SlideShare ist ein Scribd-Unternehmen logo

CNS - Chapter1

J
JeevananthamArumugam

This document provides an overview of cryptography and network security concepts from the textbook "Cryptography & Network Security" by William Stallings. It covers topics like confidentiality, integrity, availability, security threats/attacks, security services, security mechanisms, and the OSI security architecture. The document includes chapter objectives, definitions of key terms, descriptions of security concepts, examples, and review questions. The overall purpose is to introduce fundamental cryptography and network security principles.

Bildung
1 von 33
2020 - 2021 Odd Semester 14ITT71 Cryptography and Network Security
14ITT71-CryptographyandNetworkSecurity Roadmap 01 Introduction & Number Theory 02 Symmetric Key Cryptography 03 Hash Function & Digital Signature 04 Security Practice & System Security 05 E Mail Security • OSI security architecture • Classical Encryption techniques • Number theory • DES • AES • RSA • DH Exchange • ECC • MAC • MD5 • SHA • HMAC • CMAC • Digital Signature • Kerberos • Firewalls • Trusted Systems • IDS • Virus and Threats • PGP • S/MIME • IP Security • Internet Key Exchange • Web Security Understand OSI security architecture and classical encryption techniques Acquire knowledge in symmetric and public key cryptography Know about hash function and digital signatures Recognize security practice and system security Gain knowledge in email and web security Cryptography & Network Security - William Stallings 6th Edition
14ITT71-CryptographyandNetworkSecurity Chapter 1 Computer and Network Security Concepts
14ITT71-CryptographyandNetworkSecurity Learning Objectives After studying this chapter, you should be able to: 1. Describe the key security requirements of confidentiality, integrity, and availability. 2. Discuss the types of security threats and attacks that must be dealt with and give examples of the types of threats and attacks that apply to different categories of computer and network assets. 3. Summarize the functional requirements for computer security. Describe the X.800 security architecture for OSI.
14ITT71-CryptographyandNetworkSecurity Computer Security The field of network and Internet security consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. 
 C A B Employee Manager Server Fired Invalidate Employees Account Confirmation ?
14ITT71-CryptographyandNetworkSecurity Computer Security The NIST Computer Security Handbook defines the term computer security as: “ the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of i n f o r m a t i o n s y s t e m resources” (includes hardware, software, firmware, information/ data, and telecommunications)
14ITT71-CryptographyandNetworkSecurity Three key objectives that are at the heart of computer security • Confidentiality • Integrity • Availability Figure 1.1 Essential Network and Computer Security Requirements Data and services Availability Integrity Accountability Authenticity Confidentiality
14ITT71-CryptographyandNetworkSecurity CIA triad • Confidentiality: Preserving authorised restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorised disclosure of information. 
 • Integrity: Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorised modification or destruction of information. 
 • Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system. 

14ITT71-CryptographyandNetworkSecurity CIA triad + AA • Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source • Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after- action recovery and legal action. Because truly secure systems are not yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes. 

14ITT71-CryptographyandNetworkSecurity The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals High Moderate Low Breach of Security & its Impacts
14ITT71-CryptographyandNetworkSecurity Security is not simple Potential attacks on the security features need to be considered Security mechanisms typically involve more than a particular algorithm or protocol Security is essentially a battle of wits between a perpetrator and the designer Procedures used to provide particular services are often counter-intuitive Little benefit from security investment is perceived until a security failure occursIt is necessary to decide where to use the various security mechanisms Requires constant monitoring Is too often an afterthought Strong security is often viewed as an impediment to efficient and user-friendly operation Computer Security Challenges
14ITT71-CryptographyandNetworkSecurity OSI Security Architecture 1. Security attack • Any action that compromises the security of information owned by an organisation 2. Security mechanism • A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack 3. Security service • A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization • Intended to counter security attacks, and they make use of one or more security mechanisms to provide the service
14ITT71-CryptographyandNetworkSecurity Threats vs Attacks
14ITT71-CryptographyandNetworkSecurity Security Attacks
14ITT71-CryptographyandNetworkSecurity Security Attacks A passive attack attempts to learn or make use of information from the system but does not affect system resources (a) Passive attacks Alice (b) Active attacks Figure 1.2 Security Attacks Bob Darth Internet or other comms facility Bob Darth Alice Internet or other comms facility 1 2 3 An active attack attempts to alter system resources or affect their operation
14ITT71-CryptographyandNetworkSecurity Passive Attacks Two types of passive attacks are: • The release of message contents • Traffic analysis
14ITT71-CryptographyandNetworkSecurity Active Attacks • Involve some modification of the data stream or the creation of a false stream • Difficult to prevent because of the wide variety of potential physical, software, and network vulnerabilities • Goal is to detect attacks and to recover from any disruption or delays caused by them • Takes place when one entity pretends to be a different entity • Usually includes one of the other forms of active attack Masquerade • Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect Replay • Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect Modification of messages • Prevents or inhibits the normal use or management of communications facilities Denial of service
14ITT71-CryptographyandNetworkSecurity Security Services • Defined by X.800 as: •A service provided by a protocol layer of communicating open systems and that ensures adequate security of the systems or of data transfers • Defined by RFC 4949 as: •A processing or communication service provided by a system to give a specific kind of protection to system resources
14ITT71-CryptographyandNetworkSecurity Security Services (X.800) (This table is found on page 18 in textbook)
14ITT71-CryptographyandNetworkSecurity Authentication Concerned with assuring that a communication is authentic • In the case of a single message, assures the recipient that the message is from the source that it claims to be from • In the case of ongoing interaction, assures the two entities are authentic and that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties Two specific authentication services are defined in X.800: Peer entity authentication Data origin authentication
14ITT71-CryptographyandNetworkSecurity Access Control • The ability to limit and control the access to host systems and applications via communications links • To achieve this, each entity trying to gain access must first be indentified, or authenticated, so that access rights can be tailored to the individual
14ITT71-CryptographyandNetworkSecurity Data Confidentiality The protection of transmitted data from passive attacks • Broadest service protects all user data transmitted between two users over a period of time • Narrower forms of service includes the protection of a single message or even specific fields within a message The protection of traffic flow from analysis • This requires that an attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility
14ITT71-CryptographyandNetworkSecurity Data Integrity Can apply to a stream of messages, a single message, or selected fields within a message Connection-oriented integrity service, one that deals with a stream of messages, assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays A connectionless integrity service, one that deals with individual messages without regard to any larger context, generally provides protection against message modification only
14ITT71-CryptographyandNetworkSecurity Nonrepudiation • Prevents either sender or receiver from denying a transmitted message • When a message is sent, the receiver can prove that the alleged sender in fact sent the message • When a message is received, the sender can prove that the alleged receiver in fact received the message
14ITT71-CryptographyandNetworkSecurity Availability Service • Protects a system to ensure its availability • This service addresses the security concerns raised by denial-of- service attacks • It depends on proper management and control of system resources and thus depends on access control service and other security services
14ITT71-CryptographyandNetworkSecurity Security Mechanisms (X.800) Specific Security Mechanisms •Encipherment •Digital signatures •Access controls •Data integrity •Authentication exchange •Traffic padding •Routing control Pervasive Security Mechanisms •Trusted functionality •Security labels •Event detection •Security audit trails •Security recovery
14ITT71-CryptographyandNetworkSecurity Security Mechanisms (X.800) (This table is found on pages 14-15 in textbook)
14ITT71-CryptographyandNetworkSecurity Relationship Between Security Services and Mechanisms
14ITT71-CryptographyandNetworkSecurity Model for Network Security Information Channel Security-related transformation Sender Secret information Message Message Secure message Secure message Recipient Opponent Trusted third party (e.g., arbiter, distributer of secret information) Figure 1.5 Model for Network Security Security-related transformation Secret information
14ITT71-CryptographyandNetworkSecurity Network Access Security Model Computing resources (processor, memory, I/O) Data Processes Software Internal security controls Information System Gatekeeper function Opponent —human (e.g., hacker) —software (e.g., virus, worm) Figure 1.6 Network Access Security Model Access Channel
14ITT71-CryptographyandNetworkSecurity Review Questions • What is the OSI security architecture? • What is the difference between passive and active security threats? • List and briefly define categories of passive and active security attacks. • List and briefly define categories of security services. • List and briefly define categories of security mechanisms. 

