Introduction To Network Security

Download as pdf or txt
Download as pdf or txt
You are on page 1of 16

Dept of computer science & IT Network Security

i. Computer Security
ii. Network Security
iii. Information Security
iv. Security Trends
v. Security Attacks
vi. Security Services
vii. Security Mechanism
viii. The OSI Security Architecture
ix. A Model of Network Security
Dept of computer science & IT Network Security

• What is computer security?


Computer security basically is the protection of computer
systems and information from harm, theft, and unauthorized
use. It is the process of preventing and detecting unauthorized
use of your computer system.

• What is Network security?


Network security is a broad term that covers a multitude of
technologies, devices and processes. In its simplest term, it is a
set of rules and configurations designed to protect the integrity,
confidentiality and accessibility of computer networks and data
using both software and hardware technologies.
Dept of computer science & IT Network Security

• Information Security
Information security refers to the processes and methodologies
which are designed and implemented to protect print,
electronic, or any other form of confidential, private and
sensitive information or data from unauthorized access, use,
misuse, disclosure, destruction, modification, or disruption.
Dept of computer science & IT Network Security
Dept of computer science & IT Network Security

Any action that compromises the security of information


owned by an organization.
Information security is about how to prevent attacks, or
failing that, to detect attacks on information-based systems
Often threat & attack used to mean same thing; have a wide
range of attacks
• Generic types of attacks.
Passive Attacks;
eavesdropping on, or monitoring of transmissions
release of message contents;
Active Attacks ;
modification of the data stream or the creation of a
false stream.replay, modification, traffic analysis
Dept of computer science & IT Network Security
Dept of computer science & IT Network Security
Dept of computer science & IT Network Security

• ITU-T X.800 (RFC 2828): Security Services


• Authentication - assurance that the communicating
entity is the one claimed
• Access Control - prevention of the unauthorized use
of a resource
• Data Confidentiality - protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is as
sent by an authorized entity
• Non-Repudiation - protection against denial by one
of the parties in a communication
• Availability - being accessible and usable upon
demand by an authorized system entity
Dept of computer science & IT Network Security

• ITU-T X.800 Security Mechanisms


• feature designed to detect, prevent, or recover from a
security attack
• no single mechanism that will support all services
required
• however one particular element underlies many of the
security mechanisms in use:
Cryptographic techniques
Dept of computer science & IT Network Security

 Specific security mechanisms


 Encipherment,
 Digital signatures,
 Access controls,
 Data integrity,
 Authentication exchange,
 Traffic padding,
 Routing control,
Dept of computer science & IT Network Security

THE OSI SECURITY ARCHITECTURE


To assess effectively the security needs of an organization and to
evaluate and choose various security products and policies, the
manager responsible for security needs some systematic way of
defining the requirements for security and characterizing the
approaches to satisfying those requirements.
Security Goals
Dept of computer science & IT Network Security

Consider 3 aspects of information security:

• security attack : Any action that compromises the


security of information owned by an organization
• security mechanism: A process (device) that is designed
to detect, prevent, or protect from a security attacks
• security service: A processing service that enhances the
security of the system and the information transfers
of an organization. The services are intended to
counter security attacks;
They make use of one or more security mechanisms.
Dept of computer science & IT Network Security

A security-related transformation on the information to be sent


Some secret information shared by the two principals
Dept of computer science & IT Network Security

Using this model requires us to:


1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys) used by the
algorithm
3. develop methods to distribute and share the secret
information
4. specify a protocol enabling the principals to use the
transformation and secret information for a security
service
Dept of computer science & IT Network Security

 Programs can prevent two kinds of threats;


 Information access threats
 Service threats
Dept of computer science & IT Network Security

Using this model requires us to:


1. select appropriate gatekeeper functions to identify
users
2. implement security controls to ensure only
authorized users access designated information or
resources

 Trusted computer systems may be useful to help


implement this model.

You might also like