System and Network Security
System and Network Security
3. Availability: Assures that systems work promptly and service is not denied to
THE OSI SECURITY ARCHITECTURE
Access Control
Data Confidentiality.
Data Integrity
Nonrepudiation, Destination
Security Mechanisms
Encipherment
– The use of mathematical algorithms to transform data into a form
that is not readily intelligible.
Digital Signature
– Data appended to or a cryptographic transformation of a data unit
that allows a recipient of the data unit to prove the source and
integrity of the data unit a protect against forgery (e.g., by the
recipient).
Access Control
– A variety of mechanisms that enforce access rights to resources.
Data Integrity
Authentication Exchange
– A mechanism intended to ensure the identity of an entity by means
of information exchange.
Encryption Techniques
What Is an Intrusion?
A network intrusion is an unauthorized penetration of a computer in your
enterprise or an address in your assigned domain. An intrusion can be
passive (in which penetration is gained stealthily and without detection)
or active (in which changes to network resources are affected).
Hacker vs. Cracker
Hacker - Within the subculture of computer hobbyists and software
enthusiasts, the term “Hacker” usually refers to a particular kind of
programmer.
– Someone who programs creatively
– Someone who programs for pure enjoyment (most programmers
who work on Linux are hackers in this case)
Cracker - Is someone who breaks into computers, often to do
something malicious such as steal credit card information.
Prevent Network And System Intrusions
Backup and Recovery
Controlling User Access
– Authentication,
– Authorization
– Accounting
Closing Ports
Firewall
Antivirus and Antispyware Tools