Uploaded by22r01a05l4
PPTX, PDF116 views

SECURITY PRINCIPLES AND SECURITY SERVICES.pptx

The document discusses the definition and significance of security, emphasizing the importance of confidentiality, integrity, and availability in protecting systems and data. It outlines standard measures to establish these principles, including encryption, 2FA, and data backups, while providing examples of their application. Additionally, it describes security services aimed at achieving these principles, such as authentication, access control, and non-repudiation.

Embed presentation

Download to read offline
SECURITY PRINCIPLES AND SECURITY SERVICES
Introduction to Security  Definition of Security: The measures taken to protect systems, data, and networks from unauthorized access, harm, or misuse.  Importance of Security: Ensures confidentiality, integrity, and availability (CIA) of information and systems.
Security Principles There are three security principles. ❑ Confidentiality ❑Integrity ❑Availability
Confidentiality Confidentiality is probably the most common aspect of information security. Example: Industrial Confidential data, Bank Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. Example: Bank data should be automatically updated after any transaction.
Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities. Example: Accessing of information anywhere at any time.
 Standard measures to establish confidentiality include:  Data encryption: Converts information into unreadable code unless decrypted with the correct key.  Two-factor authentication (2FA): Requires two identification forms for secure access.  Biometric verification: Uses unique biological traits (e.g., fingerprints) to confirm identity.  Security tokens: Digital assets representing ownership or access rights.  Standard measures to establish integrity include:  Cryptographic checksums (e.g., MD5, SHA-1, SHA-256): Verify data integrity by producing hash values.  File permissions: Control who can modify data.  Uninterrupted power supplies and data backups: Prevent data loss or corruption.
 Standard measures to establish availability include:  Data backups: Store data copies on external drives.  Firewalls: Protect against unauthorized access or attacks.  Backup power supplies and data redundancy: Maintain accessibility even during failures.  These principles work together to form the foundation of secure systems.
Security Services  Security services provide mechanisms and processes to achieve and maintain security principles.  ITU-T (International Telecommunication Union – Telecommunication standards)provides some security services and some mechanisms to implement those services.  Security services and mechanisms are closely related because a mechanism or combination of mechanisms are used to provide a service.
 Confidentiality: information is not made available to unauthorized individual  Integrity: assurance that the message is unaltered  Authentication: assures recipient that the message is from the source that it claims to be from.  Peer entity authentication: Provides for the corroboration of the identity of a peer entity in an association. Two entities are considered peers if they implement to same protocol in different systems; e.g., two TCP modules in two communicating systems.  Data origin authentication: Provides for the corroboration of the source of a data unit. It does not provide protection against the duplication or modification of data units  Non-Repudiation: protection against denial of sending or receiving in the communication  Access Control: controls who can have access to resource under what condition  Availability: available to authorized entities for 24/7.
THANK YOU

More Related Content

PPTX
COMPUTER SECURITY in Information Security
byEdFeranil
 
PPT
ch0001 computer systems security and principles and practices
bystephen972973
 
PPTX
Goals of security
bySavyasachi14
 
PPTX
1. Introduction to Information Security.pptx
bynoura53269
 
PPTX
syllabus of information security for 6th semester
byPankilPatel25
 
PPTX
IT.pptx
byRaaviKapoor
 
PPTX
Foundation of the information securiety
byALIZAIB KHAN
 
PPTX
Lecture-1 about programming language.pptx
byMUHAMMADAHMAD173574
 
COMPUTER SECURITY in Information Security
byEdFeranil
 
ch0001 computer systems security and principles and practices
bystephen972973
 
Goals of security
bySavyasachi14
 
1. Introduction to Information Security.pptx
bynoura53269
 
syllabus of information security for 6th semester
byPankilPatel25
 
IT.pptx
byRaaviKapoor
 
Foundation of the information securiety
byALIZAIB KHAN
 
Lecture-1 about programming language.pptx
byMUHAMMADAHMAD173574
 

Similar to SECURITY PRINCIPLES AND SECURITY SERVICES.pptx

PPT
1 network securityIntroduction - MSC.ppt
bybilqesahmed608
 
PPT
Cryptography - Unit I | Introduction to Security Concepts
byCUO VEERANAN VEERANAN
 
PPTX
Introduction of network security
bysneha padhiar
 
PPTX
Information-Security_System_Notes__.pptx
byabhinaygupta389
 
PPTX
Cryptography and network Security--MOD-1.pptx
byMrsPrajnaUR
 
PPTX
security introduction and overview lecture1 .pptx
bynagwaAboElenein
 
PPTX
I MSc CS CNS Day 1.pptx
byArumugam90
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
byNune SrinivasRao
 
