This document defines key terms related to computer, network, and internet security. It discusses three main aspects of information security: security attacks, security mechanisms, and security services. Security attacks are any actions that compromise security, security mechanisms are used to detect, prevent, and recover from attacks, and security services enhance security of data processing and transfer. The document also classifies security attacks as either passive (like interception) or active (like modification), and presents a model for network access security using gatekeeper functions to identify users and controls to authorize access.

1. 1
Network and Data
Security

2. 2
Definitions
 Computer Security - generic name for the
collection of tools designed to protect data
and to prevent hackers.
 Network Security - measures to protect
data during transmission across the
network.
 Internet Security - measures to protect
data during their transmission over a
collection of interconnected networks.

3. 3
Attacks, Mechanisms and Services
 Need a systematic way to define
requirements for security and characterizing
the approaches to satisfy those requirements
 Three aspects of information security:
 security attack
 security mechanism
 security service

4. 4
 Security Attacks: Any Action that compromises the security
of the information.
 Security mechanism: the mechanism that be used to Detect,
prevent and recover from a security attack.
 Security Services: the Services that Enhances the security of
data processing and transferring.
Attacks, Mechanisms and Services

5. 5
Security Attack Types

6. 6
Security Mechanism
 a mechanism that is designed to detect,
prevent, or recover from a security attack
 no single mechanism that will support all
functions required
 however one particular element underlies
many of the security mechanisms in use:
cryptographic techniques

7. 7
Security Service

8. 8

9. 9

10. 10
Classify Security Attacks as
 Passive attacks – Difficult to detect, because
alteration of data is not involved
(Interception Attack)
 Release of message contents
 monitor traffic flows
 Active attacks – Modification of data stream
(Interruption, modification, fabrication)
 masquerade of one entity as some other
 replay previous messages
 modify messages on transit
 denial of service

11. 11

12. 12

13. 13

14. 14

15. 15

16. 16
Model for Network Security

17. 17

18. 18
Requirements of the Security Model

19. 19
Model for Network Access Security

20. 20
Model for Network Access Security
 using this model requires us to:
 select appropriate gatekeeper functions to
identify users
 Gatekeeping is the process through which
information is filtered for dissemination.
 implement security controls to ensure only
authorised users access designated information
or resources
 trusted computer systems can be used to
implement this model

21. Thank You
21

22. 22