Cryptography and Network Security Chapter 1. Fifth Edition by William Stallings . Security : is ensuring the (Secrecy) confidentiality, data integrity and availability of components of computing system. Cryptographic algorithms and protocols can be grouped into four main areas:. Definitions.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
by William Stallings
Computer Security four main areas:
Key Security Concepts four main areas:
Levels of Impact four main areas:
• To protect computer assets from:
– Human errors, natural disasters, physical and electronic maliciousness.
• Confidentiality, Integrity, Availability
(Ensuring that the system is only accessible by authorized parties.)
• Assures that systems work promptly and service is not denied to authorized users
denied access to information and resources
• Ensuring that the computer works when it
is supposed to work and that it works the
way it should.
(access tocomputing resources without difficulties.)
– Ensuring that communication parties can't
later deny that the exchange took place (or
when the exchange took place).
– Ensuring that resources are not used by
unauthorized parties or in unauthorized ways.
Unauthorized disclosure of data ,modification of data or Denial legitimate access to computing
• Attack: an assault on system security, a deliberate attempt to evade security services
(Attempt to exploit a vulnerability.)
Cut wire lines,
Jam wireless signals,
3 four main areas:.Modification:unauthorized changing of data or tempering with services, such as alteration of data, modification of messages, etc.
4. Fabrication: four main areas:additional data or activities are generated that would normally no exist, such as adding a password to a system, replaying previously send messages, etc.
Also called impersonation
Are in the nature of eavesdropping on, or monitoring of, transmissions
Goal of the opponent is to obtain information that is being transmitted
“a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”
“a processing or communication service provided by a system to give a specific kind of protection to system resources”
There are two specific authentication services defined in X.800: