Cryptography and Network Security Chapter 1 Fifth Edition by William Stallings Quote of the day ➢ O Lord, increase my knowledge. ➢ O my Lord, Open for me my chest, and Ease my task for me, and Loosen the knot from my tongue, that they Understand my speech. Ameen suma ameen. Roadmap ➢ Standards Organizations ➢ Introduction to Security ➢ Information Security ➢ OSI Security Architecture ➢ Security Attack ➢ Security Services ➢ Security Mechanism Standards Organizations ➢ National Institute of Standards & Technology (NIST) ➢ Internet Society (ISOC) ➢ International Telecommunication Union Telecommunication Standardization Sector (ITU-T) ➢ International Organization for Standardization (ISO) Introduction ➢ Computer Security: Method of protecting information, computer programs, and other computer system assets while they are (not) connected to the network. Include operating system security, software security, access control & physical security etc. ➢ Network Security: Measures to protect data during their transmission on a computer network, like data protection, data and source authentication etc. ➢ Internet Security: Measures to protect data during their transmission over a collection of interconnected networks ➢ Communication Security: Measures and controls taken to deny unauthorized persons information derived from telecommunications and ensure the authenticity of such telecommunications. Information Security ➢ Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. ➢ 3 main components of Information system: ➢ Software ➢ Hardware ➢ Communications ➢ 3 levels of Information Security: ➢ Physical ➢ Personal ➢ Organizational ➢ 3 main Information Security Goals: [CIA] ➢ Confidentiality (C) ➢ Integrity (I) ➢ Availability (A) Security Goals (CIA) Security Goals (CIA) ➢ Confidentiality Confidentiality means that unauthorized person cannot read sensitive information, either while it is on a computer or while it is traveling across a network. ➢ Integrity Integrity means that unauthorized person cannot change or destroy information, either while it is on a computer or while it is traveling across a network. Or, at least, if information is changed or destroyed, then the receiver can detect the change or restore destroyed data. ➢ Availability Availability means that people who are authorized to use information are not prevented from doing so. OSI Security Architecture ➢ ITU-T X.800 “Security Architecture for OSI” ➢ Its a systematic way of defining and providing security requirements ➢ for us it provides a useful and abstract overview of concepts we will study OSI Security Architecture ➢ Consider 3 aspects of information security: 1. security attack 2. security mechanism 3. security service OSI Security Architecture ➢ The OSI (Open System Interconnection ) defines: 1. Security Attack: Any action that compromises the security of information owned by an organization 2. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack 3. Security Service: A processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms ➢ Example: Data Confidentiality is a security service which can be provided through encipherment- a security mechanism, to avoid data disclosure (security attack)