finger
Cryptography and Network
Security
-W. Stalling (4th Ed.)
Hoon-Jae Lee
CNSL
Cryptography and Network Security Lab. hjlee@dongseo.ac.kr http://kowon.dongseo.ac.kr/~hjlee http://crypto.dongseo.ac.kr http://crypto.dongseo.ac.kr
2006-04-02
CNSL-Internet-DongseoUniv.
1
Chap 1. Introduction
Agenda
Attacks, Services, and Mechanisms
Security Attacks
Security Services
A Model for Network Security
Outline of this Book
Recommended Reading
2006-04-02
CNSL-Internet-DongseoUniv.
2
1
1.1 Attacks, Services, and Mechanisms
Three aspects of information security:
Security attack: compromises the security of information owned by an organization
Security Mechanism: is designed to detect, prevent, or recover from a security attack
Security service: enhances the security of the data processing systems and the information transfers of an organization 2006-04-02
CNSL-Internet-DongseoUniv.
3
1.1 Attacks, Services, and Mechanisms
Services:
Confidentiality: ensures that the information in a computer system and transmitted information are accessible only for reading by authorized parties.
Authentication: ensures that the origin of a message or electronic document is correctly identified, with an assurance that the identity is not false
Integrity: ensures that only authorized parties are able to modify computer system assets and transmitted information Non-repudiation: requires that neither the sender not the receiver of a message be able to deny the transmission
Access control: requires that access to information resources may be controlled by or for the target system
Availability: requires that computer system assets be available to authorized parties when needed
2006-04-02
CNSL-Internet-DongseoUniv.
4
2
1.2 Security Attacks (1)
1. Threats to security
Interruption
Interception
Modification
Fabrication
2006-04-02
CNSL-Internet-DongseoUniv.
5
1.2 Security Attacks (2)
2006-04-02
Security
-W. Stalling (4th Ed.)
Hoon-Jae Lee
CNSL
Cryptography and Network Security Lab. hjlee@dongseo.ac.kr http://kowon.dongseo.ac.kr/~hjlee http://crypto.dongseo.ac.kr http://crypto.dongseo.ac.kr
2006-04-02
CNSL-Internet-DongseoUniv.
1
Chap 1. Introduction
Agenda
Attacks, Services, and Mechanisms
Security Attacks
Security Services
A Model for Network Security
Outline of this Book
Recommended Reading
2006-04-02
CNSL-Internet-DongseoUniv.
2
1
1.1 Attacks, Services, and Mechanisms
Three aspects of information security:
Security attack: compromises the security of information owned by an organization
Security Mechanism: is designed to detect, prevent, or recover from a security attack
Security service: enhances the security of the data processing systems and the information transfers of an organization 2006-04-02
CNSL-Internet-DongseoUniv.
3
1.1 Attacks, Services, and Mechanisms
Services:
Confidentiality: ensures that the information in a computer system and transmitted information are accessible only for reading by authorized parties.
Authentication: ensures that the origin of a message or electronic document is correctly identified, with an assurance that the identity is not false
Integrity: ensures that only authorized parties are able to modify computer system assets and transmitted information Non-repudiation: requires that neither the sender not the receiver of a message be able to deny the transmission
Access control: requires that access to information resources may be controlled by or for the target system
Availability: requires that computer system assets be available to authorized parties when needed
2006-04-02
CNSL-Internet-DongseoUniv.
4
2
1.2 Security Attacks (1)
1. Threats to security
Interruption
Interception
Modification
Fabrication
2006-04-02
CNSL-Internet-DongseoUniv.
5
1.2 Security Attacks (2)
2006-04-02