Cryptography:
a. Services
b. Attacks
c. Mechanism
Intro to these terminologies:
Security Attack: Any action that compromises the security of
information owned by an organisation.
Security Mechanism: A mechanism that is designed to detect, prevent or
recover from a security attack.
Security Services: A service that enhances the security of data
processing systems and the information transfers of an organisation.
The
services provide an environment which is opposite to security attacks and they
make use of one or more security mechanism to provide the service.
In detail:
Attack:
Attack is an assault on system
security that derives from an intelligent threat to violate security services
and security policies of the system.
Threat:
A potential
for violation of security which exist when there is a circumstance, capability, action or event that could breach security and cause harm is known as
Threat.
Attacks are of two types:
1.
Passive
Attack:
A
passive attack attempts to learn or make use of information from the system but
does not affect the system resources whereas an active attack attempts to alter
system resources or affect their operation.
There
are two types of passive attacks-
i.
Release of message contents
ii.
Traffic analysis
i.
Release of
message contents:
The
release of message can understand by the following example-
Suppose
during a telephonic conversation third person can learn about information if
that is connected through the same line. Their information may be sensitive or
confidential.
ii.
Traffic
analysis:
Suppose
that we have a way of masking in which the contents of message or other
information are not disclosed easily so the opponent if capture the message
could not extract the information from the message. And the common technique
for masking contents is encryption.
2.
Active
attacks:
It
involves some modification of data stream or the creation of false stream and
it is categorised into four techniques-
i.
Denial of service (DOS) attack
ii.
Modification of message
iii.
Replay
iv.
Masquerade
i.
Denial of
service (DOS) attack:
This
prevents the normal use of communication facility. This attack may have a
specific target.
For
ex:
An
entity (Intruder) may transmit all messages from different clients to a
particular destination.
Another form of DOS attack is the
disruption of the entire network by disabling it or overloading it with the
message to degrade the performance.
ii.
Modification
of message:
It
means some portion of message or the entire message is altered, reordered or
produce an unauthorised effect.
For
ex:
A
message
“Raj
can read some confidential file of Veena.”
Is
changed into
“Amit
can read some confidential file of Veena.”
iii.
Replay:
It
involves the passive captures of a data unit and its subsequent retransmission
to produce an unauthorised effect.
iv.
Masquerade:
A
masquerade takes place when one entity pretends to be a different entity.
For
ex:
Some
authentication sequences can capture and replayed after a valid authentication
process.
Mechanism:
There is no single mechanism that
will support all the functions or services. It is necessary to update mechanism
types according to time.
Services:
A user thinks that information is
normally associated with physical documents. Documents typically have
signatures and dates which are protected from disclosure tempering (altering)
or destruction.
Apart
from print data some electronic data are also available or it can reform by
print data. Several aspects of e-data make the document or functions or
services challenging.
1. It is
usually possible to discriminate between an original paper document and a Xerox
copy.
2. An
alteration of a paper document may leave some sort of physical evidence.
3. Any proof
process associated with a physical document depends on the physical characteristic
of that document.
For
ex: Shape of an written signature or embossed notary seal.
0 comments:
Post a Comment