SlideShare a Scribd company logo

Network security - OSI Security Architecture

B
BharathiKrishna6

The document provides an overview of network security, defining networks and detailing various security mechanisms, services, and attacks. It outlines different types of attacks, including passive and active attacks, and explains security services like authentication and data integrity that counter these threats. Additionally, it discusses a model for network security which highlights the importance of secure transmission and secret information sharing between entities.

Technology
1 of 27
1
2
3
4
5
Most read
6
Most read
7
8
9
Most read
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Network Security
What is a Network? Network Security The OSI Security Architecture Security Attacks Security Services Security Mechanism A model for Network Security
A network is a collection of computers, servers, mainframes, network devices, peripherals, or other devices connected to one another to allow the sharing of data. For example, network is the Internet, which connects millions of people all over the world
Network security is a broad term that covers a multitude of technologies, devices and processes. A set of rules and configurations designed to protect the integrity, confidentiality and accessibility of computer networks and data using both software and hardware technologies.
 The OSI Architecture is useful to managers as a way of organizing the task of providing security.  The OSI security architecture focuses on security attacks, mechanisms,and services.
 Security attack: Any action that compromises the security of information owned by an organization.  Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.  Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
Security Attacks
 A passive attack attempts to learn or make use of information from the system but does not affect system resources.  An active attack attempts to alter system resources or affect their operation.
 Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.  The goal of the opponent is to obtain information that is being transmitted.  Two types of passive attacks are :  Release Of Message Contents  Traffic Analysis.  The release of message contents is easily understood.  A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information  traffic analysis, is subtler. Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.
Network security - OSI Security Architecture
 Active attacks involve some modification of the data stream or the creation of a false stream  It can be subdivided into four categories  masquerade  replay,  modification of messages  and denial of service.  A masquerade takes place when one entity pretends to be a different entity.  Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect  Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect  The denial of service prevents or inhibits the normal use or management of communications facilities
Network security - OSI Security Architecture
Network security - OSI Security Architecture
Network security - OSI Security Architecture
Network security - OSI Security Architecture
Security Services
 A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.  These services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
 Authentication: The assurance that the communicating entity is the one that it claims to be.  Peer Entity Authentication: Used in association with a logical connection to provide confidence in the identity of the entities connected.  Data-Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed.  Data Confidentiality: Protects data from unauthorized disclosure.  Access Control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do).  Data Integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).  Non-repudiation: Protects against denial by one of the entities involved in a communication of having participated in all or part of the communication.  Proof of Origin: Proof that the message was sent by the specified party.  Proof of Delivery: Proof that the message was received by the specified party.
Security Mechanism
 A reversible encipherment mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted.  Irreversible encipherment mechanisms include hash algorithms and message authentication codes, which are used in digital signature and message authentication applications.
Network security - OSI Security Architecture
A model for Network Security
 A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender.  Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception
Network security - OSI Security Architecture
 A trusted third party may be needed to achieve secure transmission.  For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent.  This general model shows that there are four basic tasks in designing a particular security service: 1. Design an algorithm for performing the security-related transformation.The algorithm should be such that an opponent cannot defeat its purpose. 2. Generate the secret information to be used with the algorithm. 3. Develop methods for the distribution and sharing of the secret information. 4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
 Another type of unwanted access is the placement in a computer system of logic that exploits vulnerabilities in the system and that can affect application pro-grams as well as utility programs, such as editors and compilers. Programs can pre-sent two kinds of threats:  Information access threats: Intercept or modify data on behalf of users who should not have access to that data.  Service threats: Exploit service flaws in computers to inhibit use by legitimate users.
Network security - OSI Security Architecture

More Related Content

PPT
Fundamentals of cryptography
Hossain Md Shakhawat
 
PPT
Network Security and Cryptography
Adam Reagan
 
PPTX
Security services and mechanisms
Rajapriya82
 
PPTX
Cryptography and Information Security
Dr Naim R Kidwai
 
PDF
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
PPT
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
PPTX
Cryptography-Known plain text attack
amiteshg
 
