Cryptography and Network Security provides an overview of key concepts in computer and network security. It discusses standards organizations and introduces topics like symmetric and asymmetric encryption, hashing, and network security. The document outlines models for providing security at the network and access levels and explains the relationship between security attacks, services, and mechanisms based on the OSI security architecture.
This document provides an overview and roadmap for cryptography and network security. It discusses key security concepts like confidentiality, integrity, and availability. It also summarizes the OSI security architecture, which defines how to provide security requirements. Additionally, it outlines security attacks, services, and mechanisms, and provides models for network and network access security.
This document provides an overview of key concepts in information security. It defines security, outlines different types of security including physical security and network security. It also defines basic terminologies used in cryptography like plaintext, ciphertext, cipher, key, encrypt, decrypt, cryptography, and cryptanalysis. It then discusses computer security, network security, and internet security. It outlines critical characteristics of information and principles of access control. It also provides examples of different security requirements and services. It discusses challenges in computer security and considers aspects of security including security attacks, mechanisms, and services. It also provides examples of different types of passive and active security attacks. Finally, it outlines models for network security and network access security.
This document provides an overview of cryptography and network security. It outlines the key topics to be covered, including cryptographic algorithms, network security concepts, and security standards organizations. The document also summarizes the OSI security architecture, defining security attacks, services, and mechanisms. Models for providing network and access security are presented which require selecting algorithms, distributing keys, and specifying protocols for security services.
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical)
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurvkarthi314
The document discusses network security. It defines computer security, network security, and internet security. The key aspects of network security are confidentiality, integrity, and availability. It describes different types of security attacks like passive attacks involving interception and traffic analysis, and active attacks like masquerade, replay, message modification, and denial of service. It also discusses different impact levels of security breaches and challenges in computer security. Finally, it presents models for network security and network access security.
This document summarizes key concepts in cryptography and network security. It defines computer, network, and internet security and outlines security services, mechanisms, and common attacks. The document discusses the OSI security architecture and how it defines five major security services: authentication, access control, data confidentiality, data integrity, and non-repudiation. It also summarizes security mechanisms and how to classify security attacks as either passive or active. The document introduces models for network security and network access security and discusses requirements for implementing these models, such as designing encryption algorithms and distributing secret keys.
This chapter introduces key concepts in cryptography and network security. It defines computer, network, and internet security and discusses security attacks, services, and mechanisms. The chapter presents models for providing network security and controlling network access security using cryptographic techniques and trusted systems. The overall aim is to understand measures for protecting data transmission and storage.
This chapter introduces key concepts in cryptography and network security. It defines computer, network, and internet security and discusses security attacks, services, and mechanisms. The chapter presents models for providing network security and controlling network access security using cryptographic techniques and trusted systems. The overall aim is to understand measures for protecting data transmission and storage.
This document provides an overview and roadmap for cryptography and network security. It discusses key security concepts like confidentiality, integrity, and availability. It also summarizes the OSI security architecture, which defines how to provide security requirements. Additionally, it outlines security attacks, services, and mechanisms, and provides models for network and network access security.
This document provides an overview of key concepts in information security. It defines security, outlines different types of security including physical security and network security. It also defines basic terminologies used in cryptography like plaintext, ciphertext, cipher, key, encrypt, decrypt, cryptography, and cryptanalysis. It then discusses computer security, network security, and internet security. It outlines critical characteristics of information and principles of access control. It also provides examples of different security requirements and services. It discusses challenges in computer security and considers aspects of security including security attacks, mechanisms, and services. It also provides examples of different types of passive and active security attacks. Finally, it outlines models for network security and network access security.
This document provides an overview of cryptography and network security. It outlines the key topics to be covered, including cryptographic algorithms, network security concepts, and security standards organizations. The document also summarizes the OSI security architecture, defining security attacks, services, and mechanisms. Models for providing network and access security are presented which require selecting algorithms, distributing keys, and specifying protocols for security services.
