Scribd
Upload
56 views14 pages

Module 1 Topic 1

The document defines key terms related to network and information security including confidentiality, integrity, availability, authenticity, and accountability. It also discusses security objectives, challenges, and levels of security breaches from low to high.

Uploaded by

dummyfr07
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
56 views14 pages

Module 1 Topic 1

The document defines key terms related to network and information security including confidentiality, integrity, availability, authenticity, and accountability. It also discusses security objectives, challenges, and levels of security breaches from low to high.

Uploaded by

dummyfr07
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

Network and Information System

Security
Module 1
MODULE – 1 : Fundamentals of Security
Definition of Security
Information Security
Topic-I Definitions and Challenges of Security

 Computer Security
 The protection afforded to an automated information
system in order to attain the applicable objectives of
preserving the Integrity, Availability, and
Confidentiality of Information System resources
 (Information System resources includes hardware,
software, firmware, information/ data, and
telecommunications).
Security
 Computer Security
 Generic name for the collection of tools designed to
protect data and to thwart hackers
 Network Security
 Measures to protect data during their transmission
 Internet Security (our focus!)
 Measures to protect data during their transmission
over a collection of interconnected networks
Security Objectives
Security Objectives
 Confidentiality
 Preserving authorized restrictions on
information access and disclosure,
including means for protecting personal
privacy and proprietary information
 A loss of confidentiality is the unauthorized
disclosure of information
Integrity

 Protecting against improper information


modification or destruction including ensuring
information non repudiation and authenticity
 A loss of integrity is the unauthorized
modification of destruction of information.
Availability

 Ensuring timely and reliable access to and use of


information
 A loss of availability is the disruption of access to
or use of information or an information system
Authenticity

 The property of being genuine and being able to


be verified and trusted; confidence in the validity of
a transmission, a message, or message originator.
 This means verifying that users are who they say
they are and that each input arriving at the system
came from a trusted source.
Accountability

 Systems must keep records of their


activities to permit later forensic analysis
to trace security breaches or to aid in
transaction disputes
Security Breach Levels
 High
 The loss could be expected to have a severe or catastrophic
adverse effect on organizational operations, organizational
assets, or individuals
 Moderate
 The loss could be expected to have a serious adverse effect
on organizational operations, organizational assets, or
individuals
 LOW
 The loss could be expected to have a limited adverse effect on
organizational operations, organizational assets, or individuals
Security Challenges
 Security is not simple
 Potential attacks on the security features need to be considered
 It is necessary to decide where to use the various security
mechanisms
 Requires constant monitoring
 Security mechanisms typically involve more than a particular
algorithm or protocol
 Little benefit from security investment is perceived until a security
failure occurs
 Strong security is often viewed as an im pediment to efficient
and user- friendly operation

You might also like