0 оценок0% нашли этот документ полезным (0 голосов)
12 просмотров27 страниц
This document defines basic security terminology including security threats, attacks, services, and mechanisms. It discusses passive and active attacks, the security services of confidentiality, authentication, integrity, non-repudiation, access control, and availability. It also outlines common security mechanisms like encryption, software and hardware controls, policies, and physical controls. Finally, it briefly mentions standards organizations and the RFC publication process.
This document defines basic security terminology including security threats, attacks, services, and mechanisms. It discusses passive and active attacks, the security services of confidentiality, authentication, integrity, non-repudiation, access control, and availability. It also outlines common security mechanisms like encryption, software and hardware controls, policies, and physical controls. Finally, it briefly mentions standards organizations and the RFC publication process.
This document defines basic security terminology including security threats, attacks, services, and mechanisms. It discusses passive and active attacks, the security services of confidentiality, authentication, integrity, non-repudiation, access control, and availability. It also outlines common security mechanisms like encryption, software and hardware controls, policies, and physical controls. Finally, it briefly mentions standards organizations and the RFC publication process.
Active Attack: Replay Active Attack: Masquerade Security Services Confidentiality (privacy) Authentication (who created or sent the data) Integrity (has not been altered) Non-repudiation (the order is final) Access control (prevent misuse of resources) Availability (permanence, non-erasure) Security Mechanisms Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls Standards Organizations National Institute of Standards & Technology (NIST) Internet Society (ISOC) International Telecommunication Union Telecommunication Standardization Sector (ITU-T) International Organization for Standardization (ISO) RSA Labs (de facto) RFC Publication Process Security Update...