Professional Documents
Culture Documents
Prepared By:-Sneha A. Padhiar Ce Department, Cspit
Prepared By:-Sneha A. Padhiar Ce Department, Cspit
Introduction
PREPARED BY:- SNEHA A. PADHIAR
CE DEPARTMENT,CSPIT
In daily life we use information for various purposes and use network for communication and exchange
information between different parties.
In many cases these information are sensitive so we need to take care that only authorized party can get that
information.
For maintaining such privacy we require some mechanism or physical device which ensures that it is safe.
Such mechanism or physical devices are known as security system.
Computer Security:
The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability, and confidentiality of information
system resources.
or
Generic name for the collection of tools designed to protect data and to thrwart hackers.
Data Security:
Data security is the science and study of methods of protecting data from unauthorized
disclosure and modification.
Confidentiality is probably the most common aspect of information security. We need to
protect our confidential information. An organization needs to guard against those
malicious actions that endanger the confidentiality of its information.
Integrity Information needs to be changed constantly. Integrity means that changes need
to be done only by authorized entities and through authorized mechanisms.
Availability: Assures that systems work promptly and service is not denied to authorize user.
Integrity: It covers two concepts
Data Integrity: Assures that information and programs are changed only in a specified
and authorize manner.
System Integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
Authentication
Authentication is the process of determining whether someone or something is, in fact, who
or what it is declared to be.
Access control
It is the ability to limit and control the access to host systems and applications via
communication links.
This service controls who can have access to a resource.
Nonrepudiation
Nonrepudiation prevents either sender or receiver from denying a transmitted message.
When a message is sent, the receiver can prove that the alleged sender in fact sent the
message
When a message is received, the sender can prove that the alleged receiver in fact
received the message.
Threat:
A potential for violation of security, which exists when there is a
circumstance, capability, action, or event that could breach security and cause harm. That is, a
threat is a possible danger that might exploit vulnerability.
ATTACKS
Passive Attack
Active Attack
PASSIVE ATTACK
A security service is a processing or communicating service that can prevent or detect the
above- mentioned attacks. Various security services are:
Authentication: the recipient should be able to identify the sender, and verify that the
sender, who claims to be the sender, actually did send the message.
Data Confidentiality: An attacker should not be able to read the transmitted data or extract
data in case of encrypted data. In short, confidentiality is the protection of transmitted data
from passive attacks.
Data Integrity: Make sure that the message received was exactly the message the sender sent.
Nonrepudiation: The sender should not be able to deny sending the should not be able to
deny receiving the message.
Security Mechanisms (X.800)
specific security mechanisms
May be incorporated into the appropriate protocol layer in order to provide some of the
OSI security services.
Encipherment
The use of mathematical algorithms to transform data into a form that is not readily
intelligible.
Digital Signature
Data appended to, or a cryptographic transformation of , a data unit that allows a recipient of
the data unit to prove the source and integrity of the data unit and protect against forgery.
Access control
A variety of mechanisms that enforce access rights to resources.
Data Integrity
A variety of mechanisms used to ensure the integrity of a data unit or stream of data units.
Authentication exchange
A mechanism indented to ensure the identity of an entity by means of information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
Notarization
The use of a trusted third party to assure certain Properties of a data exchange.
pervasive security mechanisms
Trusted functionality
That which is perceived to be correct with respect to some criteria.
Event detection
Detection of security relevant events.
Security label
The marking bound to resource that names or designates the security attributes of that
resource.
Security recovery
Deals with requests from mechanisms, such as event handling and management functions,
and takes recovery actions.
TECHNIQUES
Cryptography
Cryptography, a word with Greek origins, means “secret
writing.” However, we use the term to refer to the science
and art of transforming messages to make them secure and
immune to attacks.
Steganography