SlideShare a Scribd company logo

Dos unit 5

Download as PPTX, PDF
J
JebasheelaSJ

Security Introduction Potential attacks Positive attacks Active attacks Cryptography Terminologies Symmetric and asymmetric authentication types of authentication approaches to authentication user login access control protection domains design signature design principle

Education
1 of 26
UNIT- 5
Security- introduction • Computer systems store large amount of information, some of which is highly sensitive and valuable to their users. • Users can trust the system and rely on it only if the various resources and information of a computer system are protected against destruction and unauthorized access. • Obviously, the security requirements are different for different computer systems depending on the environment in which they are supposed to operate.
• Some of the common goals of computer security are as follows: 1) Secrecy: Information within the system must be accessible only to authorized users. 2) Privacy: Misuse of information must be prevented. That is, a piece of information given to a user should be used only for the purpose for which it was given. 3)Authenticity: When a user receives some data, the user must be able to verify its authenticity. 4) Integrity: Information within the system must be protected against accidental destruction or intentional corruption by an unauthorized user
Potential attacks to computer system • The first step in the provision of appropriate computer security is to identify the potential threats/attacks to computer systems. • The term intruder or attacker is commonly used to refer to a person or program trying to obtain unauthorized access to data or a resource of a computer system.
• An intruder may be a threat to computer security in many ways that are broadly classified into two categories: 1) Positive attacks 2) Active attacks • A positive attack does not cause any harm to the system being threatened , whereas an active attack does.
Positive attacks • In positive attacks, an intruder somehow tries to steal unauthorized information from the computer system without interfering with the normal functioning of the system. 1) Browsing 2) Leaking 3) Inferencing 4) Masquerading
• Browsing: In this method, intruders attempt to read stored files, message packets passing by on the network, other processes memory, and so on, without modifying any data. • Leaking: In this method, an intruder uses an accomplice who leaks the information to him or her. Prevention of leaking is a difficult problem to solve and requires preventing all types of communication between the accomplice and the intruder.
• Inferencing: In this method, an intruder tries to draw some inference by closely observing and analyzing the system’s data or the activities carried out by the system. In this case, an intruder observes when and where interprocess messages flow in the system, and by analyzing the frequency of message. • Masquerading: In this method, an intruder masquerades as an authorized user or program in order to gain access to uauthorized data or resources.
Active Attacks • Active intruders are more malicious than passive intruders. • Unlike passive attacks, active attacks interfere with the normal functioning of the system and often have damaging effects. • The most common types of damage that active attacks cause are corrupting files, destroying data, imitating hardware errors.
• Some commonly used forms of active attacks are: 1) Viruses 2) Worms 3) Logic Bombs.
• Viruses: A computer viruses is a piece of code attached to a legitimate program that, when executed, infects other programs in the system by replicating and attaching itself to them. • Worms: Worms are program that spread from one computer to another in a network of computers. • Logic Bombs: A logic bomb is a program that lies dormant until some trigger condition causes it to explode.
Cryptography • Cryptography is a means of protecting private information against unauthorized access in those situations where it is difficult to provide physical security. • The basic idea behind this security technique is that if it is not possible to prevent copying of information, it is better to prevent comprehension.
Basic Concepts and Terminologies • Two primitive operations employed by cryptography are encryption and decryption. • Encryption is the process of transforming an intelligible information into an unintelligible form. • Decryption is the process of transforming the information back from ciphertext to plaintext.
• When cryptography is employed for protecting information transmitted through communication channels, plaintext is also called a message. • Encryption is basically a mathematical function having the following form: C=E(P,Ke) Where P is the plaintext to be encrypted, Ke is an encryption key and C is the resulting ciphertext.
Symmetric and Asymmetric • There are two broad classes of cryptosystems, symmetric and asymmetric. • In a Symmetric cryptosystem, either both the encryption key(Ke) and decryption key(kd) are the same or one is easily derivable from the other. • In an asymmetric cryptosystem, on the other hand, the decryption key(kd) is not equal to the encryption key(Ke).
Authentication • Authentication deals with the problem of verifying the identity of a user before permitting access to the requested resource. • That is, an authentication mechanism prohibits the use of the system by unauthorized users by verifying the identity of a user making a request.
• Authentication basically involves identification and verification. • Identification is the process of claiming a certain identity by a user, while verification is the process of verifying the user’s claimed identity. • Thus, the correctness of an authentication process relies heavily on the verification procedure employed.
Types of authentication • The main types of authentication normally needed in a distributed system are as follows: 1) User logins authentication 2) One-way authentication of communicating entities 3) Two-way authentication of communicating entities
Approaches to Authentication • Proof by knowledge: In this approach, authentication involves verifying something that can only be known by an authorized principal. • Proof by possession: In this approach, a user proves his or her identity by producing some item that can only be possessed by an authorized principal. • Proof by property: In this approach, the system is designed to verify the identity of a user by measuring some physical characteristics of the user that are hard to forge.
User Login Authentication • As in centralized systems, a user access to a distributed system by logging in a host in the system. User identity is established at login, at all subsequent user activities are attributed to this identity. 1. Keeping passwords secret 2. Making passwords difficult to guess 3. Limiting damages done by a compromised password 4. Identifying and discourging unauthorized user logins. 5. Single sign-on for using all resources in the system.
Access Control • Once a user or a process has been authenticated, the next step in security is to devise ways to prohibit the user or the process from accessing those resources/information that he or she or it is not authorized to access. • This issue is called authorization and is dealt with by using access control mechanisms. • Access control mechanisms used in distributed systems are basically the same as those used in centralized systems.
• When talking about access control in computer systems, it is customary to use the following terms: 1. Objects 2.Subjects 3. Protection rules
Protection domains • A domain is an abstract definition of a set of access rights. • It is defined as a set of pairs. • Each pair specifies an object and one or more operations that can be performed on the object. • Each one of the allowed operations is called a right.
Design signature • A digital signature is basically a code, or a large number, that is unique for each message and to each message originator. • It is obtained by first processing the message with a hash function to obtain a small digest dependent on each bit of information in the message and then encrypting the digest by using the originator secret key.
• A protocol based on a digital signature for ensuring message integrity works as follows: 1. A sender(A) computes the digest(D) of a message(M). It then encrypts the digest D by using its secret key(Sa) to obtain a cipertext C1=E(D,Sa). A signed message is then created that consists of the senders identifier, the message M in its plaintext form, and the ciphertext C1. 2. On receiving the signed message, the receiver decrypts C1 by using the public key of the sender to recover the digest D.
Design principles • Based on their experience with Multics, Saltzer and Schroeder identified some design principles that can be used as a guide to designing secure systems. 1. Least privilage 2. Fail-safe defaults 3. Open design 4. Built in to the system 5.Check for current authority 6. Easy granting and revocation of access rights 7.Never trust other parties 8. Always ensure freshness of messages

