版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
CryptographyandNetworkSecurity
Overview&Chapter1FifthEditionbyWilliamStallings LectureslidesbyLawrieBrown.Chapter0–Reader’sGuideTheartofwarteachesustorelynotonthelikelihoodoftheenemy'snotcoming,butonourownreadinesstoreceivehim;notonthechanceofhisnotattacking,butratheronthefactthatwehavemadeourpositionunassailable. —TheArtofWar,SunTzu.RoadmapCryptographicalgorithmssymmetricciphersasymmetricencryptionhashfunctionsMutualTrustNetworkSecurityComputerSecurity.StandardsOrganizationsNationalInstituteofStandards&Technology(NIST)InternetSociety(ISOC)InternationalTelecommunicationUnionTelecommunicationStandardizationSector(ITU-T)InternationalOrganizationforStandardization(ISO).Chapter1–IntroductionThecombinationofspace,time,andstrengththatmustbeconsideredasthebasicelementsofthistheoryofdefensemakesthisafairlycomplicatedmatter.Consequently,itisnoteasytofindafixedpointofdeparture.. —OnWar,CarlVonClausewitz.ComputerSecuritytheprotectionaffordedtoanautomatedinformationsysteminordertoattaintheapplicableobjectivesofpreservingtheintegrity,availabilityandconfidentialityofinformationsystemresources(includeshardware,software,firmware,information/data,andtelecommunications).KeySecurityConcepts.LevelsofImpactcandefine3levelsofimpactfromasecuritybreachLowModerateHigh.ExamplesofSecurityRequirementsconfidentiality–studentgradesintegrity–patientinformationavailability–authenticationservice.ComputerSecurityChallengesnotsimplemustconsiderpotentialattacksproceduresusedcounter-intuitiveinvolvealgorithmsandsecretinfomustdecidewheretodeploymechanismsbattleofwitsbetweenattacker/adminnotperceivedonbenefituntilfailsrequiresregularmonitoringtoooftenanafter-thoughtregardedasimpedimenttousingsystem.OSISecurityArchitectureITU-TX.800“SecurityArchitectureforOSI”definesasystematicwayofdefiningandprovidingsecurityrequirementsforusitprovidesauseful,ifabstract,overviewofconceptswewillstudy.AspectsofSecurityconsider3aspectsofinformationsecurity:securityattacksecuritymechanismsecurityservicenotetermsthreat–apotentialforviolationofsecurityattack–anassaultonsystemsecurity,adeliberateattempttoevadesecurityservices.PassiveAttacks.ActiveAttacks.SecurityServiceenhancesecurityofdataprocessingsystemsandinformationtransfersofanorganizationintendedtocountersecurityattacksusingoneormoresecuritymechanismsoftenreplicatesfunctionsnormallyassociatedwithphysicaldocumentswhich,forexample,havesignatures,dates;needprotectionfromdisclosure,tampering,ordestruction;benotarizedorwitnessed;berecordedorlicensed.SecurityServicesX.800:“aserviceprovidedbyaprotocollayerofcommunicatingopensystems,whichensuresadequatesecurityofthesystemsorofdatatransfers”RFC2828:“aprocessingorcommunicationserviceprovidedbyasystemtogiveaspecifickindofprotectiontosystemresources”.SecurityServices(X.800)Authentication-assurancethatcommunicatingentityistheoneclaimedhavebothpeer-entity&dataoriginauthenticationAccessControl-preventionoftheunauthorizeduseofaresourceDataConfidentiality–protectionofdatafromunauthorizeddisclosureDataIntegrity-assurancethatdatareceivedisassentbyanauthorizedentityNon-Repudiation-protectionagainstdenialbyoneofthepartiesinacommunicationAvailability–resourceaccessible/usable.SecurityMechanismfeaturedesignedtodetect,prevent,orrecoverfromasecurityattacknosinglemechanismthatwillsupportallservicesrequiredhoweveroneparticularelementunderliesmanyofthesecuritymechanismsinuse:cryptographictechniqueshenceourfocusonthistopic.SecurityMechanisms(X.800)specificsecuritymechanisms:encipherment,digitalsignatures,accesscontrols,dataintegrity,authenticationexchange,trafficpadding,routingcontrol,notarizationpervasivesecuritymechanisms:trustedfunctionality,securitylabels,eventdetection,securityaudittrails,securityrecovery.ModelforNetworkSecurity.ModelforNetworkSecurityusingthismodelrequiresusto:designasuitablealgorithmforthesecuritytransformationgeneratethesecretinformation(keys)usedbythealgorithmdevelopmethodstodistributeandsharethesecretinformationspecifyaprotocolenablingtheprincipalstousethetransformationandsecretinformationforasecurityservice.ModelforNetworkAccessSecurity.ModelforNetworkAccessSecurityusingthismodelrequiresusto:selectappropriategatekeeperfunctionstoidentifyusersimplementsecuritycontrolstoensureonlyauthorisedusersa
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 小学数学二年级下册口算练习100题-二年级数学口算练题
- 急诊医疗服务规范制度
- 13.1.2线段的垂直平分线性质(第二课时)
- 2024年西安客运驾驶员考试选择题及答案解析
- 算法设计与分析 课件 1.2.1-算法分析准则 - 正确性
- 2024年杭州客运考试应用能力试题及答案详解
- 2024年广西客车驾驶员从业资格证考试题库
- 2024年山西c1客运资格证模拟考试题下载什么软件
- 2024年四川客运从业资格证考试技巧口诀
- 2024年长沙客运从业资格证试题答案
- 汽车文化知识考试参考题库400题(含答案)
- WDZANYJY23低压电力电缆技术规格书
- 《水循环》-完整版课件
- 抗高血压药物基因检测课件
- 西游记 品味经典名著导读PPT
- 金坛区苏科版四年级心理健康教育第1课《我的兴趣爱好》课件(定稿)
- 心肌缺血和心肌梗死的心电图表现讲义课件
- 小学生性教育调查问卷
- 学历案的编写课件
- 旅游行政管理第二章旅游行政管理体制课件
- 卫生院关于召开基本公共卫生服务项目培训会的通知
评论
0/150
提交评论