SlideShare une entreprise Scribd logo

Chapter 1: Overview of Network Security

Télécharger en tant que PPTX, PDF
Shafaan Khaliq Bhatti
Shafaan Khaliq Bhatti

CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE William Stallings

Formation
1  sur  16
1 Network Security
2 Outline • Attacks, services and mechanisms • Security attacks • Security services • Methods of Defense • A model for Internetwork Security • Internet standards and RFCs
3 Security? • COMPUTER SECURITY • The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/ data, and telecommunications). (The NIST Computer Security Handbook [NIST95])
4 Security? • What does it refer to? • Three Fundamentals – Confidentiality (Data confidentiality, Privacy) • Authorized users get entry • Inspection of information, printing of information and knowledge of resource existence – Availability • Legitimate user be able to access resources and service should be provided at anytime – Integrity (Data integrity & System integrity) • Changed in adequate way • Modification done by authorized people
5 Security Goals Integrity Confidentiality Availability
6 Attack Process • Three stages called MOM • Method – Ability, information, tools • Opportunity – Time and Access • Motive – Testing system reliability – Competition between attackers or testing their own skills – Breaking into well secured systems like law enforcement, government agencies – To gain popularity, financial gain, information gain – Just for fun – No motive at all
7 The OSI (open systems interconnection) security architecture • Security Attack: Any action that compromises the security of information. • Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. • Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
8 Security Attacks • Passive Attack • Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted – attempts to learn or make use of information from the system but does not affect system resources • Active Attack – attempts to alter system resources or affect their operation – Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories
9 *masquerade: pretends to be authorised user to get higher privileges
10 Security Attacks • Interruption: This is an attack on availability • Interception: This is an attack on confidentiality • Modification: This is an attack on integrity • Fabrication: This is an attack on authenticity
11 Security Attacks
12 Security Services • Processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms – Confidentiality (protect data from unauthorized disclosure) – Authentication (who created or sent the data) – Data Integrity (has not been altered) – Non-repudiation (the order is final) Non repudiation prevents either sender or receiver from denying a transmitted message. Thus, when a message is sent, the receiver can prove that the alleged sender in fact sent the message. Similarly, when a message is received, the sender can prove that the alleged receiver in fact received the message. – Access control (prevent misuse of resources) – Availability (property of a system or a system resource being accessible and usable upon demand by an authorized system entity) • Denial of Service Attacks
13
14 Methods of Defense • Encryption • Software Controls (access limitations in a data base, in operating system protect each user from other users) • Hardware Controls (smartcard) • Policies (frequent changes of passwords) • Physical Controls
15 Example • A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender. • Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.
16

Recommandé

Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIMERohit Soni
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 

Recommandé

Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIMERohit Soni
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Email security
Email securityEmail security
Email securityIndrajit Sreemany
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Key management
Key managementKey management
Key managementSujata Regoti
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
Email security
Email securityEmail security
Email securityBaliram Yadav
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithmstrilokchandra prakash
 
IP Security
IP SecurityIP Security
IP SecurityDr.Florence Dayana
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Steganography
Steganography Steganography
Steganography Uttam Jain
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerNishant Pahad
 
Chapter 8: Switching
Chapter 8: SwitchingChapter 8: Switching
Chapter 8: SwitchingShafaan Khaliq Bhatti
 
Chapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemChapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemShafaan Khaliq Bhatti
 

Contenu connexe

Tendances

PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Steganography
Steganography Steganography
Steganography Uttam Jain
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 

Tendances (20)

PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
 
Email security
Email securityEmail security
Email security
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Web Security
Web SecurityWeb Security
Web Security
 
Key management
Key managementKey management
Key management
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
IP Security
IP SecurityIP Security
IP Security
 
Email security
Email securityEmail security
Email security
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
IP Security
IP SecurityIP Security
IP Security
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Steganography
Steganography Steganography
Steganography
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle Attack
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 

En vedette

Chapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemChapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemShafaan Khaliq Bhatti
 
15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control listShafaan Khaliq Bhatti
 
13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrpShafaan Khaliq Bhatti
 

En vedette (9)

Chapter 8: Switching
Chapter 8: SwitchingChapter 8: Switching
Chapter 8: Switching
 
Chapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemChapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating System
 
Chapter 3: Data & Signals
Chapter 3: Data & SignalsChapter 3: Data & Signals
Chapter 3: Data & Signals
 
Chapter 20: Internet Protocol
Chapter 20: Internet ProtocolChapter 20: Internet Protocol
Chapter 20: Internet Protocol
 
Chapter 2: Network Models
Chapter 2: Network ModelsChapter 2: Network Models
Chapter 2: Network Models
 
Chapter 19: Logical Addressing
Chapter 19: Logical AddressingChapter 19: Logical Addressing
Chapter 19: Logical Addressing
 
Chapter 7: Transmission Media
Chapter 7: Transmission MediaChapter 7: Transmission Media
Chapter 7: Transmission Media
 
15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list
 
13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp
 

Similaire à Chapter 1: Overview of Network Security

dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...NISHASOMSCS113
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityAparnaSunil24
 
2.Types of Attacks.pptx
2.Types of Attacks.pptx2.Types of Attacks.pptx
2.Types of Attacks.pptxNISARSHAIKH57
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.pptSwapnaPavan2
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdfsurajthakur474818
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
informations_security_presentations.pptx
informations_security_presentations.pptxinformations_security_presentations.pptx
informations_security_presentations.pptxFAKHARZAMANPROUD
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 
basic-security-concepts-what-is-security48.ppt
basic-security-concepts-what-is-security48.pptbasic-security-concepts-what-is-security48.ppt
basic-security-concepts-what-is-security48.pptPawachMetharattanara
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxsalutiontechnology
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 

Similaire à Chapter 1: Overview of Network Security (20)

dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
2.Types of Attacks.pptx
2.Types of Attacks.pptx2.Types of Attacks.pptx
2.Types of Attacks.pptx
 
Lec 01.pdf
Lec 01.pdfLec 01.pdf
Lec 01.pdf
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Ch01
Ch01Ch01
Ch01
 
ch01.ppt
ch01.pptch01.ppt
ch01.ppt
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.ppt
 
ch01.pdf
ch01.pdfch01.pdf
ch01.pdf
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdf
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.ppt
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
informations_security_presentations.pptx
informations_security_presentations.pptxinformations_security_presentations.pptx
informations_security_presentations.pptx
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
 
basic-security-concepts-what-is-security48.ppt
basic-security-concepts-what-is-security48.pptbasic-security-concepts-what-is-security48.ppt
basic-security-concepts-what-is-security48.ppt
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptx
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
abc.pptx
abc.pptxabc.pptx
abc.pptx
 

Plus de Shafaan Khaliq Bhatti

10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abrShafaan Khaliq Bhatti
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardShafaan Khaliq Bhatti
 
Chapter 2: Operating System Structures
Chapter 2: Operating System StructuresChapter 2: Operating System Structures
Chapter 2: Operating System StructuresShafaan Khaliq Bhatti
 
Chapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and NetworksChapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and NetworksShafaan Khaliq Bhatti
 

Plus de Shafaan Khaliq Bhatti (20)

1- Introduction to Red Hat
1- Introduction to Red Hat1- Introduction to Red Hat
1- Introduction to Red Hat
 
Linux Servers
Linux ServersLinux Servers
Linux Servers
 
5 - Networking in Red Hat
5 - Networking in Red Hat5 - Networking in Red Hat
5 - Networking in Red Hat
 
2- System Initialization in Red Hat
2- System Initialization in Red Hat2- System Initialization in Red Hat
2- System Initialization in Red Hat
 
