Professional Documents
Culture Documents
Types of Threats
Interception Interruption Modification Fabrication
Security Mechanisms
Encryption Authentication Authorization Auditing
a) b)
c)
Three approaches for protection against security threats Protection of data against invalid operations : Data Integrity and constraints. Protection against unauthorized invocations (access controls on object interface / implementation). Granualities of Access Control Protection against unauthorized users. User roles
A system is either secure or not. Whether a client considers a system secure ? Trust based. How secure services are in a layer ?