First we must know the meaning of IT security? The concept of IT security is of quality or state of being secure that is to be free from danger and to be protected from adversaries from those who would do harm, intentionally or otherwise. Besides, we must know the the type of security area, the type of security area is security architecture, security principles, security policy, and security attacks/ threats.
Example of Active Attacks
Example Of Passive Attacks
In the security area it consist a detection, prevention and recovery, each one have a own thier tools, for the security architecture, we must know defined by ITU-T Recommendation X.800 that called OSI Security Architecture, and we should be focus on security attacks, security mechanisms and security services.
In security principles its have confidentiality, integrity and availability, each part have a thier own function. Then we shoud be too know the security policy, security policy is set of rules to apply to security relevant activities in a security domain. There are two type of security attack, passive attack and active attack. In passive attack, it just monitor the transmission without modify. And the active attack, involve some modification of the data stream or the creation of a false stream.
Method of defense devided 6 part, it is Controls, Software Controls, Hardware Controls, Policies & Procedure Controls, Encryption Controls, Effectiveness of Controls, for to security services have 2 part, Defined by X.800 and Defined by RFC 2828. We too learn about the Categories Security Services, in the security services devided a data integrity, data confidentiality, access control, authentication, and nonrepudiation
And the last topic is Security Mechanisms. What is the Security Mechanisms? Security Mechanisms any process (or a device incorporating such a process) that is designed to detect, prevent or recover from a security attack and the specific of the security mechanisms is ExcAuthentication, Data Integrity, Encipherment, Digital Signature, Notarization, Routing Control, Trusted Functionality
thanks !
ReplyDeleteAs you written Introduction to information security.I totally agree with you but some people really do not unerstand this.In this topic we come to know what is security, security architecture, Security Principles, Security Policy, SecurityAttacks / Threats, Methods of Defense, Security Service and Security Mechanisms.Thanks for sharing this
ReplyDeletedigital signature