Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. | Network Security Henric Johnson Blekinge Institute of Technology, Sweden +46 708 250375 Henric Johnson Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork Security Internet standards and RFCs Henric Johnson Attacks, Services and Mechanisms Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Henric Johnson Security Attacks Henric Johnson Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modfication: This is an attack on integtrity Fabrication: This is an attack on authenticity Henric Johnson | Network Security Henric Johnson Blekinge Institute of Technology, Sweden +46 708 250375 Henric Johnson Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork Security Internet standards and RFCs Henric Johnson Attacks, Services and Mechanisms Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Henric Johnson Security Attacks Henric Johnson Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modfication: This is an attack on integtrity Fabrication: This is an attack on authenticity Henric Johnson Security Goals Integrity Confidentiality Avaliability Henric Johnson Henric Johnson Security Services Confidentiality (privacy) Authentication (who created or sent the data) Integrity (has not been altered) Non-repudiation (the order is final) Access control (prevent misuse of resources) Availability (permanence, non-erasure) Denial of Service Attacks Virus that deletes files Henric Johnson Henric Johnson Henric Johnson Methods of Defence Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls Henric Johnson Internet standards and RFCs The Internet society Internet Architecture Board (IAB) Internet Engineering Task Force (IETF) Internet Engineering Steering Group (IESG) Henric Johnson Internet RFC Publication Process Henric Johnson Recommended Reading Pfleeger, C. Security in Computing. Prentice Hall, 1997. Mel, . Baker, D. Cryptography Decrypted. Addison Wesley, 2001. Henric Johnson