Scribd
Upload
102 views24 pages

Security Goals, Attacks, Services, and Mechanisms

Uploaded by

Tris
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
102 views24 pages

Security Goals, Attacks, Services, and Mechanisms

Uploaded by

Tris
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

What’s Computer

Security
• Also known as Cyber Security
• Practice of Protection of stored and
transmitted data
• Used to preserve different security goals
(Confidentiality, Integrity, Availability,
etc.) of the data from an adversary or a
group of adversaries.
SECURITY GOALS
Security
goals
defined by
FIPS 199
• FIPS (Standards
for Security
Categorization of
Federal
Information and
Information
Systems)
• CIA Triad defined
by FIPS
Confidentiality (🔒)

• Ensures that sensitive information is accessed only by authorized individuals,


entities, or processes.
• It protects data from unauthorized disclosure.
Integrity (✔️)

• Ensures that data is not tampered with and remains in its original state, providing
assurance that the information is trustworthy and accurate.
• Data can be changed only by authorized entities.
Availability (🕒)

• Ensures that information, systems, and services are accessible and usable upon demand
by authorized users.
• Timely access to Google Drive, One Drive backups, etc.
2 Additional Security Goals
Authenticity (🔑):- Accountability (📜):-
• Ensures that an entity (user, device, • Mechanisms which ensure that
or system) is who or what it claims individuals or communicating entities
to be. can be held responsible for their
• Some examples could be Password actions.
based, Biometric based, etc.
SECURITY ATTACKS
Security Attacks
Security Attacks

Passive Active
Modification
Snooping

Masquerading

Traffic Analysis
Replaying

Repudiation

Denial of Service (DoS)


Snooping
• Captures and reads sensitive data
transmitted across a network.
• The attacker concentrates on
contents of the data.
Traffic
Analysis

• The attacker collects information and


analyzes the network communication
patterns.
• Concentrates on Metadata and traffic
flow in a network.
Modification
• Unauthorized manipulation,
tampering, etc., of the legitimate data
communicated over a network.
Masquerading
• Attacker pretends to be a
legitimate entity to other
legitimate entities in a
network.
Replaying
• Subsequent retransmissions
of a previously captured data
packet.
Repudiation
• Denying the fact that an entity was involved a data communication.
DoS
• The attacker degrades a computer network by overloading it with unnecessary data traffic.
Passive Attacks Active Attacks
• Eavesdropping and/or Collecting Data • Altering/Manipulating Data

• Zero/Negligible impact on the system • Major impact on the system


operations and/or the network operations and/or the network
performance. performance

• Comparatively harder to detect • Comparatively easier to detect


SECURITY SERVICES
Security Services
Peer Entity Authentication

Data Origin Authentication

Access Control

Confidentiality

Data Integrity

Non-Repudiation

Availability
Security Services (Contd..)

Peer Entity Authentication:- Verification of the identities of the communicating entities.

Data Origin Authentication:- Verification of the source of the data, and that it is from a
legitimate communicating entity.

Access Control:- Mechanisms and Policies which are defined to manage and restrict access to
resources and data.

Confidentiality:- Includes 4 types of Confidentiality (Connection Confidentiality,


Connectionless Confidentiality, Selective-Field Confidentiality, and Traffic Flow
Confidentiality)
Security Services (Contd..)
Data Integrity:- Involves 5 types (Connection Integrity
with Recovery, Connection Integrity without Recovery,
Selective-Field Connection Integrity, Connectionless
Integrity, and Selective-Field Connectionless Integrity)

Non-Repudiation:- 2 types (for Origin, and for


Destination)

Availability
SECURITY MECHANISMS
Security Mechanisms
Encipherment

Digital Signature

Access Control

Data Integrity

Authentication Exchange

Traffic Padding

Routing Control

Notarization

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy