tailieunhanh - SecurityIntroduction

Security Service – a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers RFC 2828 – a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented bt security mechanisms. | Introduction CS-480b Dick Steflik – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers RFC 2828 – a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented bt security mechanisms. Security Services Authentication – assurance that the communicating entity is who they say they are Access Control – prevent the unauthorized access to some system resource Who can access Under what conditions What they are allowed to do Data Confidentiality – protection of data from unauthorized disclosure Data Integrity – insure that data received is exactely what was sent Nonrepudiation – protection from denial by one of the entities involved in a communication of having participated in all or part of the communication Authentication Peer . | Introduction CS-480b Dick Steflik – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers RFC 2828 – a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented bt security mechanisms. Security Services Authentication – assurance that the communicating entity is who they say they are Access Control – prevent the unauthorized access to some system resource Who can access Under what conditions What they are allowed to do Data Confidentiality – protection of data from unauthorized disclosure Data Integrity – insure that data received is exactely what was sent Nonrepudiation – protection from denial by one of the entities involved in a communication of having participated in all or part of the communication Authentication Peer Entity Authentication – in a connection based environment; provide confidence in the identity of a connecting entity Logging in with a password Gaining access via biological identity verification DNA identification, retinal scan, finger/hand print identification Access via audio voice identification Data Origin Authentication – in a connectionless environment; provide assurance that the source of received data is as claimed Corroborates the source of the data Does not proved assurance against duplicate or modified data Access Control This service provides protection against unauthorized use of resources accessible via OSI. These may be OSI or non-OSI resources accessed via OSI protocols. This protection service may be applied to various types of access to a resource or to all accesses to a resource ., the use of a communications resource; the reading, the writing, or the deletion of an information resource; the execution of a processing resource Data Confidentiality Connection .

TỪ KHÓA LIÊN QUAN