SlideShare uma empresa Scribd logo

Introduction of network security

Transferir como PPTX, PDF
sneha padhiar
sneha padhiar

why security is important when we are working on network? you will get clear idea of basic need of security by refereeing this slides

Engenharia
1 de 27
C E : 3 4 8 : I N F O R M A T I O N N E T W O R K S E C U R I T Y I N T R O D U C T I O N O F N E T W O R K S E C U R I T Y Chandubhai S. Patel Institute of Technology P R E P A R E D B Y : S N E H A P A D H I A R A S S I S T A N T P R O F E S S O R
Chandubhai S. Patel Institute of Technology (CSPIT), CHARUSAT In daily life we use information for various purposes and use network for communication and exchange information between different parties. In many cases these information are sensitive so we need to take care that only authorized party can get that information. For maintaining such privacy we require some mechanism or physical device which ensures that it is safe. Such mechanism or physical devices are known as security system.
• Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources. or Generic name for the collection of tools designed to protect data and to thrwart hackers.
• Data Security: Data security is the science and study of methods of protecting data from unauthorized disclosure and modification.
• Confidentiality is probably the most common aspect of information security. We need to protect our confidential information. An organization needs to guard against those malicious actions that endanger the confidentiality of its information. • Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. • Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities.
Confidentiality: It covers two concepts • Data Confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. • Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Availability: Assures that systems work promptly and service is not denied to authorize user.
Integrity: It covers two concepts • Data Integrity: Assures that information and programs are changed only in a specified and authorize manner. • System Integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
• Authentication Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. • Access control It is the ability to limit and control the access to host systems and applications via communication links. This servicse controls who can have access to a resource.
Nonrepudiation • Nonrepudiation prevents either sender or receiver from denying a transmitted message. • When a message is sent, the receiver can prove that the alleged sender in fact sent the message • When a message is received, the sender can prove that the alleged receiver in fact received the message.
• Threat: • A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability.
ATTACKS • Passive Attack • Active Attack
Passive Attack • Release of message contents: o The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.
o TRAFFIC ANALYSIS o Suppose that we had a way of masking the contents of messages or other information. o Even if they captured the message, could not extract the information from the message. o The common technique for masking contents is encryption. o If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages.
Active Attack • Attacker tries to alter transmitted data. • Masquerade: A masquerade takes place when one entity pretends to be a different entity (Figure a). A masquerade attack usually includes one of the other forms of active attack.
Replay: Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
• Modification of messages: o Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect (Figure c). o For example, a message meaning "Allow John Smith to read confidential file accounts" is modified to mean "Allow Fred Brown to read confidential file accounts."
• Denial of service: o The denial of service prevents or inhibits the normal use or management of communications facilities. o This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). o Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.
Security services • A security service is a processing or communicating service that can prevent or detect the above- mentioned attacks. Various security services are: • Authentication: the recipient should be able to identify the sender, and verify that the sender, who claims to be the sender, actually did send the message. • Data Confidentiality: An attacker should not be able to read the transmitted data or extract data in case of encrypted data. In short, confidentiality is the protection of transmitted data from passive attacks. • Data Integrity: Make sure that the message received was exactly the message the sender sent. • Nonrepudiation: The sender should not be able to deny sending the should not be able to deny receiving the message.
Security Mechanisms (X.800)
specific security mechanisms • May be incorporated into the appropriate protocol layer in order to provide some of the OSI security services. • Encipherment The use of mathematical algorithms to transform data into a form that is not readily intelligible. • Digital Signature Data appended to, or a cryptographic transformation of , a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.
• Access control A variety of mechanisms that enforce access rights to resources. • Data Integrity A variety of mechanisms used to ensure the integrity of a data unit or stream of data units. • Authentication exchange A mechanism indented to ensure the identity of an entity by means of information exchange.
• Traffic Padding The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. • Notarization The use of a trusted third party to assure certain Properties of a data exchange.
pervasive security mechanisms • Trusted functionality That which is perceived to be correct with respect to some criteria. • Event detection Detection of security relevant events. • Security label The marking bound to resource that names or designates the security attributes of that resource. • Security recovery Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions.
TECHNIQUES  Cryptography Cryptography, a word with Greek origins, means “secret writing.” However, we use the term to refer to the science and art of transforming messages to make them secure and immune to attacks.
• Steganography The word steganography, with origin in Greek, means “covered writing,” in contrast with cryptography, which means “secret writing.”

