Computer security software
|This article is part of a series on|
|Related security categories|
Types of Software to Secure Computers or Data
Below follow a series of software patterns and groups from the perspective of a host system interacting with users and attempting to secure itself or its assets against their interactions.
The primary purpose of these types of systems is to restrict and often to completely prevent access to computers or data except to a very limited set of users. The theory is often that if a key, credential, or token is unavailable then access should be impossible. A physical comparison is often made to a fortress or armor or jamming. A shell that even if abandoned would still present a significant challenge for computer access. This often involves taking valuable information and then either reducing it to apparent noise or hiding it within another source of information in such a way that it is unrecoverable.
Isolate / Regulate Access
The purpose of these types of systems is usually to restrict access to computers or data while still allowing interaction. Often this involves monitoring or checking credential, separating systems from access and view based on importance, and quarantining or isolating perceived dangers. A physical comparison is often made to a shield. A form of protection who's use is heavily dependent on the system owners preferences and perceived threats. Large numbers of users may be allowed relatively low-level access with limited security checks, yet significant opposition will then be applied toward users attempting to move toward critical areas.
The purpose of these types of software systems is to monitor access to computers systems and data while reporting or logging the behavior. Often this is composed of large quantities of low priority data records / logs, coupled with high priority notices for unusual or suspicious behavior. A physical comparison to eyes, goggles, scanning, or spying is often made. Observe user behavior, often with the secondary goal of remaining hidden themselves.
- Diagnostic program
- Intrusion detection system (IDS)
- Intrusion prevention system (IPS)
- Log management software
- Records Management
- Security information management
- Security event management
Remove Programs or Malicious Code
The purpose of these types of software is to remove malicious or harmful forms of software that may compromise the security of a computer system. These types of software are often closely linked with software for computer regulation and monitoring. A physical comparison to a doctor, scrubbing, or cleaning ideas is often made, usually with an "anti-" style naming scheme related to a particular threat type. Threats and unusual behavior are identified by a system such as a firewall or an intrusion detection system, and then the following types of software are used to remove them. These types of software often require extensive research into their potential foes to achieve complete success, similar to the way that complete eradication of bacteria or viral threats does in the physical world. Occasionally this also represents defeating an attackers encryption, such as in the case of data tracing, or hardened threat removal.
- Anti-subversion software
- Anti-tamper software
- Antivirus software
Software Run on Computers to Secure Other Systems
These types of software are programs run on computers that are primarily intended to secure systems other than themselves. This is usually achieved by providing interactions with physical world systems or by evaluating data that may not be "directly" related to computer security.
|This security software article is a stub. You can help Wikipedia by expanding it.|