Scribd
Upload
36 views

IANS Unit 1 Part1

Here are the key differences between security services and security mechanisms: Security services refer to broad goals or properties related to information security, such as confidentiality, integrity, availability, authentication, and non-repudiation. They define what security aims to achieve at a high level. Security mechanisms are specific techniques and technologies used to implement security services. Examples include encryption, digital signatures, access control lists, firewalls, intrusion detection systems. Mechanisms provide concrete ways to achieve the abstract security services. So in summary: - Services define the "what" of security goals - Mechanisms define the "how" through actual implementations and technologies Services are abstract, mechanisms are concrete. Services lay out the aims

Uploaded by

Amrin Mulani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
36 views

IANS Unit 1 Part1

Here are the key differences between security services and security mechanisms: Security services refer to broad goals or properties related to information security, such as confidentiality, integrity, availability, authentication, and non-repudiation. They define what security aims to achieve at a high level. Security mechanisms are specific techniques and technologies used to implement security services. Examples include encryption, digital signatures, access control lists, firewalls, intrusion detection systems. Mechanisms provide concrete ways to achieve the abstract security services. So in summary: - Services define the "what" of security goals - Mechanisms define the "how" through actual implementations and technologies Services are abstract, mechanisms are concrete. Services lay out the aims

Uploaded by

Amrin Mulani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 26

USCS504

TOPICS Information and Network Security


Unit 1
• Introduction: Security Trends, The OSI Security Architecture,
Security
• Attacks, Security Services, Security Mechanisms
• Classical Encryption Techniques: Symmetric Cipher Model,
Substitution
• Techniques, Transposition Techniques, Steganography, Block
Cipher
• Principles, The Data Encryption Standard, The Strength of DES,
AES (round
• details not expected), Multiple Encryption and Triple DES, Block
Cipher
• Modes of Operation, Stream Ciphers
• Public-Key Cryptography and RSA: Principles of Public-Key
• Cryptosystems, The RSA Algorithm
Unit 2
• Key Management: Public-Key Cryptosystems, Key Management,
Diffie-Hellman Key Exchange
• Message Authentication and Hash Functions: Authentication
Requirements,
• Authentication Functions, Message Authentication Codes, Hash Functions,
• Security of Hash Functions and Macs, Secure Hash Algorithm, HMAC
• Digital Signatures and Authentication: Digital Signatures, Authentication
• Protocols, Digital Signature Standard
• Authentication Applications: Kerberos, X.509 Authentication, Public-Key
• Infrastructure
Unit 3
• Electronic Mail Security: Pretty Good Privacy, S/MIME
• IP Security: Overview, Architecture, Authentication Header,
Encapsulating
• Security Payload, Combining Security Associations, Key
Management
• Web Security: Web Security Considerations, Secure Socket Layer
and
• Transport Layer Security, Secure Electronic Transaction
• Intrusion: Intruders, Intrusion Techniques, Intrusion Detection
• Malicious Software: Viruses and Related Threats, Virus
Countermeasures,
• DDOS
• Firewalls: Firewall Design Principles, Types of Firewalls
What security is about in general?
• Security is about protection of assets
– D. Gollmann, Computer Security, Wiley
• Prevention
– take measures that prevent your assets from being
damaged (or stolen)
• Detection
– take measures so that you can detect when, how, and by
whom an asset has been damaged
• Reaction
– take measures so that you can recover your assets

5
Real world example
• Prevention
– locks at doors, window bars, secure the walls around
the property, hire a guard
• Detection
– missing items, burglar alarms, closed circuit TV
• Reaction
– attack on burglar (not recommended ), call the
police, replace stolen items, make an insurance claim

6
Internet shopping example
• Prevention
– encrypt your order and card number, enforce merchants to
do some extra checks, using PIN even for Internet
transactions, don’t send card number via Internet
• Detection
– an unauthorized transaction appears on your credit card
statement
• Reaction
– complain, dispute, ask for a new card number, sue (if you
can find of course )
– Or, pay and forget (a glass of cold water) 

7
Information security in past & present
• Traditional Information Security
– keep the cabinets locked
– put them in a secure room
– human guards
– electronic surveillance systems
– in general: physical and administrative mechanisms
• Modern World
– Data are in computers
– Computers are interconnected

Information and Network Security


8
Terminology
• Computer Security
– 2 main focuses: Information and Computer itself
– tools and mechanisms to protect data in a computer
(actually an automated information system), even if the
computers/system are connected to a network
– tools and mechanisms to protect the information system
itself (hardware, software, firmware, *ware )
• Against?
– against hackers (intrusion)
– against viruses
– against denial of service attacks
– etc. (all types of malicious behavior)

9
Terminology
• Network and Internet Security
– measures to prevent, detect, and correct security
violations that involve the transmission of information
in a network or interconnected networks

10
A note on security terminology
• No single and consistent terminology in the
literature!
• Be careful not to confuse while reading papers and
books

• See the next slide for some terminology taken from


Stallings and Brown, Computer Security who took
from RFC4949, Internet Security Glossary

11
Computer
Security
Terminology
RFC 4949, Internet

Security Glossary, May

2000
Relationships among the security Concepts

13
Skill and knowledge required to
Security Trends
mount an attack

14
Loss due to Attacks
• CSI Computer Crime and Security Survey 2008 (
http://gocsi.com/sites/default/files/uploads/CSIsurvey2008.pdf but g
ocsi.com
has discountinued)

Average loss per respondent

15
Security goals
ATTACKS
ATTACKS
Attacks threatening Confidentiality
• Snooping:
unauthorized access/interception of data
for prevention data is made non intelligent by using encipherment techniques
• Traffic Analysis:
by monitoring online traffic and guessing imps
Attacks threatening Integrity
• Modification
modifies the information for benefit/ delete/delays
• Masquedrading(spoofing)
attacker impersonates somebody else
• Replaying
obtains a copy of a message sent by a user and later tries to replay it
• Repudiation
performed by one of the two parties in communication
ATTACKS
Attacks threatening Availablity
• Denial of service:
may slow down or totally interrupt the service
bogus requests for crashing the server/ delete server’s
response/intercepting the client’s request for overloading the server
• Traffic Analysis:
by monitoring online traffic and guessing imps
Security services

33333334
44444444
3
Security mechanisms
Security mechanisms
• Encipherment
hiding/covering data,cryptography & stegnagraphy
• Data Integrity
appends to data a short checkvalue
• Digital Signature
electronically signs and verified
• Authentication exchanged
exchange messages to prove identity
• Traffic padding
inserting bogus data to divert traffic analysis
Security mechanisms
• Routing Control
selecting and continuously changing routes
• Notarization
selecting a third party to control the communication (to
repudiation)
• Access Control
uses methods to prove that a user has access right to the data
Services vs Mechanism

You might also like