SlideShare a Scribd company logo

Security

Download as PPT, PDF
S
santhypp
EducationTechnologyNews & Politics
1 of 23
Chapter 1 Introduction: Computer and Network Security //Modified by Prof. M. Singhal// Henric Johnson Blekinge Institute of Technology, Sweden www.its.bth.se/staff/hjo/ henric.johnson@bth.se Henric Johnson +46 708 250375 1
Outline • Information security • Attacks, services and mechanisms • Security attacks • Security services • Methods of Defense • A model for Internetwork Security • Internet standards and RFCs Henric Johnson 2
Information Security “Protection of data”. Has gone two major changes: 1. Computer Security: oTimesharing systems: multiple users share the H/W and S/W resources on a computer. o Remote login is allowed over phone lines. “Measures and tools to protect data and thwart hackers is called Computer Security”. Henric Johnson 3
Information Security… 2. Network Security: Computer networks are widely used to connect computers at distant locations. Raises additional security problems: o Data in transmission must be protected. o Network connectivity exposes each computer to more vulnerabilities. Henric Johnson 4
Attacks, Services and Mechanisms Three aspects of Information Security: • Security Attack: Any action that compromises the security of information. • Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. • Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Henric Johnson 5
Security Attacks Henric Johnson 6
Security Attacks Interruption: An asset of the system is destroyed or becomes unavailable or unusable. • This is an attack on availability. Examples: • Destroying some H/W (disk or wire). • Disabling file system. • Swamping a computer with jobs or communication link with packets. Henric Johnson 7
Security Attacks Interception: An unauthorized party gains access to an asset. O This is an attack on confidentiality. Examples: >Wiretapping to capture data in a network. >Illicitly copying data or programs. Henric Johnson 8
Security Attacks Modification: An unauthorized party gains access and tampers an asset. oThis is an attack on integrity. Examples: • Changing data files. • Altering a program. • Altering the contents of a message. Henric Johnson 9
Security Attacks Fabrication: An unauthorized party inserts a counterfeit object into the system. O This is an attack on authenticity. Examples: > Insertion of records in data files. > Insertion of spurious messages in a network. (message replay). Henric Johnson 10
Passive vs. Active Attacks 1. Passive Attacks: o Eavesdropping on information without modifying it. (difficult to detect ). 2. Active Attacks: o Involve modification or creation of info. Henric Johnson 11
Henric Johnson 12
Passive Threats • Release of a message contents: Contents of a message are read. > A message may be carrying sensitive or confidential data. • Traffic analysis: An intruder makes inferences by observing message patterns. > Can be done even if messages are encrypted. > Inferences: location and identity of hosts. Henric Johnson 13
Active Threats • Masquerade: An entity pretends to be some other entity. Example: An entity captures an authentication sequence and replays it later to impersonate the original entity. • Replay: Involves capture of a data unit and its retransmission to produce an unauthorized effect. Henric Johnson 14
Active Threats • Modification of messages: A portion of a legitimate message has been altered to produce an undesirable effect. • Denial of service: Inhibits normal use of computer and communications resources. > Flooding of computer network. >Swamping of CPU or a server. Henric Johnson 15
Security Services A classification of security services: • Confidentiality (privacy) • Authentication (who created or sent the data) • Integrity (has not been altered) • Non-repudiation (the order is final) • Access control (prevent misuse of resources) • Availability (permanence, non-erasure) – Denial of Service Attacks – Virus that deletes files Henric Johnson 16
Security Goals Confidentiality Integrity Avalaibility Henric Johnson 17
Henric Johnson 18
Henric Johnson 19
Methods of Defence • Encryption • Software Controls (access limitations in a data base, in operating system protect each user from other users) • Hardware Controls (smartcard) • Policies (frequent changes of passwords) • Physical Controls Henric Johnson 20
Internet standards and RFCs • The Internet society – Internet Architecture Board (IAB) – Internet Engineering Task Force (IETF) – Internet Engineering Steering Group (IESG) Henric Johnson 21
Internet RFC Publication Process Henric Johnson 22
Recommended Reading • Pfleeger, C. Security in Computing. Prentice Hall, 1997. • Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001. Henric Johnson 23

Recommended

Chapter 1
Chapter 1Chapter 1
Chapter 1rajjani
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Network security
Network securityNetwork security
Network securityJasleen Kaur (Chandigarh University)
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Lecture1 Introduction
Lecture1 Introduction Lecture1 Introduction
Lecture1 Introduction rajakhurram
 

Recommended

Chapter 1
Chapter 1Chapter 1
Chapter 1rajjani
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Network security
Network securityNetwork security
Network securityJasleen Kaur (Chandigarh University)
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Lecture1 Introduction
Lecture1 Introduction Lecture1 Introduction
Lecture1 Introduction rajakhurram
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overviewlimsh
 
