NetworkSecurity Stallings

8/9/2019 NetworkSecurity Stallings

http://slidepdf.com/reader/full/networksecurity-stallings 1/16

Another perspectiveon Network Security

Network SecurityEssentials:Applications andStandards, 4/EWilliam Stallings

ISBN-10: 0136108059ISBN-13: 978013610805

!u"#isher: !rentice $%##&opyri'ht: (011)or*%t: !%per+ 3( pp!u"#ishe,: 031((010

http:wi##i%*st%##in's.co*NetSecNetSece.ht*#



/he Security euire*ents /ri%,

Computer Security /he protection %2or,e, to %n%uto*%te, inor*%tion syste* inor,er to %tt%in the %pp#ic%"#eo"4ectives o preservin' theintegrity availability %n,

confdentiality o inor*%tionsyste* resources inc#u,es h%r,w%resotw%re r*w%re inor*%tion,%t%%n, te#eco**unic%tionshttp:csrc.nist.'ovpu"#ic%tionspsps199)I!S-!B-199-n%#.p,



Security euire*ents

• Confdentiality – !reservin' %uthorie, restrictions on

inor*%tion access %n, disclosureinc#u,in' *e%ns or protectin' person%#

priv%cy %n, propriet%ry inor*%tion.• Integrity

– ;u%r,in' %'%inst inor*%tion modifcationsor destruction inc#u,in' ensurin'

inor*%tion non-repu,i%tion %n, %uthenticity.• Availaility

– <nsurin' ti*e#y %n, re#i%"#e %ccess to %n,use o inor*%tion



Security Att%cks=ech%nis*s > Services

• Security Attack

– Any %ction th%t co*pro*ises the security oinor*%tion

• Security Mechanism – A process ,evice th%t is ,esi'ne, to ,etect

prevent or recover ro* % security %tt%ck.

• Security Service

– A service inten,e, to counter security%tt%cks typic%##y "y i*p#e*entin' one or*ore *ech%nis*s.



/hre%ts > Att%cks

? "ut threat %n, attack use, ne%r#y interch%n'e%"#y



Security /hre%ts Att%cks

? ?



Security /hre%ts Att%cks



!%ssive Att%cks



Active Att%cks 1



Active Att%cks (



Security Services @.800

• Aut!entication – /he %ssur%nce th%t the co**unic%tin' entity is the one it c#%i*s to

"e

• Access Control – /he prevention o un%uthorie, use o % resource

• who c%n h%ve %ccess to % resource• un,er wh%t con,itions %ccess c%n occur• wh%t those %ccessin' the resource %re %##owe, to ,o

• "ata Confdentiality – /he protection o ,%t% ro* un%uthorie, ,isc#osure

• "ata Integrity – /he %ssur%nce th%t ,%t% receive, %re e%ct#y %s sent "y %n %uthorie,

entity i.e. cont%ins no *o,ic%tion insertion ,e#etion or rep#%y.• Non#$epudiation

– !rovi,es protection %'%inst ,eni%# "y one o the entities invo#ve, in %co**unic%tion o h%vin' p%rticip%te, in %##p%rt o theco**unic%tion.



Security =ech%nis*[email protected]

http:www.itu.intrec/-<&[email protected]



=o,e# or Network Security



/he $u*%n <#e*ent

$u*%ns %re inc%p%"#e o secure#ystorin' hi'h-u%#ity crypto'r%phickeys %n, they h%ve un%ccept%"#espee, %n, %ccur%cy when peror*in'crypto'r%phic oper%tions. /hey %re%#so #%r'e epensive to *%int%in

,iCcu#t to *%n%'e %n, they po##utethe environ*ent. It is %stonishin' th%tthese ,evices continue to "e*%nu%cture, %n, ,ep#oye,. But they%re suCcient#y perv%sive th%t we*ust ,esi'n our protoco#s %roun,

their #i*it%tions.D-- &. E%u*%n . !er#*%n %n, =. Speciner.

Network Security:

%rivateCommunicationin a %ulic &orld, '/EKaufman, Perlman &Speciner !rentice $%## (003



n,erst%n,in' Fpponents

An%to*y o %n Att%ck!h%se 1: econn%iss%nce!h%se (: Sc%nnin'!h%se 3: ;%inin' Access

!h%se : =%int%inin' Access!h%se 5: &overin' /r%cks %n,$i,in'

Counter (ack$eloaded:

A Step#y#Step)uideto ComputerAttacks andE*ective "e+enses,'/E

Skoudis & Liston



Network Security Go"s

NetworkSecurity Stallings

Documents

Transcript of NetworkSecurity Stallings