You are on page 1of 18

IT 352 : Lecture 2part1

Review security basic concepts

Najwa AlGhamdi , MSc – 2012 /1433

Outline • • • • • Computer Security Concept Aspects of Security Security Attack OSI Security Structure Model for Network Security .

software. availability and confidentiality of information system resources (includes hardware.Computer Security Concept Computer Security Definition the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity. information/data. and telecommunications) .

Availability ‫توفر المعلومات‬ Ensuring timely and reliable access to and use of information.Computer Security Concept 1. 2. Confidentiality ‫سريّة المعلومات‬ preserving authorized restrictions on information access and disclosure. Integrity ‫التأكد من صحة المعلومات‬ Guarding against improper information modification or destruction. . including means for protecting personal privacy and proprietary information. and includes ensuring information nonrepudiation and authenticity 3.

Aspects of Security • consider 3 aspects of information security: • security attack • security mechanism • security service • note terms • threat – a potential for violation of security • attack – an assault on system security. a deliberate attempt to evade security services .

Security Attack • Passive Attack • attempts to learn or make use of information from the system but does not affect system resources. Release of message contents Traffic analysis. . 2. • Two types of passive attacks are: 1.

. Replay modification of messages. masquerade. denial of service. 4.Active Attack • Active Attack • modification of the data stream or the creation of a false stream • Four types of active attacks 1. 2. 3.

OSI Security Structure • The OSI security architecture is useful to managers as a way of organizing the task of providing security. • Define Security Services and mechanism .

OSI Security Structure – Security Services • Authentication (‫ .)التثبت من الهوية‬assurance that communicating entity is the one claimed • have both peer-entity & data origin authentication • Access Control (‫ -)التحكم في الوصول‬prevention of the unauthorized use of a resource • Data Confidentiality (‫–)سريّة المعلومات‬protection of data from unauthorized disclosure • Data Integrity (‫ -)التأكد من صحة المعلومات‬assurance that data received is as sent by an authorized entity • Non-Repudiation (‫ .)عدم االنكار‬protection against denial by one of the parties in a communication • Availability – resource accessible/usable .

notarization . authentication exchange.OSI Security Structure – Security Mechanism • specific security mechanisms ( OSI model) • Encipherment. digital signatures. routing control. data integrity. traffic padding. access controls.

OSI Security Structure – Security Mechanism .

• security labels: every item is associated with a security label. . For example : a label for sensitivity level.OSI Security Structure – Security Mechanism • pervasive security mechanisms: • trusted functionality: functionality that can be trusted to perform as intended. • event detection : detective and could be corrective mechanism m for security event. • security audit trails: Review and Examination of system records and activities • security recovery : implementing corrective security mechanisms and putting them in appropriate place.

Model for Network Security .

4. 3. design a suitable algorithm for the security transformation generate the secret information (keys) used by the algorithm develop methods to distribute and share the secret information specify a protocol enabling the principals to use the transformation and secret information for a security service . 2.Model for Network Security using this model requires us to: 1.

Model for Network Security .

2. select appropriate gatekeeper functions to identify users implement security controls to ensure only authorised users access designated information or resources .Model for Network Security using this model requires us to: 1.

800 security architecture • security attacks. availability • X.Summary • topic roadmap & standards organizations • security concepts: • confidentiality. mechanisms • models for network (access) security . integrity. services.

chapter 1 .Resources • Network Security Essential . .