Introduction to Network Security Flashcards
Computer security vs. network security
Computer security (by NIST):
The protection afforded to an automated information system in order to attain the applicable objectives of preserving the Integrity, Availability, and Confidentiality of information system resources.
- C.I.A. of the computer system
- C.I.A. of computer system resources: hardware, software, firmware, information/data, and communication.
Network security:
Distributed computer systems
- using networks and communication facilities to carry data between computers.
Measures to deter, prevent, detect, and correct security violations that involve transmission of information
- computer security
- special focuses
What are some network security objectives?
- Confidentiality
- Integity
- Availability
- Non-repudiation
- Controlability
How can we ensure confidentiality?
- By encrypting each datagram.
- By encrypting the whole “channel” : session, connection, flow.
What can encryption not prevent?
Interception. Suitable ID and authentication mechanisms are needed for this.
What is traffic confidentiality?
Data transmission at both ends. Including protection from traffic analysis (source and destination, frequency, length).
How can the integrity be protected?
The sender can make a message digest, binding the content and the sender ID.
What is connectionless integrity?
A form of data integrity. It deals with individual messages without considering any larger context, and generally provides protection against message modification only.
What is availability?
When a system or system resource is accessible and usable upon demand by an authorised entity
What is non-repudiation?
The ability to prove who the sender and the receiver was
What is controllability?
Data transmission:
- Only the allowed entities can use the allowed resources
- Information flowing, information content
Provides audit and tracing measures