PPTX
Asymmetric Cryptography.pptx
diaa46
 
Fundamentals of cryptography
Hossain Md Shakhawat
 
Network Security and Cryptography
Adam Reagan
 
Security services and mechanisms
Rajapriya82
 
Cryptography and Information Security
Dr Naim R Kidwai
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
Cryptography-Known plain text attack
amiteshg
 
Asymmetric Cryptography.pptx
diaa46
 

What's hot (20)

PDF
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
PPT
Message authentication
CAS
 
PPTX
Key management and distribution
Riya Choudhary
 
PDF
Intruders
Dr.Florence Dayana
 
PPTX
Substitution techniques
vinitha96
 
PDF
Classical encryption techniques
Dr.Florence Dayana
 
PPTX
Program security
Prachi Gulihar
 
PPTX
Network security model.pptx
ssuserd24233
 
PPTX
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
PDF
Authentication techniques
IGZ Software house
 
PPTX
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
RAMESHBABU311293
 
PPTX
Operating system security
Ramesh Ogania
 
PDF
Web Security
Dr.Florence Dayana
 
PPTX
Public Key Cryptography
Gopal Sakarkar
 
PPTX
Public Key Cryptosystem
Devakumar Kp
 
PPTX
Intrusion detection
CAS
 
PPTX
MD5 ALGORITHM.pptx
Rajapriya82
 
PPT
key distribution in network security
babak danyal
 
PPTX
Pgp pretty good privacy
Pawan Arya
 
PPTX
Types of attacks
Vivek Gandhi
 
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Message authentication
CAS
 
Key management and distribution
Riya Choudhary
 
Intruders
Dr.Florence Dayana
 
Substitution techniques
vinitha96
 
Classical encryption techniques
Dr.Florence Dayana
 
Program security
Prachi Gulihar
 
Network security model.pptx
ssuserd24233
 
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
Authentication techniques
IGZ Software house
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
RAMESHBABU311293
 
Operating system security
Ramesh Ogania
 
Web Security
Dr.Florence Dayana
 
Public Key Cryptography
Gopal Sakarkar
 
Public Key Cryptosystem
Devakumar Kp
 
Intrusion detection
CAS
 
MD5 ALGORITHM.pptx
Rajapriya82
 
key distribution in network security
babak danyal
 
Pgp pretty good privacy
Pawan Arya
 
Types of attacks
Vivek Gandhi
 
Ad

Similar to Network security - OSI Security Architecture (20)

