Before we go further, lets check out what is the meaning of SECURITY!!!!!
SECURITY = Quality or state of being secure that is to be free from danger & to be protected from adversaries
3 SECURITY AREA which are D.P.R:
D- Detection. Example tool is scanner
P- Prevention. Example tools are Firewall, proxy
R- Recovery. Example tool is cryptography
SECURITY ARCHITECTURE
- Defined by ITU-T Recommendation X.800 that called OSI security Architecture.
- Useful to manager as a way of organizing the task of providing security.
- It was developed as an international standard, computer and communication vendors have developed security features for their products and services that relate to the structured definition of services and mechanisms.
- Focus on security attacks, security mechanisms and security services.
3 SECURITY PRINCIPLES which are C.I.A:
C- Confidentiality
I- Integrity
A- Availability
SECURITY POLICY = Set of rules to apply to security relevant activities in a security domain. There are THREE level of security which are Objectives, Organizational and System.
2 type of SECURITY ATTACKS:
Passive Attack - Monitoring the transmission
Category : Release of message content and traffic analysis
Active Attack - involved modification of the data
Category : masquerade, replay, Denial of Services (DoS)
METHODS OF DEFENSE:
Prevent - by block or close the attack
Deter - making the attack harder
Deflect - making another target more effective
Recover - from effects
Methods of defense in control are including encryption, software control,hardware control, policies and physical control. The definition of encrytion of ENCRYPTION is the formal name for scrambling data so that interpretation is meaningless without the intruder’s knowing how the scrambling was done.Furthermore, encryption is the basis of protocols that enable us to provide security while accomplishing an important system or network task. It clearly addresses the need for confidentiality data and can be used to ensure integrity.
Software Controls can be divided into
Internal Program Control, OS and Network Sytem Control, Independent Control and Development Control.
Hardware Controls are the hardware devices used in providing the computer security. For examples
smart card implementations of encryption, lock or cable limiting access, Firewall, Intrusion detection systems and many more...:-)
Besides software and hardware control, Policies and Procedure Controls are very important to support the importance of security policy and ensure their proper use.
"Controls must be used and used properly to be effective". Basically, there are several aspect that need to be considered when enhance the effectiveness of controls such as awareness of the problems, probability of use overlapping controls and periodic review.
SECURITY SERVICES
Here are some definition of the security services that are defined from X.800 and also RFC 2828
X.800: A security service as a service provided by a protocol layer of communicating open systems which ensure adequate security of the systems or of data transfers.
Service that is provided by a system to give a specific kind of protection to system resources where security services implement security policies and are implemented by security mechanisms.
Authentication
Access Control
Data Confidentiality
Data Integrity
Non-repudiation
Authentication
Authentication is an assurance that the communicating entity is the one claimed. It has 2 specific services which are
peer entity authentication and
data origin authentication.
Access Control
Access control is the prevention of the unauthorized use of a resource. It specific service is to
prevent and authorized use of a resource.
Data Confidentiality
Data confidentiality is the protection of data from unauthorized disclosure. It specific service are
connection confidentiality, connectionless confidentility, selective-field confidentiality and
traffic flow confidentiality.
Data Integrity
Data integrity is assurance that data received is as sent by an authorized entity. It have 5 specific services which are
Connection Integrity with Recovery, Connection Integrity without Recovery,Selective-field Connection Integrity, Connectionless Integrity and
Selective-field Connectionless Integrity.
Non-Repudiation
Non-repudiation is a protection against denial by one of the parties in a communication.There are 2 specific services which are
Nonrepudiation, Origin and
Nonrepudiation, Destination.
SECURITY MECHANISMS
Security mechanisms is any process that is designed to detect, prevent or recover from security attack. It is defined by X.800 to provide and support security services.
This mechanisms can be divided into 2 classes which are:
1. Specific Security Mechanisms
- Authentication exchange
- Data integrity
- Encipherment
- Traffic padding
- Access control
- Digital signature
- Natarization
- Routing Control
2. Pervasive Security Mechanisms
- Trusted functionality
- Security recovery
- Security label
- Security audit trait
- Event detection
Posted by
aziekotani