2nd presentation slide, Lecture notes of Information Security and Markup Languages

2nd slide of information security ppt

Typology: Lecture notes

2019/2020

Uploaded on 04/14/2020

nitisha-aggarwal-1
nitisha-aggarwal-1 🇮🇳

5 documents

1 / 15

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
INFORMATION SECURITY
Attacks on Computers and Computer
Security
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download 2nd presentation slide and more Lecture notes Information Security and Markup Languages in PDF only on Docsity!

INFORMATION SECURITY

Attacks on Computers and Computer

Security

Attacks on Computers and Computer Security:

  • (^) Introduction,
  • (^) The need for security,
  • (^) Security approaches,
  • (^) Principles of security,
  • (^) Types of Security attacks,
  • (^) Security services,
  • (^) Security Mechanisms,
  • (^) A model for Network Security

Principle/Goals Of Security

  • (^) These r the 4 chief principles of security.

1. Confidentiality:- Is msg seen by someone else?

2. Authentication:- Do u trust the sender of msg?

3. Integrity:- Is the meg changed during transmit?

4. Non-repudiation:- Can sender refute the msg?

  • (^) Above principles r related to a particular message.
  • (^) There r 2 more linked to overall system as a

whole.

5. Access Control:- Who can Access what? [ACL]

6. Availability:- Information should be available

timely.

Confidentiality

  • (^) Confidentiality is the process of preventing disclosure of information to unauthorized individuals or systems. Examples: Credit card
  • (^) Confidentiality is necessary, but not sufficient to maintain privacy

Authenticity

  • (^) In computing, e-Business and information security it is necessary to ensure that the data , transactions, communications or documents (electronic or physical) are genuine (i.e. they have not been forged or fabricated.) Examples: Passport, Credit card Accounts, academic transcripts

Fabrication is possible in absence of proper authentication

Modification Causes Loss of Message integrity

Non-Repudiation

  • (^) It is a complex term used to describe the lack of deniability of ownership of a message, piece of data, or Transaction. Examples: Proof of an ATM transaction, a stock trade, or an email

Access Control

  • (^) Role Management->User Side->Which user

can do what.

  • (^) Rule Management->Resource Side->Which

resources r accessible and under what

circumstances.

  • (^) Access Control List is subset of Access Control

Matrix.

Availability

  • (^) For any information/system to serve its purpose,
  • (^) The information must be accessible & usable when it is needed.
  • (^) Computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. Examples: Power outages, Hardware failures, System upgrades and Preventing denial-of-service attacks