Академический Документы
Профессиональный Документы
Культура Документы
System and
Network Security
By
Farhan M.Shaikh
B.Sc. (CS),M.Sc. (IT), B.Ed.,M.Ed., M.A (Sociology)., UGC-NET (Education/ Sociology)
Visiting Faculty
L.S. Raheja College, SantaCruz
Unit 3 : System & N/W Security
Introduction to System & Network
Security
Security Attacks
Security Services
Security Mechanisms
farhan.mohd@yahoo.co.in 2
Introduction
farhan.mohd@yahoo.co.in 3
Introduction
farhan.mohd@yahoo.co.in 4
CIA Triad of Computer Security
farhan.mohd@yahoo.co.in 5
CIA Triad of Computer Security
Confidentiality (covers both data confidentiality and privacy): preserving authorized
restrictions on information access and disclosure, including means for protecting
personal privacy and proprietary information. A loss of confidentiality is the
unauthorized disclosure of information.
Integrity (covers both data and system integrity): Guarding against improper
information modification or destruction, and includes ensuring information non-
repudiation and authenticity. A loss of integrity is the unauthorized modification or
destruction of information.
Availability: Ensuring timely and reliable access to and use of information. A loss of
availability is the disruption of access to or use of information or an information
system.
Although the use of the CIA triad to define security objectives is well established, some
in the security field feel that additional concepts are needed to present a complete
picture. Two of the most commonly mentioned are:
Authenticity: The property of being genuine and being able to be verified and
trusted; confidence in the validity of a transmission, a message, or message originator.
Accountability: The security goal that generates the requirement for actions of an
entity to be traced uniquely to that entity.
farhan.mohd@yahoo.co.in 6
Security Goals
farhan.mohd@yahoo.co.in 7
Loss of Confidentiality
farhan.mohd@yahoo.co.in 8
Security Goals
farhan.mohd@yahoo.co.in 9
Loss of Integrity
farhan.mohd@yahoo.co.in 10
Attack on Availability
farhan.mohd@yahoo.co.in 11
Security Attacks
farhan.mohd@yahoo.co.in 12
Attacks threatening Confidentiality
farhan.mohd@yahoo.co.in 13
Attacks threatening Confidentiality
farhan.mohd@yahoo.co.in 14
Attacks threatening Integrity
farhan.mohd@yahoo.co.in 15
Attacks threatening Integrity
farhan.mohd@yahoo.co.in 16
Attacks threatening Integrity
farhan.mohd@yahoo.co.in 17
Attacks threatening Integrity
farhan.mohd@yahoo.co.in 18
Attacks threatening Availability
farhan.mohd@yahoo.co.in 19
Passive v/s Active Attacks
farhan.mohd@yahoo.co.in 20
Passive Attacks
farhan.mohd@yahoo.co.in 21
Passive Attacks
farhan.mohd@yahoo.co.in 22
Active Attacks
farhan.mohd@yahoo.co.in 23
Active Attacks
farhan.mohd@yahoo.co.in 24
Security Services and Mechanisms
farhan.mohd@yahoo.co.in 25
Security Services
farhan.mohd@yahoo.co.in 26
Security Services
farhan.mohd@yahoo.co.in 27
Security Services
farhan.mohd@yahoo.co.in 28
Security Mechanisms
farhan.mohd@yahoo.co.in 29
Security Mechanisms
farhan.mohd@yahoo.co.in 30
Security Mechanisms
farhan.mohd@yahoo.co.in 31
Security Mechanisms
farhan.mohd@yahoo.co.in 32
Relation between Security Services &
Mechanisms
farhan.mohd@yahoo.co.in 33
References
Cryptography and Network Security,
Forouzan B (TMH)
farhan.mohd@yahoo.co.in 34
farhan.mohd@yahoo.co.in 35