Professional Documents
Culture Documents
Lecture 1
Introduction to Network Security
secure
availability
integrity
provide service
Lazy Middle Man
a peer that does part of the work but
never whole
Inject faults
V.E.S.I.T_M.C.A Nishi Tiku 9
Security Policies for Networks
In a secure system, the rules governing
security behaviour should be made explicit in
the form of an Information Security Policy.
Security policy: ‘the set of criteria for the
provision of security services’
essentially, a set of rules
Threats
vulnerabilities
V.E.S.I.T_M.C.A Nishi Tiku 12
Security Threats for Networks
A threat is:
a person, thing, event or idea which poses some
danger to an asset (in terms of confidentiality,
integrity, availability or legitimate use).
a possible means by which a security policy may be
breached.
An attack is a realization of a threat.
Safeguards are measures (e.g. controls,
procedures) to protect against threats.
Vulnerabilities are weaknesses in safeguards.
?
V.E.S.I.T_M.C.A Nishi Tiku 19
Desirable Security Properties
Authenticity
Confidentiality
Integrity
Availability
Non-repudiation
Freshness
Access control
Privacy of collected information
Integrity of routing and DNS infrastructure
network
resource,
execution of a processing resource.
network
V.E.S.I.T_M.C.A Nishi Tiku 23
Data Integrity (five types)
network
V.E.S.I.T_M.C.A Nishi Tiku 24
Non-repudiation
Protects against a sender of data denying that
data was sent (non-repudiation of origin).
Protects against a receiver of data denying that
data was received (non-repudiation of
delivery).
Example: analogous to signing a letter and
sending via recorded delivery.
Example: signatures in S/MIME secure e-mail
system
to particular services.
Broad classification
Encryption
Authentication
Authorization
Auditing
authentication services,
use of Encipherment to help provide non-
Firewalls,
Systems Implementations intrusion
detection…
SSL, IPSec,
Blueprint Protocols and policies access control…
s