Network security
Network securityNetwork security
Network securityEshrak Rahman
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Network Security
Network SecurityNetwork Security
Network SecuritySayantan Sur
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
Dos attack
Dos attackDos attack
Dos attackManjushree Mashal
 
cryptographic security
cryptographic securitycryptographic security
cryptographic securityPriyamvada Singh
 
Computer Networking
Computer NetworkingComputer Networking
Computer NetworkingShahMDGolamRahmanNay
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityRubal Sagwal
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Information and network security 6 security attacks
Information and network security 6 security attacksInformation and network security 6 security attacks
Information and network security 6 security attacksVaibhav Khanna
 
Dos unit 5
Dos unit 5Dos unit 5
Dos unit 5JebasheelaSJ
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Module 8 security and ethical challenges
Module 8 security and ethical challengesModule 8 security and ethical challenges
Module 8 security and ethical challengesCRM
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensicsalrawes
 
Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniqueswaqasahmad1995
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityNeha Raju k
 
Cryptography and network Security Chapter 1
Cryptography and network Security Chapter 1Cryptography and network Security Chapter 1
Cryptography and network Security Chapter 1shivz3
 
Chapter 1
Chapter 1Chapter 1
Chapter 1shivz3
 

More Related Content

What's hot

Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overviewlimsh
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityRubal Sagwal
 
Information and network security 6 security attacks
Information and network security 6 security attacksInformation and network security 6 security attacks
Information and network security 6 security attacksVaibhav Khanna
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 
Module 8 security and ethical challenges
Module 8 security and ethical challengesModule 8 security and ethical challenges
Module 8 security and ethical challengesCRM
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensicsalrawes
 
Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniqueswaqasahmad1995
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityNeha Raju k
 

What's hot (20)

Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
 
Network security
Network securityNetwork security
Network security
 
Network security
Network securityNetwork security
Network security
 
Network Security
Network SecurityNetwork Security
Network Security
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
 
Dos attack
Dos attackDos attack
Dos attack
 
cryptographic security
cryptographic securitycryptographic security
cryptographic security
 
Computer Networking
Computer NetworkingComputer Networking
Computer Networking
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Ppt.1
Ppt.1Ppt.1
Ppt.1
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Information and network security 6 security attacks
Information and network security 6 security attacksInformation and network security 6 security attacks
Information and network security 6 security attacks
 
Dos unit 5
Dos unit 5Dos unit 5
Dos unit 5
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security
 
Module 8 security and ethical challenges
Module 8 security and ethical challengesModule 8 security and ethical challenges
Module 8 security and ethical challenges
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniques
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information security
 

Similar to Security

Cryptography and network Security Chapter 1
Cryptography and network Security Chapter 1Cryptography and network Security Chapter 1
Cryptography and network Security Chapter 1shivz3
 
Chapter 1
Chapter 1Chapter 1
Chapter 1shivz3
 
Network Security
Network SecurityNetwork Security
Network Securitykoti7575
 
Network Security introduction.pdf
Network Security introduction.pdfNetwork Security introduction.pdf
Network Security introduction.pdfssuser3e6464
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptshahadd2021
 
A survey in privacy security in IOT
A survey in privacy security in IOT A survey in privacy security in IOT
A survey in privacy security in IOT ssk
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture ACMDLearning
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.pptKaukau9
 
Iot security problems and solutions
Iot security problems and solutionsIot security problems and solutions
Iot security problems and solutionsPurvesh kachhiya
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Securityprachi67
 
KCS074_CGNS_L1_PPT1.pptx
KCS074_CGNS_L1_PPT1.pptxKCS074_CGNS_L1_PPT1.pptx
KCS074_CGNS_L1_PPT1.pptxjohn942994
 
What are data networks?
What are data networks?What are data networks?
What are data networks?James Steele
 

Similar to Security (20)

Cryptography and network Security Chapter 1
Cryptography and network Security Chapter 1Cryptography and network Security Chapter 1
Cryptography and network Security Chapter 1
 
Chapter 1
Chapter 1Chapter 1
Chapter 1
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Security introduction.pdf
Network Security introduction.pdfNetwork Security introduction.pdf
Network Security introduction.pdf
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.ppt
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
A survey in privacy security in IOT
A survey in privacy security in IOT A survey in privacy security in IOT
A survey in privacy security in IOT
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
 
sc.pptx
sc.pptxsc.pptx
sc.pptx
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
 
Iot security problems and solutions
Iot security problems and solutionsIot security problems and solutions
Iot security problems and solutions
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
 
CNS Unit-1.pptx
CNS Unit-1.pptxCNS Unit-1.pptx
CNS Unit-1.pptx
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
 
KCS074_CGNS_L1_PPT1.pptx
KCS074_CGNS_L1_PPT1.pptxKCS074_CGNS_L1_PPT1.pptx
KCS074_CGNS_L1_PPT1.pptx
 
What are data networks?
What are data networks?What are data networks?
What are data networks?
 

