27-06-2012, 01:41 PM
network security
Network Security.pdf (Size: 1.54 MB / Downloads: 45)
Attacks, Services and Mechanisms
Security Attack: Any action that
compromises the security of information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances
the security of data processing systems and
information transfers. A security service
makes use of one or more security mechanisms.
Security Attacks
Interruption: This is an attack on
availability
• Interception: This is an attack on
confidentiality
• Modification: This is an attack on
integrity
• Fabrication: This is an attack on
authenticity
Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
Internet standards and RFCs
• The Internet society
– Internet Architecture Board (IAB)
– Internet Engineering Task Force (IETF)
– Internet Engineering Steering Group
(IESG)
Private-Key Cryptography
• traditional private/secret/single key cryptography
uses one key
• Key is shared by both sender and receiver
• if the key is disclosed communications are
compromised
• also known as symmetric, both parties are equal
– hence does not protect sender from receiver forging a
message & claiming is sent by sender
Public-Key Applications
• can classify uses into 3 categories:
– encryption/decryption (provide secrecy)
– digital signatures (provide authentication)
– key exchange (of session keys)
• some algorithms are suitable for all uses,
others are specific to one
Network Security.pdf (Size: 1.54 MB / Downloads: 45)
Attacks, Services and Mechanisms
Security Attack: Any action that
compromises the security of information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances
the security of data processing systems and
information transfers. A security service
makes use of one or more security mechanisms.
Security Attacks
Interruption: This is an attack on
availability
• Interception: This is an attack on
confidentiality
• Modification: This is an attack on
integrity
• Fabrication: This is an attack on
authenticity
Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
Internet standards and RFCs
• The Internet society
– Internet Architecture Board (IAB)
– Internet Engineering Task Force (IETF)
– Internet Engineering Steering Group
(IESG)
Private-Key Cryptography
• traditional private/secret/single key cryptography
uses one key
• Key is shared by both sender and receiver
• if the key is disclosed communications are
compromised
• also known as symmetric, both parties are equal
– hence does not protect sender from receiver forging a
message & claiming is sent by sender
Public-Key Applications
• can classify uses into 3 categories:
– encryption/decryption (provide secrecy)
– digital signatures (provide authentication)
– key exchange (of session keys)
• some algorithms are suitable for all uses,
others are specific to one