2-Cyber Security-Obiective de Securitate

The document discusses cybersecurity goals of confidentiality, integrity, and availability. Confidentiality involves protecting data access and encryption. Integrity ensures data is not altered without authorization through backups, checksums, and data correcting codes. Availability guarantees authorized access to data through physical protections and computational redundancies.

Uploaded by

Sergiu Oglinda

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

33 views16 pages

2-Cyber Security-Obiective de Securitate

Uploaded by

Sergiu Oglinda

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

C Y BE R S E C U R I T Y

ECURITAT E (SE CURIT Y GOALS)

OBIECTIVE DE S
CYBER SECURITY GOALS
1. CONFIDENTIALITY

• CONFIDENȚIALITATEA EVITĂ DIVULGAREA NEAUTORIZATĂ A INFORMAȚIILOR. ACEASTA IMPLICĂ PROTECȚIA

DATELOR, OFERIND ACCES CELOR CĂRORA LI SE PERMITE SĂ LE VADĂ ÎN TIMP CE LE INTERZICE ALTORA SĂ
ÎNVEȚE CEVA DESPRE CONȚINUTUL SĂU.

• ÎMPIEDICĂ INFORMAȚIILE ESENȚIALE SĂ AJUNGĂ LA PERSOANE GREȘITE, ASIGURÂNDU-SE ÎN ACELAȘI TIMP

CĂ OAMENII POTRIVIȚI LE POT OBȚINE. CRIPTAREA DATELOR ESTE UN BUN EXEMPLU PENTRU A ASIGURA
CONFIDENȚIALITATEA.
CONFIDENTIALITY
ENCRYPTION

• ENCRYPTION IS A METHOD OF TRANSFORMING INFORMATION TO MAKE IT UNREADABLE FOR

UNAUTHORIZED USERS BY USING AN ALGORITHM. THE TRANSFORMATION OF DATA USES A SECRET KEY
(AN ENCRYPTION KEY) SO THAT THE TRANSFORMED DATA CAN ONLY BE READ BY USING ANOTHER SECRET
KEY (DECRYPTION KEY). IT PROTECTS SENSITIVE DATA SUCH AS CREDIT CARD NUMBERS BY ENCODING
AND TRANSFORMING DATA INTO UNREADABLE CIPHER TEXT. THIS ENCRYPTED DATA CAN ONLY BE READ
BY DECRYPTING IT. ASYMMETRIC-KEY AND SYMMETRIC-KEY ARE THE TWO PRIMARY TYPES OF
ENCRYPTION.
ACCESS CONTROL

• ACCESS CONTROL DEFINES RULES AND POLICIES FOR LIMITING ACCESS TO A SYSTEM OR TO PHYSICAL
OR VIRTUAL RESOURCES. IT IS A PROCESS BY WHICH USERS ARE GRANTED ACCESS AND CERTAIN
PRIVILEGES TO SYSTEMS, RESOURCES OR INFORMATION. IN ACCESS CONTROL SYSTEMS, USERS NEED TO
PRESENT CREDENTIALS BEFORE THEY CAN BE GRANTED ACCESS SUCH AS A PERSON'S NAME OR A
COMPUTER'S SERIAL NUMBER. IN PHYSICAL SYSTEMS, THESE CREDENTIALS MAY COME IN MANY FORMS,
BUT CREDENTIALS THAT CAN'T BE TRANSFERRED PROVIDE THE MOST SECURITY.
AUTHENTICATION

• AN AUTHENTICATION IS A PROCESS THAT ENSURES AND CONFIRMS A USER'S IDENTITY OR ROLE THAT SOMEONE
HAS. IT CAN BE DONE IN A NUMBER OF DIFFERENT WAYS, BUT IT IS USUALLY BASED ON A COMBINATION OF:
• SOMETHING THE PERSON HAS (LIKE A SMART CARD OR A RADIO KEY FOR STORING SECRET KEYS),
• SOMETHING THE PERSON KNOWS (LIKE A PASSWORD),
• SOMETHING THE PERSON IS (LIKE A HUMAN WITH A FINGERPRINT).
• AUTHENTICATION IS THE NECESSITY OF EVERY ORGANIZATIONS BECAUSE IT ENABLES ORGANIZATIONS TO KEEP
THEIR NETWORKS SECURE BY PERMITTING ONLY AUTHENTICATED USERS TO ACCESS ITS PROTECTED
RESOURCES. THESE RESOURCES MAY INCLUDE COMPUTER SYSTEMS, NETWORKS, DATABASES, WEBSITES AND
OTHER NETWORK-BASED APPLICATIONS OR SERVICES.
AUTHORIZATION

