Professional Documents
Culture Documents
Slide 1
Slide 1
What is security
• Masquerade
– Pretending to be a different entity
• Replay
• Modification of messages
• Denial of service
• Easy to detect
• Hard to prevent
Passive Attacks
• Eavesdropping on transmissions
• To obtain information
• Release of message contents
– Outsider learns content of transmission
• Traffic analysis
– By monitoring frequency and length of messages, even encrypted,
nature of communication may be guessed (ID, location)
• Difficult to detect
• Can be prevented
Security Attacks (active and passive, affects CIA)
Security Attacks
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (cannot deny authenticity of signature)
• Access control (prevent misuse of resources)
• Availability
– Denial of Service Attacks
– Virus that deletes files
Dr. Imran Daud
Methods of Defence
• Encryption
• Software Controls (access limitations in a data base, in
operating system protect each user from other users)
• Hardware Controls (smartcard)
• Policies (frequent changes of passwords)
• Physical Controls