0% found this document useful (0 votes)

19 views

Lecture 08

Network security focuses on protecting computer networks from cyber threats and attacks, aiming to prevent unauthorized access, detect breaches, and ensure secure access for authorized users. Key security goals include confidentiality, integrity, and availability, which must be balanced as they often conflict. Various types of security attacks, such as interruption, interception, modification, and fabrication, pose risks to these goals, necessitating a range of defense methods including prevention, deterrence, detection, and recovery.

Uploaded by

krimzonking782

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

19 views

Lecture 08

Uploaded by

krimzonking782

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 29

Network Security

Lecture 8
What’s about Security

 Why to secure something?

 Valuable assets to protect
 How to secure?
 Place in a safe place
 Guarding
 How strong of protection?
 May implement several layers
 May be complex locks system
 May need multiple parties to grant access
Principle of Adequate Protection

Computer items must be protected

to a degree consistent with their
value
Security in Computing System

 Computing System
 Collection of
 Hardware
 Software
 Storage
 Data
 People
5 Background

 Information Security requirements have changed in recent times

 traditionally provided by physical and administrative mechanisms
 computer use requires automated tools to protect files and other stored
information
 use of networks and communications links requires measures to protect
data during transmission
6 Definitions

 Computer Security - generic name for the collection of tools designed to

protect data and to thwart hackers
 Network Security - measures to protect data during their transmission
 Internet Security - measures to protect data during their transmission over a
collection of interconnected networks
What is network security?

 Network security is the field of cybersecurity focused on protecting

computer networks and systems from internal and external cyberthreats
and cyberattacks.
 Network security has three chief aims:
 to prevent unauthorized access to network resources;
 to detect and stop cyberattacks and security breaches in progress;
 and to ensure that authorized users have secure access to the network resources
they need, when they need them.
Security Goals
Security Goal: Confidentiality

 Only authorized people or system can access protected data

 Ensuring the confidentiality can be difficult!

 More to concern
 Access : a single bit or the whole collection?
 Disclose to other parties prohibit?
Security Goal: Integrity

 Several meanings
 Precise
 Accurate
 Unmodified
 Modified in acceptable way
 Consistent

 May cover two or more of above properties

Security Goal: Availability

 Several properties
 Present in a usable form
 Enough capacity to meet the service’s needs
 Bounded waiting time
 Completed services in an acceptable period of time

 System is well available if :-

 Timely response to a request
 Generalized fairly allocate resources
 Fault tolerance (graceful cessation instead of crash or abrupt)
 Easily to be used
 Concurrency is controlled (simultaneous, deadlock management, exclusive access)
Security Goals:
Relationship of Security Goals
 A secure system must meet all three requirements.
 The challenge is how to find the right balance among the goals, which often conflict:
 For example, it is easy to preserve a particular object's confidentiality in a secure system simply
by preventing everyone from reading that object
 However, this system is not secure, because it does not meet the requirement of availability for
proper access
 => There must be a balance between confidentiality and availability
Threats, Controls, and Vulnerabilities

 A threat is blocked by control of a vulnerability

System Security Threats
Security Attack
 Any action that compromises the security of
information owned by an organization
 Information security is about how to prevent
attacks, or failing that, to detect attacks on
information-based systems
 Should include a wide range of attacks
 Can focus of generic types of attacks
 Note: often threat & attack mean same

15
Categories of Security Attacks
 Interruption
 Attack on availability

 Interception
 Attack on confidentiality

 Modification
 Attack on integrity

 Fabrication
 Attack on authenticity

16
Normal Flow
 Normal Flow is the flow of information from an
information source, such as a file, or a region of
main memory, to a destination, such as another file
or user.