Network Security Essentials — Notes1. Introduction

‘Network Security Essentials: Applications and Standards’, by Dr. William Stallings

There is a systematic way of defining security requirements —
X.800 Security Architecture for OSI

1. The architecture defines,

  a. Attack

  b. Service  — detecting and preventing Attacks

  c. Mechanism — implements Service

2. Attack

   a.Passive Attack

      i. Release of message contents

     ii. Traffic Analysis

  
It’s almost impossible to detect. Normally we just prevent it, by encryption.

 

   b.Active Attack

      i.Masquerade

     ii.Replay

    iii.Modification

     iv.Denial of Service

  
As for this kind of task, we emphasize on "detection and recovery"

3. Service

    a. Authentication

    b. Access Control

    c. Data Confidentiality

    d. Nonrepudiation

    e. Availability Service

4. We’ll cover Mechanisms in the subsequent articles.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.