Recomendados

Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Security
jp tj
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Security
SecuritySecurity
Security
Rupesh Mishra
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanisms
priya_trehan
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introduction
Dr.Florence Dayana
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network Security
Shafaan Khaliq Bhatti
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security
STS
 

Recomendados

Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Security
jp tj
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Security
SecuritySecurity
Security
Rupesh Mishra
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanisms
priya_trehan
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introduction
Dr.Florence Dayana
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network Security
Shafaan Khaliq Bhatti
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security
STS
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
nathanurag
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
osama elfar
 
Security services
Security servicesSecurity services
Security services
Gayan Geethanjana
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
babak danyal
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
Shitiz Upreti
 
HTTP vs HTTPS Difference
HTTP vs HTTPS Difference HTTP vs HTTPS Difference
HTTP vs HTTPS Difference
Real Estate
 
Infomration & network security
Infomration & network securityInfomration & network security
Infomration & network security
Rajkumar Pawar
 
Information and network security 7 security services
Information and network security 7 security servicesInformation and network security 7 security services
Information and network security 7 security services
Vaibhav Khanna
 
Ch01
Ch01Ch01
Ch01
n C
 
Dos unit 5
Dos unit 5Dos unit 5
Dos unit 5
JebasheelaSJ
 
Information and network security 6 security attacks
Information and network security 6 security attacksInformation and network security 6 security attacks
Information and network security 6 security attacks
Vaibhav Khanna
 
Security
Security Security
Security
chian417
 
Ppt.1
Ppt.1Ppt.1
Ppt.1
veeresh35
 
cryptographic security
cryptographic securitycryptographic security
cryptographic security
Priyamvada Singh
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
lavakumar Thatisetti
 
Data Network Security
Data Network SecurityData Network Security
Data Network Security
Atif Rehmat
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introduction
Shu Shin
 
Data security & cryptography
Data security & cryptography Data security & cryptography
Data security & cryptography
Muhammad Danish
 
Infomation System Security
Infomation System SecurityInfomation System Security
Infomation System Security
Kiran Munir
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
RizwanBasha12
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 

Mais conteúdo relacionado

Mais procurados

Ch01
Ch01Ch01
Ch01
n C
 
Data Network Security
Data Network SecurityData Network Security
Data Network Security
Atif Rehmat
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introduction
Shu Shin
 
Infomation System Security
Infomation System SecurityInfomation System Security
Infomation System Security
Kiran Munir
 

Mais procurados (20)

Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
Security services
Security servicesSecurity services
Security services
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
HTTP vs HTTPS Difference
HTTP vs HTTPS Difference HTTP vs HTTPS Difference
HTTP vs HTTPS Difference
 
Infomration & network security
Infomration & network securityInfomration & network security
Infomration & network security
 
Information and network security 7 security services
Information and network security 7 security servicesInformation and network security 7 security services
Information and network security 7 security services
 
Ch01
Ch01Ch01
Ch01
 
Dos unit 5
Dos unit 5Dos unit 5
Dos unit 5
 
Information and network security 6 security attacks
Information and network security 6 security attacksInformation and network security 6 security attacks
Information and network security 6 security attacks
 
Security
Security Security
Security
 
Ppt.1
Ppt.1Ppt.1
Ppt.1
 
cryptographic security
cryptographic securitycryptographic security
cryptographic security
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
 
Data Network Security
Data Network SecurityData Network Security
Data Network Security
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introduction
 
Data security & cryptography
Data security & cryptography Data security & cryptography
Data security & cryptography
 
Infomation System Security
Infomation System SecurityInfomation System Security
Infomation System Security
 

Semelhante a Introduction of network security

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
AparnaSunil24
 
Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.ppt
shahadd2021
 

Semelhante a Introduction of network security (20)

CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
IT.pptx
IT.pptxIT.pptx
IT.pptx
 
Unit 1
Unit 1Unit 1
Unit 1
 
Lec 01.pdf
Lec 01.pdfLec 01.pdf
Lec 01.pdf
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - Introduction
 
Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.ppt
 
Network Security
Network SecurityNetwork Security
Network Security
 
abc.pptx
abc.pptxabc.pptx
abc.pptx
 
Data information and security unit 1.pdf
Data information and security unit 1.pdfData information and security unit 1.pdf
Data information and security unit 1.pdf
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptx
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptx
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptx
 
Ch01 NetSec5e.pdf
Ch01 NetSec5e.pdfCh01 NetSec5e.pdf
Ch01 NetSec5e.pdf
 
2.Types of Attacks.pptx
2.Types of Attacks.pptx2.Types of Attacks.pptx
2.Types of Attacks.pptx
 