PDF
Basics of Data Security and Cryptographic techniques
byJay Sahoo
 
PPT
engineering cryptography 21ECE73 Module-3 (2).pptx
byshaziasulthana2
 
PPT
ICSE6104 Lecturedfffffffffffffffffffff 1.ppt
byDavid622220
 
PDF
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
byVishwanathMahalle
 
PPTX
Security Training: #1 What Actually a Security Is?
byYulian Slobodyan
 
PPTX
information system and infor,ation management .pptx
byalok1936556sahu
 
PPT
CNS Unit-I_final.ppt
bySwapnaPavan2
 
PPT
Intro-2013.pptIntro-2013.pptIntro-2013.ppt
bytahirnaquash2
 
PPTX
IAS101_Week 2-3_Introduction to Information Systems and Security.pptx
byAngela Arago
 
PPTX
02-overview.pptx
byEmanAzam
 
PPTX
Securing Networks and Operating Systems.pptx
bylionbitme
 
PPT
Chapter 1.ppt
byTamer Nadeem
 
1 network securityIntroduction - MSC.ppt
bybilqesahmed608
 
Cryptography - Unit I | Introduction to Security Concepts
byCUO VEERANAN VEERANAN
 
Introduction of network security
bysneha padhiar
 
Information-Security_System_Notes__.pptx
byabhinaygupta389
 
Cryptography and network Security--MOD-1.pptx
byMrsPrajnaUR
 
security introduction and overview lecture1 .pptx
bynagwaAboElenein
 
I MSc CS CNS Day 1.pptx
byArumugam90
 
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
byNune SrinivasRao
 
Basics of Data Security and Cryptographic techniques
byJay Sahoo
 
engineering cryptography 21ECE73 Module-3 (2).pptx
byshaziasulthana2
 
ICSE6104 Lecturedfffffffffffffffffffff 1.ppt
byDavid622220
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
byVishwanathMahalle
 
Security Training: #1 What Actually a Security Is?
byYulian Slobodyan
 
information system and infor,ation management .pptx
byalok1936556sahu
 
CNS Unit-I_final.ppt
bySwapnaPavan2
 
Intro-2013.pptIntro-2013.pptIntro-2013.ppt
bytahirnaquash2
 
IAS101_Week 2-3_Introduction to Information Systems and Security.pptx
byAngela Arago
 
02-overview.pptx
byEmanAzam
 
Securing Networks and Operating Systems.pptx
bylionbitme
 
Chapter 1.ppt
byTamer Nadeem
 

Recently uploaded

PPTX
Plant Bio-additives (2).pptxA plant bioadditive is a functional substance der...
byMadan Bhandari university and St. Xavier's college , Maitighar
 
DOCX
Project Management(BOE 070) notes Unite 4 AKTU
by26dsyogam
 
PDF
PROPEX-RAG: Prompt-Driven GraphRAG for Multi-Hop QA
byapurvakarne
 
PPTX
1_Sources of security threats, Motives, Target.pptx
bydolly475229
 
PPTX
Transportation Engineering- Modes of Transport, Types of roads, Components of...
byvidyanand kadam
 
PDF
Hybrid Anomaly Detection Mechanism for IOT Networks
byIJCNCJournal
 
PPTX
22PEOIT4C Session 1 Introduction to AI and intelligent agents.pptx
bymailmegokilavani
 
PPTX
Track & Monitor Preventive Maintenance — Best Practices with MaintWiz CMMS
byMaintWiz Technologies Private Limited
 
PDF
3rd International Conference on AI & Civil Engineering (AICiViL 2025)
byieijjournal
 
PDF
AI-Driven CTI for Business: Emerging Threats, Attack Strategies, and Defensiv...
byAIRCC Publishing Corporation
 
PPTX
MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx
bypavanscholar123
 
PPTX
KTU 2024 SCHEME -PEMET 413 COMPOSITE MATERIALS MODULE 1 LECTURE 1.pptx
byVinayB68
 
PPTX
22PEOIT4C Session 7 A searching algorithm.pptx
bymailmegokilavani
 
PPTX
Fiber reinforced concrete (FRC) is a composite material made from Portland ce...
bymanojaioe
 
PPTX
Environmental and Ecology UNIT 4 - Global Warming-1.pptx
byMinakshiSultania
 
PPTX
Civil_Engineering_Technician_Skill_Assessment_2025_2026_Presentation.pptx
byCDR Australia Engineer
 
PPTX
Network intrusion detection system .pptx
byvenomghost09082000
 
PPTX
Engineering Economics CHAPTER 4.pptx - R
byMisgnaArefe
 
PPTX
infosecurity & Cyber Sec 2025 September for deep.pptx
bymsrehan
 
PPTX
22PEOIT4C Session 9 Local search in continuous space.pptx
bymailmegokilavani
 