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical)
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurvkarthi314
The document discusses network security. It defines computer security, network security, and internet security. The key aspects of network security are confidentiality, integrity, and availability. It describes different types of security attacks like passive attacks involving interception and traffic analysis, and active attacks like masquerade, replay, message modification, and denial of service. It also discusses different impact levels of security breaches and challenges in computer security. Finally, it presents models for network security and network access security.
This document summarizes key concepts in cryptography and network security. It defines computer, network, and internet security and outlines security services, mechanisms, and common attacks. The document discusses the OSI security architecture and how it defines five major security services: authentication, access control, data confidentiality, data integrity, and non-repudiation. It also summarizes security mechanisms and how to classify security attacks as either passive or active. The document introduces models for network security and network access security and discusses requirements for implementing these models, such as designing encryption algorithms and distributing secret keys.
This chapter introduces key concepts in cryptography and network security. It defines computer, network, and internet security and discusses security attacks, services, and mechanisms. The chapter presents models for providing network security and controlling network access security using cryptographic techniques and trusted systems. The overall aim is to understand measures for protecting data transmission and storage.
This chapter introduces key concepts in cryptography and network security. It defines computer, network, and internet security and discusses security attacks, services, and mechanisms. The chapter presents models for providing network security and controlling network access security using cryptographic techniques and trusted systems. The overall aim is to understand measures for protecting data transmission and storage.
Computer security - , cybersecurity or information technology security (IT security) is the protection of computer systems from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.
The field is becoming more important due to increased reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of "smart" devices, including smartphones, televisions, and the various devices that constitute the "Internet of things". Owing to its complexity, both in terms of politics and technology, cybersecurity is also one of the major challenges in the contemporary world.
Computer Security: protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
This document provides an overview of network security. It defines key terms like computer security, network security, and internet security. It discusses the goals of computer security which are confidentiality, integrity, and availability. It describes low, moderate, and high impact security breaches. It also covers challenges in computer security, aspects of security including attacks and mechanisms, and models for providing network security and access security.
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...karthikasivakumar3
Network security aims to protect computer systems and data from theft, damage, and disruption by securing hardware, software, and information. It involves measures to protect data transmission over interconnected networks. The three main goals of network security are confidentiality, integrity, and availability of data. Confidentiality ensures only authorized parties can access sensitive data. Integrity maintains the accuracy and reliability of data. Availability ensures authorized parties can access information when needed.
This document provides an overview of a university course on network and computer security. It outlines the course structure, including topics on cryptography, network security concepts, and laboratory exercises. It also defines key security terms like threats, attacks, security services, and security mechanisms.
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfVishwanathMahalle
This document outlines the syllabus for a course on cryptography. It includes 6 units that cover topics such as attacks on computers and computer security, symmetric and asymmetric key algorithms, digital signatures, public key infrastructure, internet security protocols, and user authentication. The objectives of the course are to teach security concepts and the need for security. Key topics covered include types of attacks, symmetric and asymmetric cryptography, encryption and decryption, digital certificates, and authentication methods. References for textbooks and additional reading materials are also provided.
This document provides an overview and introduction to cryptography and network security. It outlines key concepts like confidentiality, integrity, and availability. It also describes standards organizations, different types of security attacks and services, and security mechanisms. Models for network security and access are presented, which involve selecting appropriate identification and access control functions.
This ppt contains information about definition of computer & information security, types of attacks, services, mechanisms, controls and model for network security
The document provides an overview of cryptography and network security concepts. It describes the key objectives of studying this topic as understanding security requirements like confidentiality, integrity, and availability. It also discusses types of security threats and attacks. The document summarizes the main cryptographic algorithms and security architecture. It defines security services like authentication, access control, data confidentiality, and data integrity. It also discusses security mechanisms, threats, and attacks in network security.
The document provides an introduction to computer security including:
- The basic components of security such as confidentiality, integrity, and availability.
- Common security threats like snooping, modification, and denial of service attacks.
- Issues with security including operational challenges and human factors.
- An overview of security policies, access control models, and security models like Bell-LaPadula and Biba.
