Information Security

By: Muhammad Hanif

Cryptography and
Network Security
Chapter 1
Fifth Edition
by William Stallings
Quote of the day
➢ O Lord, increase my knowledge.
➢ O my Lord, Open for me my chest, and Ease my task for me, and Loosen the knot
from my tongue, that they Understand my speech.
Ameen suma ameen.
Roadmap
➢ Standards Organizations
➢ Introduction to Security
➢ Information Security
➢ OSI Security Architecture
➢ Security Attack
➢ Security Services
➢ Security Mechanism
Standards Organizations
➢ National Institute of Standards & Technology (NIST)
➢ Internet Society (ISOC)
➢ International Telecommunication Union Telecommunication Standardization Sector
(ITU-T)
➢ International Organization for Standardization (ISO)
Introduction
➢ Computer Security: Method of protecting information, computer programs, and other computer
system assets while they are (not) connected to the network. Include operating system security,
software security, access control & physical security etc.
➢ Network Security: Measures to protect data during their transmission on a computer network, like
data protection, data and source authentication etc.
➢ Internet Security: Measures to protect data during their transmission over a collection of
interconnected networks
➢ Communication Security: Measures and controls taken to deny unauthorized persons information
derived from telecommunications and ensure the authenticity of such telecommunications.
Information Security
➢ Information security means protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification or destruction.
➢ 3 main components of Information system:
➢ Software
➢ Hardware
➢ Communications
➢ 3 levels of Information Security:
➢ Physical
➢ Personal
➢ Organizational
➢ 3 main Information Security Goals: [CIA]
➢ Confidentiality (C)
➢ Integrity (I)
➢ Availability (A)
Security Goals (CIA)
Security Goals (CIA)
➢ Confidentiality
Confidentiality means that unauthorized person cannot read sensitive information, either while it is
on a computer or while it is traveling across a network.
➢ Integrity
Integrity means that unauthorized person cannot change or destroy information, either while it is
on a computer or while it is traveling across a network.
Or, at least, if information is changed or destroyed, then the receiver can detect the change or
restore destroyed data.
➢ Availability
Availability means that people who are authorized to use information are not prevented from
doing so.
OSI Security Architecture
➢ ITU-T X.800 “Security Architecture for OSI”
➢ Its a systematic way of defining and providing security
requirements
➢ for us it provides a useful and abstract overview of concepts we
will study
OSI Security Architecture
➢ Consider 3 aspects of information security:
1. security attack
2. security mechanism
3. security service
OSI Security Architecture
➢ The OSI (Open System Interconnection ) defines:
1. Security Attack: Any action that compromises the security of information owned by an organization
2. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security
attack
3. Security Service: A processing or communication service that is provided by a system to give a
specific kind of protection to system resources; security services implement security policies and
are implemented by security mechanisms
➢ Example: Data Confidentiality is a security service which can be provided through encipherment- a
security mechanism, to avoid data disclosure (security attack)