A secure system accomplishes its task with no unintended side effects. Using the analogy of a house to represent the system, you decide to carve out a piece of your front door to give your pets’ easy access to the outdoors. However, the hole is too large, giving access to burglars. You have created an unintended implication and therefore, an insecure system.
While security features do not guarantee a secure system, they are necessary to build a secure system. Security features have four categories:
• Authentication: Verifies who you say you are. It enforces that you are the only one allowed to logon to your Internet banking account.
• Authorization: Allows only you to manipulate your resources in specific ways. This prevents you from increasing the balance of your account or deleting a bill.
• Encryption: Deals with information hiding. It ensures you cannot spy on others during Internet banking transactions.
• Auditing: Keeps a record of operations. Merchants use auditing to prove that you bought specific merchandise.