Recommended

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Computer security
Computer securityComputer security
Computer securityMahesh Singh Madai
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 

Recommended

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Computer security
Computer securityComputer security
Computer securityMahesh Singh Madai
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Chapter 01
Chapter 01Chapter 01
Chapter 01nathanurag
 
Security
Security Security
Security chian417
 
Basic security concepts_chapter_1
Basic security concepts_chapter_1Basic security concepts_chapter_1
Basic security concepts_chapter_1abdifatah said
 
Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8Kabul Education University
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 
Cryptography and authentication
Cryptography and authenticationCryptography and authentication
Cryptography and authenticationmbadhi
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1JeevananthamArumugam
 
Security Basics
Security BasicsSecurity Basics
Security BasicsArchitecTerra Ltd.
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overviewlimsh
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Securityjp tj
 
Ch05 Network Defenses
Ch05 Network DefensesCh05 Network Defenses
Ch05 Network DefensesInformation Technology
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVEric Vanderburg
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 
Network Security Lecture
Network Security LectureNetwork Security Lecture
Network Security LectureChanankorn Jandaeng
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptxBisharSuleiman
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionGyanmanjari Institute Of Technology
 

More Related Content

What's hot

Basic security concepts_chapter_1
Basic security concepts_chapter_1Basic security concepts_chapter_1
Basic security concepts_chapter_1abdifatah said
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 
Cryptography and authentication
Cryptography and authenticationCryptography and authentication
Cryptography and authenticationmbadhi
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overviewlimsh
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Securityjp tj
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVEric Vanderburg
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 

What's hot (20)

Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Security
Security Security
Security
 
Basic security concepts_chapter_1
Basic security concepts_chapter_1Basic security concepts_chapter_1
Basic security concepts_chapter_1
 
Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8Cryptography and Network security # Lecture 8
Cryptography and Network security # Lecture 8
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
 
Cryptography and authentication
Cryptography and authenticationCryptography and authentication
Cryptography and authentication
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
 
Security Basics
Security BasicsSecurity Basics
Security Basics
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network Security
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
 
Ppt.1
Ppt.1Ppt.1
Ppt.1
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Security
 
Ch05 Network Defenses
Ch05 Network DefensesCh05 Network Defenses
Ch05 Network Defenses
 
Network security
Network securityNetwork security
Network security
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
 
Network Security Lecture
Network Security LectureNetwork Security Lecture
Network Security Lecture
 

Similar to Dos unit 5

cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptxBisharSuleiman
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.pptSwapnaPavan2
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityAparnaSunil24
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfwondimagegndesta
 
Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxSamiDan3
 
Security in Computer System
Security in Computer SystemSecurity in Computer System
Security in Computer SystemManesh T
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptographyKiran Patil
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptographypinkutinku26
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.Ankur Kumar
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
Cryptography introduction
Cryptography introductionCryptography introduction
Cryptography introductionVasuki Ramasamy
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.pptmiki304759
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdfsurajthakur474818
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 

Similar to Dos unit 5 (20)

cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptx
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - Introduction
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.ppt
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOV
 
chapter 1-4.pdf
chapter 1-4.pdfchapter 1-4.pdf
chapter 1-4.pdf
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdf
 
Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptx
 
Security in Computer System
Security in Computer SystemSecurity in Computer System
Security in Computer System
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptography
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptography
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
 
Cryptography introduction
Cryptography introductionCryptography introduction
Cryptography introduction
 
Chapter Last.ppt
Chapter Last.pptChapter Last.ppt
Chapter Last.ppt
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdf
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 

Recently uploaded

BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 

Recently uploaded (20)

BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 

Dos unit 5

  • 2. Security- introduction • Computer systems store large amount of information, some of which is highly sensitive and valuable to their users. • Users can trust the system and rely on it only if the various resources and information of a computer system are protected against destruction and unauthorized access. • Obviously, the security requirements are different for different computer systems depending on the environment in which they are supposed to operate.
  • 3. • Some of the common goals of computer security are as follows: 1) Secrecy: Information within the system must be accessible only to authorized users. 2) Privacy: Misuse of information must be prevented. That is, a piece of information given to a user should be used only for the purpose for which it was given. 3)Authenticity: When a user receives some data, the user must be able to verify its authenticity. 4) Integrity: Information within the system must be protected against accidental destruction or intentional corruption by an unauthorized user
  • 4. Potential attacks to computer system • The first step in the provision of appropriate computer security is to identify the potential threats/attacks to computer systems. • The term intruder or attacker is commonly used to refer to a person or program trying to obtain unauthorized access to data or a resource of a computer system.
  • 5. • An intruder may be a threat to computer security in many ways that are broadly classified into two categories: 1) Positive attacks 2) Active attacks • A positive attack does not cause any harm to the system being threatened , whereas an active attack does.
  • 6. Positive attacks • In positive attacks, an intruder somehow tries to steal unauthorized information from the computer system without interfering with the normal functioning of the system. 1) Browsing 2) Leaking 3) Inferencing 4) Masquerading
  • 7. • Browsing: In this method, intruders attempt to read stored files, message packets passing by on the network, other processes memory, and so on, without modifying any data. • Leaking: In this method, an intruder uses an accomplice who leaks the information to him or her. Prevention of leaking is a difficult problem to solve and requires preventing all types of communication between the accomplice and the intruder.
  • 8. • Inferencing: In this method, an intruder tries to draw some inference by closely observing and analyzing the system’s data or the activities carried out by the system. In this case, an intruder observes when and where interprocess messages flow in the system, and by analyzing the frequency of message. • Masquerading: In this method, an intruder masquerades as an authorized user or program in order to gain access to uauthorized data or resources.
  • 9. Active Attacks • Active intruders are more malicious than passive intruders. • Unlike passive attacks, active attacks interfere with the normal functioning of the system and often have damaging effects. • The most common types of damage that active attacks cause are corrupting files, destroying data, imitating hardware errors.
  • 10. • Some commonly used forms of active attacks are: 1) Viruses 2) Worms 3) Logic Bombs.
  • 11. • Viruses: A computer viruses is a piece of code attached to a legitimate program that, when executed, infects other programs in the system by replicating and attaching itself to them. • Worms: Worms are program that spread from one computer to another in a network of computers. • Logic Bombs: A logic bomb is a program that lies dormant until some trigger condition causes it to explode.
  • 12. Cryptography • Cryptography is a means of protecting private information against unauthorized access in those situations where it is difficult to provide physical security. • The basic idea behind this security technique is that if it is not possible to prevent copying of information, it is better to prevent comprehension.
  • 13. Basic Concepts and Terminologies • Two primitive operations employed by cryptography are encryption and decryption. • Encryption is the process of transforming an intelligible information into an unintelligible form. • Decryption is the process of transforming the information back from ciphertext to plaintext.
  • 14. • When cryptography is employed for protecting information transmitted through communication channels, plaintext is also called a message. • Encryption is basically a mathematical function having the following form: C=E(P,Ke) Where P is the plaintext to be encrypted, Ke is an encryption key and C is the resulting ciphertext.
  • 15. Symmetric and Asymmetric • There are two broad classes of cryptosystems, symmetric and asymmetric. • In a Symmetric cryptosystem, either both the encryption key(Ke) and decryption key(kd) are the same or one is easily derivable from the other. • In an asymmetric cryptosystem, on the other hand, the decryption key(kd) is not equal to the encryption key(Ke).
  • 16. Authentication • Authentication deals with the problem of verifying the identity of a user before permitting access to the requested resource. • That is, an authentication mechanism prohibits the use of the system by unauthorized users by verifying the identity of a user making a request.
  • 17. • Authentication basically involves identification and verification. • Identification is the process of claiming a certain identity by a user, while verification is the process of verifying the user’s claimed identity. • Thus, the correctness of an authentication process relies heavily on the verification procedure employed.
  • 18. Types of authentication • The main types of authentication normally needed in a distributed system are as follows: 1) User logins authentication 2) One-way authentication of communicating entities 3) Two-way authentication of communicating entities
  • 19. Approaches to Authentication • Proof by knowledge: In this approach, authentication involves verifying something that can only be known by an authorized principal. • Proof by possession: In this approach, a user proves his or her identity by producing some item that can only be possessed by an authorized principal. • Proof by property: In this approach, the system is designed to verify the identity of a user by measuring some physical characteristics of the user that are hard to forge.
  • 20. User Login Authentication • As in centralized systems, a user access to a distributed system by logging in a host in the system. User identity is established at login, at all subsequent user activities are attributed to this identity. 1. Keeping passwords secret 2. Making passwords difficult to guess 3. Limiting damages done by a compromised password 4. Identifying and discourging unauthorized user logins. 5. Single sign-on for using all resources in the system.
  • 21. Access Control • Once a user or a process has been authenticated, the next step in security is to devise ways to prohibit the user or the process from accessing those resources/information that he or she or it is not authorized to access. • This issue is called authorization and is dealt with by using access control mechanisms. • Access control mechanisms used in distributed systems are basically the same as those used in centralized systems.
  • 22. • When talking about access control in computer systems, it is customary to use the following terms: 1. Objects 2.Subjects 3. Protection rules
  • 23. Protection domains • A domain is an abstract definition of a set of access rights. • It is defined as a set of pairs. • Each pair specifies an object and one or more operations that can be performed on the object. • Each one of the allowed operations is called a right.
  • 24. Design signature • A digital signature is basically a code, or a large number, that is unique for each message and to each message originator. • It is obtained by first processing the message with a hash function to obtain a small digest dependent on each bit of information in the message and then encrypting the digest by using the originator secret key.
  • 25. • A protocol based on a digital signature for ensuring message integrity works as follows: 1. A sender(A) computes the digest(D) of a message(M). It then encrypts the digest D by using its secret key(Sa) to obtain a cipertext C1=E(D,Sa). A signed message is then created that consists of the senders identifier, the message M in its plaintext form, and the ciphertext C1. 2. On receiving the signed message, the receiver decrypts C1 by using the public key of the sender to recover the digest D.
  • 26. Design principles • Based on their experience with Multics, Saltzer and Schroeder identified some design principles that can be used as a guide to designing secure systems. 1. Least privilage 2. Fail-safe defaults 3. Open design 4. Built in to the system 5.Check for current authority 6. Easy granting and revocation of access rights 7.Never trust other parties 8. Always ensure freshness of messages