Cryptography and Network Security introduces key concepts in information security. It discusses (1) definitions of computer, network, and internet security, (2) the relationship between security services, mechanisms, and attacks, and (3) models for providing network and access security. The goal is to provide a systematic framework for defining security requirements and considering how cryptographic techniques can be used to detect, prevent, and recover from security attacks during data transmission.
Network security in computer network for BS23017156038
The document provides an overview of network security essentials, including:
1. Symmetric encryption uses a shared secret key between sender and receiver to encrypt and decrypt messages. Common symmetric algorithms include the Shift Cipher and Caesar Cipher.
2. The Caesar Cipher replaces each letter with the letter three positions further down the alphabet, encrypting "ET TU BRUTUS" to "HW WX EUXWXV".
3. Network security concepts like confidentiality, integrity, and availability are discussed alongside security attacks, services, and mechanisms defined in the X.800 standard. Models for providing network and access security are also introduced.
The document provides an overview of network security essentials, including:
1. Symmetric encryption uses a shared secret key between sender and receiver to encrypt and decrypt messages. Common symmetric algorithms include the Shift Cipher and Caesar Cipher.
2. The Caesar Cipher replaces each letter with the letter three positions further down the alphabet, encrypting "ET TU BRUTUS" to "HW WX EUXWXV".
3. Cryptography concepts like plaintext, ciphertext, cipher algorithms, and cryptanalysis are introduced. Symmetric encryption requires secure key distribution and management.
The document discusses cyber security and computer security. It defines key terms like computer security, network security, and internet security. It describes security attacks like passive attacks involving eavesdropping and active attacks involving modifying data. It also discusses security services like confidentiality, authentication, and integrity, and security mechanisms like encryption and digital signatures that are used to provide these security services and counter security attacks. Finally, it presents models for network security and network access security.
This document provides an open source study guide for the CompTIA Security+ SY0-501 exam. It aims to gather information from various online sources to cover all exam topics without requiring expensive training courses. The exam domains include threats and vulnerabilities, technologies and tools, architecture and design, identity and access management, risk management, and cryptography. The study guide also provides free resources like practice questions and training courses. It then covers various security topics in detail, such as attacks, system hardening, encryption, firewalls, and more.
The document summarizes key concepts from the book "Computer Security: Principles and Practice" by Stallings, Brown, and Bauer. It defines computer security as measures that ensure confidentiality, integrity, and availability of information systems. It outlines threats to computer security like unauthorized disclosure, deception, disruption, and usurpation. It also defines security terminology like attacks, vulnerabilities, risks, and countermeasures. The document presents models for understanding computer security and the relationships between threats, vulnerabilities, attacks, and assets.
I am Nihal Jani from ahmedabad, Sakar English School. I was searching for a good ppt on slideshare on cyber terrorism, but couldn't find one. So I made one instead and am posting it to benifit other people like me...
This document discusses different types of cloud security services and the security features they provide. It describes security cloud services, including data encryption, firewalls, intrusion detection/prevention systems, and other features. These services help businesses protect their data, applications, and infrastructure from various threats by providing features such as encryption, access management, and security monitoring.
Cryptography and Network Security introduces key concepts in information security. It discusses security services like authentication and confidentiality, mechanisms like encryption, and attacks like interception of data. The course will focus on internet security and cryptographic techniques. It presents models for providing security during data transmission and for controlling network access. The goal is a systematic approach to defining security requirements and countering different types of threats.
Computer security - , cybersecurity or information technology security (IT security) is the protection of computer systems from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.
The field is becoming more important due to increased reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of "smart" devices, including smartphones, televisions, and the various devices that constitute the "Internet of things". Owing to its complexity, both in terms of politics and technology, cybersecurity is also one of the major challenges in the contemporary world.
Computer Security: protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
This document provides an overview of network security. It defines key terms like computer security, network security, and internet security. It discusses the goals of computer security which are confidentiality, integrity, and availability. It describes low, moderate, and high impact security breaches. It also covers challenges in computer security, aspects of security including attacks and mechanisms, and models for providing network security and access security.
