Topic Covered :
Computer Security :
Why Do We Need Security?
In the ever changing world of global data communications, inexpensive Internet connections, and fastpaced software development, security is becoming more and more of an issue. Security is now a basic requirement because global computing is inherently insecure. As your data goes from point A to point B on the Internet, for example, it may pass through several other points along the way, giving other users the opportunity to intercept, and even alter it. It does nothing to protect your data center, other servers in your network, or a malicious user with physical access to your EnGarde system.
Security Models :
1. No Security
In this simplest case, the approach could be a decision to implement no security at all.
2. Security through Obscurity
In this model, a system is secure simply because nobody knows about its existence and contents. This approach cannot work for too long, as there are many ways an attacker can come to know bout it.
3. Host Security
In this scheme, the security for each host is enforced individually. This is a very safe approach, but the trouble is that it cannot scale well. The complexity and diversity of modem sites/organizations makes the task even harder.
4. Network Security
Host security is tough to achieve as organizations grow and become more diverse. In this technique, the focus is to control network access to various hosts and their services, rather than individual host security. This is a very efficient and scalable model.
PRINCIPLES OF SECURITY :
Why Do We Need Security?
In the ever changing world of global data communications, inexpensive Internet connections, and fastpaced software development, security is becoming more and more of an issue. Security is now a basic requirement because global computing is inherently insecure. As your data goes from point A to point B on the Internet, for example, it may pass through several other points along the way, giving other users the opportunity to intercept, and even alter it. It does nothing to protect your data center, other servers in your network, or a malicious user with physical access to your EnGarde system.
Security Models :
1. No Security
In this simplest case, the approach could be a decision to implement no security at all.
2. Security through Obscurity
In this model, a system is secure simply because nobody knows about its existence and contents. This approach cannot work for too long, as there are many ways an attacker can come to know bout it.
3. Host Security
In this scheme, the security for each host is enforced individually. This is a very safe approach, but the trouble is that it cannot scale well. The complexity and diversity of modem sites/organizations makes the task even harder.
4. Network Security
Host security is tough to achieve as organizations grow and become more diverse. In this technique, the focus is to control network access to various hosts and their services, rather than individual host security. This is a very efficient and scalable model.
PRINCIPLES OF SECURITY :
The principle of confidentiality specifies that only the sender and the intended recipient(s) should be able to access the contents of a message. Confidentiality gets compromised if an unauthorized person is able to access a message. Interception causes loss of message confidentiality.
Authentication
Authentication mechanisms help establish proof of identities. The authentication process ensures that the origin of an electronic message or document is correctly identified. Fabrication is possible in absence of proper authentication mechanisms.
Integrity
When the contents of a message are changed after the sender sends it, but before it reaches the intended recipient, we say that the integrity of the message is lost. Modification causes loss o f message integrity.
Non-repudiation
There are situations where a user sends a message, and later on refuses that she had sent that message.
Access Control
The principle of access control determines who should be able to access what.
Availability
The principle of availability states that resources (i.e. information) should be available to authorized parties at all times. OSI standard for Security Model
• Authentication
• Access control
• Non-repudiation
• Data integrity
• Confidentiality
• Assurance or availability
• Notarization or signature
Computer Security : Introduction, Need
for security, Principles of Security, Types of Attacks Cryptography : Plain
text and Cipher Text, Substitution techniques, Caesar Cipher, Mono-alphabetic
Cipher, Polygram, Polyalphabetic Substitution, Playfair, Hill Cipher,
Transposition techniques, Encryption and Decryption, Symmetric and Asymmetric Key
Cryptography, Steganography, Key Range and Key Size, Possible Types of Attacks
Symmetric Key Algorithms and AES:
Algorithms types and modes, Overview of Symmetric key Cryptography, Data
Encryption Standard (DES), International Data Encryption Algorithm (IDEA), RC4,
RC5, Blowfish, Advanced Encryption Standard (AES)
Asymmetric Key Algorithms, Digital Signatures
and RSA: Brief history of Asymmetric Key Cryptography, Overview of Asymmetric
Key Cryptography, RSA algorithm, Symmetric and Asymmetric key cryptography
together, Digital Signatures, Knapsack Algorithm, Some other algorithms
(Elliptic curve cryptography, ElGamal, problems with the public key exchange)
--------------------------------------------------------------------Computer Security :
The meaning of the term computer
security has evolved in recent years. Before the problem of data security
became widely publicized in the media, most people’s idea of computer security
focused on the
physical machine. Traditionally, computer facilities have been physically protected for three reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
Strict procedures for access to the machine room are used by most organizations, and these procedures are often an organization’s only obvious computer security measures. Today, however, with pervasive
remote terminal access, communications, and networking, physical measures rarely provide meaningful protection for either the information or the service; only the hardware is secure. Nonetheless, most computer facilities continue to protect their physical machine far better than they do their data, even when the value of the data is several times greater than the value of the hardware.
physical machine. Traditionally, computer facilities have been physically protected for three reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
Strict procedures for access to the machine room are used by most organizations, and these procedures are often an organization’s only obvious computer security measures. Today, however, with pervasive
remote terminal access, communications, and networking, physical measures rarely provide meaningful protection for either the information or the service; only the hardware is secure. Nonetheless, most computer facilities continue to protect their physical machine far better than they do their data, even when the value of the data is several times greater than the value of the hardware.
