Scribd
Upload
371 views3 pages

2-Security Mechanism

The document outlines various security mechanisms designed to protect systems from attacks, including encipherment, access control, notarization, data integrity, authentication, traffic padding, digital signatures, and routing control. It emphasizes the importance of a trusted third party in secure communications and details the tasks involved in designing security services. Additionally, it addresses ongoing threats to information systems, such as unauthorized access and software attacks, and categorizes necessary security mechanisms to combat these threats.

Uploaded by

luciwings75
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
371 views3 pages

2-Security Mechanism

The document outlines various security mechanisms designed to protect systems from attacks, including encipherment, access control, notarization, data integrity, authentication, traffic padding, digital signatures, and routing control. It emphasizes the importance of a trusted third party in secure communications and details the tasks involved in designing security services. Additionally, it addresses ongoing threats to information systems, such as unauthorized access and software attacks, and categorizes necessary security mechanisms to combat these threats.

Uploaded by

luciwings75
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Security Mechanism

A mechanism designed to provide security services to detect prevent and recover from a
attack to make the system secured.

Encipherment: It refers to the process of applying mathematical algorithms for converting


data into a form that is not understandable by third party.
Access control
Access control specifies and control who can access what. Access control loss when an
unauthorized user can access the data. access control is the ability to limit and control the
access to host systems and applications via communications links.
Notarization:
This security mechanism involves use of trusted third party in communication. It acts as
mediator between sender and receiver so that if any chance of conflict is reduced. This
mediator keeps record of requests made by sender to receiver for later denied.
Data Integrity :
It is similar to sending packet of information known to both sending and receiving parties
and checked before and after data is received. When this packet or data which is appended
is checked and is the same while sending and receiving data integrity is maintained.
Authentication
The mechanism helps in establishing proof of identification. This means verifying that users
are who they say they are and that each input arriving at the system came from a trusted
source.
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. These
extra bits are generally used for making fool the attacker but these extra bits have no
impression on real data communication
Digital Signature: A digital signature is a way by which the sender can electronically sign
the data and the receiver can electronically verify it. The sender uses a process in which the
sender owns a private key related to the public key that he or she has announced publicly.
The receiver uses the sender's public key to prove the message is indeed signed by the sender
who claims to have sent the message.
Routing Control
It is performed and controlled by the router. Enables selection of particular physically secure
routes for certain data and allows routing changes, especially when a breach of security is
suspected. It describe all possible paths for data communication and choose the shortest one.
If that route is damaged then alternative path is used.
Network Security Model
Data is transmitted over network between two communicating parties, who must cooperate
for the exchange to take place. A logical information channel is established by defining a
route through the internet from source to destination by use of communication protocols by
the two parties. Whenever an opponent presents a threat to confidentiality, authenticity of
information, security aspects come into play. Two components are present in almost all the
security providing techniques. A security-related transformation on the information to be sent
making it unreadable by the opponent, and the addition of a code based on the contents of the
message, used to verify the identity of sender.
Some secret information shared by the two principals and, it is hoped, unknown
to the opponent. An example is an encryption key used in conjunction with the
transformation to scramble the message before transmission and unscramble it on reception.

A trusted third party may be needed to achieve secure transmission. It is


responsible for distributing the secret information to the two parties, while keeping it away
from any opponent. It also may be needed to settle disputes between the two parties regarding
authenticity of a message transmission. The general model shows that there are four basic
tasks in designing a particular security service:
1. Design an algorithm for performing the security-related transformation. The algorithm
should be such that an opponent cannot defeat its purpose
2. Generate the secret information to be used with the algorithm
3. Develop methods for the distribution and sharing of the secret information
4. Specify a protocol to be used by the two principals that makes use of the security algorithm
and the secret information to achieve a particular security service.
Various other threats to information system like unwanted access still exist. The existence of
hackers attempting to penetrate systems accessible over a network remains a concern.
Another threat is placement of some logic in computer system affecting various applications
and utility programs. This inserted code presents two kinds of threats.
Information access threats intercept or modify data on behalf of users who should not have
access to that data
Service threats exploit service flaws in computers to inhibit use by legitimate users Viruses
and worms are two examples of software attacks inserted into the system by means of a disk
or also across the network. The security mechanisms needed to cope with unwanted access
fall into two broad categories.

You might also like