Computer security is a branch of technology known as information security as applied to computers. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy. Information assurance discusses a related topic - how "sure" someone can be that the data stored on automations equipment (such as a computer or server) has not been maliciously tampered with or read by untrusted third parties (i.e. a hacker).
Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do. This makes computer security particularly challenging because we find it hard enough just to make computer programs do everything they are designed to do correctly. Furthermore, negative requirements are deceptively complicated to satisfy and require exhaustive testing to verify, which is impractical for most computer programs. Computer security provides a technical strategy to convert negative requirements to positive enforceable rules. For this reason, computer security is often more technical and mathematical than some computer science fields.
Typical approaches to improving computer security (in approximate order of strength) can include the following:
- Physically limit access to computers to only those who will not compromise security.
- Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security.
- Operating system mechanisms that impose rules on programs to avoid trusting computer programs.
- Programming strategies to make computer programs dependable and resist subversion.