1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Applied Cryptography for Network Security
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 4 Image Slides.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 2 Image Slides.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
3.1 SERVICES AND MECHANISMS SERVICES AND MECHANISMS The International Telecommunication Union- Telecommunication Standardization Section (ITU-T) provides.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Cryptography and Network Security
Information Security Principles (ESGD4222)
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Information Security By:-H.M.Patel. Information security There are three aspects of information security Security service Security mechanism Security.
1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Image Slides.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Network Security Introduction
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 7.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles Course administration.
Information Security Principles course “Cryptology” Based of: “Cryptography and network Security” by William Stalling, 5th edition. Eng. Mohamed Adam Isak.
Cryptography and Network Security
CS 395: Topics in Computer Security
By Marwan Al-Namari Author: William Stallings
Data & Network Security
Cryptography and Network Security
Information System and Network Security
Computer Communication & Networks
Information Security.
Data & Network Security
Chapter 5 Electronic Commerce | Security
Encryption
Information and Network Security
مادسیج، شبکه آموزشی پژوهشی دانشجویان ایران
Computer and Network Security
Cryptography and Network Security Chapter 1
Security at the Application Layer: PGP and S/MIME
امنیت شبکه علی فانیان
Chapter 5 Electronic Commerce | Security
Cryptography and Network Security Chapter 1
Chapter 8 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
Cryptography and Network Security
Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 1.#
Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 1.#
Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 1.#
Cryptography : Introduction
Chapter 29 Cryptography and Network Security
Information and Network Security
Cryptography and Network Security
Confidentiality, Integrity, Nonrepudiation
Chapter 1: Introduction
Presentation transcript:

1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1.2  To define three security goals  To define security attacks that threaten security goals  To define security services and how they are related to the three security goals  To define security mechanisms to provide security services  To introduce two techniques, cryptography and steganography, to implement security mechanisms. Objectives Chapter 1

SECURITY GOALS This section defines three security goals Confidentiality Integrity Security Topics discussed in this section:

1.4 Figure 1.1 Taxonomy of security goals 1.1 Continued

Confidentiality Confidentiality is probably the most common aspect of information security. We need to protect our confidential information. An organization needs to guard against those malicious actions that endanger the confidentiality of its information.

Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms.

Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities.

ATTACKS The three goals of security  confidentiality, integrity, and availability  can be threatened by security attacks Attacks Threatening Confidentiality Attacks Threatening Integrity Attacks Threatening Availability Passive versus Active Attacks Topics discussed in this section:

1.9 Figure 1.2 Taxonomy of attacks with relation to security goals 1.2 Continued

Attacks Threatening Confidentiality Snooping refers to unauthorized access to or interception of data. Traffic analysis refers to obtaining some other type of information by monitoring online traffic.

Attacks Threatening Integrity Modification means that the attacker intercepts the message and changes it. Masquerading or spoofing happens when the attacker impersonates somebody else. Replaying means the attacker obtains a copy of a message sent by a user and later tries to replay it. Repudiation means that sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message.

Attacks Threatening Availability Denial of service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system.

Passive Versus Active Attacks Table 1.1 Categorization of passive and active attacks

SERVICES AND MECHANISMS ITU-T provides some security services and some mechanisms to implement those services. Security services and mechanisms are closely related because a mechanism or combination of mechanisms are used to provide a service Security Services Security Mechanism Relation between Services and Mechanisms Topics discussed in this section:

Security Services Figure 1.3 Security services

Security Mechanism Figure 1.4 Security mechanisms

Relation between Services and Mechanisms Table 1.2 Relation between security services and mechanisms

TECHNIQUES Mechanisms discussed in the previous sections are only theoretical recipes to implement security. The actual implementation of security goals needs some techniques. Two techniques are prevalent today: cryptography and steganography Cryptography Steganography Topics discussed in this section:

Cryptography Cryptography, a word with Greek origins, means “secret writing.” However, we use the term to refer to the science and art of transforming messages to make them secure and immune to attacks.

Steganography The word steganography, with origin in Greek, means “covered writing,” in contrast with cryptography, which means “secret writing.” Example: covering data with text

Continued Example: using dictionary Example: covering data under color image

THE REST OF THE BOOK The rest of this book is divided into four parts. Part One: Symmetric-Key Enciphermen Part Two: Asymmetric-Key Encipherment Part Three: Integrity, Authentication, and Key Management Part Four: Network Security