Why Do We Need Security?
In the ever changing world of global data communications, inexpensive Internet connections, and fastpaced software development, security is becoming more and more of an issue. Security is now a basic requirement because global computing is inherently insecure. As your data goes from point A to point B on the Internet, for example, it may pass through several other points along the way, giving other users the opportunity to intercept, and even alter it. It does nothing to protect your data center, other servers in your network, or a malicious user with physical access to your EnGarde system.
Security Models :
1. No Security
In this simplest case, the approach could be a decision to implement no security at all.
2. Security through Obscurity
In this model, a system is secure simply because nobody knows about its existence and contents. This approach cannot work for too long, as there are many ways an attacker can come to know bout it.
3. Host Security
In this scheme, the security for each host is enforced individually. This is a very safe approach, but the trouble is that it cannot scale well. The complexity and diversity of modem sites/organizations makes the task even harder.
4. Network Security
Host security is tough to achieve as organizations grow and become more diverse. In this technique, the focus is to control network access to various hosts and their services, rather than individual host security. This is a very efficient and scalable model.
PRINCIPLES OF SECURITY :
- Let us assume that a person A wants to send a check worth $100 to another person B. Normally, what are the factors that A and B will think of, in such a case? A will write the check for $100, put it inside an envelope, and send it to B.
- A will like to ensure that no one except B gets the envelope, and even if someone else gets it, he/she does not come to know about the details of the check. This is the principle of confidentiality.
- A and B will further like to make sure that no one can tamper with the contents of the check (such as its amount, date, signature, name of the payee, etc.). This is the principle of integrity. B would like to be assured that the check has indeed come from A, and not from someone else posing as A (as it could be a fake check in that case). This is the principle of authentication.
- What will happen tomorrow if B deposits the check in his/her account, the money is transferred from A’s account to B’s account, and then A refuses having written/sent the check? The court oflaw will use A’s signature to disallow A to refute this claim, and settle the dispute. This is the principle of non-repudiation.These are the four chief principles of security. There are two more: access control and availability, which are not related to a particular message, but are linked to the overall system as a whole.
Why Do We Need Security?
In the ever changing world of global data communications, inexpensive Internet connections, and fastpaced software development, security is becoming more and more of an issue. Security is now a basic requirement because global computing is inherently insecure. As your data goes from point A to point B on the Internet, for example, it may pass through several other points along the way, giving other users the opportunity to intercept, and even alter it. It does nothing to protect your data center, other servers in your network, or a malicious user with physical access to your EnGarde system.
Security Models :
1. No Security
In this simplest case, the approach could be a decision to implement no security at all.
2. Security through Obscurity
In this model, a system is secure simply because nobody knows about its existence and contents. This approach cannot work for too long, as there are many ways an attacker can come to know bout it.
3. Host Security
In this scheme, the security for each host is enforced individually. This is a very safe approach, but the trouble is that it cannot scale well. The complexity and diversity of modem sites/organizations makes the task even harder.
4. Network Security
Host security is tough to achieve as organizations grow and become more diverse. In this technique, the focus is to control network access to various hosts and their services, rather than individual host security. This is a very efficient and scalable model.
PRINCIPLES OF SECURITY :
- Let us assume that a person A wants to send a check worth $100 to another person B. Normally, what are the factors that A and B will think of, in such a case? A will write the check for $100, put it inside an envelope, and send it to B.
- A will like to ensure that no one except B gets the envelope, and even if someone else gets it, he/she does not come to know about the details of the check. This is the principle of confidentiality.
- A and B will further like to make sure that no one can tamper with the contents of the check (such as its amount, date, signature, name of the payee, etc.). This is the principle of integrity. B would like to be assured that the check has indeed come from A, and not from someone else posing as A (as it could be a fake check in that case). This is the principle of authentication.
- What will happen tomorrow if B deposits the check in his/her account, the money is transferred from A’s account to B’s account, and then A refuses having written/sent the check? The court oflaw will use A’s signature to disallow A to refute this claim, and settle the dispute. This is the principle of non-repudiation.These are the four chief principles of security. There are two more: access control and availability, which are not related to a particular message, but are linked to the overall system as a whole.
The principle of confidentiality specifies that only the sender and the intended recipient(s) should be able to access the contents of a message. Confidentiality gets compromised if an unauthorized person is able to access a message. Interception causes loss of message confidentiality.
Authentication
Authentication mechanisms help establish proof of identities. The authentication process ensures that the origin of an electronic message or document is correctly identified. Fabrication is possible in absence of proper authentication mechanisms.
Integrity
When the contents of a message are changed after the sender sends it, but before it reaches the intended recipient, we say that the integrity of the message is lost. Modification causes loss o f message integrity.
Non-repudiation
There are situations where a user sends a message, and later on refuses that she had sent that message.
Access Control
The principle of access control determines who should be able to access what.
Availability
The principle of availability states that resources (i.e. information) should be available to authorized parties at all times. OSI standard for Security Model
• Authentication
• Access control
• Non-repudiation
• Data integrity
• Confidentiality
• Assurance or availability
• Notarization or signature
No comments
Post a Comment