Cryptography and Network Security Overview and Chapter 1, Study notes of Computer Networks

A reader's guide for the fifth edition of Cryptography and Network Security by William Stallings. It provides an introduction to computer security and the levels of impact from a security breach. The document also covers aspects of security and the OSI security architecture. It includes examples of security requirements and computer security challenges. a combination of lecture notes and study notes and could be useful for a university student preparing for an exam or writing an assignment.

Typology: Study notes

2021/2022

Uploaded on 05/11/2023

myboy
myboy 🇺🇸

4.4

(76)

260 documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
CryptographyandNetwork
Security
Overview&Chapter1
FifthEdition
byWilliamStallings
LectureslidesbyLawrieBrown
Chapter0 Reader’sGuide
Theartofwarteachesustorelynotonthe
likelihoodoftheenemy'snotcoming,buton
ourownreadinesstoreceivehim
;
notonthe
;
chanceofhisnotattacking,butratheronthe
factthatwehavemadeourposition
unassailable.
TheArtofWar,SunTzu
Roadmap
Cryptographicalgorithms
symmetricciphers
asymmetricencryption
hash functions
hash
functions
MutualTru st
NetworkSecurity
ComputerSecurity
StandardsOrganizations
NationalInstituteofStandards&Technology
(NIST)
InternetSociety(ISOC)
IilliiUi
I
nternat
i
ona
l
Te
l
ecommun
i
cat
i
on
U
n
i
on
TelecommunicationStandardizationSector
(ITUT)
InternationalOrganizationforStandardization
(ISO)
Chapter1 Introduction
Thecombinationofspace,time,andstrength
thatmustbeconsideredasthebasicelements
of this theory of defense makes this afairly
of
this
theory
of
defense
makes
this
a
fairly
complicatedmatter.Consequently,itisnot
easytofindafixedpointofdeparture..
OnWar,CarlVon Clausewitz
ComputerSecurity
theprotectionaffordedtoanautomated
informationsysteminordertoattainthe
applicableobjectivesofpreservingthe
integrity availability and confidentiality of
integrity
,
availability
and
confidentiality
of
informationsystemresourc es(includes
hardware,software,firmware,
information/data,andtelecommunications)
pf3
pf4

Partial preview of the text

Download Cryptography and Network Security Overview and Chapter 1 and more Study notes Computer Networks in PDF only on Docsity!

Cryptography and Network

Security

Overview & Chapter 1

Fifth Edition by William Stallings

Lecture slides by Lawrie Brown

Chapter 0 – Reader’s Guide

The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him;; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. The Art of War, Sun Tzu

Roadmap

  • Cryptographic algorithms
    • symmetric ciphers
    • asymmetric encryption
    • hash functionshash functions
  • Mutual Trust
  • Network Security
  • Computer Security

Standards Organizations

  • National Institute of Standards & Technology (NIST)
  • Internet Society (ISOC)
  • II nternationali l Telecommunicationl i i U iUnion Telecommunication Standardization Sector (ITU‐T)
  • International Organization for Standardization (ISO)

Chapter 1 – Introduction

  • The combination of space, time, and strength that must be considered as the basic elements of this theory of defense makes this a fairlyof this theory of defense makes this a fairly complicated matter. Consequently, it is not easy to find a fixed point of departure.. On War, Carl Von Clausewitz

Computer Security

  • the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity availability and confidentiality ofintegrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)

Key Security Concepts Levels of Impact

  • can define 3 levels of impact from a security breach - Low - ModerateModerate - High

Examples of Security Requirements

  • confidentiality – student grades
  • integrity – patient information
  • availability – authentication service

Computer Security Challenges

1.1. not simplenot simple 2.2. must consider potential attacksmust consider potential attacks 3.3. procedures used counterprocedures used counter--intuitiveintuitive 4.4. involve algorithms and secret infoinvolve algorithms and secret info 5.5. must decide where to deploy mechanismsmust decide where to deploy mechanisms 6.6. battle of wits between attacker / adminbattle of wits between attacker / admin 7.7. not perceived on benefit until failsnot perceived on benefit until fails 8.8. requires regular monitoringrequires regular monitoring 9.9. too often an aftertoo often an after--thoughtthought 10.10. regarded as impediment to using systemregarded as impediment to using system

OSI Security Architecture

  • ITU‐T X.800 “Security Architecture for OSI”
  • defines a systematic way of defining and providing security requirements
  • for us it provides a useful, if abstract, overview of concepts we will study

Aspects of Security

  • consider 3 aspects of information security:
    • security attack
    • security mechanism
    • security servicesecurity service
  • note terms
    • threat – a potential for violation of security
    • attack – an assault on system security, a deliberate attempt to evade security services

Security Mechanisms (X.800)

• specific security mechanisms:

  • encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization

• pervasive security mechanisms:

  • trusted functionality, security labels, event detection, security audit trails, security recovery

Model for Network Security

Model for Network Security

  • using this model requires us to:
    1. design a suitable algorithm for the security transformation
    2. generate the secret information (keys) used by the algorithm
    3. develop methods to distribute and share the secret information
    4. specify a protocol enabling the principals to use the transformation and secret information for a security service

Model for Network Access Security

Model for Network Access Security

  • using this model requires us to:
    1. select appropriate gatekeeper functions to identify users
    2. implement security controls to ensure only authorised users access designated information or resources

Summary

  • topic roadmap & standards organizations
  • security concepts:
    • confidentiality, integrity, availability
  • X.800 security architecture
  • security attacks, services, mechanisms
  • models for network (access) security