In This Chapter
Taking a look at computer architecture, including hardware, firmware, and software
Reviewing basic security architecture concepts
Taking account of access control models
Understanding evaluation criteria and certification/accreditation
Whereas Chapters 5 and 7 address network and applications development security, respectively, the primary focus of this chapter is systems security. The system comprises all the guts of a computer system, both literally and figuratively.
We also discuss security models in this chapter; security models apply to the inner workings of individual computers, but also to large networks consisting of hundreds or even thousands of computers. Security models are abstract by nature, and they can even be applied to embedded systems, which are small enough to fit on the head of a pin, as well as large systems like the global Internet.
In this chapter, we discuss basic computer architecture (if you’re already CompTIA A+ certified, this will be a simple, quick review), security architectures (including important concepts like the Trusted Computing Base [TCB], open and closed systems, and security modes), access control models, evaluation criteria, and certification and accreditation.