Data Security: Threats & Countermeasures for Confidentiality, Integrity, and Availability, Slides of Information Security and Markup Languages

An overview of data and information security, focusing on computer and network security. It discusses various security goals, attacks threatening confidentiality, integrity, and availability, and countermeasures. Topics include encryption, traffic padding, access control, and denial of service attacks.

Typology: Slides

2021/2022

Uploaded on 12/25/2022

haris-zahoor
haris-zahoor 🇵🇰

2 documents

1 / 19

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Data & Information Security
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13

Partial preview of the text

Download Data Security: Threats & Countermeasures for Confidentiality, Integrity, and Availability and more Slides Information Security and Markup Languages in PDF only on Docsity!

Data & Information Security

Security

  • (^) Freedom from risk, doubt or fear
    • (^) Something that assures safety Security Computer Security Network Security

Network Security

  • (^) Covers any computer(s) connected to the

network and flow of data communication

between two or more nodes in the network or

outside the network.

  • (^) Viruses and worms
  • (^) Spywares
  • (^) Service attacks
  • (^) Hackers

Security Goals

  • (^) Confidentiality: information needs to be hidden from unauthorized access
  • (^) Integrity: protected from unauthorized change
  • (^) Availability: available to an authorized entity when it is needed

Attacks Threatening Confidentiality (2) 2) Traffic Analysis: Although “encipherment” of data may make it nonintelligible (impossible to understand). for the intercepter, he/she can obtain some other type of information i.e.;

  • (^) electronic address (such as the e-mail address) of the sender or the receiver.
  • (^) collect pairs of requests and responses to help her to guess the nature of the transaction.  (^) Countermeasure
  • (^) Padding ( The insertion of bits into gaps in an information flow is known as traffic padding. This provide to counter traffic analysis attempts .)

Attacks Threatening Integrity

1) Modification:

Attacker modifies the information to make it

beneficial to himself/herself.

  • (^) For example, a customer sends a message to a bank to do some transaction. The attacker intercepts the message and changes the type of transaction to benefit himself/herself.

Attacks Threatening Integrity (3)

3) Replaying

The attacker obtains a copy of a message sent by

a user and later tries to replay it.

  • (^) For example, a person sends a request to bank to ask for payment to the attacker, who has done a job for him/her. The attacker intercepts the message and sends it again to receive another payment from the bank.

Attacks Threatening Integrity (4)

4) Repudiation:

  • (^) Performed by one of the two parties in the

communication: the sender or the receiver.

  • (^) The sender of the message might later deny that he/she has sent the message;
  • (^) The receiver of the message might later deny that he/she has received the message.

Security Service

  • (^) A processing or communication service that is

provided by a system to give a specific kind of

protection to system resources

  • (^) Specific mechanisms are required to implement these services

What is X.

  • (^) Security architecture or service that provides various services to secure network transmission
  • (^) Authentication - assurance that the communicating entity is the same that is claimed
  • (^) Access Control - prevention of the unauthorized use of a resource
  • (^) Data Confidentiality – protection of data from unauthorized disclosure
  • (^) Data Integrity - assurance that data received is as sent by an authorized entity without any false modification
  • (^) Non-Repudiation - protection against denial by one of the parties in a communication

Tasks to implement security service

  • (^) 1. Design an algorithm for performing the security-related transformation (Encryption).
  • (^) 2. Generate the secret information to be used with the algorithm.
  • (^) 3. Develop methods for the distribution and sharing of the secret information.
  • (^) 4. Specify a protocol to be used by the both parties (Sender and receiver) for using security algorithm and secret key.

Network Access Security Model

  • (^) Gatekeeper function
    • (^) includes password-based login procedures that are designed to deny access to all except authorized users

Security Principles to

Follow

 (^) Turn off file sharing  (^) Disable Wi-Fi and Bluetooth if not needed  (^) Turn off automatic and ad hoc connections  (^) Install an antivirus program on all your computers  (^) Think twice before posting your personal information online  (^) Never open an e-mail attachment unless you are expecting it and it is from a trusted source  (^) Install a personal firewall program  (^) Disable file and printer sharing on Internet connection  (^) Always have strong passwords  (^) Limit the amount of information you provide to websites; fill in only required information  (^) Clear your history file when you are finished browsing