SlideShare a Scribd company logo
1 of 12
OSI SECURITY ARCHITECTURE
K.KAMALESH
23MCA21
INTRODUCTION TO OSI SECURITY ARCHITECTURE :
● The security of an organization is the greatest concern of the people working at the organization.
Safety and security are the pillars of cyber technology.
● It is hard to imagine the cyber world without thinking about security. The architecture of security is
thus a very important aspect of the organization.
● The OSI (Open Systems Interconnection) Security Architecture defines a systematic approach to
providing security at each layer.
● It defines security services and security mechanisms that can be used at each of the seven
layers of the OSI model to provide security for data transmitted over a network.
● These security services and mechanisms help to ensure the confidentiality, integrity, and
availability of the data. OSI architecture is internationally acceptable as it lays the flow of
providing safety in an organization.
SECURITY ARCHITECTURE:
Security Attack:
● A security attack is an attempt by a person or entity to gain unauthorized access to disrupt or
compromise the security of a system, network, or device.
● These are defined as the actions that put at risk an organization’s safety.
● They are further classified into 2 sub-categories:
● Passive Attack
● Active Attack
Passive Attack:
● Attacks in which a third-party intruder tries to access the message/ content/ data being shared by the sender
and receiver by keeping a close watch on the transmission or eave-dropping the transmission is called
Passive Attacks.
● These types of attacks involve the attacker observing or monitoring system, network, or device activity
without actively disrupting or altering it. Passive attacks are typically focused on gathering information or
intelligence, rather than causing damage or disruption.
● Here, both the sender and receiver have no clue that their message/ data is accessible to some third-party
intruder. The message/ data transmitted remains in its usual form without any deviation from its usual
behavior. This makes passive attacks very risky as there is no information provided about the attack
happening in the communication process.
Active Attack:
● Active attacks refer to types of attacks that involve the attacker actively disrupting or altering system,
network, or device activity. Active attacks are typically focused on causing damage or disruption, rather than
gathering information or intelligence.
● Here, both the sender and receiver have no clue that their message/ data is modified by some third-party
intruder. The message/ data transmitted doesn’t remain in its usual form and shows deviation from its usual
behavior.
Masquerade
● It is a type of attack in which the attacker pretends to be an authentic sender in order to gain unauthorized
access to a system. This type of attack can involve the attacker using stolen or forged credentials, or
manipulating authentication or authorization controls in some other way.
Replay:
● It is a type of active attack in which the attacker intercepts a transmitted message through a passive channel
and then maliciously or fraudulently replays or delays it at a later time.
Modification of Message :
● It involves the attacker modifying the transmitted message and making the final message received by the
receiver look like it’s not safe or non-meaningful. This type of attack can be used to manipulate the content
of the message or to disrupt the communication process.
Denial of service (DoS) :
● This attacks involve the attacker sending a large volume of traffic to a system, network, or device in an
attempt to overwhelm it and make it unavailable to legitimate users.
SECURITY MECHANISM :
● The mechanism that is built to identify any breach of security or attack on the organization, is called a
security mechanism. Security Mechanisms are also responsible for protecting a system, network, or
device against unauthorized access, tampering, or other security threats.
● Security mechanisms can be implemented at various levels within a system or network and can be used to
provide different types of security, such as confidentiality, integrity, or availability.
● Encipherment
● Digital signature
● Traffic padding
● Routing control
Enciphermen:
● Encipherment involves the use of algorithms to transform data into a form that can only be
read by someone with the appropriate decryption key. Encryption can be used to protect
data it is transmitted over a network, or to protect data when it is stored on a device.
Digital signature :
● Digital signature is a security mechanism that involves the use of cryptographic techniques
to create a unique, verifiable identifier for a digital document or message, which can be used
to ensure the authenticity and integrity of the document or message.
Traffic padding:
● Traffic padding is a technique used to add extra data to a network traffic stream in an
attempt to obscure the true content of the traffic and make it more difficult to analyze.
Routing control :
● Routing control allows the selection of specific physically secure routes for specific data
transmission and enables routing changes, particularly when a gap in security is suspected.
SECURITY SERVICES :
● Security services refer to the different services available for maintaining the security and
safety of an organization.
● They help in preventing any potential risks to security. Security services are divided into 5
type
● Authentication
● Access control
● Data integrity
Authentication:
● Authentication is the process of verifying the identity of a user or device in order to grant or deny acces
to a system or device.
Access control:
● Access control involvesthe use of policies and procedures to determine who is allowed to access spec
resources within a system.
Data Confidentiality:
● Data Confidentiality is responsible for the protection of information from being accessed or disclosed t
unauthorized parties.
Data integrity:
● Data integrity is a security mechanism that involves the use of techniques to ensure that data has not
been tampered with or altered in any way during transmission or storage.
Non- repudiation:
● Non- repudiation involves the use of techniques to create a verifiable record of the origin and
transmission of a message, which can be used to prevent the sender from denying that they sent the
message.
Benefits of OSI Architecture:
1. Providing Security:
● OSI Architecture in an organization provides the needed security and safety, preventing potential threats
and risks.
● Managers can easily take care of the security and there is hassle-free security maintenance done through
OSI Architecture.
2. Organising Task:
● The OSI architecture makes it easy for managers to build a security model for the organization based on
strong security principles.
● Managers get the opportunity to organize tasks in an organization effectively.
3. Meets International Standards:
● Security services are defined and recognized internationally meeting international standards.
● The standard definition of requirements defined using OSI Architecture is globally accepted.
Thanks you 😊

