Scribd Logo
Importer

Bienvenue sur Scribd !

  • Chapter 1

    Transféré par

    spaceoddities
    28 vues14 pages
    Security attacks, services and mechanisms a model for Internetwork Security Internet standards and RFCs Henric Johnson 3 Security Attacks Security Attacks Interruption: this is an attack on availability Modfication: This is a attack on integtrity Fabrication: This a an attack on authenticity 5 Security Goals Confidentiality Integrity security services Authentication (who created or sent the data) Integrity (has not been altered) access control (prevent misuse of resources) availability (permanence,

    Description originale:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    PPT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Security attacks, services and mechanisms a model for Internetwork Security Internet standards and RFCs Henric Johnson 3 Security Attacks Security Attacks Interruption: this is an attack on availability Modfication: This is a attack on integtrity Fabrication: This a an attack on authenticity 5 Security Goals Confidentiality Integrity security services Authentication (who created or sent the data) Integrity (has not been altered) access control (prevent misuse of resources) availability (permanence,

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    28 vues14 pages

    Chapter 1

    Transféré par

    spaceoddities
    Security attacks, services and mechanisms a model for Internetwork Security Internet standards and RFCs Henric Johnson 3 Security Attacks Security Attacks Interruption: this is an attack on availability Modfication: This is a attack on integtrity Fabrication: This a an attack on authenticity 5 Security Goals Confidentiality Integrity security services Authentication (who created or sent the data) Integrity (has not been altered) access control (prevent misuse of resources) availability (permanence,

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 14

    Network Security

    Henric Johnson
    Blekinge Institute of Technology, Sweden
    www.its.bth.se/staff/hjo/
    henric.johnson@bth.se
    +46 708 250375
    Henric Johnson 1
    Outline
    • Attacks, services and mechanisms
    • Security attacks
    • Security services
    • Methods of Defense
    • A model for Internetwork Security
    • Internet standards and RFCs

    Henric Johnson 2
    Attacks, Services and
    Mechanisms
    • Security Attack: Any action that
    compromises the security of information.
    • Security Mechanism: A mechanism that is
    designed to detect, prevent, or recover from a
    security attack.
    • Security Service: A service that enhances
    the security of data processing systems and
    information transfers. A security service
    makes use of one or more security mechanisms.

    Henric Johnson 3
    Security Attacks

    Henric Johnson 4
    Security Attacks
    • Interruption: This is an attack on
    availability
    • Interception: This is an attack on
    confidentiality
    • Modfication: This is an attack on
    integtrity
    • Fabrication: This is an attack on
    authenticity
    Henric Johnson 5
    Security Goals

    Confidentiality

    Integrity Avaliability

    Henric Johnson 6
    Henric Johnson 7
    Security Services
    • Confidentiality (privacy)
    • Authentication (who created or sent the data)
    • Integrity (has not been altered)
    • Non-repudiation (the order is final)
    • Access control (prevent misuse of resources)
    • Availability (permanence, non-erasure)
    – Denial of Service Attacks
    – Virus that deletes files

    Henric Johnson 8
    Henric Johnson 9
    Henric Johnson 10
    Methods of Defence
    • Encryption
    • Software Controls (access limitations
    in a data base, in operating system
    protect each user from other users)
    • Hardware Controls (smartcard)
    • Policies (frequent changes of
    passwords)
    • Physical Controls
    Henric Johnson 11
    Internet standards and
    RFCs
    • The Internet society
    – Internet Architecture Board (IAB)
    – Internet Engineering Task Force (IETF)
    – Internet Engineering Steering Group
    (IESG)

    Henric Johnson 12
    Internet RFC Publication
    Process

    Henric Johnson 13
    Recommended Reading
    • Pfleeger, C. Security in Computing.
    Prentice Hall, 1997.

    • Mel, H.X. Baker, D. Cryptography


    Decrypted. Addison Wesley, 2001.

    Henric Johnson 14

    Vous aimerez peut-être aussi