Nothing Special   »   [go: up one dir, main page]
Scribd Logo
Upload

Welcome to Scribd!

  • 21 views

    Chapter

    Uploaded by

    mohamed altom
    This document discusses network security and defines key terms like computer security, network security, and internet security. It outlines three aspects of information security - security attacks, security mechanisms, and security services. Some common security attacks are discussed like interruption, interception, modification, and fabrication attacks. The three primary security goals are also defined - confidentiality, integrity, and availability. Recommended security mechanisms and methods of defense are described. The document also discusses internet standards, the RFC publication process, and recommends some books for further reading on security topics.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd

    Chapter

    Uploaded by

    mohamed altom
    21 views19 pages
    This document discusses network security and defines key terms like computer security, network security, and internet security. It outlines three aspects of information security - security attacks, security mechanisms, and security services. Some common security attacks are discussed like interruption, interception, modification, and fabrication attacks. The three primary security goals are also defined - confidentiality, integrity, and availability. Recommended security mechanisms and methods of defense are described. The document also discusses internet standards, the RFC publication process, and recommends some books for further reading on security topics.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document discusses network security and defines key terms like computer security, network security, and internet security. It outlines three aspects of information security - security attacks, security mechanisms, and security services. Some common security attacks are discussed like interruption, interception, modification, and fabrication attacks. The three primary security goals are also defined - confidentiality, integrity, and availability. Recommended security mechanisms and methods of defense are described. The document also discusses internet standards, the RFC publication process, and recommends some books for further reading on security topics.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    21 views19 pages

    Chapter

    Uploaded by

    mohamed altom
    This document discusses network security and defines key terms like computer security, network security, and internet security. It outlines three aspects of information security - security attacks, security mechanisms, and security services. Some common security attacks are discussed like interruption, interception, modification, and fabrication attacks. The three primary security goals are also defined - confidentiality, integrity, and availability. Recommended security mechanisms and methods of defense are described. The document also discusses internet standards, the RFC publication process, and recommends some books for further reading on security topics.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    of 19

    Network Security

    1
    2
    Definitions
    • Computer Security
    – Generic name for the collection of tools
    designed to protect data and to thwart
    hackers
    • Network Security
    – Measures to protect data during their
    transmission
    • Internet Security (our focus!)
    – Measures to protect data during their
    transmission over a collection of
    interconnected networks
    3
    3 Aspects of Info Security
    • Security Attack
    – Any action that compromises the security of
    information.
    • Security Mechanism
    – A mechanism that is designed to detect, prevent, or
    recover from a security attack.
    • Security Service
    – A service that enhances the security of data
    processing systems and information transfers.
    • Makes use of one or more security mechanisms.

    4
    Security Attacks
    • Threat & attack
    – Often used equivalently
    • There are a wide range of attacks
    – Two generic types of attacks
    • Passive

    • Active

    5
    Security Attack Classification

    6
    Security Attacks
    • Interruption: This is an attack on
    availability
    • Interception: This is an attack on
    confidentiality
    • Modification: This is an attack on
    integrity
    • Fabrication: This is an attack on
    authenticity
    7
    3 Primary Security Goals

    Fundamental security objectives for both data and


    information/computing services
    8
    Security Services
    X.800
    – A service provided by a protocol layer of communicating open systems,
    which ensures adequate security of the systems or of data transfers
    • Confidentiality (privacy)
    • Authentication (who created or sent the data)
    • Integrity (has not been altered)
    • Non-repudiation (the order is final)
    • Access control (prevent misuse of resources)
    • Availability (permanence, non-erasure)
    – Denial of Service Attacks
    – Virus that deletes files

    9
    Security Mechanism
    • Features designed to detect, prevent, or
    recover from a security attack
    • No single mechanism that will support all
    services required
    • One particular element underlies many of
    the security mechanisms in use:
    – Cryptographic techniques
    – Hence we will focus on this topic first

    10
    Security Mechanisms (X.800)
    • Specific security mechanisms:
    – Encipherment, digital signatures, access controls,
    data integrity, authentication exchange, traffic
    padding, routing control, notarization

    11
    Model for Network Security

    12
    Model for Network Security
    Using this model requires us to:
    1. design a suitable algorithm for the security
    transformation (message de/encryption)
    2. generate the secret information (keys) used by
    the algorithm
    3. develop methods to distribute and share the
    secret information (keys)
    4. specify a protocol enabling the principals to
    use the transformation and secret information
    for a security service (e.g. ssh)
    13
    Model for Network Access Security

    14
    Model for Network Access Security
    Using this model requires us to implement:
    1. Authentication
     select appropriate gatekeeper functions to identify
    users
    2. Authorization
     implement security controls to ensure only
    authorized users access designated information or
    resources
    Trusted computer systems may be useful
    to help implement this model
    15
    Methods of Defense
    • Encryption
    • Software Controls
    – Limit access in a database or in operating systems
    – Protect each user from other users
    • Hardware Controls
    – Smartcard (ICC, used for digital signature and
    secure identification)
    • Policies
    – Frequent changes of passwords
    – Recent study shows controversial arguments
    • Physical Controls
    16
    Internet standards and RFCs
    • Three organizations in the Internet
    society
    – Internet Architecture Board (IAB)
    • Defining overall Internet architecture
    • Providing guidance to IETF
    – Internet Engineering Task Force (IETF)
    • Actual development of protocols and standards
    – Internet Engineering Steering Group (IESG)
    • Technical management of IETF activities and
    Internet standards process
    17
    Internet RFC Publication
    Standardization Process

    18
    Recommended Reading
    • Pfleeger, C. Security in Computing.
    Prentice Hall, 1997.

    • Mel, H.X. Baker, D. Cryptography


    Decrypted. Addison Wesley, 2001.

    19

    You might also like