14ITT71-CryptographyandNetworkSecurity Review Questions 1. Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement. 2. Consider a desktop publishing system used to produce documents for various organizations. • Give an example of a type of publication for which confidentiality of the stored data is the most important requirement. • Give an example of a type of publication in which data integrity is the most important requirement. • Give an example in which system availability is the most important requirement.
14ITT71-CryptographyandNetworkSecurity Review Questions 1. Draw a matrix similar to Slide No 28 that shows the relationship between security services and attacks. 2. For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. a. An organization managing public information on its Web server.
 b. A law enforcement organization managing extremely sensitive investigative 
 information.
 c. A financial organization managing routine administrative information (not 
 privacy-related information).
 d. An information system used for large acquisitions in a contracting organization 
 contains both sensitive, pre-solicitation phase contract information and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole. 
 e. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the distribution of electric power for a large military installa- tion. The SCADA system contains both real-time sensor data and routine admin- istrative information. Assess the impact for the two data sets separately and the information system as a whole.

Empfohlen

Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.pptssuserec53e73
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Authentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slidesAuthentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slidesrahul kundu
 

Empfohlen

Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.pptssuserec53e73
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Authentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slidesAuthentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slidesrahul kundu
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherNiloy Biswas
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Message Authentication
Message AuthenticationMessage Authentication
Message AuthenticationRam Dutt Shukla
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
IP Security
IP SecurityIP Security
IP SecurityDr.Florence Dayana
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authenticationchauhankapil
 
Trusted systems
Trusted systemsTrusted systems
Trusted systemsahmad abdelhafeez
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communicationchauhankapil
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
abc.pptx
abc.pptxabc.pptx
abc.pptxBhargaviGorde1
 

Weitere ähnliche Inhalte

Was ist angesagt?

Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherNiloy Biswas
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authenticationchauhankapil
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communicationchauhankapil
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 

Was ist angesagt? (20)

Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Information Security
Information SecurityInformation Security
Information Security
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipher
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash function
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
IP Security
IP SecurityIP Security
IP Security
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
 
Trusted systems
Trusted systemsTrusted systems
Trusted systems
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communication
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptography
 

Ähnlich wie CNS - Chapter1

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptxAwais725629
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptxAwais725629
 
I MSc CS CNS Day 1.pptx
I MSc CS CNS Day 1.pptxI MSc CS CNS Day 1.pptx
I MSc CS CNS Day 1.pptxArumugam90
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Computer Security Chapter 1
Computer Security Chapter 1Computer Security Chapter 1
Computer Security Chapter 1Temesgen Berhanu
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityAparnaSunil24
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxsalutiontechnology
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfVishwanathMahalle
 
Cryptography introduction
Cryptography introductionCryptography introduction
Cryptography introductionVasuki Ramasamy
 
Introduction to Network security
Introduction to Network securityIntroduction to Network security
Introduction to Network securitymohanad alobaidey
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...NISHASOMSCS113
 

Ähnlich wie CNS - Chapter1 (20)

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
abc.pptx
abc.pptxabc.pptx
abc.pptx
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptx
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptx
 
Ch01 NetSec5e.pdf
Ch01 NetSec5e.pdfCh01 NetSec5e.pdf
Ch01 NetSec5e.pdf
 
I MSc CS CNS Day 1.pptx
I MSc CS CNS Day 1.pptxI MSc CS CNS Day 1.pptx
I MSc CS CNS Day 1.pptx
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Computer Security Chapter 1
Computer Security Chapter 1Computer Security Chapter 1
Computer Security Chapter 1
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Ch1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptxCh1 Cryptography network security slides.pptx
Ch1 Cryptography network security slides.pptx
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
 
Cryptography introduction
Cryptography introductionCryptography introduction
Cryptography introduction
 
Introduction to Network security
Introduction to Network securityIntroduction to Network security
Introduction to Network security
 
3-UnitV_security.pptx
3-UnitV_security.pptx3-UnitV_security.pptx
3-UnitV_security.pptx
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
ch01.pdf
ch01.pdfch01.pdf
ch01.pdf
 
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
 

Mehr von JeevananthamArumugam

Advanced Encryption Standard - AES
Advanced Encryption Standard - AESAdvanced Encryption Standard - AES
Advanced Encryption Standard - AESJeevananthamArumugam
 
Square and Multiply - Shortcut Method
Square and Multiply - Shortcut MethodSquare and Multiply - Shortcut Method
Square and Multiply - Shortcut MethodJeevananthamArumugam
 
NCC | General Subject | Public speaking
NCC | General Subject | Public speaking NCC | General Subject | Public speaking
NCC | General Subject | Public speaking JeevananthamArumugam
 
NCC | General Subject | Communication Skills | Year II
NCC | General Subject | Communication Skills | Year IINCC | General Subject | Communication Skills | Year II
NCC | General Subject | Communication Skills | Year IIJeevananthamArumugam
 

Mehr von JeevananthamArumugam (10)

SQL Procedures & Functions
SQL Procedures & FunctionsSQL Procedures & Functions
SQL Procedures & Functions
 
Advanced Encryption Standard - AES
Advanced Encryption Standard - AESAdvanced Encryption Standard - AES
Advanced Encryption Standard - AES
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption Standard
 
Square and Multiply - Shortcut Method
Square and Multiply - Shortcut MethodSquare and Multiply - Shortcut Method
Square and Multiply - Shortcut Method
 
Chinese Reminder Theorem
Chinese Reminder TheoremChinese Reminder Theorem
Chinese Reminder Theorem
 
Euler's Theorem
Euler's TheoremEuler's Theorem
Euler's Theorem
 
NCC | General Subject | Public speaking
NCC | General Subject | Public speaking NCC | General Subject | Public speaking
NCC | General Subject | Public speaking
 
NCC | General Subject | Communication Skills | Year II
NCC | General Subject | Communication Skills | Year IINCC | General Subject | Communication Skills | Year II
NCC | General Subject | Communication Skills | Year II
 
IoT - Scope and Opportunities
IoT - Scope and OpportunitiesIoT - Scope and Opportunities
IoT - Scope and Opportunities
 

Kürzlich hochgeladen

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesShubhangi Sonawane
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 

Kürzlich hochgeladen (20)

