Beruflich Dokumente
Kultur Dokumente
• Evidences have been revealed about the deployment of cryptography since the emergence of the Egyptian civilization
• Commonly required for diplomacy, during war and for individual or corporate privacy (Vaudenay, 2006)
• Privacy • Cleartext
• Cryptanalysis, cryptographic
Security attack:
Any action that compromises the security of information owned by an organization.
Security mechanism:
A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security
attack.
Security service
A processing or communication service that enhances the security of the data processing systems and the
information transfers of an organization. The services are intended to counter security attacks, and they make use of
one or more security mechanisms to provide the service.
Threat Attack
A potential for violation of security, which An assault on system security that derives from
exists when there is a circumstance, capability, an intelligent threat; that is, an intelligent act
action, or event that could breach security and that is a deliberate attempt (especially in the
cause harm. That is, a threat is a possible sense of a method or technique) to evade
danger that might exploit a vulnerability. security services and violate the security policy
of a system.
Attempts to learn or make use of information Involve some modification of the data stream
from the system but does not affect system or the creation of a false stream.
resources. An active attack attempts to alter
1. Masquerade
system resources or affect their operation.
2. Replay
1. Release of message content
3. Modification of messages
Internet or
other communication facility
BOB ALICE
DARTH
Internet or
other communication facility
BOB ALICE
DARTH
Internet or
other communication facility
BOB ALICE
DARTH
Internet or
other communication facility
BOB ALICE
DARTH
Internet or
other communication facility
BOB ALICE
DARTH
Internet or
other communication facility Server
BOB
DARTH
AUTHENTICATION
The assurance that the communicating entity is the one that it claims to be.
ACCESS CONTROL
The prevention of unauthorized use of a resource
DATA CONFIDENTIALITY
The protection of data from unauthorized disclosure.
DATA INTEGRITY
The assurance that data received are exactly as sent by an authorized entity
NONREPUDIATION
Provides protection against denial by one of the entities involved in a communication of having participated in all or
part of the communication.
May be incorporated into the appropriate protocol layer Mechanisms that are not specific to any particular OSI
in order to provide some of the OSI security services. security service or protocol layer.
• Encipherment • Trusted Functionality
• Digital Signature • Security Label
• Access Control • Event Detection
• Data Integrity • Security Audit Trail
• Authentication Exchange • Security Recovery
• Traffic Padding
• Routing Control
• Notarization
Mechanism
Service Digital Access Data Authentication Traffic Routing
Encipherment Notarization
Signature Control Integrity Exchange Padding Control
Access control Y
Confidentiality Y Y
Data integrity Y Y Y
Nonrepudiation Y Y Y
Availability Y Y
Vaudenay, S. (2006). A classical introduction to cryptography: Applications for communications security. Springer Science
& Business Media.