Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1.

Published byTimothy Cameron Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1."— Presentation transcript:

1 Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1

2  Computer Security Concepts  The OSI Security Architecture  Security Attacks  Security Services  Security Mechanisms 2

3  Open Systems Interconnection (OSI) security architecture: systematic framework defines security attacks, mechanisms, and services  Security attacks: 1. Passive attacks (unauthorized reading of a message of file and traffic analysis) 2. Active attacks (modification of messages or files, and denial of service) 3

4  Security mechanism: any process (or a device incorporating such a process) designed to detect, prevent, or recover from a security attack  Examples 1. Encryption Algorithm 2. Digital Signature 4

5  Security services: 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Nonrepudiation 6. Availability 5

6  NIST defines the term computer security Computer Security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) 6 NIST: National Institute of Standards and Technology is a U.S. federal agency that deals with measurement science, standards, and technology related to U.S. government

7 NIST standard FIPS 199 lists:  Confidentiality 1. Data confidentiality 2. Privacy  Integrity 1. Data integrity 2. System integrity  Availability: Assures that service is not denied to authorized users 7 FIPS 199: Standards for Security Categorization of Federal Information and Information Systems

8 Security Requirements Triad 8

9  Authenticity  Accountability 9

10 10 Confidentiality Authenticity Accountability Integrity Availability

11  Low: loss of confidentiality, integrity, or availability might cause i. minor damage to organizational assets ii. minor financial loss iii. minor harm to individuals  Moderate: loss of confidentiality, integrity, or availability might cause i. significant damage to organizational assets ii. significant financial loss iii. significant harm to individuals 11 FIPS PUB 199 standards: Levels of impact on organizations or individuals

12  High: loss of confidentiality, integrity, or availability might cause i. major damage to organizational assets ii. major financial loss iii. major harm to individuals 12

13 OSI Security AttackSecurity MechanismSecurity Service 13 OSI: Open System Interconnection ITU-T: International Telecommunication Union (ITU) Telecommunication Standardization Sector is a United Nations-sponsored agency that develops standards, called Recommendations, relating to telecommunications and to OSI

14 What is difference between Threat and Attack? 14 RFC 2828: Internet Security Glossary  Threat: A potential for violation of security, is a possible danger that exploit a vulnerability  Attack: An assault on system from an intelligent threat

15 15

Download ppt "Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
Prof. Giovambattista Ianni - 2013.  10 ECTS (5 Theory + 5 Lab.)  Suggested material:  W. Stallings, Cryptography and Network Security  W. Stallings,

Prof. Giovambattista Ianni  10 ECTS (5 Theory + 5 Lab.)  Suggested material:  W. Stallings, Cryptography and Network Security  W. Stallings,
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.

Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.
1 Network Security Ola Flygt Växjö University +46 470 70 86 49.

1 Network Security Ola Flygt Växjö University
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 1: Overview.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 1: Overview.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html.

Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum
“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)

“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google