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...karthikasivakumar3
Network security aims to protect computer systems and data from theft, damage, and disruption by securing hardware, software, and information. It involves measures to protect data transmission over interconnected networks. The three main goals of network security are confidentiality, integrity, and availability of data. Confidentiality ensures only authorized parties can access sensitive data. Integrity maintains the accuracy and reliability of data. Availability ensures authorized parties can access information when needed.
This document provides an overview of a university course on network and computer security. It outlines the course structure, including topics on cryptography, network security concepts, and laboratory exercises. It also defines key security terms like threats, attacks, security services, and security mechanisms.
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfVishwanathMahalle
This document outlines the syllabus for a course on cryptography. It includes 6 units that cover topics such as attacks on computers and computer security, symmetric and asymmetric key algorithms, digital signatures, public key infrastructure, internet security protocols, and user authentication. The objectives of the course are to teach security concepts and the need for security. Key topics covered include types of attacks, symmetric and asymmetric cryptography, encryption and decryption, digital certificates, and authentication methods. References for textbooks and additional reading materials are also provided.
This document provides an overview and introduction to cryptography and network security. It outlines key concepts like confidentiality, integrity, and availability. It also describes standards organizations, different types of security attacks and services, and security mechanisms. Models for network security and access are presented, which involve selecting appropriate identification and access control functions.
This ppt contains information about definition of computer & information security, types of attacks, services, mechanisms, controls and model for network security
The document provides an overview of cryptography and network security concepts. It describes the key objectives of studying this topic as understanding security requirements like confidentiality, integrity, and availability. It also discusses types of security threats and attacks. The document summarizes the main cryptographic algorithms and security architecture. It defines security services like authentication, access control, data confidentiality, and data integrity. It also discusses security mechanisms, threats, and attacks in network security.
The document provides an introduction to computer security including:
- The basic components of security such as confidentiality, integrity, and availability.
- Common security threats like snooping, modification, and denial of service attacks.
- Issues with security including operational challenges and human factors.
- An overview of security policies, access control models, and security models like Bell-LaPadula and Biba.
Cryptography and Network Security introduces key concepts in information security. It discusses (1) definitions of computer, network, and internet security, (2) the relationship between security services, mechanisms, and attacks, and (3) models for providing network and access security. The goal is to provide a systematic framework for defining security requirements and considering how cryptographic techniques can be used to detect, prevent, and recover from security attacks during data transmission.
Network security in computer network for BS23017156038
The document provides an overview of network security essentials, including:
1. Symmetric encryption uses a shared secret key between sender and receiver to encrypt and decrypt messages. Common symmetric algorithms include the Shift Cipher and Caesar Cipher.
2. The Caesar Cipher replaces each letter with the letter three positions further down the alphabet, encrypting "ET TU BRUTUS" to "HW WX EUXWXV".
3. Network security concepts like confidentiality, integrity, and availability are discussed alongside security attacks, services, and mechanisms defined in the X.800 standard. Models for providing network and access security are also introduced.
The document provides an overview of network security essentials, including:
1. Symmetric encryption uses a shared secret key between sender and receiver to encrypt and decrypt messages. Common symmetric algorithms include the Shift Cipher and Caesar Cipher.
2. The Caesar Cipher replaces each letter with the letter three positions further down the alphabet, encrypting "ET TU BRUTUS" to "HW WX EUXWXV".
3. Cryptography concepts like plaintext, ciphertext, cipher algorithms, and cryptanalysis are introduced. Symmetric encryption requires secure key distribution and management.
The document discusses cyber security and computer security. It defines key terms like computer security, network security, and internet security. It describes security attacks like passive attacks involving eavesdropping and active attacks involving modifying data. It also discusses security services like confidentiality, authentication, and integrity, and security mechanisms like encryption and digital signatures that are used to provide these security services and counter security attacks. Finally, it presents models for network security and network access security.
This document provides an open source study guide for the CompTIA Security+ SY0-501 exam. It aims to gather information from various online sources to cover all exam topics without requiring expensive training courses. The exam domains include threats and vulnerabilities, technologies and tools, architecture and design, identity and access management, risk management, and cryptography. The study guide also provides free resources like practice questions and training courses. It then covers various security topics in detail, such as attacks, system hardening, encryption, firewalls, and more.
