Search in the document preview
System and Network Security
Any action that compromises the security of information owned by an organization.
Passive Attacks are those wherein the attacker indulges in monitoring the data which is in transit.
The attacker does not attempt to modify the data.
That’s why they are hard to detect. Only prevention can be done rather than detection or corrective steps.
Passive Attacks do not involve any modification
to the contents of an original message .
Again divided into 2 sub categories:-
1.) Release of message contents
2.) Traffic Analysis.
The active attacks are based on the modification of the original message in some particular manner or on creation of a false message.
These attacks cannot be prevented easily. However efforts can be taken to detect them and recover
In Active Attacks the contents of the original
message are modified in some way.
These attacks can be in the form of :-
4.) Denial of Service
Security Services are something that enhances the security of the data processing systems and the
information transfers of an organization
It helps establish proof of identities.
Access Control Who should be able to access what.
Data Confidentiality Only the sender and the intended receiver should access the
Data Integrity The contents of the message should remain same when the
receiver receives it.
Had done the work but denies it.
Resources should be available to all authenticated persons who need them.
A mechanism that is designed to detect, prevent, or recover from a security attack
Encipherment mathematical algorithms
Digital Signature recipient of the data unit to prove
Access Control Data Integrity Authentication Exchange Traffic Padding frustrate traffic analysis attempts by bogus data
Routing Control Notarization trusted third party
Trusted Functionality Security Label Event Detection Security Audit Trial examination of system records and activities