1 / 21

Security on Networks and Information Systems

Security on Networks and Information Systems. Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html baazobarry@hotmail.com. 1 Introduction. Outline. Security trends The OSI security Architecture Security attacks Security services

thane-bruce
Download Presentation

Security on Networks and Information Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html baazobarry@hotmail.com Bazara Barry

  2. 1Introduction Bazara Barry

  3. Outline • Security trends • The OSI security Architecture • Security attacks • Security services • Security mechanisms • A model for network security • Internet standards and RFCs Bazara Barry

  4. Security Trends (1-4) • In 1994, the Internet Architecture Board (IAB) issued a report entitled "Security in the Internet Architecture". • The report stated the general consensus that the Internet needs more and better security. Bazara Barry

  5. Security Trends (2-4) Bazara Barry

  6. Security Trends (3-4) Bazara Barry

  7. Security Trends (4-4) Bazara Barry

  8. The OSI Security Architecture • The manager responsible for security needs some systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. • ITU-T Recommendation X.800, Security Architecture for OSI, defines such a systematic approach. • The OSI security architecture focuses on security attacks, mechanisms, and services. Bazara Barry

  9. Attacks, Services and Mechanisms • Security Attack:Any action that compromises the security of information. • Security Mechanism:A mechanism that is designed to detect, prevent, or recover from a security attack. • Security Service:A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Bazara Barry

  10. Security Attacks Bazara Barry

  11. Security Attacks Bazara Barry

  12. Security Attacks • Interruption: This is an attack on availability • Interception: This is an attack on confidentiality • Modification: This is an attack on integrity • Fabrication: This is an attack on authenticity Bazara Barry

  13. Security Goals Confidentiality Integrity Avalaibility Bazara Barry

  14. Security Services • Confidentiality (privacy) • Authentication (who created or sent the data) • Integrity (has not been altered) • Non-repudiation (the order is final) • Access control (prevent misuse of resources) • Availability (permanence, non-erasure) • Denial of Service Attacks • Virus that deletes files Bazara Barry

  15. Bazara Barry

  16. Security Mechanisms • Specific security mechanisms (encipherment, digital signature, authentication exchange, traffic padding,…). • Pervasive security mechanisms (trusted functionality, security label, event detection, security audit trail,…). Bazara Barry

  17. A Model for Network Security (1-2) Bazara Barry

  18. A Model for Network Security (2-2) Bazara Barry

  19. Methods of Defense • Encryption • Software Controls (access limitations in a database, in operating system to protect each user from other users) • Hardware Controls (smartcard) • Policies (frequent changes of passwords) • Physical Controls Bazara Barry

  20. Internet standards and RFCs • The Internet society • Internet Architecture Board (IAB) • Internet Engineering Task Force (IETF) • Internet Engineering Steering Group (IESG) Bazara Barry

  21. Internet RFC Publication Process Bazara Barry

More Related