Presentation is loading. Please wait.

Presentation is loading. Please wait.

1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Published byHenry Osborne Modified over 8 years ago

Similar presentations

Presentation on theme: "1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display."— Presentation transcript:

1 1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

2 1.2  To define three security goals  To define security attacks that threaten security goals  To define security services and how they are related to the three security goals  To define security mechanisms to provide security services  To introduce two techniques, cryptography and steganography, to implement security mechanisms. Objectives

3 1.3 1.1 Security Goals 1.1.1 Confidentiality 1.1.2 Integrity 1.1.3 Availability Topics discussed in this section:

4 1.4 Figure 1.1 Taxonomy of security goals 1.1 Security Goals

5 1.5 1.1.1 Confidentiality Confidentiality : Probably the most common aspect of information security. We need to protect our confidential information. An organization needs to guard against those malicious actions that endanger the confidentiality of its information. It applies to both storage and transmission of information.

6 1.6 1.1.2 Integrity Integrity : Information needs to be changed constantly. Changes need to be done only by authorized entities and through authorized mechanisms. Integrity violation is not necessarily the result of malicious act; possible interruptions in the system, e.g. power surge.

7 1.7 1.1.3 Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities.

8 1.8 1.2 Attacks The three goals of security, confidentiality, integrity, and availability, can be threatened by security attacks. 1.2.1 Attacks Threatening Confidentiality 1.2.2 Attacks Threatening Integrity 1.2.3 Attacks Threatening Availability 1.2.4 Passive versus Active Attacks

9 1.9 Figure 1.2 Taxonomy of attacks with relation to security goals 1.2 Attacks

10 1.10 1.2.1 Attacks Threatening Confidentiality Snooping : refers to unauthorized access to or interception of data. Traffic Analysis : refers to obtaining some other type of information by monitoring online traffic.

11 1.11 1.2.2 Attacks Threatening Integrity Modification : the attacker intercepts the message and changes it. Masquerading or spoofing happens when the attacker impersonates somebody else.

12 1.12 Replaying : the attacker obtains a copy of a message sent by a user and later tries to replay it. Repudiation : the sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message. 1.2.2 Attacks Threatening Integrity

13 1.13 1.2.3 Attacks Threatening Availability Denial of Service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system.

14 1.14 1.2.4 Passive Versus Active Attacks Table 1.1 Categorization of passive and active attacks

15 1.15 1.3 Services and Mechanisms ITU-T (International Telecommunication Union- Telecommunication Standardization Sector) provides some security services and some mechanisms to implement those services. Security services and mechanisms are closely related because a mechanism or combination of mechanisms are used to provide a service..

16 1.16 1.3.1 Security Services Figure 1.3 Security services

17 1.17 1.3.2 Security Mechanism Figure 1.4 Security mechanisms

18 1.18 1.3.3 Relation between Services and Mechanisms Table 1.2 Relation between security services and mechanisms

19 1.19 1.4 Techniques Mechanisms discussed in the previous sections are only theoretical recipes to implement security. The actual implementation of security goals needs some techniques. Two techniques are prevalent today: cryptography and steganography.

20 1.20 1.4.1 Cryptography Cryptography, a word with Greek origins, means “secret writing.” However, we use the term to refer to the science and art of transforming messages to make them secure and immune to attacks. symmetric-key encipherment, asymmetric-key encipherment, hashing.

21 1.21 1.4.2 Steganography The word steganography, with origin in Greek, means “covered writing,” in contrast with cryptography, which means “secret writing.” Example: covering data with text

22 1.22 1.4.2 Steganography Example: using dictionary Example: covering data under color image

Download ppt "1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Security at the Network Layer: IPSec

Security at the Network Layer: IPSec
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Title Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 18 Image Slides.

Title Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 18 Image Slides.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 4 Image Slides.

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 4 Image Slides.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
Title Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Image Slides.

Title Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Image Slides.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Title Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Image Slides.

Title Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Image Slides.

Similar presentations

Ads by Google