3 - Disk Partitioning in Red Hat
3 - Disk Partitioning in Red Hat3 - Disk Partitioning in Red Hat
3 - Disk Partitioning in Red Hat
 
6 - Package Management in Red Hat
6 - Package Management in Red Hat6 - Package Management in Red Hat
6 - Package Management in Red Hat
 
11 - SELinux in Red Hat
11 - SELinux in Red Hat11 - SELinux in Red Hat
11 - SELinux in Red Hat
 
7 - User Administration in Red Hat
7 - User Administration in Red Hat7 - User Administration in Red Hat
7 - User Administration in Red Hat
 
12 - System Security in Red Hat
12 - System Security in Red Hat12 - System Security in Red Hat
12 - System Security in Red Hat
 
10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, Hashes
 
Protocols for Public Key Management
Protocols for Public Key ManagementProtocols for Public Key Management
Protocols for Public Key Management
 
Authentication: keys, MAC
Authentication: keys, MACAuthentication: keys, MAC
Authentication: keys, MAC
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of Operation
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
 
Chapter 3: Processes
Chapter 3: ProcessesChapter 3: Processes
Chapter 3: Processes
 
Chapter 2: Operating System Structures
Chapter 2: Operating System StructuresChapter 2: Operating System Structures
Chapter 2: Operating System Structures
 
Chapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and NetworksChapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and Networks
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical Encryption
 

Dernier

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 

Dernier (20)

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 

Chapter 1: Overview of Network Security

  • 2. 2 Outline • Attacks, services and mechanisms • Security attacks • Security services • Methods of Defense • A model for Internetwork Security • Internet standards and RFCs
  • 3. 3 Security? • COMPUTER SECURITY • The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/ data, and telecommunications). (The NIST Computer Security Handbook [NIST95])
  • 4. 4 Security? • What does it refer to? • Three Fundamentals – Confidentiality (Data confidentiality, Privacy) • Authorized users get entry • Inspection of information, printing of information and knowledge of resource existence – Availability • Legitimate user be able to access resources and service should be provided at anytime – Integrity (Data integrity & System integrity) • Changed in adequate way • Modification done by authorized people
  • 6. 6 Attack Process • Three stages called MOM • Method – Ability, information, tools • Opportunity – Time and Access • Motive – Testing system reliability – Competition between attackers or testing their own skills – Breaking into well secured systems like law enforcement, government agencies – To gain popularity, financial gain, information gain – Just for fun – No motive at all
  • 7. 7 The OSI (open systems interconnection) security architecture • Security Attack: Any action that compromises the security of information. • Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. • Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
  • 8. 8 Security Attacks • Passive Attack • Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted – attempts to learn or make use of information from the system but does not affect system resources • Active Attack – attempts to alter system resources or affect their operation – Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories
  • 9. 9 *masquerade: pretends to be authorised user to get higher privileges
  • 10. 10 Security Attacks • Interruption: This is an attack on availability • Interception: This is an attack on confidentiality • Modification: This is an attack on integrity • Fabrication: This is an attack on authenticity
  • 12. 12 Security Services • Processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms – Confidentiality (protect data from unauthorized disclosure) – Authentication (who created or sent the data) – Data Integrity (has not been altered) – Non-repudiation (the order is final) Non repudiation prevents either sender or receiver from denying a transmitted message. Thus, when a message is sent, the receiver can prove that the alleged sender in fact sent the message. Similarly, when a message is received, the sender can prove that the alleged receiver in fact received the message. – Access control (prevent misuse of resources) – Availability (property of a system or a system resource being accessible and usable upon demand by an authorized system entity) • Denial of Service Attacks
  • 13. 13
  • 14. 14 Methods of Defense • Encryption • Software Controls (access limitations in a data base, in operating system protect each user from other users) • Hardware Controls (smartcard) • Policies (frequent changes of passwords) • Physical Controls
  • 15. 15 Example • A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender. • Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.
  • 16. 16