Osi Security Architecture Delivery by Joel Anandraj.E Ap/It
Osi Security Architecture Delivery by Joel Anandraj.E Ap/It
2
Services, Mechanisms, Attacks
It considers three aspects of information security:
security attack
security mechanism
security service
3
Security Attack
Any action that compromise the security of
information.
Threat & attack used to mean same thing can be classified as,
Passive Attack
Active Attack
4
Passive Attacks
Passive attacks attempt to learn or make use of
information from the system but does not affect system
resources.
5
Release of message contents
6
Traffic analysis
7
Active attacks
Active attacks attempt to alter system resources or affect
their operation.
Easy to detect because they will involve alteration of the
data.
8
Masquerade
A masquerade takes place when one entity pretends
to be a different entity
9
Replay
10
Modification of messages
11
Denial of service
12
Security Mechanism
A mechanism that is designed to detect, prevent, or recover
from a security attack.
13
Encipherment
The use of mathematical algorithm to transform data into a
another form that is not understandable.
14
Digitalsignature
A valid digital signature gives a recipient reason to believe
that the message was created by a known sender.
15
Access control
A variety of mechanisms that enforce access right to resource.
16
Data integrity
A variety of mechanism used to assure the integrity of a data
unit.
17
Traffic padding
The insertion of bits into gaps in a data stream to avoid traffic
analysis attempts.
18
Routing control
Enables selection of particular physically secure routes for data.
19
Notarization
The use of a trusted third party to assure certain
properties of a data exchange.
20
Security service
A service that enhances the security of data processing
systems and information transfers.
21
Security Services
Authentication
Access control
Data Confidentiality
Data Integrity
Non-Repudiation
22
Authentication
Authentication is a process of verification of the sender.
23
Access Control
Prevention of the unauthorized use of a resource
24
Data Confidentiality
Protection of data from unauthorized disclosure.
25
Data Integrity
Assurance that data received is as sent by an authorized entity
26
Non-Repudiation
Nonrepudiation prevents either sender or receiver from
denying a transmitted message.
27