Unit 1
Unit 1Unit 1
Unit 1
 

Último

AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
ankushspencer015
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
rknatarajan
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 

Último (20)

chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 

Introduction of network security

  • 1. C E : 3 4 8 : I N F O R M A T I O N N E T W O R K S E C U R I T Y I N T R O D U C T I O N O F N E T W O R K S E C U R I T Y Chandubhai S. Patel Institute of Technology P R E P A R E D B Y : S N E H A P A D H I A R A S S I S T A N T P R O F E S S O R
  • 2. Chandubhai S. Patel Institute of Technology (CSPIT), CHARUSAT In daily life we use information for various purposes and use network for communication and exchange information between different parties. In many cases these information are sensitive so we need to take care that only authorized party can get that information. For maintaining such privacy we require some mechanism or physical device which ensures that it is safe. Such mechanism or physical devices are known as security system.
  • 3. • Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources. or Generic name for the collection of tools designed to protect data and to thrwart hackers.
  • 4. • Data Security: Data security is the science and study of methods of protecting data from unauthorized disclosure and modification.
  • 5.
  • 6. • Confidentiality is probably the most common aspect of information security. We need to protect our confidential information. An organization needs to guard against those malicious actions that endanger the confidentiality of its information. • Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. • Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities.
  • 7. Confidentiality: It covers two concepts • Data Confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. • Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Availability: Assures that systems work promptly and service is not denied to authorize user.
  • 8. Integrity: It covers two concepts • Data Integrity: Assures that information and programs are changed only in a specified and authorize manner. • System Integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
  • 9. • Authentication Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. • Access control It is the ability to limit and control the access to host systems and applications via communication links. This servicse controls who can have access to a resource.
  • 10. Nonrepudiation • Nonrepudiation prevents either sender or receiver from denying a transmitted message. • When a message is sent, the receiver can prove that the alleged sender in fact sent the message • When a message is received, the sender can prove that the alleged receiver in fact received the message.
  • 11. • Threat: • A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability.
  • 13. Passive Attack • Release of message contents: o The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.
  • 14. o TRAFFIC ANALYSIS o Suppose that we had a way of masking the contents of messages or other information. o Even if they captured the message, could not extract the information from the message. o The common technique for masking contents is encryption. o If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages.
  • 15. Active Attack • Attacker tries to alter transmitted data. • Masquerade: A masquerade takes place when one entity pretends to be a different entity (Figure a). A masquerade attack usually includes one of the other forms of active attack.
  • 16. Replay: Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
  • 17. • Modification of messages: o Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect (Figure c). o For example, a message meaning "Allow John Smith to read confidential file accounts" is modified to mean "Allow Fred Brown to read confidential file accounts."
  • 18. • Denial of service: o The denial of service prevents or inhibits the normal use or management of communications facilities. o This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). o Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.
  • 19.
  • 20. Security services • A security service is a processing or communicating service that can prevent or detect the above- mentioned attacks. Various security services are: • Authentication: the recipient should be able to identify the sender, and verify that the sender, who claims to be the sender, actually did send the message. • Data Confidentiality: An attacker should not be able to read the transmitted data or extract data in case of encrypted data. In short, confidentiality is the protection of transmitted data from passive attacks. • Data Integrity: Make sure that the message received was exactly the message the sender sent. • Nonrepudiation: The sender should not be able to deny sending the should not be able to deny receiving the message.
  • 22. specific security mechanisms • May be incorporated into the appropriate protocol layer in order to provide some of the OSI security services. • Encipherment The use of mathematical algorithms to transform data into a form that is not readily intelligible. • Digital Signature Data appended to, or a cryptographic transformation of , a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.
  • 23. • Access control A variety of mechanisms that enforce access rights to resources. • Data Integrity A variety of mechanisms used to ensure the integrity of a data unit or stream of data units. • Authentication exchange A mechanism indented to ensure the identity of an entity by means of information exchange.
  • 24. • Traffic Padding The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. • Notarization The use of a trusted third party to assure certain Properties of a data exchange.
  • 25. pervasive security mechanisms • Trusted functionality That which is perceived to be correct with respect to some criteria. • Event detection Detection of security relevant events. • Security label The marking bound to resource that names or designates the security attributes of that resource. • Security recovery Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions.
  • 26. TECHNIQUES  Cryptography Cryptography, a word with Greek origins, means “secret writing.” However, we use the term to refer to the science and art of transforming messages to make them secure and immune to attacks.
  • 27. • Steganography The word steganography, with origin in Greek, means “covered writing,” in contrast with cryptography, which means “secret writing.”