The document summarizes key concepts from the book "Computer Security: Principles and Practice" by Stallings, Brown, and Bauer. It defines computer security as measures that ensure confidentiality, integrity, and availability of information systems. It outlines threats to computer security like unauthorized disclosure, deception, disruption, and usurpation. It also defines security terminology like attacks, vulnerabilities, risks, and countermeasures. The document presents models for understanding computer security and the relationships between threats, vulnerabilities, attacks, and assets.
I am Nihal Jani from ahmedabad, Sakar English School. I was searching for a good ppt on slideshare on cyber terrorism, but couldn't find one. So I made one instead and am posting it to benifit other people like me...
This document discusses different types of cloud security services and the security features they provide. It describes security cloud services, including data encryption, firewalls, intrusion detection/prevention systems, and other features. These services help businesses protect their data, applications, and infrastructure from various threats by providing features such as encryption, access management, and security monitoring.
Cryptography and Network Security introduces key concepts in information security. It discusses security services like authentication and confidentiality, mechanisms like encryption, and attacks like interception of data. The course will focus on internet security and cryptographic techniques. It presents models for providing security during data transmission and for controlling network access. The goal is a systematic approach to defining security requirements and countering different types of threats.
Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapte...University of Maribor
Slides from talk presenting:
Aleš Zamuda: Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapter and Networking.
Presentation at IcETRAN 2024 session:
"Inter-Society Networking Panel GRSS/MTT-S/CIS
Panel Session: Promoting Connection and Cooperation"
IEEE Slovenia GRSS
IEEE Serbia and Montenegro MTT-S
IEEE Slovenia CIS
11TH INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONIC AND COMPUTING ENGINEERING
3-6 June 2024, Niš, Serbia
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesChristina Lin
Traditionally, dealing with real-time data pipelines has involved significant overhead, even for straightforward tasks like data transformation or masking. However, in this talk, we’ll venture into the dynamic realm of WebAssembly (WASM) and discover how it can revolutionize the creation of stateless streaming pipelines within a Kafka (Redpanda) broker. These pipelines are adept at managing low-latency, high-data-volume scenarios.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Understanding Inductive Bias in Machine LearningSUTEJAS
This presentation explores the concept of inductive bias in machine learning. It explains how algorithms come with built-in assumptions and preferences that guide the learning process. You'll learn about the different types of inductive bias and how they can impact the performance and generalizability of machine learning models.
The presentation also covers the positive and negative aspects of inductive bias, along with strategies for mitigating potential drawbacks. We'll explore examples of how bias manifests in algorithms like neural networks and decision trees.
By understanding inductive bias, you can gain valuable insights into how machine learning models work and make informed decisions when building and deploying them.
2. Chapter 0 – Reader’s Guide
The art of war teaches us to rely not on the
likelihood of the enemy's not coming, but
on our own readiness to receive him; not
on the chance of his not attacking, but
rather on the fact that we have made our
position unassailable.
—The Art of War, Sun Tzu
4. Standards Organizations
National Institute of Standards &
Technology (NIST)
Internet Society (ISOC)
International Telecommunication Union
Telecommunication Standardization Sector
(ITU-T)
International Organization for
Standardization (ISO)
RSA Labs (de facto)
5. Chapter 1 – Introduction
The combination of space, time, and
strength that must be considered as the
basic elements of this theory of defense
makes this a fairly complicated matter.
Consequently, it is not easy to find a fixed
point of departure..
— On War, Carl Von Clausewitz
6. Computer Security
the protection afforded to an automated
information system in order to attain the
applicable objectives of preserving the
integrity, availability and confidentiality of
information system resources (includes
hardware, software, firmware,
information/data, and telecommunications)
8. Levels of Impact
can define 3 levels of impact from a
security breach
Low
Moderate
High
9. Low Impact
The loss could be expected to have a limited adverse
effect on organizational operations, organizational
assets, or individuals.
A limited adverse effect means that, for example, the
loss of confidentiality, integrity, or availability might
(i) cause a degradation in mission capability to an
extent and duration that the organization is able to
perform its primary functions, but the effectiveness of
the functions is noticeably reduced;
(ii) result in minor damage to organizational assets;
(iii) result in minor financial loss; or
(iv) result in minor harm to individuals.