PDF
The Road Network security
Khaled Omar
 
PPTX
Introduction of network security
sneha padhiar
 
PPTX
Module 1.pptx
ssuser6e8e41
 
PPTX
Unit 1-NETWORK Security.pptx............
r47381047
 
PPTX
Chapter 1: Overview of Network Security
Shafaan Khaliq Bhatti
 
PPTX
Unit-1.pptx
ssuseref9c81
 
PDF
Cryptography and Network Security ppt . pdf
22cc005
 
PDF
ch01.pdf
Samtech6
 
PPTX
Network security introduction part .pptx
NithiMini
 
PPTX
Network Security
moviebro1
 
PPTX
Cyber Security Part-I.pptx
RavikumarVadana
 
PPTX
information security unit 1 notes ppt contents
Krishna681298
 
PPTX
Unit 1
KRAMANJANEYULU1
 
PPT
Network and Information Security unit 1.ppt
Vivekananda Gn
 
PDF
Lec 01.pdf
MohammedElkayesh
 
PDF
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
Abiramis19
 
PPTX
Unit-1.pptx Distributed system ppt all info
nandinimakwana22cse
 
PPT
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
NISHASOMSCS113
 
PPTX
Introduction to Cryptography
UmangThakkar26
 
PPTX
Cryptographic Security
jp tj
 
The Road Network security
Khaled Omar
 
Introduction of network security
sneha padhiar
 
Module 1.pptx
ssuser6e8e41
 
Unit 1-NETWORK Security.pptx............
r47381047
 
Chapter 1: Overview of Network Security
Shafaan Khaliq Bhatti
 
Unit-1.pptx
ssuseref9c81
 
Cryptography and Network Security ppt . pdf
22cc005
 
ch01.pdf
Samtech6
 
Network security introduction part .pptx
NithiMini
 
Network Security
moviebro1
 
Cyber Security Part-I.pptx
RavikumarVadana
 
information security unit 1 notes ppt contents
Krishna681298
 
Unit 1
KRAMANJANEYULU1
 
Network and Information Security unit 1.ppt
Vivekananda Gn
 
Lec 01.pdf
MohammedElkayesh
 
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
Abiramis19
 
Unit-1.pptx Distributed system ppt all info
nandinimakwana22cse
 
dokumen.tips_1-cryptography-and-network-security-third-edition-by-william-sta...
NISHASOMSCS113
 
Introduction to Cryptography
UmangThakkar26
 
Cryptographic Security
jp tj
 
Ad

Recently uploaded (20)

PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 

Network security - OSI Security Architecture

  • 2. What is a Network? Network Security The OSI Security Architecture Security Attacks Security Services Security Mechanism A model for Network Security
  • 3. A network is a collection of computers, servers, mainframes, network devices, peripherals, or other devices connected to one another to allow the sharing of data. For example, network is the Internet, which connects millions of people all over the world
  • 4. Network security is a broad term that covers a multitude of technologies, devices and processes. A set of rules and configurations designed to protect the integrity, confidentiality and accessibility of computer networks and data using both software and hardware technologies.
  • 5.  The OSI Architecture is useful to managers as a way of organizing the task of providing security.  The OSI security architecture focuses on security attacks, mechanisms,and services.
  • 6.  Security attack: Any action that compromises the security of information owned by an organization.  Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.  Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
  • 8.  A passive attack attempts to learn or make use of information from the system but does not affect system resources.  An active attack attempts to alter system resources or affect their operation.
  • 9.  Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.  The goal of the opponent is to obtain information that is being transmitted.  Two types of passive attacks are :  Release Of Message Contents  Traffic Analysis.  The release of message contents is easily understood.  A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information  traffic analysis, is subtler. Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.
  • 11.  Active attacks involve some modification of the data stream or the creation of a false stream  It can be subdivided into four categories  masquerade  replay,  modification of messages  and denial of service.  A masquerade takes place when one entity pretends to be a different entity.  Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect  Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect  The denial of service prevents or inhibits the normal use or management of communications facilities
  • 17.  A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.  These services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
  • 18.  Authentication: The assurance that the communicating entity is the one that it claims to be.  Peer Entity Authentication: Used in association with a logical connection to provide confidence in the identity of the entities connected.  Data-Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed.  Data Confidentiality: Protects data from unauthorized disclosure.  Access Control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do).  Data Integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).  Non-repudiation: Protects against denial by one of the entities involved in a communication of having participated in all or part of the communication.  Proof of Origin: Proof that the message was sent by the specified party.  Proof of Delivery: Proof that the message was received by the specified party.
  • 20.  A reversible encipherment mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted.  Irreversible encipherment mechanisms include hash algorithms and message authentication codes, which are used in digital signature and message authentication applications.
  • 22. A model for Network Security
  • 23.  A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender.  Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception
  • 25.  A trusted third party may be needed to achieve secure transmission.  For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent.  This general model shows that there are four basic tasks in designing a particular security service: 1. Design an algorithm for performing the security-related transformation.The algorithm should be such that an opponent cannot defeat its purpose. 2. Generate the secret information to be used with the algorithm. 3. Develop methods for the distribution and sharing of the secret information. 4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
  • 26.  Another type of unwanted access is the placement in a computer system of logic that exploits vulnerabilities in the system and that can affect application pro-grams as well as utility programs, such as editors and compilers. Programs can pre-sent two kinds of threats:  Information access threats: Intercept or modify data on behalf of users who should not have access to that data.  Service threats: Exploit service flaws in computers to inhibit use by legitimate users.