Plant Bio-additives (2).pptxA plant bioadditive is a functional substance der...
byMadan Bhandari university and St. Xavier's college , Maitighar
 
Project Management(BOE 070) notes Unite 4 AKTU
by26dsyogam
 
PROPEX-RAG: Prompt-Driven GraphRAG for Multi-Hop QA
byapurvakarne
 
1_Sources of security threats, Motives, Target.pptx
bydolly475229
 
Transportation Engineering- Modes of Transport, Types of roads, Components of...
byvidyanand kadam
 
Hybrid Anomaly Detection Mechanism for IOT Networks
byIJCNCJournal
 
22PEOIT4C Session 1 Introduction to AI and intelligent agents.pptx
bymailmegokilavani
 
Track & Monitor Preventive Maintenance — Best Practices with MaintWiz CMMS
byMaintWiz Technologies Private Limited
 
3rd International Conference on AI & Civil Engineering (AICiViL 2025)
byieijjournal
 
AI-Driven CTI for Business: Emerging Threats, Attack Strategies, and Defensiv...
byAIRCC Publishing Corporation
 
MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx
bypavanscholar123
 
KTU 2024 SCHEME -PEMET 413 COMPOSITE MATERIALS MODULE 1 LECTURE 1.pptx
byVinayB68
 
22PEOIT4C Session 7 A searching algorithm.pptx
bymailmegokilavani
 
Fiber reinforced concrete (FRC) is a composite material made from Portland ce...
bymanojaioe
 
Environmental and Ecology UNIT 4 - Global Warming-1.pptx
byMinakshiSultania
 
Civil_Engineering_Technician_Skill_Assessment_2025_2026_Presentation.pptx
byCDR Australia Engineer
 
Network intrusion detection system .pptx
byvenomghost09082000
 
Engineering Economics CHAPTER 4.pptx - R
byMisgnaArefe
 
infosecurity & Cyber Sec 2025 September for deep.pptx
bymsrehan
 
22PEOIT4C Session 9 Local search in continuous space.pptx
bymailmegokilavani
 

SECURITY PRINCIPLES AND SECURITY SERVICES.pptx

  • 1.
  • 2.
    Introduction to Security Definition of Security: The measures taken to protect systems, data, and networks from unauthorized access, harm, or misuse.  Importance of Security: Ensures confidentiality, integrity, and availability (CIA) of information and systems.
  • 3.
    Security Principles There arethree security principles. ❑ Confidentiality ❑Integrity ❑Availability
  • 4.
    Confidentiality Confidentiality is probablythe most common aspect of information security. Example: Industrial Confidential data, Bank Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. Example: Bank data should be automatically updated after any transaction.
  • 5.
    Availability The information createdand stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities. Example: Accessing of information anywhere at any time.
  • 6.
     Standard measuresto establish confidentiality include:  Data encryption: Converts information into unreadable code unless decrypted with the correct key.  Two-factor authentication (2FA): Requires two identification forms for secure access.  Biometric verification: Uses unique biological traits (e.g., fingerprints) to confirm identity.  Security tokens: Digital assets representing ownership or access rights.  Standard measures to establish integrity include:  Cryptographic checksums (e.g., MD5, SHA-1, SHA-256): Verify data integrity by producing hash values.  File permissions: Control who can modify data.  Uninterrupted power supplies and data backups: Prevent data loss or corruption.
  • 7.
     Standard measuresto establish availability include:  Data backups: Store data copies on external drives.  Firewalls: Protect against unauthorized access or attacks.  Backup power supplies and data redundancy: Maintain accessibility even during failures.  These principles work together to form the foundation of secure systems.
  • 8.
    Security Services  Securityservices provide mechanisms and processes to achieve and maintain security principles.  ITU-T (International Telecommunication Union – Telecommunication standards)provides some security services and some mechanisms to implement those services.  Security services and mechanisms are closely related because a mechanism or combination of mechanisms are used to provide a service.
  • 9.
     Confidentiality: informationis not made available to unauthorized individual  Integrity: assurance that the message is unaltered  Authentication: assures recipient that the message is from the source that it claims to be from.  Peer entity authentication: Provides for the corroboration of the identity of a peer entity in an association. Two entities are considered peers if they implement to same protocol in different systems; e.g., two TCP modules in two communicating systems.  Data origin authentication: Provides for the corroboration of the source of a data unit. It does not provide protection against the duplication or modification of data units  Non-Repudiation: protection against denial of sending or receiving in the communication  Access Control: controls who can have access to resource under what condition  Availability: available to authorized entities for 24/7.
  • 10.