+1 (208) 254-6996 [email protected]
  

Cryptography and Network Security:

Principles and Practice Eighth Edition

Don't use plagiarized sources. Get Your Custom Essay on
Cryptography and Network Security: Principles and Practice Eighth Edition
Just from $13/Page
Order Essay

Chapter 1

Information and Network Security

Concepts

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Cybersecurity (1 of 3)

Cybersecurity is the collection of tools, policies, security

concepts, security safeguards, guidelines, risk management

approaches, actions, training, best practices, assurance, and

technologies that can be used to protect the cyberspace

environment and organization and users’ assets.

Organization and users’ assets include connected computing

devices, personnel, infrastructure, applications, services,

telecommunications systems, and the totality of transmitted

and/or stored information in the cyberspace environment.

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Cybersecurity (2 of 3)

Cybersecurity strives to ensure the attainment and

maintenance of the security properties of the organization

and users’ assets against relevant security risks in the

cyberspace environment. The general security objectives

comprise the following: availability; integrity, which may

include data authenticity and nonrepudiation; and

confidentiality

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Cybersecurity (3 of 3)

Information Security

• This term refers to preservation of confidentiality, integrity,

and availability of information. In addition, other properties,

such as authenticity, accountability, nonrepudiation, and

reliability can also be involved

Network Security

• This term refers to protection of networks and their service

from unauthorized modification, destruction, or disclosure,

and provision of assurance that the network performs its

critical functions correctly and there are no harmful side

effects

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Security Objectives (1 of 2)

• The cybersecurity definition introduces three key

objectives that are at the heart of information and network

security:

– Confidentiality: This term covers two related

concepts:

▪ Data confidentiality: Assures that private or

confidential information is not made available or

disclosed to unauthorized individuals

▪ Privacy: Assures that individuals control or

influence what information related to them may be

collected and stored and by whom and to whom

that information may be disclosed

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Security Objectives (2 of 2)

• Integrity: This term covers two related concepts:

– Data integrity: Assures that data and programs are changed only

in a specified and authorized manner. This concept also

encompasses data authenticity, which means that a digital object

is indeed what it claims to be or what it is claimed to be, and

nonrepudiation, which is assurance that the sender of information

is provided with proof of delivery and the recipient is provided with

proof of the sender’s identity, so neither can later deny having

processed the information

– System integrity: Assures that a system performs its intended

function in an unimpaired manner, free from deliberate or

inadvertent unauthorized manipulation of the system

• Availability: Assures that systems work promptly and service is not

denied to authorized users

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Figure 1.1 Essential Information and

Network Security Objectives

 

 

Copyright © 2020 Pearson Education, Inc. All Rights Reserved.

Computer Security Challenges

• Security is not simple

• Potential attacks on the security

features need to be considered

• Procedures used to provide

particular services are often

counter-intuitive

• It is necessary to decide where

to use the various security

mechanisms

• Requires constant monitoring

• Is too often an afterthought

• Security mechanisms typically

involve more than a particular

algorithm or protocol

• Security is essentially a battle of

Order your essay today and save 10% with the discount code ESSAYHELP