Systems Security
students, imagine your phone, school portal, and bank app all stored on one huge network. 📱💻 If just one weak password or one careless click can let an attacker in, then the whole system can be at risk. Systems security is about protecting computer systems, data, and users from unauthorized access, damage, theft, and disruption. In IB Computer Science SL, this topic sits inside System Fundamentals because a computer system is not just hardware and software—it also includes people, data, and procedures.
Why Systems Security Matters
A secure system keeps information confidential, accurate, and available. These three goals are often called the CIA triad:
- Confidentiality means only authorized users can access data.
- Integrity means data stays correct and unaltered unless changes are allowed.
- Availability means systems and data are accessible when needed.
For example, a school database should let teachers view grades, but not allow random users to edit them. If the network is down during exam registration, availability has failed. If grades are changed without permission, integrity has failed. If a hacker reads private student records, confidentiality has failed.
Systems security is also important because many attacks target people, not just machines. A user might be tricked into giving away a password, clicking a fake link, or downloading malware. This means security is not only a technical problem; it also involves user behaviour, training, and policy.
Common Threats and Attack Methods
students, to understand systems security, you need to know the main threats. A threat is anything that can cause harm to a system. A vulnerability is a weakness that could be exploited. An attack is the action that uses the weakness to cause harm.
Some common threats include:
- Malware: malicious software such as viruses, worms, trojans, ransomware, spyware, and adware.
- Phishing: fake messages or websites designed to steal passwords or personal information.
- Brute force attacks: repeated password guessing until the correct one is found.
- Denial of service attacks: flooding a system with requests so real users cannot access it.
- Social engineering: manipulating people into revealing information or performing unsafe actions.
- Insider threats: misuse of access by someone inside the organization.
A virus attaches itself to other files or programs and spreads when they are run. A worm can spread across networks without needing a host file. A trojan looks useful but contains hidden harmful code. Ransomware encrypts files and demands payment for the key. These examples show why security needs multiple layers, not just one protection method.
Real-world example: if a student receives an email claiming to be from the IT department and the message asks for their login details, that is likely phishing. A safe response is to check the sender carefully, avoid clicking suspicious links, and report the message through the proper school channel.
Authentication, Authorization, and Access Control
A secure system must know who a user is and what that user is allowed to do. These ideas are central to Systems Security.
- Authentication confirms identity.
- Authorization determines permissions after identity is confirmed.
- Access control enforces those permissions.
Passwords are a common authentication method, but strong security often uses more than one factor. Multi-factor authentication combines something the user knows, such as a password, with something the user has, such as a phone code, or something the user is, such as a fingerprint.
Passwords should be long and hard to guess. A longer password is generally stronger because the number of possible combinations grows very quickly. For example, a password made from random words is harder to crack than a short password like 123456.
Authorization can follow different models. In a school system, a student account might allow viewing timetable information but not changing grades. A teacher account might allow editing class records. A system administrator may have broader access to manage accounts and backups. This is called the principle of least privilege: give users only the access they need to do their job.
Access control lists and role-based access control help enforce this principle. In role-based access control, permissions are assigned to roles instead of individual users. This is efficient in large organizations because many users can share the same role.
Protecting Data: Encryption, Backups, and Integrity Checks
Data security is a major part of systems security. One important method is encryption, which transforms readable data into unreadable ciphertext using an algorithm and key. Only someone with the correct key can decrypt it back into readable form.
Encryption protects data in two main situations:
- Data in transit, such as messages sent over a network
- Data at rest, such as files stored on a device or server
For example, when students uses an online store, encryption helps protect card details while they travel across the internet. This is one reason secure websites use HTTPS.
Backups are another essential protection. A backup is a copy of data stored separately from the original. If files are deleted, corrupted, or encrypted by ransomware, the organization can restore the backup. Good backup practice includes making backups regularly, keeping multiple copies, and storing at least one copy off-site or offline.
Integrity checks help detect whether data has been changed. A hash function can create a fixed-length value from data. If the file changes even a little, the hash value changes. This helps verify that a download or message has not been altered. Checksums and digital signatures are also used to confirm data integrity and authenticity.
Defending Systems with Software and Procedures
Security depends on both tools and rules. Common technical defenses include firewalls, antivirus software, user permissions, and patch management.
A firewall filters network traffic based on rules. It can block suspicious connections and allow safe ones. Antivirus software scans files and processes for known malware signatures or suspicious behaviour. However, no antivirus tool can catch every threat, so safe user behaviour is still needed.
Patch management means keeping software updated to fix vulnerabilities. Attackers often exploit outdated software because known weaknesses may already be public. Installing updates reduces this risk.
Good procedures matter too. Organizations may require:
- Strong password policies
- Regular security training
- Secure disposal of old hardware
- Incident response plans
- Controlled physical access to servers and devices
Physical security is part of systems security as well. A locked server room, ID cards, CCTV, and visitor logs can stop unauthorized people from touching important equipment. A thief who steals an unlocked laptop may gain access to sensitive files, even if the network defences are strong.
Applying IB Reasoning to a Security Scenario
students, IB Computer Science often asks you to apply knowledge to a situation, not just define terms. Let’s use a school scenario.
A school stores student records on a server. Teachers need access to grades, students need access to their own timetable, and administrators need full control. The system also stores personal data such as addresses and medical notes.
To protect this system, the school could use:
- Authentication with strong passwords and multi-factor authentication
- Role-based authorization so users only see what they need
- Encryption for stored records and network traffic
- Backups in case of data loss or ransomware
- Antivirus and firewalls to block malware and suspicious traffic
- Staff training to reduce phishing and social engineering risks
- Physical security for the server room and backup devices
Now think like an IB student. If a question asks why encryption is useful, you should explain that it protects confidentiality because intercepted data cannot be easily read. If a question asks about backups, you should mention availability and recovery after data loss. If a question asks about least privilege, you should connect it to reducing the impact of compromised accounts.
This shows how systems security is connected to the broader System Fundamentals topic. Hardware, software, networks, users, and data all work together, so one weak point can affect the whole system.
Conclusion
Systems security protects the confidentiality, integrity, and availability of information and services. It uses technical measures such as encryption, firewalls, antivirus software, and backups, along with human and organizational measures such as training, access control, and security procedures. In IB Computer Science SL, students should be able to identify threats, explain defences, and apply security ideas to real situations. Security is not a separate extra feature; it is built into every part of a modern computer system. 🔐
Study Notes
- Systems security protects systems from unauthorized access, damage, theft, and disruption.
- The CIA triad stands for confidentiality, integrity, and availability.
- Threats include malware, phishing, brute force attacks, denial of service attacks, social engineering, and insider threats.
- A vulnerability is a weakness; an attack exploits that weakness.
- Authentication confirms identity; authorization decides permissions; access control enforces permissions.
- Multi-factor authentication improves security by using more than one proof of identity.
- The principle of least privilege gives users only the access they need.
- Encryption protects data in transit and data at rest.
- Backups help restore data after loss, corruption, or ransomware.
- Hashing and checksums help check data integrity.
- Firewalls, antivirus software, patch management, and training are important defenses.
- Physical security is also part of systems security.
- Systems security fits into System Fundamentals because it affects hardware, software, data, networks, users, and procedures.