10. Moderate Impact
The loss could be expected to have a serious adverse effect
on organizational operations, assets, or individuals.
A serious adverse effect means that, e.g., the loss might
(i) cause a significant degradation in mission capability to
an extent and duration that the organization is able to
perform its primary functions, but the effectiveness of the
functions is significantly reduced;
(ii) result in significant damage to organizational assets;
(iii) result in significant financial loss; or
(iv) result in significant harm to individuals that does not
involve loss of life or serious, life-threatening injuries.
11. High Impact
The loss could be expected to have a severe or
catastrophic adverse effect on organizational operations,
organizational assets, or individuals.
A severe or catastrophic adverse effect means that, for
example, the loss might
(i) cause a severe degradation in or loss of mission
capability to an extent and duration that the
organization is not able to perform one or more of its
primary functions;
(ii) result in major damage to organizational assets;
(iii) result in major financial loss; or
(iv) result in severe or catastrophic harm to individuals
involving loss of life or serious life threatening injuries.
12. Examples of Security
Requirements
confidentiality – student grades
integrity – patient information
availability – authentication service
authenticity – admission ticket
non-repudiation – stock sell order
13. Computer Security Challenges
1. not simple – easy to get it wrong
2. must consider potential attacks
3. procedures used counter-intuitive
4. involve algorithms and secret info
5. must decide where to deploy mechanisms
6. battle of wits between attacker / admin
7. not perceived to be of benefit until it fails
8. requires regular monitoring
a process, not an event
1. too often an after-thought
2. regarded as impediment to using system
“Unusable security is not secure”
14. OSI Security Architecture
ITU-T X.800 “Security Architecture for OSI”
defines a systematic way of defining and
providing security requirements
for us it provides a useful, if abstract,
overview of concepts we will study
15. Aspects of Security
consider 3 aspects of information security:
security attack
security mechanism (control)
security service
note terms
threat – a potential for violation of security
vulnerability – a way by which loss can happen
attack – an assault on system security, a
deliberate attempt to evade security services
22. Handling Attacks
Passive attacks – focus on Prevention
• Easy to stop
• Hard to detect
Active attacks – focus on Detection and
Recovery
• Hard to stop
• Easy to detect
23. Security Service
enhance security of data processing systems
and information transfers of an organization
intended to counter security attacks
using one or more security mechanisms
often replicates functions normally associated
with physical documents
• which, for example, have signatures, dates; need
protection from disclosure, tampering, or
destruction; be notarized or witnessed; be
recorded or licensed
24. Security Services
X.800:
“a service provided by a protocol layer of
communicating open systems, which ensures
adequate security of the systems or of data
transfers”
RFC 2828:
“a processing or communication service
provided by a system to give a specific kind of
protection to system resources”
25. Security Services (X.800)
Authentication - assurance that communicating
entity is the one claimed
have both peer-entity & data origin authentication
Access Control - prevention of the
unauthorized use of a resource
Data Confidentiality –protection of data from
unauthorized disclosure
Data Integrity - assurance that data received is
as sent by an authorized entity
Non-Repudiation - protection against denial by
one of the parties in a communication
Availability – resource accessible/usable
26. Security Mechanism
a.k.a. control
feature designed to detect, prevent, or
recover from a security attack
no single mechanism that will support all
services required
however one particular element underlies
many of the security mechanisms in use:
cryptographic techniques
hence our focus on this topic
29. Model for Network Security
using this model requires us to:
1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys) used
by the algorithm
3. develop methods to distribute and share the
secret information
4. specify a protocol enabling the principals to
use the transformation and secret
information for a security service
31. Model for Network Access
Security
using this model requires us to:
1. select appropriate gatekeeper functions to
identify users
2. implement security controls to ensure only
authorised users access designated
information or resources
note that model does not include:
1. monitoring of system for successful
penetration
2. monitoring of authorized users for misuse
3. audit logging for forensic uses, etc.