wits between a perpetrator and
the designer
• Little benefit from security
investment is perceived until a
security failure occurs
• Strong security is often viewed as
an impediment to efficient and
user-friendly operation
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
O S I Security Architecture
• Security attack
– Any action that compromises the security of information
owned by an organization
• Security mechanism
– A process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security
attack
• Security service
– A processing or communication service that enhances the
security of the data processing systems and the information
transfers of an organization
– Intended to counter security attacks, and they make use of
one or more security mechanisms to provide the service
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Threats and Attacks
Threat
A potential for violation of security, which exists when there
is a circumstance, capability, action, or event that could
breach security and cause harm. That is, a threat is a
possible danger that might exploit a vulnerability.
Attack
An assault on system security that derives from an intelligent
threat; that is, an intelligent act that is a deliberate attempt
(especially in the sense of a method or technique) to evade
security services and violate the security policy of a system.
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 1.2 Key Concepts in Security (1 of 2)
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 1.2 Key Concepts in Security (2 of 2)
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Security Attacks
• A means of classifying security attacks, used both in X.800
and R F C 4949, is in terms of passive attacks and active
attacks
• A passive attack attempts to learn or make use of
information from the system but does not affect system
resources
• An active attack attempts to alter system resources or
affect their operation
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Passive Attacks
• Are in the nature of
eavesdropping on, or
monitoring of,
transmissions
• Goal of the opponent is to
obtain information that is
being transmitted
• Two types of passive
attacks are:
– The release of message
contents
– Traffic analysis
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Active Attacks
• Involve some modification of the
data stream or the creation of a
false stream
• Difficult to prevent because of the
wide variety of potential physical, software, and network
vulnerabilities
• Goal is to detect attacks and to
recover from any disruption or
delays caused by them
• Masquerade
– Takes place when one entity
pretends to be a different entity
– Usually includes one of the other
forms of active attack • Replay
– Involves the passive capture of a
data unit and its subsequent
retransmission to produce an
unauthorized effect • Data Modification
– Some portion of a legitimate
message is altered, or messages
are delayed or reordered to
produce an unauthorized effect • Denial of service
– Prevents or inhibits the normal use