• AUTHORIZATION IS A SECURITY MECHANISM WHICH GIVES PERMISSION TO DO OR HAVE SOMETHING. IT

IS USED TO DETERMINE A PERSON OR SYSTEM IS ALLOWED ACCESS TO RESOURCES, BASED ON AN
ACCESS CONTROL POLICY, INCLUDING COMPUTER PROGRAMS, FILES, SERVICES, DATA AND APPLICATION
FEATURES. IT IS NORMALLY PRECEDED BY AUTHENTICATION FOR USER IDENTITY VERIFICATION. SYSTEM
ADMINISTRATORS ARE TYPICALLY ASSIGNED PERMISSION LEVELS COVERING ALL SYSTEM AND USER
RESOURCES. DURING AUTHORIZATION, A SYSTEM VERIFIES AN AUTHENTICATED USER'S ACCESS RULES
AND EITHER GRANTS OR REFUSES RESOURCE ACCESS.
2. INTEGRITY

• INTEGRITY REFERS TO THE METHODS FOR ENSURING THAT DATA IS REAL, ACCURATE AND SAFEGUARDED
FROM UNAUTHORIZED USER MODIFICATION. IT IS THE PROPERTY THAT INFORMATION HAS NOT BE
ALTERED IN AN UNAUTHORIZED WAY, AND THAT SOURCE OF THE INFORMATION IS GENUINE.
INTEGRITY
BACKUPS

• BACKUP IS THE PERIODIC ARCHIVING OF DATA. IT IS A PROCESS OF MAKING COPIES OF DATA OR DATA
FILES TO USE IN THE EVENT WHEN THE ORIGINAL DATA OR DATA FILES ARE LOST OR DESTROYED. IT IS
ALSO USED TO MAKE COPIES FOR HISTORICAL PURPOSES, SUCH AS FOR LONGITUDINAL STUDIES,
STATISTICS OR FOR HISTORICAL RECORDS OR TO MEET THE REQUIREMENTS OF A DATA RETENTION
POLICY. MANY APPLICATIONS ESPECIALLY IN A WINDOWS ENVIRONMENT, PRODUCE BACKUP FILES USING
THE .BAK FILE EXTENSION.
CHECKSUMS

• A CHECKSUM IS A NUMERICAL VALUE USED TO VERIFY THE INTEGRITY OF A FILE OR A DATA TRANSFER. IN
OTHER WORDS, IT IS THE COMPUTATION OF A FUNCTION THAT MAPS THE CONTENTS OF A FILE TO A
NUMERICAL VALUE. THEY ARE TYPICALLY USED TO COMPARE TWO SETS OF DATA TO MAKE SURE THAT
THEY ARE THE SAME. A CHECKSUM FUNCTION DEPENDS ON THE ENTIRE CONTENTS OF A FILE. IT IS
DESIGNED IN A WAY THAT EVEN A SMALL CHANGE TO THE INPUT FILE (SUCH AS FLIPPING A SINGLE BIT)
LIKELY TO RESULTS IN DIFFERENT OUTPUT VALUE.
DATA CORRECTING CODES

• IT IS A METHOD FOR STORING DATA IN SUCH A WAY THAT SMALL CHANGES CAN BE EASILY DETECTED AND
AUTOMATICALLY CORRECTED.
3. AVAILABILITY