Recently uploaded

Mythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWMythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWQuiz Club NITW
 
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQ-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQuiz Club NITW
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxUnraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxDhatriParmar
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...DhatriParmar
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxSayali Powar
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...Nguyen Thanh Tu Collection
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
Man or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptx
Man or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptxMan or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptx
Man or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptxDhatriParmar
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17Celine George
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 

Recently uploaded (20)

Mythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWMythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITW
 
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQ-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
 
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of EngineeringFaculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxUnraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
 
prashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Professionprashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Profession
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
Man or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptx
Man or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptxMan or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptx
Man or Manufactured_ Redefining Humanity Through Biopunk Narratives.pptx
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 
How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 

Security

  • 1. Chapter 1 Introduction: Computer and Network Security //Modified by Prof. M. Singhal// Henric Johnson Blekinge Institute of Technology, Sweden www.its.bth.se/staff/hjo/ henric.johnson@bth.se Henric Johnson +46 708 250375 1
  • 2. Outline • Information security • Attacks, services and mechanisms • Security attacks • Security services • Methods of Defense • A model for Internetwork Security • Internet standards and RFCs Henric Johnson 2
  • 3. Information Security “Protection of data”. Has gone two major changes: 1. Computer Security: oTimesharing systems: multiple users share the H/W and S/W resources on a computer. o Remote login is allowed over phone lines. “Measures and tools to protect data and thwart hackers is called Computer Security”. Henric Johnson 3
  • 4. Information Security… 2. Network Security: Computer networks are widely used to connect computers at distant locations. Raises additional security problems: o Data in transmission must be protected. o Network connectivity exposes each computer to more vulnerabilities. Henric Johnson 4
  • 5. Attacks, Services and Mechanisms Three aspects of Information Security: • Security Attack: Any action that compromises the security of information. • Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. • Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Henric Johnson 5
  • 6. Security Attacks Henric Johnson 6
  • 7. Security Attacks Interruption: An asset of the system is destroyed or becomes unavailable or unusable. • This is an attack on availability. Examples: • Destroying some H/W (disk or wire). • Disabling file system. • Swamping a computer with jobs or communication link with packets. Henric Johnson 7
  • 8. Security Attacks Interception: An unauthorized party gains access to an asset. O This is an attack on confidentiality. Examples: >Wiretapping to capture data in a network. >Illicitly copying data or programs. Henric Johnson 8
  • 9. Security Attacks Modification: An unauthorized party gains access and tampers an asset. oThis is an attack on integrity. Examples: • Changing data files. • Altering a program. • Altering the contents of a message. Henric Johnson 9
  • 10. Security Attacks Fabrication: An unauthorized party inserts a counterfeit object into the system. O This is an attack on authenticity. Examples: > Insertion of records in data files. > Insertion of spurious messages in a network. (message replay). Henric Johnson 10
  • 11. Passive vs. Active Attacks 1. Passive Attacks: o Eavesdropping on information without modifying it. (difficult to detect ). 2. Active Attacks: o Involve modification or creation of info. Henric Johnson 11
  • 13. Passive Threats • Release of a message contents: Contents of a message are read. > A message may be carrying sensitive or confidential data. • Traffic analysis: An intruder makes inferences by observing message patterns. > Can be done even if messages are encrypted. > Inferences: location and identity of hosts. Henric Johnson 13
  • 14. Active Threats • Masquerade: An entity pretends to be some other entity. Example: An entity captures an authentication sequence and replays it later to impersonate the original entity. • Replay: Involves capture of a data unit and its retransmission to produce an unauthorized effect. Henric Johnson 14
  • 15. Active Threats • Modification of messages: A portion of a legitimate message has been altered to produce an undesirable effect. • Denial of service: Inhibits normal use of computer and communications resources. > Flooding of computer network. >Swamping of CPU or a server. Henric Johnson 15
  • 16. Security Services A classification of security services: • Confidentiality (privacy) • Authentication (who created or sent the data) • Integrity (has not been altered) • Non-repudiation (the order is final) • Access control (prevent misuse of resources) • Availability (permanence, non-erasure) – Denial of Service Attacks – Virus that deletes files Henric Johnson 16
  • 17. Security Goals Confidentiality Integrity Avalaibility Henric Johnson 17
  • 20. Methods of Defence • Encryption • Software Controls (access limitations in a data base, in operating system protect each user from other users) • Hardware Controls (smartcard) • Policies (frequent changes of passwords) • Physical Controls Henric Johnson 20
  • 21. Internet standards and RFCs • The Internet society – Internet Architecture Board (IAB) – Internet Engineering Task Force (IETF) – Internet Engineering Steering Group (IESG) Henric Johnson 21
  • 22. Internet RFC Publication Process Henric Johnson 22
  • 23. Recommended Reading • Pfleeger, C. Security in Computing. Prentice Hall, 1997. • Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001. Henric Johnson 23