Scribd
Upload
40 views2 pages

4.a Model For Network Security

NS - CNS

Uploaded by

S.MENAKA
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
40 views2 pages

4.a Model For Network Security

NS - CNS

Uploaded by

S.MENAKA
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

1.

4 A MODEL FOR NETWORK SECURITY

A model for much of what we will be discussing is captured, in very general terms, in
Figure 1.3. A message is to be transferred from one party to another across some sort of
Internet service.
A security-related transformation on the information to be sent, Examples include the
encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be used
to verify the identity of the sender
Some secret information shared by the two principals and, it is hoped, unknown to the
opponent. An example is an encryption key used in conjunction with the transformation to
scramble the message before transmission and unscramble it on reception.

Figure 1.3 Model for Network Security

All the techniques for providing security have two components:


This general model shows that there are four basic tasks in designing a particular security
service:
1. Design an algorithm for performing the security-related transformation.
The algorithm should be such that an opponent cannot defeat its
purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security algorithm
and the secret information to achieve a particular security service

A general model of these other situations is illustrated by Figure 1.4, which reflects a
concern for protecting an information system from unwanted access. Most readers are familiar
with the concerns caused by the existence of hackers, who attempt to penetrate systems that
can be accessed over a network. The hacker can be someone who, with no malign intent,
simply gets satisfaction from breaking and entering a computer system. The intruder can be a
disgruntled employee who wishes to do damage or a criminal who seeks to exploit computer
assets for financial gain (e.g., obtaining credit card numbers or performing illegal money
transfers).
Figure 1.4 Network Access Security Model

Another type of unwanted access is the placement in a computer system


of logic that exploits vulnerabilities in the system and that can affect
application programs as well as utility programs, such as editors and
compilers. Programs can present two kinds of threats:
• Information access threats: Intercept or modify data on behalf of
users who should not have access to that data.
• Service threats: Exploit service flaws in computers to inhibit use by
legitimate users.Viruses and worms are two examples of software
attacks. Such attacks can be introduced into a system by means of a
disk that contains the unwanted logic concealed in otherwise useful
software.

The security mechanisms needed to cope with unwanted access


fall into two broad categories (see Figure 1.4) The first category might be
termed a gatekeeper function. It includes password-based login
procedures that are designed to deny access to all but authorized users
and screening logic that is designed to detect and reject worms, viruses,
and other similar attacks. Once either an unwanted user or unwanted
software gains access,
The second line of defense consists of a variety of internal
controls that monitor activity and analyze stored information in an
attempt to detect the presence of unwanted intruders.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy