Professional Documents
Culture Documents
Describe Security attacks are classified as either passive attacks, which include unauthorized
reading of a message of file and traffic analysis or active attacks, such as modification of messages or
files, and denial of service.
Identify security mechanism is any process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption
algorithms, digital signatures, and authentication protocols.
Security Services include authentication, access control, data confidentiality, data integrity,
nonrepudiation, and availability.
Network Security
Network Security is consists of the provisions and policies adopted
by the network administrator to prevent and monitor unauthorized
access, misuse, modification, or denial of the computer network and
network-accessible resources or Network Security: A study to
prevent unauthorized access to data of a network resources
Computer security
The protection afforded to an computerized information
system in order to attain the applicable objectives of
preserving the integrity, availability, and confidentiality
of information system resources (includes hardware,
software, firmware, information/ data, and
telecommunications).
Computer security continue..
We use three levels of impact on organizations or individuals should
there be a breach of security (i.e., a loss of confidentiality, integrity, or
availability)
Low: The loss could be expected to have a limited harmful effect on
organizational operations, organizational assets, or individuals.
Moderate: The loss could be expected to have a serious harmful effect on
organizational operations, organizational assets, or individuals.
High: The loss could be expected to have a severe or catastrophic adverse effect
on organizational operations, organizational assets, or individuals.
The Challenges of Computer Security
Computer and network security is essentially a battle of wits between a
perpetrator(criminal) who tries to find holes and the designer or administrator
who tries to close them.
There is a natural tendency on the part of users and system managers to
perceive little benefit from security investment until a security failure occurs.
Security requires regular, even constant, monitoring, and this is difficult in
today’s short-term, overloaded environment.
Security is still too often an afterthought to be incorporated into a system
after the design is complete rather than being an integral part of the design
process.
Many users and even security administrators view strong security as an
impediment to efficient and user-friendly operation of an information system
or use of information.
Two Main reasons why security has became
more important
The hacking and attack tools have become more and more
dangerous, where an attack can cause serious financial damage
to a company
7
How to control Network Security
8
OSI SECURITY ARCHITECTURE
OSI security Architecture is a framework that provide a systematic way
of defining the requirement for security and characterizing the
approaches to satisfying those requirements. And it focuses on security
attacks, mechanisms, and services.
Security attack: Any actions that compromises the security of
information owned by an organization (or a person)
Security mechanism: a mechanism that is designed to detect, prevent,
or recover from a security attack
Security service: a service that enhances the security of the data
processing systems and the information transfers of an organization.
The services make use of one or more security mechanisms to
provide the service
Security attacks
Passive attack: aims to learn or make use of information from
the system but does not affect system resources.
Active attack: attempts to alter system resources or affect their
operation
Passive Attack
Active attack
Security Services
Security service is a service which ensures
adequate security of the systems or of data
transfers.
Authentication
Access Control
Nonrepudiation
Integrity
Availability
Confidentiality
13
Authentication Services
Authentication: service is concerning with assuring that a
communication is authentic(reliable):
The recipient of the message should be sure that the
message came from the source that it claims to be
All communicating parties should be sure that the
connection is not interfered with by unauthorized party.
Example: consider a person, using online banking
service. Both the user and the bank should be assured in
identities of each other
14
Access control Service
This service controls
who can have access to a resource;
under what conditions access can occur;
what those accessing are allowing to do.
Example: in online banking a user may be allowed
to see his balance, but not allowed to make any
transactions for some of his accounts
Nonrepudiation Service
16
Integrity, Availability and
Confidentiality
Integrity: Validating that information was not changed
(verifying that the information that was received has not been
modified or tampered with)