• AVAILABILITY IS THE PROPERTY IN WHICH INFORMATION IS ACCESSIBLE AND MODIFIABLE IN A TIMELY

FASHION BY THOSE AUTHORIZED TO DO SO. IT IS THE GUARANTEE OF RELIABLE AND CONSTANT ACCESS
TO OUR SENSITIVE DATA BY AUTHORIZED PEOPLE.
TOOLS FOR AVAILABILITY

• PHYSICAL PROTECTIONS
• COMPUTATIONAL REDUNDANCIES
TOOLS FOR AVAILABILITY

PHYSICAL PROTECTIONS
• PHYSICAL SAFEGUARD MEANS TO KEEP INFORMATION AVAILABLE EVEN IN THE EVENT OF PHYSICAL
CHALLENGES. IT ENSURE SENSITIVE INFORMATION AND CRITICAL INFORMATION TECHNOLOGY ARE
HOUSED IN SECURE AREAS.

COMPUTATIONAL REDUNDANCIES
• IT IS APPLIED AS FAULT TOLERANT AGAINST ACCIDENTAL FAULTS. IT PROTECTS COMPUTERS AND
STORAGE DEVICES THAT SERVE AS FALLBACKS IN THE CASE OF FAILURES.

Group 4 Presentation Information Security
No ratings yet
Group 4 Presentation Information Security
36 pages
CH02-Attacks Concepts and Techniques
No ratings yet
CH02-Attacks Concepts and Techniques
53 pages
Unit 2
No ratings yet
Unit 2
86 pages
Unit 1.CS
No ratings yet
Unit 1.CS
36 pages
Lecture 1 Basic Security Concepts
No ratings yet
Lecture 1 Basic Security Concepts
34 pages
CSC342-Lecture 1
No ratings yet
CSC342-Lecture 1
41 pages
Cyber Security Introduction
No ratings yet
Cyber Security Introduction
24 pages
Unit 1
No ratings yet
Unit 1
18 pages
Cyber Security Fundamentals
No ratings yet
Cyber Security Fundamentals
91 pages
CSC662 - Computer Security Short Note
No ratings yet
CSC662 - Computer Security Short Note
10 pages
SecuritySection6 7
No ratings yet
SecuritySection6 7
11 pages
Computer Security and Cyber Law
No ratings yet
Computer Security and Cyber Law
7 pages
CS29 Modules 1 4
No ratings yet
CS29 Modules 1 4
319 pages
Lecture 2
No ratings yet
Lecture 2
22 pages
CW3551 DATA and Information Security
No ratings yet
CW3551 DATA and Information Security
22 pages
Notes - Crypto Unit 1 - Vedant
No ratings yet
Notes - Crypto Unit 1 - Vedant
20 pages
Ilovepdf Merged
No ratings yet
Ilovepdf Merged
174 pages
Module 1 - Security Fundamentals New
No ratings yet
Module 1 - Security Fundamentals New
77 pages
Unit 1
No ratings yet
Unit 1
40 pages
Scurity Cahpter 1
No ratings yet
Scurity Cahpter 1
24 pages
Champaneria Dharmin (06) Joshi Chirag (38) Nair Akhil (59) : SUBMITEED TO:Dr. Jaydip Chaudhari
0% (1)
Champaneria Dharmin (06) Joshi Chirag (38) Nair Akhil (59) : SUBMITEED TO:Dr. Jaydip Chaudhari
33 pages
Intro To Cyber Security Presentation
No ratings yet
Intro To Cyber Security Presentation
31 pages
Information System Security: Name Student Number Registration Number
No ratings yet
Information System Security: Name Student Number Registration Number
19 pages
Chapter 1 - Introduction
No ratings yet
Chapter 1 - Introduction
59 pages
Lecture 1 - Introduction and Basic Crypto Tools: CS Department City University of Hong Kong
No ratings yet
Lecture 1 - Introduction and Basic Crypto Tools: CS Department City University of Hong Kong
74 pages
Information Security Course Overview
100% (1)
Information Security Course Overview
20 pages
Unit-1 CSDF
No ratings yet
Unit-1 CSDF
62 pages
SEC+ Notes
