Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Introduction

Published byAmy Ramsey Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security Introduction"— Presentation transcript:

1 Network Security Introduction
William Stallings Network Security

2 Index Network Security

3 Definitions information security computer security network security
Security of your information or data computer security Protect data in local time-shared computers network security protect data during their transmission Network Security

4 THE OSI Security Architecture
ITU-T2 Recommendation X.800, Security Architecture for OSI Security attack: Any action compromises security of information owned by an organization. Security mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. . Security service: A service that enhances the security of the data processing systems and the information transfers of an organization. they make use of one or more security mechanisms Network Security

5 THE OSI Security Architecture
Vulnerability نقطه ضعف امنیتی Threat تهدید امنیتی Attack حمله Network Security

6 Security Attacks passive attacks active attacks
attempts to learn or make use of information from the system but does not affect system resources. active attacks attempts to alter system resources or affect their operation Network Security

7 Security Attacks Passive Attacks
release of message contents Listening to telephone conversation, sniffing file transferring Traffic analysis Traffics are encrypted , but guess content of message based on identity of peers , frequency of messages or length of messages Passive attacks are very difficult to detect However, it is feasible to prevent the success of these attacks, usually by means of encryption Network Security

8 Security Attacks Passive Attacks
Network Security

9 Security Attacks Passive Attacks
Network Security

10 Security Attacks Active Attacks
Masquerade one entity pretends to be a different entity to escalate privileges Replay passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect Modification of messages some portion of a Legitimate message is altered messages are delayed or reordered, to produce an unauthorized effect denial of service prevents or inhibits the normal use of a service in specific target or communications facilities usually through overloading Active attacks are very difficult to Prevent However, it is feasible to Detect the success of these attacks, usually by means of Monitoring Network Security

11 Security Attacks Active Attacks
Network Security

12 Security Attacks Active Attacks
Network Security

13 Security Attacks Active Attacks
Network Security

14 Security Attacks Active Attacks
Network Security

15 Security Services Authentication Access Control Data Confidentiality
Peer entity authentication Data origin authentication Access Control Data Confidentiality Data Integrity Non repudiation Availability Service Network Security

16 Security Services Authentication
Peer entity authentication: Authenticate identity of a peer entity at the establishment of a connection at times during the data transfer Applicable in connection-oriented services Prevent masquerade and unauthorized replay Data origin authentication: Authenticate the source of a data unit Applicable in connection-less services like does not provide protection against duplication or modification of data units Network Security

17 Security Services Access Control
control the access to host systems and applications via communications links Access is based on Authentication Network Security

18 Security Services Data Confidentiality
protection of transmitted data from passive attacks Protection of service messages protection of traffic flow from analysis Attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic Network Security

19 Security Services Data Confidentiality
Network Security

20 Security Services Data Integrity
connection-oriented integrity service: assures that messages are received as sent, with no duplication, insertion, modification, reordering, or replays addresses both message stream modification and denial of service a connectionless integrity service: provides protection against message modification only Network Security

21 Security Services Data Integrity
Network Security

22 Security Services Nonrepudiation
prevents either sender or receiver from denying a transmitted message. receiver can prove that alleged sender sent the message (source Nonrepudation) sender can prove that alleged receiver received the message (destination Nonrepudation) Network Security

23 Security Services Availability Service
system is available if it provides services according to the system design whenever users request them addresses the security concerns raised by denial-of-service attacks Network Security

24 Attacks and Security Services
Network Security

25 Security Mechanism Incorporated in protocol layer
Network Security

26 Security Mechanism not specific to any protocol layer
Network Security

27 Security Mechanism and Services
Network Security

28 Security Models Network Security Model (Part2 of the Book)
Confidentiality, Authentication, Data Integrity, Nonrepudation, Avavilability Services Network Access Security Model (Part3 of the Book) Access Control Service Information access threats Service threats Network Security

29 Network Security Model
Encrypted and signed message is transfered Network Security

30 Network Security Model
1. security-related algorithm (encryption, Authentication and integrity) 2. secret information used with the algorithm 3. methods for distribution of secret information 4. protocol to be used by the two principals (parties) , makes use of the security algorithm and the secret information to achieve a particular security service Network Security

31 Network Access Security Model
Network Security

32 Network Access Security Model
Gatekeeper Function password-based login and Resource Access detect and reject worms, viruses, and other similar attacks. Internal controls monitor activity and analyze stored information in an attempt to detect the presence of unwanted intruders Network Security

Download ppt "Network Security Introduction"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.

Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.
Introduction to network security

Introduction to network security
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
4/16/2017 Network Security Mehrdad Nourani.

4/16/2017 Network Security Mehrdad Nourani.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)

“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Similar presentations

Ads by Google