Network Security cont Flashcards
Key Elements of Security
Security Attack:
Any action that compromises the security of information.
Security Mechanism:
A mechanism that is designed to detect, prevent, or recover from a security attack (e.g. antivirus software).
Security Service:
A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
Security Goals
-Confidentiality (Transmission privacy)
-Integrity (Data has not been altered)
-Authentication knowing who created or sent the data
Security Attacks- Interruption
attack on Availability
Security Attacks - Interception
attack on Confidentiality
Security Attacks - Modification
attack on Integrity
Security Attacks - Modification
attack on Authenticity
Passive Cable Taps
-10BASE5 cable tap
-Passive Spliced Network Tap
-LAN Tap
Types of Security Threats– Passive Threats
-Passive attacks are eavesdropping on, or monitoring (listening) of transmissions
-The goal of the attacker is to obtain the information that is being transmitted (i.e. interception)
Types of Security Threats– Active Threats
-Attempt to cause harm typically through system faults or brute force attack
-Attempt to overload the victim’s computer to the point that it either slows to an unusable crawl, hangs, or completely crashes!
Security Services - Non-repudiation (the order is final)
-The assurance that someone cannot deny something
-Digital Signatures ensure that a message has been electronically signed by the originator
Security Services - Access control
-Levels of access
-Read or write access
Security Services - Availability (permanence, non-erasure)
-Denial of Service Attacks
-Virus that deletes files
Methods of Defence -Encryption
Methods of Defence - Software Controls
-access limitations in a data base,
-operating system protect each user from other users
Methods of Defence - Hardware Controls
-Smartcard access to data,
-Biometrics, finger prints, iris scans