More Related Content

What's hot

с- ми_за-откриване_на_атаки(ids)
с- ми_за-откриване_на_атаки(ids)с- ми_за-откриване_на_атаки(ids)
с- ми_за-откриване_на_атаки(ids)
ssalieva
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
Bikrant Gautam
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Sweta Sharma
 

What's hot (20)

Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection SystemsUsing Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Network security
Network securityNetwork security
Network security
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
 
fault-tolerance-slide.ppt
fault-tolerance-slide.pptfault-tolerance-slide.ppt
fault-tolerance-slide.ppt
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems  and Intrusion Prevention Systems Intrusion Detection Systems  and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
с- ми_за-откриване_на_атаки(ids)
с- ми_за-откриване_на_атаки(ids)с- ми_за-откриване_на_атаки(ids)
с- ми_за-откриване_на_атаки(ids)
 
Cloud-based IDS architectures : APPLYING THE IDS APPROACHES INTO THE CLOUD EN...
Cloud-based IDS architectures : APPLYING THE IDS APPROACHES INTO THE CLOUD EN...Cloud-based IDS architectures : APPLYING THE IDS APPROACHES INTO THE CLOUD EN...
Cloud-based IDS architectures : APPLYING THE IDS APPROACHES INTO THE CLOUD EN...
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat Modeling
 
Firewalls
FirewallsFirewalls
Firewalls
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chain
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
 
Information security
Information securityInformation security
Information security
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introduction
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptx
 
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
 

Similar to Osi security architecture in network.pptx

Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
AparnaSunil24
 
Computer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptxComputer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptx
dagiabebe267
 

Similar to Osi security architecture in network.pptx (20)

information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
Network security chapter 1
Network security   chapter 1Network security   chapter 1
Network security chapter 1
 
Lec 01.pdf
Lec 01.pdfLec 01.pdf
Lec 01.pdf
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdf
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
COMPUTER SECURITY
COMPUTER SECURITYCOMPUTER SECURITY
COMPUTER SECURITY
 
Computer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptxComputer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptx
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITY
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.ppt
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
 
Security and Privacy Considerations in the Open Network for Digital Commerce.pdf
Security and Privacy Considerations in the Open Network for Digital Commerce.pdfSecurity and Privacy Considerations in the Open Network for Digital Commerce.pdf
Security and Privacy Considerations in the Open Network for Digital Commerce.pdf
 
Information Security
Information SecurityInformation Security
Information Security
 
I MSc CS CNS Day 1.pptx
I MSc CS CNS Day 1.pptxI MSc CS CNS Day 1.pptx
I MSc CS CNS Day 1.pptx
 
Computer Security Chapter 1
Computer Security Chapter 1Computer Security Chapter 1
Computer Security Chapter 1
 
Introduction of ethical hacking.........
Introduction of ethical hacking.........Introduction of ethical hacking.........
Introduction of ethical hacking.........
 
Network security
Network securityNetwork security
Network security
 

Recently uploaded

Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Lisi Hocke
 

Recently uploaded (20)

WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - Building a Digital Government in Uganda
WSO2CON 2024 - Building a Digital Government in UgandaWSO2CON 2024 - Building a Digital Government in Uganda
WSO2CON 2024 - Building a Digital Government in Uganda
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
 
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
 
WSO2Con2024 - Low-Code Integration Tooling
WSO2Con2024 - Low-Code Integration ToolingWSO2Con2024 - Low-Code Integration Tooling
WSO2Con2024 - Low-Code Integration Tooling
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
WSO2Con2024 - Organization Management: The Revolution in B2B CIAM
WSO2Con2024 - Organization Management: The Revolution in B2B CIAMWSO2Con2024 - Organization Management: The Revolution in B2B CIAM
WSO2Con2024 - Organization Management: The Revolution in B2B CIAM
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...
WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...
WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...
 

Osi security architecture in network.pptx

  • 2. INTRODUCTION TO OSI SECURITY ARCHITECTURE : ● The security of an organization is the greatest concern of the people working at the organization. Safety and security are the pillars of cyber technology. ● It is hard to imagine the cyber world without thinking about security. The architecture of security is thus a very important aspect of the organization. ● The OSI (Open Systems Interconnection) Security Architecture defines a systematic approach to providing security at each layer. ● It defines security services and security mechanisms that can be used at each of the seven layers of the OSI model to provide security for data transmitted over a network. ● These security services and mechanisms help to ensure the confidentiality, integrity, and availability of the data. OSI architecture is internationally acceptable as it lays the flow of providing safety in an organization.
  • 4. Security Attack: ● A security attack is an attempt by a person or entity to gain unauthorized access to disrupt or compromise the security of a system, network, or device. ● These are defined as the actions that put at risk an organization’s safety. ● They are further classified into 2 sub-categories: ● Passive Attack ● Active Attack
  • 5. Passive Attack: ● Attacks in which a third-party intruder tries to access the message/ content/ data being shared by the sender and receiver by keeping a close watch on the transmission or eave-dropping the transmission is called Passive Attacks. ● These types of attacks involve the attacker observing or monitoring system, network, or device activity without actively disrupting or altering it. Passive attacks are typically focused on gathering information or intelligence, rather than causing damage or disruption. ● Here, both the sender and receiver have no clue that their message/ data is accessible to some third-party intruder. The message/ data transmitted remains in its usual form without any deviation from its usual behavior. This makes passive attacks very risky as there is no information provided about the attack happening in the communication process.
  • 6. Active Attack: ● Active attacks refer to types of attacks that involve the attacker actively disrupting or altering system, network, or device activity. Active attacks are typically focused on causing damage or disruption, rather than gathering information or intelligence. ● Here, both the sender and receiver have no clue that their message/ data is modified by some third-party intruder. The message/ data transmitted doesn’t remain in its usual form and shows deviation from its usual behavior. Masquerade ● It is a type of attack in which the attacker pretends to be an authentic sender in order to gain unauthorized access to a system. This type of attack can involve the attacker using stolen or forged credentials, or manipulating authentication or authorization controls in some other way. Replay: ● It is a type of active attack in which the attacker intercepts a transmitted message through a passive channel and then maliciously or fraudulently replays or delays it at a later time. Modification of Message : ● It involves the attacker modifying the transmitted message and making the final message received by the receiver look like it’s not safe or non-meaningful. This type of attack can be used to manipulate the content of the message or to disrupt the communication process. Denial of service (DoS) : ● This attacks involve the attacker sending a large volume of traffic to a system, network, or device in an attempt to overwhelm it and make it unavailable to legitimate users.
  • 7. SECURITY MECHANISM : ● The mechanism that is built to identify any breach of security or attack on the organization, is called a security mechanism. Security Mechanisms are also responsible for protecting a system, network, or device against unauthorized access, tampering, or other security threats. ● Security mechanisms can be implemented at various levels within a system or network and can be used to provide different types of security, such as confidentiality, integrity, or availability. ● Encipherment ● Digital signature ● Traffic padding ● Routing control
  • 8. Enciphermen: ● Encipherment involves the use of algorithms to transform data into a form that can only be read by someone with the appropriate decryption key. Encryption can be used to protect data it is transmitted over a network, or to protect data when it is stored on a device. Digital signature : ● Digital signature is a security mechanism that involves the use of cryptographic techniques to create a unique, verifiable identifier for a digital document or message, which can be used to ensure the authenticity and integrity of the document or message. Traffic padding: ● Traffic padding is a technique used to add extra data to a network traffic stream in an attempt to obscure the true content of the traffic and make it more difficult to analyze. Routing control : ● Routing control allows the selection of specific physically secure routes for specific data transmission and enables routing changes, particularly when a gap in security is suspected.
  • 9. SECURITY SERVICES : ● Security services refer to the different services available for maintaining the security and safety of an organization. ● They help in preventing any potential risks to security. Security services are divided into 5 type ● Authentication ● Access control ● Data integrity
  • 10. Authentication: ● Authentication is the process of verifying the identity of a user or device in order to grant or deny acces to a system or device. Access control: ● Access control involvesthe use of policies and procedures to determine who is allowed to access spec resources within a system. Data Confidentiality: ● Data Confidentiality is responsible for the protection of information from being accessed or disclosed t unauthorized parties. Data integrity: ● Data integrity is a security mechanism that involves the use of techniques to ensure that data has not been tampered with or altered in any way during transmission or storage. Non- repudiation: ● Non- repudiation involves the use of techniques to create a verifiable record of the origin and transmission of a message, which can be used to prevent the sender from denying that they sent the message.
  • 11. Benefits of OSI Architecture: 1. Providing Security: ● OSI Architecture in an organization provides the needed security and safety, preventing potential threats and risks. ● Managers can easily take care of the security and there is hassle-free security maintenance done through OSI Architecture. 2. Organising Task: ● The OSI architecture makes it easy for managers to build a security model for the organization based on strong security principles. ● Managers get the opportunity to organize tasks in an organization effectively. 3. Meets International Standards: ● Security services are defined and recognized internationally meeting international standards. ● The standard definition of requirements defined using OSI Architecture is globally accepted.