Information and network security 5 security attacks mechanisms and services
- 1. Information and Network Security: Prof Neeraj Bhargava Vaibhav Khanna Department of Computer Science School of Engineering and Systems Sciences Maharshi Dayanand Saraswati University Ajmer
- 2. Threat • In the literature, the terms threat and attack are commonly used to mean more or less the same thing. Table 1.1 provides definitions taken from RFC 2828, Internet Security Glossary. • Threat - A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.
- 3. Attack • Attack - An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
- 4. Aspects of Security • consider 3 aspects of information security: • security attack • security mechanism • security service • note terms • threat – a potential for violation of security • attack – an assault on system security, a deliberate attempt to evade security services
- 5. Security attack • The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as follows: • • Security attack: Any action that compromises the security of information owned by an organization. • Network security attacks are unauthorized actions against private, corporate or governmental IT assets in order to destroy them, modify them or steal sensitive data. • As more enterprises invite employees to access data from mobile devices, networks become vulnerable to data theft or total destruction of the data or network.
- 6. Security mechanism • • Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. • • Previously, organizations would attempt to prevent network attacks by using network security tools such as firewalls or intrusion detection systems. While these still have their place, they are no match for modern day security attacks,
- 7. Security mechanism • for example modern Distributed Denial of Service (DDoS) attacks, as these attack on a much deeper level. • These traditional perimeter-based solutions rely on a “castle and moat” method whereby anybody who manages to penetrate the network is automatically trusted, rather than authenticated before entering. These may introduce new threats due to improper configuration is sub-standard patching.
- 8. Security mechanism • Enterprises may also carry out vulnerability management and penetration testing. These help to meet compliance requirements and help to address gaps in information security, but they are very resource consuming. For a fully scalable, multi-layered defense solution, companies should invest in cloud security solutions.
- 9. Security service • Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
- 10. Assignment • Explain the 3 aspects of information security security attack, security mechanism and security service