Introduction To Network Security

Network Security
1. Introduction
Things you need to know
Instructor:
Office:
CF-01
Email:
Dr. Rehan Qureshi
riqureshi@gmail.com,riqureshi@ssuet.edu.pk
Student Consultation:
RQ
Take appointment before meeting, preferably

via email
2
Books:
Cryptography and Network Security
Cryptography and Network Security
Behrouz A. Forouzan
Course Folder:
RQ
William Stallings
https://drive.google.com/folderview?
id=0BxAtti5k9UyUSlhBWjBqMmkxdDQ&u
sp=sharing
3

The lecture slides provide only the
outline of the lecture. These outlines are
not a substitute for class attendance and
note taking. More importantly, these
outlines are not a substitute for the text
book.
In order to pass the course
YOU MUST STUDY FROM THE BOOK.
RQ
Contents
RQ
Security Goals
Security Attacks
Security Services
Security Mechanisms
Security Techniques
Security Models
5
Security
RQ
The term security is used in the

sense of minimizing the vulnerabilities
of assets and resources.
An asset is anything of value.
A vulnerability is any weakness that
could be exploited to violate a system
or the information it contains.
6
Information security
The information stored in physical form

requires physical security mechanisms
With computers managing the most of

the information, tools are required for
1.
2.
RQ
e.g. rugged filing cabinets for paper

based filing systems
Computer security
Network or Internet security
7
Computer security
RQ
The collection of tools designed to

protect data on computers
Network security
RQ
Network or Internet security consists of

measures to prevent, detect, and
correct security violations that involve
the transmission of information
Security Goals
RQ
10
Security Goals
Confidentiality
Integrity
Protection of data from

unauthorized disclosure
Assurance that data received is as
sent by an authorized entity.
Availability
RQ
The information created and stored

by an organization needs to be
available to authorized entities.
11
Security Attacks or Threats
An attack is an action that compromises

the security (Confidentiality, Availability,
Integrity) of information.
A threat is a danger which could affect
the security of information, leading to
potential loss or damage.
Often attack & threat are used
synonymously.
RQ
12
Security Attacks
RQ
13
Attacks Threatening
Confidentiality
RQ
Snooping unauthorized access to or

interception of data.
Traffic Analysis Obtain some
information by monitoring online traffic.
14
Attacks Threatening Integrity
RQ
Modification the attacker intercepts

the message and changes it.
Masquerading or spoofing happens
when the attacker impersonates
somebody else.
15
Attacks Threatening Integrity
Replaying the attacker obtains a

copy of a message sent by a user and
later tries to replay it.
Repudiation
RQ
sender of the message might later deny

that she has sent the message;
the receiver of the message might later
deny that he has received the message
16
Attacks Threatening Availability
RQ
Denial of service (DoS) It may slow

down or totally interrupt the service of
a system.
17
Passive vs. Active Attacks
Passive attack:
Active attack:
RQ
attackers goal is just to obtain

information
the attack does not modify data or harm
the system
difficult to detect
may change the data or harm the system
easier to detect than to prevent
18
Passive vs. Active Attacks
RQ
19
OSI Security Architecture
RQ
ITU-T X.800 Security Architecture for

OSI
defines a systematic way of defining
and providing security requirements
specially, it defines security services
related to security goals, and security
mechanisms to provide these security
services
20
Security Services and

Mechanisms
Security Service
A service that enhances the security of data

processing systems & information transfers.
Security Mechanism
RQ
A mechanism that is designed to detect,

prevent or recover from a security attack.
A mechanism or combination of
mechanisms are used to provide a service.
A mechanism can be used in one or more
services.
21
Security Services
RQ
ITU-T X.800 has defined five common

services related to security goals:
22
Security Services
Data Confidentiality designed to

protect data from disclosure attack.
Data Integrity designed to protect
data from modification, insertion,
deletion and replaying by an adversary.
Authentication This service provides
the authentication of the party at the
other end of the line
RQ
23
Security Services
Nonrepudiation Service protects

against repudiation by either the
sender or the receiver of the data
(proof of origin and proof of delivery).
Access Control provides protection

against unauthorized access to data.
RQ
24
Security Mechanisms
ITU-T X.800
also defines
some security
mechanisms to
provide the
security services
RQ
25
Relationship between Services

and Mechanisms
RQ
26
Relationship btw Services & Mechanisms

Y=Yes, the mechanism is considered to be appropriate, either on its
own or in combination with other mechanisms [ITU-T X.800]
RQ
27
Relationship btw Services & OSI Layers
Y=Yes, service could be incorporated in the standards for the layer as a

provider option [ITU-T X.800]
RQ
28
Techniques
Mechanisms discussed so far are only

theoretical recipes to implement
security.
The actual implementation of security
goals needs some techniques.
Two techniques are prevalent today:
RQ
Cryptography Focus of this course

Steganography
29
Cryptography
RQ
Cryptography, a word with Greek

origins, means secret writing.
However, we use the term to refer to
the science and art of transforming
messages to make them secure and
immune to attacks.
30
Steganography
The word steganography, with origin in

Greek, means covered writing, in
contrast with cryptography, which
means secret writing.
Example: covering data under color image
RQ
31
Model for Network Security
RQ
32
Model for Network Access

Security
RQ
33
Summary
Have considered:
RQ
Information security
Security attacks, services, mechanisms
Security techniques
Models for network (access) security
34

Introduction To Network Security

Uploaded by

Copyright:

Available Formats

You might also like

Introduction To Network Security

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Introduction To Network Security

Uploaded by

Copyright:

Available Formats

Network Security

Things you need to know

Dr. Rehan Qureshi

Take appointment before meeting, preferably

Things you need to know

Cryptography and Network Security

Cryptography and Network Security

Things you need to know

The term security is used in the

The information stored in physical form

With computers managing the most of

e.g. rugged filing cabinets for paper

The collection of tools designed to

Network or Internet security consists of

Protection of data from

The information created and stored

Security Attacks or Threats

An attack is an action that compromises

Snooping unauthorized access to or

Attacks Threatening Integrity

Modification the attacker intercepts

Attacks Threatening Integrity

Replaying the attacker obtains a

sender of the message might later deny

Attacks Threatening Availability

Denial of service (DoS) It may slow

Passive vs. Active Attacks

attackers goal is just to obtain

Passive vs. Active Attacks

OSI Security Architecture

ITU-T X.800 Security Architecture for

Security Services and

A service that enhances the security of data

A mechanism that is designed to detect,

ITU-T X.800 has defined five common

Data Confidentiality designed to

Nonrepudiation Service protects

Access Control provides protection

Relationship between Services

Relationship btw Services & Mechanisms

Relationship btw Services & OSI Layers

Y=Yes, service could be incorporated in the standards for the layer as a

Mechanisms discussed so far are only

Cryptography Focus of this course

Cryptography, a word with Greek

The word steganography, with origin in

Model for Network Security

Model for Network Access

You might also like