Scribd
Upload
32 views19 pages

Information Security Presentatation

The document provides an introduction to information security concepts. It defines computer, network, and internet security and outlines common security services, mechanisms, and types of attacks. It discusses the OSI security architecture and models for providing network and access security. The goal is to introduce fundamental concepts needed to study cryptography and its role in securing information systems and transmissions.

Uploaded by

Muhammad Ather Ameen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
32 views19 pages

Information Security Presentatation

The document provides an introduction to information security concepts. It defines computer, network, and internet security and outlines common security services, mechanisms, and types of attacks. It discusses the OSI security architecture and models for providing network and access security. The goal is to introduce fundamental concepts needed to study cryptography and its role in securing information systems and transmissions.

Uploaded by

Muhammad Ather Ameen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

1

Information Security

Engr. Tariq M. Pirzada


Chapter 1 – Introduction 2

The art of war teaches us to rely not on the likelihood of the enemy's not
coming, but on our own readiness to receive him; not on the chance
of his not attacking, but rather on the fact that we have made our
position unassailable.
—The Art of War, Sun Tzu
Background 3

 Information Security requirements have changed


in recent times
 traditionally provided by physical and
administrative mechanisms
 computer use requires automated tools to protect
files and other stored information
 use of networks and communications links requires
measures to protect data during transmission
Definitions 4

 Computer Security - generic name for the


collection of tools designed to protect data and
to thwart hackers
 Network Security - measures to protect data
during their transmission
Aim of Course 5

 our focus is on Internet Security


 consists of measures to deter, prevent, detect,
and correct security violations that involve the
transmission of information
Services, Mechanisms, 6

Attacks
 need systematic way to define requirements
 consider three aspects of information security:
 security attack
 security mechanism
 security service
 consider in reverse order
Security Service 7

 is something that enhances the security of the data


processing systems and the information transfers of
an organization
 intended to counter security attacks
 make use of one or more security mechanisms to
provide the service
 replicate functions normally associated with
physical documents
 eg. have signatures, dates; need protection from
disclosure, tampering, or destruction; be notarized or
witnessed; be recorded or licensed
Security Mechanism 8

 a mechanism that is designed to detect, prevent,


or recover from a security attack
 no single mechanism that will support all functions
required
 however one particular element underlies many
of the security mechanisms in use: cryptographic
techniques
 hence our focus on this area
Security Attack 9

 any action that compromises the security of


information owned by an organization
 information security is about how to prevent
attacks, or failing that, to detect attacks on
information-based systems
 have a wide range of attacks
 can focus of generic types of attacks
 note: often threat & attack mean same
OSI Security Architecture 10

 ITU-T X.800 Security Architecture for OSI


 defines a systematic way of defining and
providing security requirements
 for us it provides a useful, if abstract, overview of
concepts we will study
Security Services 11

 X.800 defines it as: a service provided by a


protocol layer of communicating open systems,
which ensures adequate security of the systems or
of data transfers
 RFC 2828 defines it as: a processing or
communication service provided by a system to
give a specific kind of protection to system
resources
Security Services (X.800) 12

 Authentication - assurance that the


communicating entity is the one claimed
 Access Control - prevention of the
unauthorized use of a resource
 Data Confidentiality –protection of data
from unauthorized disclosure
 Data Integrity - assurance that data
received is as sent by an authorized entity
 Non-Repudiation - protection against
denial by one of the parties in a
communication
Security Mechanisms 13

(X.800)
 specific security mechanisms:
 encipherment, digital signatures, access controls,
data integrity, authentication exchange, traffic
padding, routing control, notarization
 pervasive security mechanisms:
 trusted functionality, security labels, event
detection, security audit trails, security recovery
Classify Security Attacks as 14

 passive attacks - eavesdropping on,


or monitoring of, transmissions to:
 obtain message contents, or
 monitor traffic flows
 active attacks – modification of data
stream to:
 masquerade of one entity as some other
 replay previous messages
 modify messages in transit
 denial of service
Model for Network 15

Security
Model for Network 16

Security
 using this model requires us to:
 design a suitable algorithm for the security
transformation
 generate the secret information (keys) used by the
algorithm
 develop methods to distribute and share the secret
information
 specify a protocol enabling the principals to use the
transformation and secret information for a security
service
Model for Network Access 17
Security
Model for Network Access 18
Security
 using this model requires us to:
 select appropriate gatekeeper functions to identify
users
 implement security controls to ensure only
authorised users access designated information or
resources
 trusted computer systems can be used to
implement this model
Summary 19

 have considered:
 computer, network, internet security def’s
 security services, mechanisms, attacks
 X.800 standard
 models for network (access) security

You might also like