Introduction to

System and
Network Security
By
Farhan M.Shaikh
B.Sc. (CS),M.Sc. (IT), B.Ed.,M.Ed., M.A (Sociology)., UGC-NET (Education/ Sociology)

Visiting Faculty
L.S. Raheja College, SantaCruz
Unit 3 : System & N/W Security
Introduction to System & Network
Security
Security Attacks
Security Services
Security Mechanisms

farhan.mohd@yahoo.co.in 2
Introduction

farhan.mohd@yahoo.co.in 3
Introduction

farhan.mohd@yahoo.co.in 4
CIA Triad of Computer Security

farhan.mohd@yahoo.co.in 5
 CIA Triad of Computer Security
Confidentiality (covers both data confidentiality and privacy): preserving authorized
restrictions on information access and disclosure, including means for protecting
personal privacy and proprietary information. A loss of confidentiality is the
unauthorized disclosure of information.
Integrity (covers both data and system integrity): Guarding against improper
information modification or destruction, and includes ensuring information non-
repudiation and authenticity. A loss of integrity is the unauthorized modification or
destruction of information.
Availability: Ensuring timely and reliable access to and use of information. A loss of
availability is the disruption of access to or use of information or an information
system.
Although the use of the CIA triad to define security objectives is well established, some
in the security field feel that additional concepts are needed to present a complete
picture. Two of the most commonly mentioned are:
Authenticity: The property of being genuine and being able to be verified and
trusted; confidence in the validity of a transmission, a message, or message originator.
Accountability: The security goal that generates the requirement for actions of an
entity to be traced uniquely to that entity.

farhan.mohd@yahoo.co.in 6
Security Goals

farhan.mohd@yahoo.co.in 7
Loss of Confidentiality

farhan.mohd@yahoo.co.in 8
Security Goals

farhan.mohd@yahoo.co.in 9
Loss of Integrity

farhan.mohd@yahoo.co.in 10
Attack on Availability

farhan.mohd@yahoo.co.in 11
Security Attacks

farhan.mohd@yahoo.co.in 12
Attacks threatening Confidentiality

farhan.mohd@yahoo.co.in 13
Attacks threatening Confidentiality

farhan.mohd@yahoo.co.in 14
Attacks threatening Integrity

farhan.mohd@yahoo.co.in 15
Attacks threatening Integrity

farhan.mohd@yahoo.co.in 16
Attacks threatening Integrity

farhan.mohd@yahoo.co.in 17
Attacks threatening Integrity

farhan.mohd@yahoo.co.in 18
Attacks threatening Availability

farhan.mohd@yahoo.co.in 19
Passive v/s Active Attacks

farhan.mohd@yahoo.co.in 20
Passive Attacks

farhan.mohd@yahoo.co.in 21
Passive Attacks

farhan.mohd@yahoo.co.in 22
Active Attacks

farhan.mohd@yahoo.co.in 23
Active Attacks

farhan.mohd@yahoo.co.in 24
Security Services and Mechanisms

farhan.mohd@yahoo.co.in 25
Security Services

farhan.mohd@yahoo.co.in 26
Security Services

farhan.mohd@yahoo.co.in 27
Security Services

farhan.mohd@yahoo.co.in 28
Security Mechanisms

farhan.mohd@yahoo.co.in 29
Security Mechanisms

farhan.mohd@yahoo.co.in 30
Security Mechanisms

farhan.mohd@yahoo.co.in 31
Security Mechanisms

farhan.mohd@yahoo.co.in 32
Relation between Security Services &
Mechanisms

farhan.mohd@yahoo.co.in 33
References
Cryptography and Network Security,
Forouzan B (TMH)

Cryptography and Network Security,

Kahate A (TMH)

farhan.mohd@yahoo.co.in 34
farhan.mohd@yahoo.co.in 35