Osi security architecture in network.pptx
- 2. INTRODUCTION TO OSI SECURITY ARCHITECTURE : â The security of an organization is the greatest concern of the people working at the organization. Safety and security are the pillars of cyber technology. â It is hard to imagine the cyber world without thinking about security. The architecture of security is thus a very important aspect of the organization. â The OSI (Open Systems Interconnection) Security Architecture defines a systematic approach to providing security at each layer. â It defines security services and security mechanisms that can be used at each of the seven layers of the OSI model to provide security for data transmitted over a network. â These security services and mechanisms help to ensure the confidentiality, integrity, and availability of the data. OSI architecture is internationally acceptable as it lays the flow of providing safety in an organization.
- 4. Security Attack: â A security attack is an attempt by a person or entity to gain unauthorized access to disrupt or compromise the security of a system, network, or device. â These are defined as the actions that put at risk an organizationâs safety. â They are further classified into 2 sub-categories: â Passive Attack â Active Attack
- 5. Passive Attack: â Attacks in which a third-party intruder tries to access the message/ content/ data being shared by the sender and receiver by keeping a close watch on the transmission or eave-dropping the transmission is called Passive Attacks. â These types of attacks involve the attacker observing or monitoring system, network, or device activity without actively disrupting or altering it. Passive attacks are typically focused on gathering information or intelligence, rather than causing damage or disruption. â Here, both the sender and receiver have no clue that their message/ data is accessible to some third-party intruder. The message/ data transmitted remains in its usual form without any deviation from its usual behavior. This makes passive attacks very risky as there is no information provided about the attack happening in the communication process.
- 6. Active Attack: â Active attacks refer to types of attacks that involve the attacker actively disrupting or altering system, network, or device activity. Active attacks are typically focused on causing damage or disruption, rather than gathering information or intelligence. â Here, both the sender and receiver have no clue that their message/ data is modified by some third-party intruder. The message/ data transmitted doesnât remain in its usual form and shows deviation from its usual behavior. Masquerade â It is a type of attack in which the attacker pretends to be an authentic sender in order to gain unauthorized access to a system. This type of attack can involve the attacker using stolen or forged credentials, or manipulating authentication or authorization controls in some other way. Replay: â It is a type of active attack in which the attacker intercepts a transmitted message through a passive channel and then maliciously or fraudulently replays or delays it at a later time. Modification of Message : â It involves the attacker modifying the transmitted message and making the final message received by the receiver look like itâs not safe or non-meaningful. This type of attack can be used to manipulate the content of the message or to disrupt the communication process. Denial of service (DoS) : â This attacks involve the attacker sending a large volume of traffic to a system, network, or device in an attempt to overwhelm it and make it unavailable to legitimate users.
- 7. SECURITY MECHANISM : â The mechanism that is built to identify any breach of security or attack on the organization, is called a security mechanism. Security Mechanisms are also responsible for protecting a system, network, or device against unauthorized access, tampering, or other security threats. â Security mechanisms can be implemented at various levels within a system or network and can be used to provide different types of security, such as confidentiality, integrity, or availability. â Encipherment â Digital signature â Traffic padding â Routing control
- 8. Enciphermen: â Encipherment involves the use of algorithms to transform data into a form that can only be read by someone with the appropriate decryption key. Encryption can be used to protect data it is transmitted over a network, or to protect data when it is stored on a device. Digital signature : â Digital signature is a security mechanism that involves the use of cryptographic techniques to create a unique, verifiable identifier for a digital document or message, which can be used to ensure the authenticity and integrity of the document or message. Traffic padding: â Traffic padding is a technique used to add extra data to a network traffic stream in an attempt to obscure the true content of the traffic and make it more difficult to analyze. Routing control : â Routing control allows the selection of specific physically secure routes for specific data transmission and enables routing changes, particularly when a gap in security is suspected.
- 9. SECURITY SERVICES : â Security services refer to the different services available for maintaining the security and safety of an organization. â They help in preventing any potential risks to security. Security services are divided into 5 type â Authentication â Access control â Data integrity
- 10. Authentication: â Authentication is the process of verifying the identity of a user or device in order to grant or deny acces to a system or device. Access control: â Access control involvesthe use of policies and procedures to determine who is allowed to access spec resources within a system. Data Confidentiality: â Data Confidentiality is responsible for the protection of information from being accessed or disclosed t unauthorized parties. Data integrity: â Data integrity is a security mechanism that involves the use of techniques to ensure that data has not been tampered with or altered in any way during transmission or storage. Non- repudiation: â Non- repudiation involves the use of techniques to create a verifiable record of the origin and transmission of a message, which can be used to prevent the sender from denying that they sent the message.
- 11. Benefits of OSI Architecture: 1. Providing Security: â OSI Architecture in an organization provides the needed security and safety, preventing potential threats and risks. â Managers can easily take care of the security and there is hassle-free security maintenance done through OSI Architecture. 2. Organising Task: â The OSI architecture makes it easy for managers to build a security model for the organization based on strong security principles. â Managers get the opportunity to organize tasks in an organization effectively. 3. Meets International Standards: â Security services are defined and recognized internationally meeting international standards. â The standard definition of requirements defined using OSI Architecture is globally accepted.
- 12. Thanks you đ