Network Security.docx - 1 Introduction To Network Security 1.1 Security Vs Privacy 1.1.1 Security Security is the need for any organization to protect

Network Security.docx - 1 Introduction To Network Security...

This preview shows page 1 - 3 out of 12 pages.

1 Introduction To Network Security 1.1 Security Vs Privacy: 1.1.1 Security: Security is the need for any organization to protect it from Intruders. 1.1.2 Privacy: Privacy is wanted by an organization to protect the rights of an individual. 1.2 Three Aspects of Information Security: 1.2.1 Security Attack Any action that compromises the security of information owned by an organization. 1.2.2 Security Mechanism A mechanism that is designed to detect, prevent, or recover from a security attack. 1.2.3 Security Service A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. 1.3 The Four General Categories Of An Attack 1.3.1 Interruption An asset of a system is destroyed or become unavailable or unusable. This is an attack on availability . Examples include, destruction of hardware, such as hard disk, breaking a communication line, or the disabling of file management system. 1.3.2 Interception An unauthorized party gains access to an asset. This is an attack on confidentiality . The unauthorized party could be a person, a program, or a computer. Examples include wiretapping to capture data in a network, and the unauthorized copying of files or programs. 1.3.3 Modification An unauthorized party not only gains access to but also tampers with an asset. This is an attack on integrity . Examples include changing values in a data file, altering a program so that it performs differently, and modifying the content of messages being transmitted in a network. 1.3.4 Fabrication 1
Image of page 1

Subscribe to view the full document.

An unauthorized party counterfeit objects into system. This is an attack on authenticity . Examples include the insertion of spurious messages in a network or the addition of records to a file. Another useful categorization of the above named attacks can be in terms of passive attacks and active attacks . Passive attacks: Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goals of the opponent are to obtain information that is being transmitted. Two types of passive attacks are: 1. Release of message content A telephone conversation, an e-mail message or a transfer of file that contains sensitive data or confidential information are kinds of information, which are needed to be prevented from the opponent. 2. Traffic Analysis In this phase, the content of information is encrypted, so that its still be secure, even if the opponent taps it on. The opponent can still determine the origin, frequency and the length of message; and guess the nature of communication that is taking place. Active attacks: Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: Masquerade: It takes place when an entity pretends to be a different entity. For example, an authentication sequence is captured and replayed after a valid authentication sequence has taken place.
Image of page 2
Image of page 3

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask 0 bonus questions You can ask 0 questions (0 expire soon) You can ask 0 questions (will expire )
Answers in as fast as 15 minutes