0% found this document useful (0 votes)
29 views18 pages

1 Overview

This document provides an overview of network security concepts. It discusses key security challenges, terminology, functional requirements like access control and integrity, security architecture frameworks, common attacks and countermeasures, and an effective security strategy of specifying policies, implementing mechanisms, and ensuring correctness through assurance and evaluation.

Uploaded by

Maged Magdy
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
29 views18 pages

1 Overview

This document provides an overview of network security concepts. It discusses key security challenges, terminology, functional requirements like access control and integrity, security architecture frameworks, common attacks and countermeasures, and an effective security strategy of specifying policies, implementing mechanisms, and ensuring correctness through assurance and evaluation.

Uploaded by

Maged Magdy
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 18

Network Security

Chapter 1 – Overview

Lecture slides by Lawrie Brown


Overview
Computer Security: protection afforded
to an automated information system in
order to attain the applicable objectives of
preserving the integrity, availability and
confidentiality of information system
resources (includes hardware, software,
firmware, information/data, and
telecommunications).
Key Security Concepts
Computer Security Challenges
1. not simple
2. must consider potential attacks
3. procedures used counter-intuitive
4. involve algorithms and secret info
5. must decide where to deploy mechanisms
6. battle of wits between attacker / admin
7. not perceived on benefit until fails
8. requires regular monitoring
9. too often an after-thought
10. regarded as impediment to using system
Security Terminology
Vulnerabilities and Attacks
 system resource vulnerabilities may
 be corrupted (loss of integrity)
 become leaky (loss of confidentiality)
 become unavailable (loss of availability)
 attacks are threats carried out and may be
 passive
 active
 insider
 outsider
Countermeasures
 means used to deal with security attacks
 prevent
 detect
 recover
 may result in new vulnerabilities
 will have residual vulnerability
 goal is to minimize risk given constraints
Threat Consequences
 unauthorized disclosure
 exposure, interception, inference, intrusion
 deception
 masquerade, falsification, repudiation
 disruption
 incapacitation, corruption, obstruction
 usurpation
 misappropriation, misuse
Scope of Computer Security
Network Security Attacks
 classify as passive or active
 passive attacks are eavesdropping
 release of message contents
 traffic analysis
 are hard to detect so aim to prevent
 active attacks modify/fake data
 masquerade
 replay
 modification
 denial of service
 hard to prevent so aim to detect
Security Functional
Requirements
 technical measures:
 access control; identification & authentication; system &
communication protection; system & information integrity
 management controls and procedures
 awareness & training; audit & accountability; certification,
accreditation, & security assessments; contingency
planning; maintenance; physical & environmental
protection; planning; personnel security; risk assessment;
systems & services acquisition
 overlapping technical and management:
 configuration management; incident response; media
protection
X.800 Security Architecture
 X.800, Security Architecture for OSI
 systematic way of defining requirements
for security and characterizing approaches
to satisfying them
 defines:
 security attacks - compromise security
 security mechanism - act to detect, prevent,
recover from attack
 security service - counter security attacks
Security Taxonomy
Security Trends
Computer Security Losses
Security Technologies Used
Computer Security Strategy
 specification/policy
 what is the security scheme supposed to do?
 codify in policy and procedures
 implementation/mechanisms
 how does it do it?
 prevention, detection, response, recovery
 correctness/assurance
 does it really work?
 assurance, evaluation
Summary
 security concepts
 terminology
 functional requirements
 security architecture
 security trends
 security strategy

You might also like