Security Concepts: Introduction, The need for security, Security approaches, Principles of security, Types of Security attacks, Security services, Security Mechanisms, A model for Network Security Cryptography Concepts and Techniques: Introduction, plain text and cipher text, substitution techniques, transposition techniques, encryption and decryption, symmetric and asymmetric key cryptography, steganography, key range and key size, possible types of attacks
CS8792 - Cryptography and Network Securityvishnukp34
this is an engineering subject.this consist of
pgno: 5 - Information security in past & present
pgno: 7 - Aim of Course
pgno: 8 - OSI Security Architecture
pgno: 9 - Security Goals – CIA Triad
pgno: 13 - Aspects of Security
pgno: 17 - ATTACKS
pgno: 22 - Passive Versus Active Attacks
pgno: 23 - SERVICES AND MECHANISMS
Security Concepts: Introduction, The need for security, Security approaches, Principles of security, Types of Security attacks, Security services, Security Mechanisms, A model for Network Security Cryptography Concepts and Techniques: Introduction, plain text and cipher text, substitution techniques, transposition techniques, encryption and decryption, symmetric and asymmetric key cryptography, steganography, key range and key size, possible types of attacks
CS8792 - Cryptography and Network Securityvishnukp34
this is an engineering subject.this consist of
pgno: 5 - Information security in past & present
pgno: 7 - Aim of Course
pgno: 8 - OSI Security Architecture
pgno: 9 - Security Goals – CIA Triad
pgno: 13 - Aspects of Security
pgno: 17 - ATTACKS
pgno: 22 - Passive Versus Active Attacks
pgno: 23 - SERVICES AND MECHANISMS
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
Chapter 1.ppt
1. 1
Network Security
Chase Q. Wu
New Jersey Institute of Technology
Oak Ridge National Laboratory
https://web.njit.edu/~chasewu
Email: chase.wu@njit.edu
wuqn@ornl.gov
3. 3
About This Course
Textbook:
1. Network Security Essentials: Applications and Standards,
3rd Ed. William Stallings
2. Cryptography and Network Security: Principles and
Practices, 4th Ed. William Stallings
Contents:
1. Cryptography
– Algorithms and protocols
– Conventional and public key-based encryption, hash func,
digital signatures, and key exchange
2. Network security applications
– Applications and tools
– Kerberos, X.509v3 certificates, PGP, S/MIME, IP
security, SSL/TLS, SET, and SNMPv3
3. System security
– System-level issues
– Intruders, viruses, worms, DOS
5. 5
Coursework Components
Homework:
– After each chapter
Projects:
– Cryptography (RSA implementation)
– A secure instant messenger system
Exams: Comprehensive in English
Do I have a TA to help with the class?
6. 6
Chapter 1 – Introduction
… teaches us to rely not on the likelihood of the
enemy's not coming, but on our own readiness
to receive him; not on the chance of his not
attacking, but rather on the fact that we have
made our position unassailable.
—The Art of War, Sun Tzu
故用兵之法,无恃其不来,恃吾有以待也;无
恃其不攻,恃吾有所不可攻也。
—《孙子兵法 · 九变篇》
7. 7
Outline
• Background
• Attacks, services and mechanisms
• Security attacks
• Security services
• Methods of Defense
• A model for Internetwork Security
• Internet standards and RFCs
8. 8
Background
• Information Security requirements have
changed in recent times
– Traditionally provided by physical and
administrative mechanisms
– Many daily activities have been shifted from
physical world to cyber space
• Use of computers
– Protect files and other stored information
• Use of networks and communications links
– Protect data during transmission
• The focus of many funding agencies in US
– DOD, NSF, DHS, etc.
– ONR: game theory for cyber security
9. 9
Definitions
• Computer Security
– Generic name for the collection of tools
designed to protect data and to thwart
hackers
• Network Security
– Measures to protect data during their
transmission
• Internet Security (our focus!)
– Measures to protect data during their
transmission over a collection of
interconnected networks
11. 11
OSI Security Architecture
• ITU-T X.800 “Security Architecture for
OSI”
– A systematic way of defining and providing
security requirements
– Provides a useful, if abstract, overview of
concepts we will study
ITU-T: International Telecommunication Union
Telecommunication Standardization Sector
OSI: Open Systems Interconnection
12. 12
3 Aspects of Info Security
• Security Attack
– Any action that compromises the security of
information.
• Security Mechanism
– A mechanism that is designed to detect, prevent, or
recover from a security attack.
• Security Service
– A service that enhances the security of data
processing systems and information transfers.
• Makes use of one or more security mechanisms.
13. 13
Security Attacks
• Threat & attack
– Often used equivalently
• There are a wide range of attacks
– Two generic types of attacks
• Passive
• Active
15. 15
Security Attacks
• Interruption: This is an attack on
availability
• Interception: This is an attack on
confidentiality
• Modification: This is an attack on
integrity
• Fabrication: This is an attack on
authenticity
16. 16
3 Primary Security Goals
Fundamental security objectives for both data and
information/computing services
18. 18
Security Services
X.800
– A service provided by a protocol layer of communicating open systems,
which ensures adequate security of the systems or of data transfers
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
19. 19
Security Mechanism
• Features designed to detect, prevent, or
recover from a security attack
• No single mechanism that will support all
services required
• One particular element underlies many of
the security mechanisms in use:
– Cryptographic techniques
– Hence we will focus on this topic first
22. 22
Model for Network Security
Using this model requires us to:
1. design a suitable algorithm for the security
transformation (message de/encryption)
2. generate the secret information (keys) used by
the algorithm
3. develop methods to distribute and share the
secret information (keys)
4. specify a protocol enabling the principals to
use the transformation and secret information
for a security service (e.g. ssh)
24. 24
Model for Network Access Security
Using this model requires us to implement:
1. Authentication
select appropriate gatekeeper functions to identify
users
2. Authorization
implement security controls to ensure only
authorized users access designated information or
resources
Trusted computer systems may be useful
to help implement this model
25. 25
Methods of Defense
• Encryption
• Software Controls
– Limit access in a database or in operating
systems
– Protect each user from other users
• Hardware Controls
– Smartcard (ICC, used for digital signature and
secure identification)
• Policies
– Frequent changes of passwords
– Recent study shows controversial arguments
• Physical Controls
26. 26
Internet standards and RFCs
• Three organizations in the Internet
society
– Internet Architecture Board (IAB)
• Defining overall Internet architecture
• Providing guidance to IETF
– Internet Engineering Task Force (IETF)
• Actual development of protocols and standards
– Internet Engineering Steering Group (IESG)
• Technical management of IETF activities and
Internet standards process