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 

CNS - Chapter1

  • 1. 2020 - 2021 Odd Semester 14ITT71 Cryptography and Network Security
  • 2. 14ITT71-CryptographyandNetworkSecurity Roadmap 01 Introduction & Number Theory 02 Symmetric Key Cryptography 03 Hash Function & Digital Signature 04 Security Practice & System Security 05 E Mail Security • OSI security architecture • Classical Encryption techniques • Number theory • DES • AES • RSA • DH Exchange • ECC • MAC • MD5 • SHA • HMAC • CMAC • Digital Signature • Kerberos • Firewalls • Trusted Systems • IDS • Virus and Threats • PGP • S/MIME • IP Security • Internet Key Exchange • Web Security Understand OSI security architecture and classical encryption techniques Acquire knowledge in symmetric and public key cryptography Know about hash function and digital signatures Recognize security practice and system security Gain knowledge in email and web security Cryptography & Network Security - William Stallings 6th Edition
  • 4. 14ITT71-CryptographyandNetworkSecurity Learning Objectives After studying this chapter, you should be able to: 1. Describe the key security requirements of confidentiality, integrity, and availability. 2. Discuss the types of security threats and attacks that must be dealt with and give examples of the types of threats and attacks that apply to different categories of computer and network assets. 3. Summarize the functional requirements for computer security. Describe the X.800 security architecture for OSI.
  • 5. 14ITT71-CryptographyandNetworkSecurity Computer Security The field of network and Internet security consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. 
 C A B Employee Manager Server Fired Invalidate Employees Account Confirmation ?
  • 6. 14ITT71-CryptographyandNetworkSecurity Computer Security The NIST Computer Security Handbook defines the term computer security as: “ the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of i n f o r m a t i o n s y s t e m resources” (includes hardware, software, firmware, information/ data, and telecommunications)
  • 7. 14ITT71-CryptographyandNetworkSecurity Three key objectives that are at the heart of computer security • Confidentiality • Integrity • Availability Figure 1.1 Essential Network and Computer Security Requirements Data and services Availability Integrity Accountability Authenticity Confidentiality
  • 8. 14ITT71-CryptographyandNetworkSecurity CIA triad • Confidentiality: Preserving authorised restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorised disclosure of information. 
 • Integrity: Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorised modification or destruction of information. 
 • Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system. 

  • 9. 14ITT71-CryptographyandNetworkSecurity CIA triad + AA • Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source • Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after- action recovery and legal action. Because truly secure systems are not yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes. 

