Chapter 1: Introduction (1)
lượt xem 2
download
Objectives of Chapter 1: To define three security goals; to define security attacks that threaten security goals; to define security services and how they are related to the three security goals; to define security mechanisms to provide security services; to introduce two techniques, cryptography and steganography, to implement security mechanisms
Bình luận(0) Đăng nhập để gửi bình luận!
Nội dung Text: Chapter 1: Introduction (1)
- Chapter 1 Objectives To define three security goals To define security attacks that threaten security goals Chapter 1 To define security services and how they are related to the three security goals Introduction To define security mechanisms to provide security services To introduce two techniques, cryptography and steganography, to implement security mechanisms. 1.1 1.2 1.1 Continued 1-1 SECURITY GOALS Figure 1.1 Taxonomy of security goals This section defines three security goals. Topics discussed in this section: 1.1.1 Confidentiality 1.1.2 Integrity 1.1.3 Security 1.3 1.4 1.1.1 Confidentiality 1.1.2 Integrity Confidentiality is probably the most common aspect of Information needs to be changed constantly. Integrity means information security. We need to protect our confidential that changes need to be done only by authorized entities and information. An organization needs to guard against those through authorized mechanisms. malicious actions that endanger the confidentiality of its information. 1.5 1.6 1
- 1.1.3 Availability Strong Protection The information created and stored by an organization needs to The information created and stored by an organization needs to be available to authorized entities. Information needs to be be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to constantly changed, which means it must be accessible to authorized entities. authorized entities. 1.7 1.8 1.2 Continued 1-2 ATTACKS Figure 1.2 Taxonomy of attacks with relation to security goals The three goals of securityconfidentiality, integrity, and availabilitycan be threatened by security attacks attacks.. Topics discussed in this section: 1.2.1 Attacks Threatening Confidentiality 1.2.2 Attacks Threatening Integrity 1.2.3 Attacks Threatening Availability 1.2.4 Passive versus Active Attacks 1.9 1.10 1.2.1 Attacks Threatening Confidentiality 1.2.2 Attacks Threatening Integrity Snooping refers to unauthorized access to or interception of Modification means that the attacker intercepts the message data. and changes it. Masquerading or spoofing happens when the attacker Traffic analysis refers to obtaining some other type of impersonates somebody else. information by monitoring online traffic. Replaying means the attacker obtains a copy of a message sent by a user and later tries to replay it. Repudiation means that sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message. 1.11 1.12 2
- 1.2.3 Attacks Threatening Availability 1.2.4 Passive Versus Active Attacks Denial of service (DoS) is a very common attack. It may slow Table 1.1 Categorization of passive and active attacks down or totally interrupt the service of a system. 1.13 1.14 1.3.1 Security Services 1-3 SERVICES AND MECHANISMS Figure 1.3 Security services ITU-T provides some security services and some ITU- mechanisms to implement those services. services. Security services and mechanisms are closely related because a mechanism or combination of mechanisms are used to provide a service.. service.. Topics discussed in this section: 1.3.1 Security Services 1.3.2 Security Mechanism 1.3.3 Relation between Services and Mechanisms 1.15 1.16 1.3.2 Security Mechanism 1.3.3 Relation between Services and Mechanisms Figure 1.4 Security mechanisms Table 1.2 Relation between security services and mechanisms 1.17 1.18 3
- 1.4.1 Cryptography 1-4 TECHNIQUES Cryptography, a word with Greek origins, means “secret Mechanisms discussed in the previous sections are only writing.” However, we use the term to refer to the science and art theoretical recipes to implement security security.. The actual of transforming messages to make them secure and immune to implementation of security goals needs some techniques. techniques. attacks. Two techniques are prevalent today today:: cryptography and steganography.. steganography Topics discussed in this section: 1.4.1 Cryptography 1.4.2 Steganography 1.19 1.20 1.4.2 Steganography 1.4.2 Continued The word steganography, with origin in Greek, means “covered writing,” in contrast with cryptography, which means “secret Example: using dictionary writing.” Example: covering data with text Example: covering data under color image 1.21 1.22 1-5 THE REST OF THE BOOK The rest of this book is divided into four parts. parts. Part One: Symmetric- Symmetric-Key Enciphermen Part Two: Asymmetric- Asymmetric-Key Encipherment Part Three: Integrity, Authentication, and Key Management Part Four: Network Security 1.23 4
CÓ THỂ BẠN MUỐN DOWNLOAD
-
Chapter 10: IC Technology
17 p | 117 | 30
-
chapter 1:introduction- web client programming with perl
10 p | 120 | 14
-
Art of Surface Interpolation-Chapter 1: Introduction
12 p | 97 | 13
-
Cơ sở dữ liệu hình ảnh - Chương 7
10 p | 95 | 10
-
Bài giảng Cơ sở dữ liệu nâng cao - Chapter 1: Creating databases and database files
32 p | 77 | 9
-
Bài giảng Hệ điều hành nâng cao - Chapter 1: Introduction
48 p | 142 | 8
-
Bài giảng Nhập môn tin học - Chapter 1: Introduction to Computer
0 p | 82 | 6
-
Bài giảng Lập trình mạng: Chapter 1 - Nguyễn Thị Thanh Vân
59 p | 71 | 6
-
Lectures Computer architecture: Chapter 1 - ThS. Trần Thị Như Nguyệt
45 p | 61 | 5
-
Lecture Administration and visualization: Chapter 1 - Introduction to data management and visualization
41 p | 18 | 4
-
Bài giảng Computer Architecture: Chapter 1 - Prof. Jerry Breecher
36 p | 69 | 4
-
Lecture Administration and visualization: Chapter 8.1 - Interactive visualization
48 p | 8 | 4
-
Bài giảng Công nghệ phần mềm: Chapter 1 - Nguyễn Thị Cẩm Hương
70 p | 83 | 3
-
Lecture Windows programming: Chapter 3(1) - Châu Thị Bảo Hà
21 p | 50 | 3
-
Lecture Windows programming: Chapter 1 - Châu Thị Bảo Hà
57 p | 74 | 3
-
Lecture TCP-IP protocol suite - Chapter 1: Introduction
16 p | 46 | 1
-
Lecture Natural language processing: Chapter 1 – Lê Ngọc Tấn
12 p | 35 | 1
Chịu trách nhiệm nội dung:
Nguyễn Công Hà - Giám đốc Công ty TNHH TÀI LIỆU TRỰC TUYẾN VI NA
LIÊN HỆ
Địa chỉ: P402, 54A Nơ Trang Long, Phường 14, Q.Bình Thạnh, TP.HCM
Hotline: 093 303 0098
Email: support@tailieu.vn