Scribd
Upload
1K views8 pages

Security Services: Defined by X.800 As

This document defines and describes various security services including authentication, access control, data confidentiality, data integrity, and nonrepudiation. Authentication ensures the identity of communicating entities. Access control prevents unauthorized access to resources. Data confidentiality and integrity protect data from unauthorized disclosure or modification. Nonrepudiation provides proof of participation in communications to prevent later denial. These services help ensure security and protection of systems and data transfers.

Uploaded by

Dharma Reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1K views8 pages

Security Services: Defined by X.800 As

This document defines and describes various security services including authentication, access control, data confidentiality, data integrity, and nonrepudiation. Authentication ensures the identity of communicating entities. Access control prevents unauthorized access to resources. Data confidentiality and integrity protect data from unauthorized disclosure or modification. Nonrepudiation provides proof of participation in communications to prevent later denial. These services help ensure security and protection of systems and data transfers.

Uploaded by

Dharma Reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Security Services

Defined by X.800 as:


• A service provided by a protocol layer of communicating
open systems and that ensures adequate security of the
systems or of data transfers
Defined by RFC 4949 as:
• A processing or communication service provided by a
system to give a specific kind of protection to system
resources
Security Services (X.800) (1 of 7)

Authentication
• The assurance that the communicating entity is the one
that it claims to be.
Peer Entity Authentication
• Used in association with a logical connection to provide
confidence in the identity of the entities connected.
Data-Origin Authentication
• In a connectionless transfer, provides assurance that the
source of received data is as claimed.
Security Services (X.800) (2 of 7)

Access Control
• The prevention of unauthorized use of a resource (i.e.,
this service controls who can have access to a resource,
under what conditions access can occur. and what those
accessing the resource are allowed to do).
Data Confidentiality
• The protection of data from unauthorized disclosure.
Connection Confidentiality
• The protection of all user data on a connection.
Security Services (X.800) (3 of 7)

Connectionless Confidentiality
• The protection of all user data in a single data block
Selective-Field Confidentiality
• The confidentiality of selected fields within the user data
on a connection or in a single data block.
Traffic-Flow Confidentiality
• The protection of the information that might be derived
from observation of traffic flows.
Security Services (X.800) (4 of 7)

Data Integrity
• The assurance that data received are exactly as sent by
an authorized entity (i.e., contain no modification,
insertion, deletion, or replay).
Connection Integrity with Recovery
• Provides for the integrity of all user data on a connection
and detects any modification. Insertion, deletion, or
replay of any data within an entire data sequence, with
recovery attempted.
Security Services (X.800) (5 of 7)
Connection Integrity without Recovery
• As above, but provides only detection without recovery.
Selective-Field Connection Integrity
• Provides for the integrity of selected fields within the user data of a
data block transferred over a connection and takes the form of
determination of whether the selected fields have been modified,
inserted, deleted, or replayed.
Connectionless Integrity
• Provides for the integrity of a single connectionless data block and
may take the form of detection of data modification. Additionally, a
limited form of replay detection may be provided.
Security Services (X.800) (6 of 7)

Selective-Field Connectionless Integrity


• Provides for the integrity of selected fields within a single
connectionless data block; takes the form of
determination of whether the selected fields have been
modified.
Nonrepudiation
• Provides protection against denial by one of the entities
involved in a communication of having participated in all
or part of the communication.
Security Services (X.800) (7 of 7)

Nonrepudiation, Origin
• Proof that the message was sent by the specified party.
Nonrepudiation, Destination
• Proof that the message was received by the specified art.

You might also like