No ratings yet
SEC+ Notes
45 pages
Cybersecurity Exam Study Notes
No ratings yet
Cybersecurity Exam Study Notes
46 pages
Ch01 Introduction
No ratings yet
Ch01 Introduction
30 pages
Nis Chapter 1
No ratings yet
Nis Chapter 1
108 pages
Network Security Notes 1 Au
No ratings yet
Network Security Notes 1 Au
55 pages
Chapter 1
No ratings yet
Chapter 1
36 pages
Security Fundamentals Overview
No ratings yet
Security Fundamentals Overview
47 pages
DS&C 01
No ratings yet
DS&C 01
25 pages
IS - Unit 1
No ratings yet
IS - Unit 1
15 pages
MOD1
No ratings yet
MOD1
27 pages
Isc2 1,2,3,4,5
100% (1)
Isc2 1,2,3,4,5
120 pages
Unit 5CN
No ratings yet
Unit 5CN
21 pages
Ch01 Introduction
No ratings yet
Ch01 Introduction
59 pages
Chapter 1-1
No ratings yet
Chapter 1-1
22 pages
CompTIA+Security++ (SY0 701) +Study+Guide
No ratings yet
CompTIA+Security++ (SY0 701) +Study+Guide
798 pages
Ch01-Introduction Information Security
No ratings yet
Ch01-Introduction Information Security
35 pages
Computer Security Chapter I
No ratings yet
Computer Security Chapter I
41 pages
Lecture-1 Overview of Security Fundamentals (Revised)
No ratings yet
Lecture-1 Overview of Security Fundamentals (Revised)
67 pages
Lecture 7 Security
No ratings yet
Lecture 7 Security
65 pages
L1 Security Principles Overview
No ratings yet
L1 Security Principles Overview
18 pages
1-Cyb 102
No ratings yet
1-Cyb 102
23 pages
Intro to IT: Email, Browsers, ISPs
No ratings yet
Intro to IT: Email, Browsers, ISPs
34 pages
Module 1
No ratings yet
Module 1
1 page
Understanding the CIA Triad in Cybersecurity
No ratings yet
Understanding the CIA Triad in Cybersecurity
36 pages
CISSP Intro Notes
No ratings yet
CISSP Intro Notes
5 pages
INS Unit1 3
No ratings yet
INS Unit1 3
209 pages
5 Marks 1 - 40 Cyber Security
No ratings yet
5 Marks 1 - 40 Cyber Security
20 pages
Computer Seccurity
No ratings yet
Computer Seccurity
29 pages
Computer Security Foundations Overview
No ratings yet
Computer Security Foundations Overview
25 pages
123program Shanks
No ratings yet
123program Shanks
6 pages
KX-TGP600 KX-TPA60 KX-TPA65 KX-A406: Quick Start Guide
No ratings yet
KX-TGP600 KX-TPA60 KX-TPA65 KX-A406: Quick Start Guide
24 pages
DAG2000-16 FXS Voice Gateway User Manual V2.0: Dinstar Technologies Co., LTD
No ratings yet
DAG2000-16 FXS Voice Gateway User Manual V2.0: Dinstar Technologies Co., LTD
55 pages
Panasonic KX-TGP600
No ratings yet
Panasonic KX-TGP600
112 pages
Panasonic KX-TGP600
No ratings yet
Panasonic KX-TGP600
112 pages
A Hacker's Guide To SAS® Environment Customization
No ratings yet
A Hacker's Guide To SAS® Environment Customization
12 pages
Getting Started R Flasher 7
No ratings yet
Getting Started R Flasher 7
23 pages
Unix VVFGC Notes PDF
100% (4)
Unix VVFGC Notes PDF
75 pages
MKF Database Conversion Procedure (Permanent and Transient Databases)
No ratings yet
MKF Database Conversion Procedure (Permanent and Transient Databases)
42 pages
Magento 2 Dev Tips for Developers
No ratings yet
Magento 2 Dev Tips for Developers
25 pages
Prestashop: Tutorial
100% (1)
