Add to collection(s) Add to saved
  1. Science
  2. Astronomy
  3. Particle Physics

ppt - IT352 : Network Security

advertisement 
IT 352 : Lecture 2part1
Review security basic concepts
Najwa AlGhamdi , MSc – 2012 /1433
Outline
•
•
•
•
•
Computer Security Concept
Aspects of Security
Security Attack
OSI Security Structure
Model for Network Security
Computer Security Concept
Computer Security Definition
the protection afforded to an automated information system in order
to attain the applicable objectives of preserving the integrity,
availability and confidentiality of information system resources
(includes hardware, software, information/data, and
telecommunications)
Computer Security Concept
1. Confidentiality ‫سريّة المعلومات‬
preserving authorized restrictions on information access
and disclosure, including means for protecting personal
privacy and proprietary information.
2. Integrity ‫التأكد من صحة المعلومات‬
Guarding against improper information modification or
destruction, and includes ensuring information nonrepudiation and authenticity
3. Availability ‫توفر المعلومات‬
Ensuring timely and reliable access to and use of
information.
Aspects of Security
• consider 3 aspects of information security:
• security attack
• security mechanism
• security service
• note terms
• threat – a potential for violation of security
• attack – an assault on system security, a deliberate attempt to
evade security services
Security Attack
• Passive Attack
• attempts to learn or make use
of information from the system
but does not affect system
resources.
• Two types of passive
attacks are:
1.
2.
Release of message contents
Traffic analysis.
Active Attack
• Active Attack
• modification of the data
stream or the creation of a
false stream
• Four types of active attacks
1.
2.
3.
4.
masquerade,
Replay
modification of messages,
denial of service.
OSI Security Structure
• The OSI security architecture is useful to managers as a
way of organizing the task of providing security.
• Define Security Services and mechanism
OSI Security Structure – Security
Services
• Authentication (‫ )التثبت من الهوية‬- assurance that
communicating entity is the one claimed
• have both peer-entity & data origin authentication
• Access Control (‫)التحكم في الوصول‬- prevention of the
unauthorized use of a resource
• Data Confidentiality (‫–)سريّة المعلومات‬protection of
data from unauthorized disclosure
• Data Integrity (‫)التأكد من صحة المعلومات‬- assurance
that data received is as sent by an authorized entity
• Non-Repudiation (‫ )عدم االنكار‬- protection against
denial by one of the parties in a communication
• Availability – resource accessible/usable
OSI Security Structure – Security
Mechanism
• specific security mechanisms ( OSI
model)
• Encipherment, digital signatures, access controls, data integrity,
authentication exchange, traffic padding, routing control,
notarization
OSI Security Structure –
Security Mechanism
OSI Security Structure –
Security Mechanism
• pervasive security mechanisms:
• trusted functionality: functionality that can be trusted to perform
as intended.
• security labels: every item is associated with a security label. For
example : a label for sensitivity level.
• event detection : detective and could be corrective mechanism
m for security event.
• security audit trails: Review and Examination of system records
and activities
• security recovery : implementing corrective security mechanisms
and putting them in appropriate place.
Model for Network Security
Model for Network Security
using this model requires us to:
1.
2.
3.
4.
design a suitable algorithm for the security transformation
generate the secret information (keys) used by the algorithm
develop methods to distribute and share the secret
information
specify a protocol enabling the principals to use the
transformation and secret information for a security service
Model for Network Security
Model for Network Security
using this model requires us to:
1.
2.
select appropriate gatekeeper functions to identify users
implement security controls to ensure only authorised users
access designated information or resources
Summary
• topic roadmap & standards organizations
• security concepts:
• confidentiality, integrity, availability
• X.800 security architecture
• security attacks, services, mechanisms
• models for network (access) security
Resources
• Network Security Essential , chapter 1 .
Related documents
Chapter 2
Chapter 2
Application Layer
Application Layer
THE OSI REFERENCE MODEL
THE OSI REFERENCE MODEL
Why to learn OSI reference Model?
Why to learn OSI reference Model?
Chapter 1
Chapter 1
RAYAT INSTITUTE OF ENGG. AND TECHNOLOGY Computer
RAYAT INSTITUTE OF ENGG. AND TECHNOLOGY Computer
Why Internetworking? - California State University, Long Beach
Why Internetworking? - California State University, Long Beach
Research Project
Research Project
Course Portfolio INFO2410 Information and communication technology
Course Portfolio INFO2410 Information and communication technology
National Highway Construction Cost Index
National Highway Construction Cost Index
LS 120 105
LS 120 105
Use of MapInfo overlays in Fire Emergency Computer
Use of MapInfo overlays in Fire Emergency Computer
Download
advertisement