Introduction to Information Security

¡Supera tus tareas y exámenes ahora con Quizwiz!

What is the OSI Glossary

Security attack: Any action that compromises the security of information or services Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack Security service: A processing or communication service that enhances the security of the data processing systems and the information transfer of an organization

What are CRYPTOGRAPHIC ALGORITHMS AND PROTOCOLS?

Symmetric encryption Conceal the contents of blocks or streams of data, using the same private key as used for decrypting. Asymmetric encryption Conceal the contents of blocks of data, using a public key. A private key is used to retrieve the contents of the blocks. Data integrity algorithms Protect blocks of data, such as messages, from alteration. Authentication protocols Authenticate the identity of entities.

What are additional COMPUTER SECURITY OBJECTIVES

Authenticity Users are who they say they are and each input arriving at the system came from a trusted source. Accountability Actions of an entity can be traced uniquely to that entity.

What are COMPUTER SECURITY OBJECTIVES

Confidentiality: Data confidentiality Sensitive information is not available or disclosed to unauthorized individuals. Privacy Individuals control or influence what information may be collected and stored and by whom and to whom that information may be disclosed. Integrity: Data integrity Information and programs are changed only in a specified and authorized manner. System integrity A system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. Availability: Systems work promptly and service is not denied to authorized users.

What are SECURITY CHALLENGES?

Security is not simple. Potential attacks on the security features need to be considered. Procedures used to provide particular services are often counter-intuitive. It is necessary to decide where to use the various security mechanisms. Requires constant monitoring. Is too often an afterthought. Security mechanisms typically involve more than a particular algorithm or protocol Security is essentially a battle of wits between a perpetrator and the designer Little benefit from security investment is perceived until a security failure occurs Strong security is often viewed as an impediment to efficient and user-friendly operation


Conjuntos de estudio relacionados

Maternal-Child Final (1-9, 33-39, 41-45, 55)

View Set

M13 Chapter 9: Four-Wheel Alignment, Part 1 Primary Angles

View Set