Prestashop: Tutorial
36 pages
Windows 11 For Seniors For Dummies 1st Edition Simmons Curt Weverka Peter Kindle & PDF Formats
No ratings yet
Windows 11 For Seniors For Dummies 1st Edition Simmons Curt Weverka Peter Kindle & PDF Formats
151 pages
Grade 9 ICT Exam Guide
No ratings yet
Grade 9 ICT Exam Guide
3 pages
Zimbra Collaboration Suite Feature List
No ratings yet
Zimbra Collaboration Suite Feature List
10 pages
WinMax Mill NC Programming - v9.1 - July2013
No ratings yet
WinMax Mill NC Programming - v9.1 - July2013
259 pages
TAFJ-Default Properties PDF
100% (1)
TAFJ-Default Properties PDF
22 pages
Quectel EC2x&EG25-G&EG9x&EM05 FILE AT Commands Manual V1.0
No ratings yet
Quectel EC2x&EG25-G&EG9x&EM05 FILE AT Commands Manual V1.0
27 pages
Guardium Data Encryption - Tech TalkFINAL
100% (1)
Guardium Data Encryption - Tech TalkFINAL
27 pages
To Install Consys Master" Get Files From
No ratings yet
To Install Consys Master" Get Files From
21 pages
TalendFeatures and Performance Points
No ratings yet
TalendFeatures and Performance Points
20 pages
Mobile App Development Guide
No ratings yet
Mobile App Development Guide
22 pages
XAMPP Installation Guide for Windows
100% (1)
XAMPP Installation Guide for Windows
12 pages
MasterCam X7 Quick Ref Card PDF
No ratings yet
MasterCam X7 Quick Ref Card PDF
8 pages
BF Manual
No ratings yet
BF Manual
51 pages
DSpace 7.5 Installation Guide
No ratings yet
DSpace 7.5 Installation Guide
4 pages
C++ Notes Unit 5
No ratings yet
C++ Notes Unit 5
14 pages
Gdpdu Data Export: Microsoft Dynamics GP
No ratings yet
Gdpdu Data Export: Microsoft Dynamics GP
25 pages
SmartStation Manual
No ratings yet
SmartStation Manual
136 pages
Java - Mini - Project (Small Game Project)
No ratings yet
Java - Mini - Project (Small Game Project)
63 pages
MSCIT With MS Office English ERA5 Elearning Content Structure
No ratings yet
MSCIT With MS Office English ERA5 Elearning Content Structure
6 pages
Ai-Izza Pureseed Academy: Subject: Class
No ratings yet
Ai-Izza Pureseed Academy: Subject: Class
18 pages
Duplex MIDI/OSC Controller Guide
No ratings yet
Duplex MIDI/OSC Controller Guide
23 pages
Advanced Word Processing Lesson Plan
No ratings yet
Advanced Word Processing Lesson Plan
2 pages
Dr.ABE Material Management Guide
No ratings yet
Dr.ABE Material Management Guide
12 pages
Unix Basics and Commands Guide
No ratings yet
Unix Basics and Commands Guide
21 pages

2-Cyber Security-Obiective de Securitate

Uploaded by

2-Cyber Security-Obiective de Securitate

Uploaded by

C Y BE R S E C U R I T Y

ECURITAT E (SE CURIT Y GOALS)

• CONFIDENȚIALITATEA EVITĂ DIVULGAREA NEAUTORIZATĂ A INFORMAȚIILOR. ACEASTA IMPLICĂ PROTECȚIA

• ÎMPIEDICĂ INFORMAȚIILE ESENȚIALE SĂ AJUNGĂ LA PERSOANE GREȘITE, ASIGURÂNDU-SE ÎN ACELAȘI TIMP

• ENCRYPTION IS A METHOD OF TRANSFORMING INFORMATION TO MAKE IT UNREADABLE FOR

• AUTHORIZATION IS A SECURITY MECHANISM WHICH GIVES PERMISSION TO DO OR HAVE SOMETHING. IT

• AVAILABILITY IS THE PROPERTY IN WHICH INFORMATION IS ACCESSIBLE AND MODIFIABLE IN A TIMELY

You might also like