identify their vulnerabilities and associated threats to prevent incidents by implementing control activities.
A vulnerability refers to a weakness in the system, while a threat is the condition that can exploit that vulnerability. An incident occurs when someone takes advantage of the vulnerability using the threat. Control activities are policies, mechanisms and an extra system design considerations taken to prevent and respond to such incidents. TODO: Zero day, known, unknown, apt,.
Availability, integrity, confidentiality, authentication, nonrepudation (or accountability), auditability measure the security of the system because they enable us to measure the value of information that parties share to each other.
Confidentiality, Integrity and Availability ensure that an asset can be viewed, modified, or used only by authorized parties, respectively [AND73]. These properties together form the Security Triad or CIA triad. ISO 7498-2 added authentication and nonrepudiation. The former confirms the identity of a sender, while the latter ensures that a sender cannot convincingly dispute their authorship. The U.S. Department of Defense added auditability. It traces all actions related to some interesed asset.
Contrary to the concepts of security, fabrication, interception, modification, and interruption are considered harmful actions. A fabrication attack introduces illegitimate information into the system, while an interception attack gains access to confidential information. An interruption attack degrades a system or renders it unavailable for legitimate use. A modification attack threatens the integrity of the information.
Physical security
Alice and Bob
Terrorists, hackers, criminal-for-hire, individuals, governments, organized crime members, loosely connected group.
Geopolitics
https://www.youtube.com/watch?v=k_zz3239DA0&ab_channel=JohnnyHarris