Scribd
Upload
83 views17 pages

OSI Security Architecture Overview

The document summarizes key aspects of the OSI security architecture, including security attacks, services, and mechanisms. It describes two types of security attacks - passive attacks like release of message contents and traffic analysis, and active attacks like masquerade, replay, modification of messages, and denial of service. It also outlines five security services - authentication, access control, data confidentiality, data integrity, and nonrepudiation. Finally, it discusses security mechanisms like cryptographic techniques, encryption, encipherment, digital signatures, and access control that are used to identify and prevent security attacks.

Uploaded by

Tanaka Matend
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
83 views17 pages

OSI Security Architecture Overview

The document summarizes key aspects of the OSI security architecture, including security attacks, services, and mechanisms. It describes two types of security attacks - passive attacks like release of message contents and traffic analysis, and active attacks like masquerade, replay, modification of messages, and denial of service. It also outlines five security services - authentication, access control, data confidentiality, data integrity, and nonrepudiation. Finally, it discusses security mechanisms like cryptographic techniques, encryption, encipherment, digital signatures, and access control that are used to identify and prevent security attacks.

Uploaded by

Tanaka Matend
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 17

Computer Security

Group 5

Members
Prince Mupangavanhu – R192721N
Wayne Nzvere – R132500H
Nyasha P Muzeanenhamu – R191197V
Edwin M Muzeza – R1814999V
Anotida H.M Pasi – R1815002M
Clive Masawi – R1814915Q
Tatenda G Rufu – R193782A
Silvanos Dambwa – R192722A
Royal Guta – R193881Y
The OSI Security Architecture
Introduction
CHAPTER 2
 The OSI Security architecture
• Security attacks
• Security services
• Security mechanism
The OSI security architecture

 The OSI security architecture focuses on security attacks, mechanisms, and


services.

 Security attacks

Any action that compromises the security of information owned by an organization.

Two types of security attacks


a) Passive attack
b) active attack
Passive attack

 In a passive attack, the attacker monitors or eavesdrops the transmission between


and sender and receiver and the attacker try to retrieve the information being
transmitted. In passive attack neither the sender nor the receiver is aware of the
attack as the attacker only retrieve the message, he doesn’t perform any alteration
to the captured message. The message is sent and received in the normal fashion.

Two types of passive attacks are:


 Release of message contents
 and traffic analysis.
Passive attack

Release of message content


 The release of the message content is a kind of attack where the attacker listens to the

telephone conversation, tracks electronic mail or the transferred file to retrieve the
confidential message being transmitted. The opponent is quite interested in the content of
the released message.
Traffic analysis
 To protect the released message content the organization may apply a mask over the

content of the message so that even if the attacker captures the message, he would not be
able to understand the message. This technique of masking the released message is
termed as encryption.
 In traffic analysis passive attack, the attacker monitors the pattern, length and frequency

of the released message to guess the original message.


Passive attack
Active attack

Active attacks involve some modification of the data stream or the creation of a false
stream and can be subdivided into four categories :
 Masquerade ,
 Replay,
 Modification of messages,
 Denial of service.
Active attack

 Masquerade
In masquerade, the attacker pretends to be the sender.
 Replay

In the replay, the message is captured in a passive way and is retransmitted to produce an
unauthorized effect.

 Modification of message
Modification of message means some data stream of the message is altered or modified to create
an unauthorized effect.
 Denial of services

The attacker suppresses all the messages directed to a particular receiver by overloading the
network to degrade the network performance
Active attack
Active attack
Security service

X.800 and RFC 2828

 X.800 defines the service provided by protocol layer of communicating open


system which ensures adequate security of the systems or of data transfers.

 RFC 2828 defines as a communication service that is provided by a system to give


a specific kind of protection to system resources;
Security services are divided into
five categories

 Authentication
 Access control
 Data confidentiality
 Data integrity
 Nonrepudiation
Security services are divided into
five categories
 Authentication: It assures that the entity involves in the communication is the one it
is claiming for.
 Access Control: This service assures that only the authorized entities are accessing
the resources and prevents unauthorized access.
 Data Confidentiality: This service manages to maintain the confidentiality of data
by preventing the exposure of the message content to the attacker.
 Data Integrity: This service makes it sure that the data received at the receiver end
is from an authorized entity.
 Nonrepudiation: This service restricts the sending and receiving entity from
denying the transmitted message.
Security mechanism
Security mechanism is an entire process that is specifically designed to identify
the attack and develops a strategy to recover or prevent the attack. These security
mechanism consist of :

 Cryptographic techniques,
Process of converting ordinary plain text into unintelligible text and vice-versa.

 Encryption,
Security method of encoding data from plaintext to ciphertext, which can only be
decrypted by the user with the encryption key
Security mechanism

 Encipherment
The process of making data unreadable to unauthorized entities by applying
cryptographic algorithm

 Digital Signature
a mathematical technique used to validate the authenticity and integrity of a
message, software or digital document.

 Access Control
a method of guaranteeing that users are who they say they are and that they have
the appropriate access to company data.
Thank You

You might also like