Beruflich Dokumente
Kultur Dokumente
Computer security
The generic term for the collection of tools designed
Computer Security.
It includes :
information security
Network security
Internet security
Bob message Alice
Bob message Alice
Attacker or
intruder
Threat Attack
A potential for An assault on system
violation of security security
A possible danger that An intelligent act or
might exploit a deliberate attempt to
vulnerability. evade security
Eg : no password services and security
security policy.
Eg: a hacker
destroying files.
OSI Security Architecture
OpenSource Interconnection (OSI)
is an international standard for
computer network communications.
Masquerade
Modification
Denial of Service
Passive Attack – Release of messages
Passive Attack: Traffic Analysis
Active Attack: masquerade
Active Attack: Replay
Active Attack: Modification
Active Attack: DoS – Denial of Service
Handling Attacks
Specific Pervasive
Digital Trusted
Encipherment Security label
signature functionality
Access Event
Data integrity Security audit
control detection
Routing
notarization
control
Specific security mechanisms
1. Encipherment – Use mathematical algorithm to encrypt data
6. Traffic padding – to insert some bits into gaps to frustrate traffic analysis
1. Authentication
2. Access Control
3. Data Confidentiality
4. Data Integrity
5. NonRepudiation
6. Availability
1. Authentication
Nonrepudiation, Origin
Proof that the message was sent by the specified party
Nonrepudiation, Destination
Proof that the message was received by the specified party
6. Availability Service
4)Specify a protocol
Classical Encryption
Techniques
Classical Symmetric Encryption
Techniques
Substitution techniques
Caesar cipher
Mono alphabetic cipher
Play fair cipher
Poly alphabetic ciphers
Vigenere cipher
Hill cipher
One-time Pad
Transposition techniques
Rail fence technique