Security approaches

i.Trusted Systems:

It is a computer system that can be trusted to a specified extent to enforce a specified security policy.We are showing interest in military.In this often use the term reference monitor. Expectations from the Reference monitor is  It should be tampered-proof  It should always be invoked  It should be small enough so that it can be independently tested. In 1983,They are introduced (Trusted Computer System Evaluation Criteria(TCSEC)-Issued by National Security Agency set by evaluation classes). ->To reduce size of trusted computing base(TCB)-It is a combination of software,hardware,firmware responsible for enforcing the system`s security policy.

ii.Security Models:

The Various methods of security models are implemented below.  No Security:The approach could be implemented no security at all.  Security through obscurity:it is secure by not revealing existence and contents to any person.  Host Security:The security is provided on each and every host separately.it is a safe approach but the trouble is that it cannot scale well.  Network Security:It is mainly focusedis to control network access to various hosts and their services rather than individual host security.

iii.Security Management Principles:

It contains 4 key aspects.

•  Affordability:Cost and effort in security Implementation
•  Functionality:what mechanisms are used for security implementation.
•  Cultural Issues:policy well with people expectations working styles and beliefs
•  Legality:it meets the legal requirements or not.
Explanation,outline,communications,accountability,expectations and periodic reviews