‘Network Security Essentials: Applications and Standards’, by Dr. William Stallings
There is a systematic way of defining security requirements —
X.800 Security Architecture for OSI
1. The architecture defines,
a. Attack
b. Service — detecting and preventing Attacks
c. Mechanism — implements Service
2. Attack
a.Passive Attack
i. Release of message contents
ii. Traffic Analysis
It’s almost impossible to detect. Normally we just prevent it, by encryption.
b.Active Attack
i.Masquerade
ii.Replay
iii.Modification
iv.Denial of Service
As for this kind of task, we emphasize on "detection and recovery"
3. Service
a. Authentication
b. Access Control
c. Data Confidentiality
d. Nonrepudiation
e. Availability Service
4. We’ll cover Mechanisms in the subsequent articles.