Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Published byAlfred Banks Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security."— Presentation transcript:

1 1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security

2 2 Background Information Security requirements have changed in recent times traditionally provided by physical and administrative mechanisms computer use requires automated tools to protect files and other stored information use of networks and communications links requires measures to protect data during transmission T/ Tyseer Alsamany - Computer Security

3 3 Definitions Computer Security - generic name for the collection of tools designed to protect data and to prevent/stop hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks T/ Tyseer Alsamany - Computer Security

4 4 Services, Mechanisms, Attacks need systematic way to define requirements (Security Manager) consider three aspects of information security: –security attack –security mechanism –security service consider in reverse order T/ Tyseer Alsamany - Computer Security

5 5 Security Service –is something that enhances the security of the data processing systems and the information transfers of an organization –intended to counter security attacks –make use of one or more security mechanisms to provide the service –replicate functions normally associated with physical documents E.g. have signatures, dates; need protection from disclosure, tampering, or destruction; they may be notarized or witnessed; be recorded or licensed,etc T/ Tyseer Alsamany - Computer Security

6 6 Security Mechanism a mechanism that is designed to detect, prevent, or recover from a security attack no single mechanism that will support all functions required however one particular element underlies many of the security mechanisms in use: cryptographic techniques T/ Tyseer Alsamany - Computer Security

7 7 Security Attack any action that compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems have a wide range of attacks can focus of generic types of attacks note: often threat & attack mean same T/ Tyseer Alsamany - Computer Security

8 8 Security Attacks

9 T/ Tyseer Alsamany - Computer Security 9 Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modification: This is an attack on integrity Fabrication: This is an attack on authenticity

10 T/ Tyseer Alsamany - Computer Security 10 Security Goals Integrity Confidentiality Avalaibility

11 11 OSI Security Architecture ITU-T X.800 Security Architecture for OSI defines a systematic way of defining and providing security requirements for us it provides a useful, if abstract, overview of concepts we will study T/ Tyseer Alsamany - Computer Security

12 12 Security Services X.800 defines it as: a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers RFC 2828 defines it as: a processing or communication service provided by a system to give a specific kind of protection to system resources X.800 defines it in 5 major categories T/ Tyseer Alsamany - Computer Security

13 13 Security Services (X.800) Authentication - assurance that the communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality –protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication Availability – Denial of Service Attacks – Virus that deletes files T/ Tyseer Alsamany - Computer Security

14 14 Security Mechanisms (X.800) specific security mechanisms: –encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization pervasive security mechanisms: –trusted functionality, security labels, event detection, security audit trails, security recovery T/ Tyseer Alsamany - Computer Security

15 15 Classify Security Attacks as passive attacks - eavesdropping on, or monitoring of, transmissions to: –obtain message contents, or –monitor traffic flows active attacks – modification of data stream to: –masquerade of one entity as some other –replay previous messages –modify messages in transit –denial of service T/ Tyseer Alsamany - Computer Security

16 16

17 T/ Tyseer Alsamany - Computer Security 17

18 T/ Tyseer Alsamany - Computer Security 18

19 T/ Tyseer Alsamany - Computer Security 19 Methods of Defence Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls

20 20 Summary have considered: –computer, network, internet security def’s –security services, mechanisms, attacks –X.800 standard T/ Tyseer Alsamany - Computer Security

Download ppt "1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.

Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.
1 Network Security Ola Flygt Växjö University +46 470 70 86 49.

1 Network Security Ola Flygt Växjö University
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Computer and Information Security

Computer and Information Security
Computer and Information Security Jen-Chang Liu, 2004

Computer and Information Security Jen-Chang Liu, 2004
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,

Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html.

Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.

Similar presentations

Ads by Google