Ch01 Crypto7e
Ch01 Crypto7e
by William Stallings
Chapter 1
Computer and Network Security
Concepts
measures to deter,
prevent, detect,
and correct security
violations that
involve the
transmission of
information
© 2017 Pearson Education, Ltd., All rights reserved.
Computer Security
The NIST Computer Security Handbook
defines the term computer security as:
Integrity
• Data integrity
• Assures that information and programs are changed only in a
specified and authorized manner
• System integrity
• Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system
Availability
• Assures that systems work promptly and service is not denied
to authorized users
© 2017 Pearson Education, Ltd., All rights reserved.
© 2017 Pearson Education, Ltd., All rights reserved.
Breach of Security
Levels of Impact
• The loss could be expected to have a severe
or catastrophic adverse effect on
organizational operations, organizational
High assets, or individuals
• Security mechanism
• A process (or a device incorporating such a process) that
is designed to detect, prevent, or recover from a security
attack
• Security service
• A processing or communication service that enhances
the security of the data processing systems and the
information transfers of an organization
• Intended to counter security attacks, and they make use
of one or more security mechanisms to provide the
service
© 2017 Pearson Education, Ltd., All rights reserved.
Table 1.1
Threats and Attacks (RFC
4949)
•A passive attack
attempts to learn or make
use of information from
the system but does not
affect system resources
Security
Services
(X.800)
C
A
a
c
n
o
n
n
e
a
c
ti
p
o
n
pl
e
s
sl
y
ni
t
e
gt
orit
y
s
a
e
vr
i
s
c
e
,tr
o
e
n
e
a
m
h t
a
dt
o
e
alf
s
m
w
eit
h
si
s
n
d
ai
v
gi
d
e
u
a
sl
m
e,
s
a
s
a
g
e
s
w i
it
n
h
o
g
u
t
erl
e
g
ar
d
m t
e
o
s
a
n
s
y
al
a
gr
g
e
cr,
o
ot
n
er
x
st,
g
e
n
el
r
el
a
c
y
pt
r
e
o
v
di
d
e
s
f
pri
o
et
e
cl
ti
d
o
n
s
a
g
a
w
n i
sit
t
h
m
e
si
s
n
a
g
e
a
m
o
d
if
m i
c
e
a
ti
s
o
n
s
o
a
n
l
g
y
e
Security
Mechanisms
(X.800)
• NIST is a U.S. federal agency that deals with measurement science, standards, and technology related to U.S. government use and to the
promotion of U.S. private-sector innovation
• Despite its national scope, NIST Federal Information Processing Standards (FIPS) and Special Publications (SP) have a worldwide impact
Internet Society
• ISOC is a professional membership society with world-wide organizational and individual membership
• Provides leadership in addressing issues that confront the future of the Internet and is the organization home for the groups responsible
for Internet infrastructure standards
ITU-T
• The International Telecommunication Union (ITU) is an international organization within the United Nations System in which governments and the private sector coordinate global
telecom networks and services
• The ITU Telecommunication Standardization Sector (ITU-T) is one of the three sectors of the ITU and whose mission is the development of technical standards covering all fields of
telecommunications
ISO
• The International Organization for Standardization is a world-wide federation of national standards bodies from more than 140 countries
• ISO is a nongovernmental organization that promotes the development of standardization and related activities with a view to facilitating the
international exchange of goods and services and to developing cooperation in the spheres of intellectual, scientific, technological, and economic activity
© 2017 Pearson Education, Ltd., All rights reserved.
Summary
• Computer security • Security services
concepts • Authentication
• Definition • Access control
• Examples • Data confidentiality
• Challenges • Data integrity
• Nonrepudiation
• The OSI security
• Availability service
architecture
• Security mechanisms
• Security attacks
• Passive attacks • Fundamental security
• Active attacks design principles