Cryptography

Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyberspace environment and organization and users’ assets.

Organization and users’ assets include connected computing

devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyberspace environment.

 

 

Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and users’ assets against relevant security risks in the cyberspace environment. The general security objectives comprise the following: availability; integrity, which may include data authenticity and nonrepudiation; and confidentiality

 

 

Information Security

1. This term refers to preservation of confidentiality, integrity, and availability of information. In addition, other properties, such as authenticity, accountability, nonrepudiation, and reliability can also be involved

Network Security

1. This term refers to protection of networks and their service from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side effects

 

 

 

1. The cybersecurity definition introduces three key objectives that are at the heart of information and network security:

2. Confidentiality: This term covers two related

concepts:

0. Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals

0. Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

 

 

 

1. Integrity: This term covers two related concepts:

3. Data integrity: Assures that data and programs are changed only in a specified and authorized manner. This concept also encompasses data authenticity, which means that a digital object is indeed what it claims to be or what it is claimed to be, and nonrepudiation, which is assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information

3. System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system

1. Availability: Assures that systems work promptly and service is not denied to authorized users

 

Figure 1.1 Essential Information and Network Security Objectives

 

An image shows a pentagon ring labelled as “information and network security” in the center and surrounded by edge strips labelled from the top left in clockwise direction as “confidentiality open parens plus privacy close parens, integrity open parens plus data authenticity, non-repudiation close parens, authenticity, availability, and accountability.”

 

 

 

 

1. Security is not simple

1. Potential attacks on the security features need to be considered

1. Procedures used to provide particular services are often counter-intuitive

1. It is necessary to decide where to use the various security mechanisms

1. Requires constant monitoring

1. Is too often an afterthought

1. Security mechanisms typically involve more than a particular algorithm or protocol

1. Security is essentially a battle of wits between a perpetrator and the designer

1. Little benefit from security investment is perceived until a security failure occurs

1. Strong security is often viewed as an impediment to efficient and user-friendly operation

 

 

 

1. Security attack

15. Any action that compromises the security of information

owned by an organization

1. Security mechanism

16. A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack

1. Security service

17. A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization

17. Intended to counter security attacks, and they make use of one or more security mechanisms to provide the service

 

 

Shape, circle  Description automatically generated

 

Threat

A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.

Attack

An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.

 

Figure 1.2 Key Concepts in Security (1 of 2)

a. The first concepts in security is attacks. The attacks are classified into two types called passive attacks and active attacks that are enclosed and labelled in a square and rectangle respectively. The passive attacks square encloses two smaller rectangles labelled “release of message contents”, and “traffic analysis”. The active attack encloses four concepts labelled “replay”, “data modification”, “masquerade”, and “denial of service.” b. The second concept in security is the services, where a bigger rectangle encloses smaller rectangles labelled “authentication”, “access control”, “data confidentiality”, “data integrity”, “non-repudiation”, and “availability service”.

 

(2 of 2)

 

 

 

 

 

 

 

 

c. The third concept in security is the mechanisms where a bigger rectangle encloses smaller rectangles labelled “cryptographic algorithms”, “data integrity”, “digital signature”, “authentication exchange”, “traffic padding”, “routing control”, “notarization”, and “access control”.

 

 

 

1. A means of classifying security attacks, used both in X.800 and RFC 4949, is in terms of passive attacks and active attacks

1. A passive attack attempts to learn or make use of information from the system but does not affect system resources

1. An active attack attempts to alter system resources or

affect their operation

 

 

 

1. Are in the nature of eavesdropping on, or monitoring of, transmissions

1. Goal of the opponent is to obtain information that is being transmitted

1. Two types of passive

http://Get Plagiarism-Free and Quality Papers Without Overpaying at Homeworkmavens.com

http://Solution preview:

Just in case you need an assignment done, hire us. Using our writing services will make your life easier because we deliver exceptional results. Use us to get an A!

We are the Best!

course-preview

275 words per page

You essay will be 275 words per page. Tell your writer how many words you need, or the pages.


12 pt Times New Roman

Unless otherwise stated, we use 12pt Arial/Times New Roman as the font for your paper.


Double line spacing

Your essay will have double spaced text. View our sample essays.


Any citation style

APA, MLA, Chicago/Turabian, Harvard, our writers are experts at formatting.


We Accept

Secure Payment
Image 3

Subjects We Cover