Security goals and Mechanism

Presented by Haroon khan

Confidentiality

• The function of "Confidentiality" is in protecting precious business

data (in storage or in motion) from unauthorized persons.

• Confidentiality part of Network Security makes sure that the data is

available OLNY to intended and authorized persons. Access to
business data should be only for those individuals who are permitted
to use that data.
Integrity

• The function of Integrity is to make sure that the date is accurate and
reliable and is not changed by unauthorized persons or hackers.

• The data received by the recipient must be exactly same as the data
sent from the sender, without change in even single bit of data.
Availability

• The function of "Availability" in Network Security is to make sure that

the Data, Network Resources or Network Services are continuously
available to the legitimate users, whenever they require it.
Authentication
• First we verifying the identity of the user who is the sending the message and who
is receiving message.

Non-Repudiation

Nonrepudiation refers to the ability to ensure that a party to a contract or a

communication cannot deny the authenticity of their signature on a
document or the sending of a message that they originated.

Access Control
• Only authorize person can access the data and prevent unauthorized access to
resources
How to achieve these services
These services achieve with the help of security mechanism
1. Encipherment
The process of making data unreadable to unauthorized entities by
applying a cryptographic algorithm
Encrypt Decrypt

Alice Bob
2. Data Entity
Who to know the user change my massage or not

Check value
8 0 0 0 0 8

3. Digital Signature

The sender side sign the message and the reciver verify the massage
4. Authenticaton

• The exchange of data first we accept the request of sender

e.g Bluetooth

5. Traffic Padding

The original message add some extra bit for length is large so the hacker
does not know and not readable .

000 Hello 000

6. Routing control

Routing control means selecting and continuously changing different available

routes between sender and receiver to prevent the opponent from eavesdropping on
a particular route

7. Notarization
Notarization means selecting a third trusted party to control the communication
between two entities. The receiver can involve a trusted third party to store the
sender request in order to prevent the sender from later denying that she has made a
request.
8. Access Control

Access control used methods to prove that a user has access right to the
data or resources owned by a system. Examples of proofs are passwords
and PINs.