The 7 Things I Know About Cyber Security After 25 Years | April 2024
Network security & information security maintainence modified
1. “Network Security &
Information Security
Maintenance”
Independent Study (CS450)
Under the guidance of:
Smitesh.D.Patravali
By,
KeerthanKumar Shetty
2SD10CS403
CSE 8 ‘B’ SDMCET
June 10,2013
Department of Computer Science &Department of Computer Science &
EngineeringEngineering
1
3. Introduction :Network Security
O Definition :
Network security consists of the provisions
and policies adopted by a network administrator to
prevent and monitor unauthorized access, misuse,
modification, or denial of a computer network and
network-accessible resources.
O Need for Network Security :
• Protect vital information while still allowing
access to those who need it
Ex-Trade secrets, Business records, etc.
• Provide authentication and access control for
resources
June 10,2013
DepartmentDepartment of Computer Science & Engineeringof Computer Science & Engineering
3
5. Security Attacks, Mechanism
& Services
O Security Attacks :
Any action that compromises the security of
information owned by an organization ,group
or an individual.
2 types of Security Attacks
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 5
6. Security Attacks,
Mechanism & Services
June 10,2013
Department of Computer Science & EngineeringDepartment of Computer Science & Engineering
6
7. Security Attacks,
Mechanism & Services
O Authentication
Peer-Entity
Data Origin
O Access Control
O Confidentiality
Connection Confidentiality
Connectionless Confidentiality
Selective Confidentiality
Traffic flow Confidentiality
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 7
8. Security services..Contd..
O Data Integrity
Connection integrity with recovery
Connection integrity without recovery
Connectionless integrity
Selective field Connection Integrity
Selective field Connectionless Integrity
O Non Repudiation
Non Repudiation, origin
Non Repudiation, Destination
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 8
9. Security Attacks, Mechanism &
ServicesO Security Mechanisms :
A process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security attack.
June 10,2013
Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 9
10. Internetwork Security Model
O A message is to be transferred from one party to
another across some sort of Internet service.
O The two parties, who are the principals in this
transaction, must cooperate for the exchange to take
place.
O A logical information channel is established by
defining a route through the Internet from source to
destination and by the cooperative use of
communication protocols (e.g., TCP/IP) by the two
principals.
Network Security Model
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 10
11. This general model shows that there are four basic
tasks in designing a particular security service:
O1. Design an algorithm for performing the security-
related transformation. Thealgorithm should be such
that an opponent cannot defeat its purpose.
O2. Generate the secret information to be used with
the algorithm.
O3. Develop methods for the distribution and sharing of
the secret information.
O4. Specify a protocol to be used by the two principals
that makes use of the securityalgorithm and the secret
information to achieve a particular security service.
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 11
Internetwork Security Model
12. Internet Standards & RFC’s
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 12
13. Information Security
Maintenance
O Once an organization has improved the security posture of the
organization, the security group must turn its attention to the
maintenance of security readiness
O Information security must constantly monitor the threats,
assets, and vulnerabilities
O The team also reviews external information to stay on top of
the latest general and specific threats to its information
security
O It is more expensive to reengineer the information security
profile again and again
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 13
14. Security Management Models
Management models are frameworks that structure
the tasks of managing a particular set of activities or business
functions.
ISO Model
The ISO management model is a five-layer approach
that provides structure to the administration and
management of networks and systems
The core ISO model addresses management and
operation thorough five topics:
O Fault management
O Configuration and Change management
O Accounting management
O Performance management
O Security management
June 10,2013
Department of Computer Science & EngineeringDepartment of Computer Science & Engineering
14
15. ISO Model Contd….
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 15
16. The Maintenance Model
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 16
17. Conclusion
O Hence, we can conclude that the need for security in
communicating networks is mandatory & the
techniques provided to maintain information security
are more reliable & implementing the same can
serve our purpose in achieving higher security to our
Information & network.
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 17
18. www.Wikepeadia.com.
Network Security Essentials ,Fourth Edition
by William Stallings.
Principles of Information Security by Michael
D Whitman.
June 10,2013Department of Computer Science & Engineering 18
References