Professional Documents
Culture Documents
The generic name for the collection of tools designed to protect computer data is computer security (including access via network) Collection of tools designed to protect data during transmission between computers in the network is network (internet) security Security services should provide: confidentiality, authentication, nonrepudiation, integrity of transmitted data Security mechanisms should consider possible attacks on the security features. Three aspects of information security: Security attack: any action that compromises the security of information owned by an organization Security mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Many security mechanisms are based on cryptographic techniques Security service: A service that enhances the security of the data processing systems and the information transfers of organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. They are used to implement security policy of an organization. Security services are to replicate functions normally associated with physical documents. Documents usually have: signatures, dates. They may be notarized or witnessed, may be licensed. They may need protection from disclosure, tampering, or destruction Security services are to take into account specific features of electronic documents: 1. It is usually possible to discriminate between an original paper document and a xerographic copy. However, an electronic document is merely a sequence of bits; there is no difference between the original and any number of copies 2. An alteration to a paper document may leave some sort of physical evidence of the alteration. For example, an erasure can result in a thin spot or a roughness in the surface. Altering bits in the computer memory or in a signal leaves no physical trace
4.3. Selective-field connection integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed 4.4. Connectionless integrity Provides for the integrity of a single connectionless data block 4.5. Selective-field connectionless integrity Provides for the integrity of selected fields within a single connectionless data block 5. Nonrepudiation Provides protection against denial by one of the entities involved in the communication of having participated in all or part of the communication 5.1. Norepudiation, origin Proof that the message was sent by the specified party 5.2. Nonrepudiation, destination Proof that the message was received by the specified party Also, there may be considered Availability service which protects the system to ensure its availability
Securuty Mechanisms
X.800 defines the following mechanisms 1. Specific security mechanisms May be incorporated into the appropriate protocol layer in order to provide some of OSI security services 1.1. Encipherment The use of mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys 1.2. Digital signature Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery 1.3. Access control A variety of mechanisms that enforce access rights to resources 1.4. Data integrity A variety of mechanisms used to assure the integrity of a data unit or stream of data units
Security Attacks
X.800 and RFC 2828 distinguish passive and active attacks 1. Passive attacks Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions 1.1. Release of message contents encryption is usually used to counter attack 1.2. Traffic analysis if contents is closed but the opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged, he may guess the nature of the communication that was taking place Passive attacks are very difficult to detect because they do not involve any alteration of data. However, it is feasible to prevent the success of these attacks, usually by means of encryption. 2. Active attacks They involve some modification of the data stream or the creation of a false data stream and can be subdivided into 4 categories 2.1. A Masquerade takes place when one entity pretends to be a different entity 2.2. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect 2.3. Modification of messages simply means that some portion of a legitimate message is altered 2.4. The Denial of service prevents or inhibits the normal use or management of communication facilities
Virus malicious code which runs inside infected programs, worm independent malicious program.