  • 10. 14ITT71-CryptographyandNetworkSecurity The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals High Moderate Low Breach of Security & its Impacts
  • 11. 14ITT71-CryptographyandNetworkSecurity Security is not simple Potential attacks on the security features need to be considered Security mechanisms typically involve more than a particular algorithm or protocol Security is essentially a battle of wits between a perpetrator and the designer Procedures used to provide particular services are often counter-intuitive Little benefit from security investment is perceived until a security failure occursIt is necessary to decide where to use the various security mechanisms Requires constant monitoring Is too often an afterthought Strong security is often viewed as an impediment to efficient and user-friendly operation Computer Security Challenges
  • 12. 14ITT71-CryptographyandNetworkSecurity OSI Security Architecture 1. Security attack • Any action that compromises the security of information owned by an organisation 2. Security mechanism • A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack 3. Security service • A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization • Intended to counter security attacks, and they make use of one or more security mechanisms to provide the service
  • 15. 14ITT71-CryptographyandNetworkSecurity Security Attacks A passive attack attempts to learn or make use of information from the system but does not affect system resources (a) Passive attacks Alice (b) Active attacks Figure 1.2 Security Attacks Bob Darth Internet or other comms facility Bob Darth Alice Internet or other comms facility 1 2 3 An active attack attempts to alter system resources or affect their operation
  • 16. 14ITT71-CryptographyandNetworkSecurity Passive Attacks Two types of passive attacks are: • The release of message contents • Traffic analysis
  • 17. 14ITT71-CryptographyandNetworkSecurity Active Attacks • Involve some modification of the data stream or the creation of a false stream • Difficult to prevent because of the wide variety of potential physical, software, and network vulnerabilities • Goal is to detect attacks and to recover from any disruption or delays caused by them • Takes place when one entity pretends to be a different entity • Usually includes one of the other forms of active attack Masquerade • Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect Replay • Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect Modification of messages • Prevents or inhibits the normal use or management of communications facilities Denial of service
  • 18. 14ITT71-CryptographyandNetworkSecurity Security Services • Defined by X.800 as: •A service provided by a protocol layer of communicating open systems and that ensures adequate security of the systems or of data transfers • Defined by RFC 4949 as: •A processing or communication service provided by a system to give a specific kind of protection to system resources
  • 20. 14ITT71-CryptographyandNetworkSecurity Authentication Concerned with assuring that a communication is authentic • In the case of a single message, assures the recipient that the message is from the source that it claims to be from • In the case of ongoing interaction, assures the two entities are authentic and that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties Two specific authentication services are defined in X.800: Peer entity authentication Data origin authentication
  • 21. 14ITT71-CryptographyandNetworkSecurity Access Control • The ability to limit and control the access to host systems and applications via communications links • To achieve this, each entity trying to gain access must first be indentified, or authenticated, so that access rights can be tailored to the individual
  • 22. 14ITT71-CryptographyandNetworkSecurity Data Confidentiality The protection of transmitted data from passive attacks • Broadest service protects all user data transmitted between two users over a period of time • Narrower forms of service includes the protection of a single message or even specific fields within a message The protection of traffic flow from analysis • This requires that an attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility
  • 23. 14ITT71-CryptographyandNetworkSecurity Data Integrity Can apply to a stream of messages, a single message, or selected fields within a message Connection-oriented integrity service, one that deals with a stream of messages, assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays A connectionless integrity service, one that deals with individual messages without regard to any larger context, generally provides protection against message modification only
  • 24. 14ITT71-CryptographyandNetworkSecurity Nonrepudiation • Prevents either sender or receiver from denying a transmitted message • When a message is sent, the receiver can prove that the alleged sender in fact sent the message • When a message is received, the sender can prove that the alleged receiver in fact received the message
  • 25. 14ITT71-CryptographyandNetworkSecurity Availability Service • Protects a system to ensure its availability • This service addresses the security concerns raised by denial-of- service attacks • It depends on proper management and control of system resources and thus depends on access control service and other security services
  • 26. 14ITT71-CryptographyandNetworkSecurity Security Mechanisms (X.800) Specific Security Mechanisms •Encipherment •Digital signatures •Access controls •Data integrity •Authentication exchange •Traffic padding •Routing control Pervasive Security Mechanisms •Trusted functionality •Security labels •Event detection •Security audit trails •Security recovery
  • 29. 14ITT71-CryptographyandNetworkSecurity Model for Network Security Information Channel Security-related transformation Sender Secret information Message Message Secure message Secure message Recipient Opponent Trusted third party (e.g., arbiter, distributer of secret information) Figure 1.5 Model for Network Security Security-related transformation Secret information
  • 30. 14ITT71-CryptographyandNetworkSecurity Network Access Security Model Computing resources (processor, memory, I/O) Data Processes Software Internal security controls Information System Gatekeeper function Opponent —human (e.g., hacker) —software (e.g., virus, worm) Figure 1.6 Network Access Security Model Access Channel
  • 31. 14ITT71-CryptographyandNetworkSecurity Review Questions • What is the OSI security architecture? • What is the difference between passive and active security threats? • List and briefly define categories of passive and active security attacks. • List and briefly define categories of security services. • List and briefly define categories of security mechanisms. 

  • 32. 14ITT71-CryptographyandNetworkSecurity Review Questions 1. Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement. 2. Consider a desktop publishing system used to produce documents for various organizations. • Give an example of a type of publication for which confidentiality of the stored data is the most important requirement. • Give an example of a type of publication in which data integrity is the most important requirement. • Give an example in which system availability is the most important requirement.
  • 33. 14ITT71-CryptographyandNetworkSecurity Review Questions 1. Draw a matrix similar to Slide No 28 that shows the relationship between security services and attacks. 2. For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. a. An organization managing public information on its Web server.
 b. A law enforcement organization managing extremely sensitive investigative 
 information.
 c. A financial organization managing routine administrative information (not 
 privacy-related information).
 d. An information system used for large acquisitions in a contracting organization 
 contains both sensitive, pre-solicitation phase contract information and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole. 
 e. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the distribution of electric power for a large military installa- tion. The SCADA system contains both real-time sensor data and routine admin- istrative information. Assess the impact for the two data sets separately and the information system as a whole.