What Security Mechanism Can Be Used to Detect
Security Mechanism #
Security mechanisms bargain with prevention, detection, and recovery from a security assault. Prevention involves mechanisms to forbid the computer from beingness damaged. Detection requires mechanisms that let detection of when, how, and by whom an set on occurred. Recovery involves a mechanism to end the attack, assess the damage washed, then repair the damage
Security mechanisms are built using personnel and technology.
• Personnel are used to frame security policy and procedures, and for grooming and awareness
• Security mechanisms utilize technologies like cryptography, digital signature, firewall, user identification and authentication, and other measures similar intrusion detection, virus protection, and, data and information backup, as countermeasures for security set on.
Cryptography
Cryptography is the science of writing information in a "hidden" or "hugger-mugger" form and is an ancient art. Cryptography is necessary when communicating data over any network, particularly the Internet. It protects the data in transit and too the information stored on the deejay. Some terms commonly used in cryptography are:
- Plaintext: readable text with no information hidden.
- Ciphertext: text with information subconscious (the encrypted data).
- Encryption: the procedure of converting plaintext to ciphertext.
- Decryption: the process of reverting ciphertext to plaintext.
- Null: algorithm used for encryption and decryption.
- Key: a hole-and-corner piece of data which is used for encryption & decryption.
Ø Symmetric Cryptography (Private/secret cardinal cryptography) :
- These technique employ single key for encryption also decryption.
- The sender and receiver must accept a shared key set in advance and kept secret from all other parties; the sender uses this key for encryption and receiver use the same key for decryption.
Ø Asymmetric Cryptography (Public key cryptography) :
- These technique utilize two primal, namely private and public keys. One key is used for encryption and the other is used for decryption.
- Public central is publically bachelor while individual central is kept undercover.
Hash Function
Hash part is a office that maps a message of whatever length into a fixed length hash value, which serves as the authenticator.
Digital Signature
Digital signature is an electronic signature that can be used to cosign the identity of the sender of a bulletin and to ensure that the original content of the message or certificate that has been sent is unchanged.
Digital signature schemes normally gives two algorithms, ane for signing which involves the user's hush-hush or individual key and one for verifying signatures which involves the user's public key
In a digital signature process, the sender uses a signing algorithm to sign the message. The message and the signature are sent to receiver. The receiver receives the message and the signature and applies the verifying algorithm to the combination. If the result is true, the bulletin is accepted otherwise it is rejected.
Firewall
A firewall is a security mechanism to protect a local network from the threats it may face while interacting with other networks (Internet). A firewall can be a hardware component, a software component, or a combination of both. It prevents computers in one network domain from communicating straight with other network domains. All communication takes identify through the firewall, which examines all incoming data before allowing information technology to enter the local network.
Functions of Firewall :
The main purpose of firewall is to protect computers of an organization (local network) from unauthorized admission. Some of the basic functions of firewall are:
i. Firewalls provide security by examining the incoming information packets and assuasive them to enter the local network only if the conditions are met.
2. Firewalls provide user authentication by verifying the username and password. This ensures that only authorized users have access to the local network.
3. Firewalls can exist used for hiding the structure and contents of a local network from external users. Network Address Translation (NAT) conceals the internal network addresses and replaces all the IP addresses of the local network with one or more public IP addresses.
Types of Firewalls :
1. Bundle Filtering Firewall:
Packet filtering firewalls work at the network layer (OSI model), or the IP layer (TCP/IP). In this each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drib, forward the bundle or ship a message to the originator. Rules can be source and destination IP address, source and destination port number and protocol used. The advantages of packet filtering firewalls is their low price and depression impact on network performance.
ii. Circuit Level Gateway Firewall:
Information technology work at the session layer (OSI model), or the TCP layer (TCP/IP). They monitor TCP handshaking betwixt packets to determine whether a requested session is legitimate. Information passed to a remote figurer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Excursion level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they practise not filter individual packets.
3. Application Level Gateway Firewall:
Application level gateways, as well called proxies, are similar to excursion-level gateways except that they are application specific. They can filter packets at the awarding layer of the OSI model. Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms, an awarding level gateway that is configured to be a web proxy acts equally the server to the internal network and client to the external network. Because they examine packets at application layer, they can filter application specific commands such as http: post and go, etc. Awarding level gateways can also be used to log user action and logins. They offer a loftier level of security, but have a significant impact on network performance.
4. Stateful Multilayer Inspection Firewall:
It combines the aspects of the other three types of firewalls. They filter packets at the network layer, make up one's mind whether session packets are legitimate and evaluate contents of packets at the application layer. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Stateful multilayer inspection firewalls offering a high level of security, good performance and transparency to finish users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if non administered by highly competent personnel.
Users identification and hallmark
one. User name and countersign,
2. Smart menu
3. Biometrics
Identification is the process whereby a system recognizes a valid user'due south identity. Authentication is the process of verifying the claimed identity of a user. For example, a organisation uses user countersign for identification. The user enters his password for identification. Hallmark is the system which verifies that the password is correct, and thus the user is a valid user. Before granting admission to a system, the user'due south identity needs to be authenticated. If users are non properly authenticated then the system is potentially vulnerable to access by unauthorized users. If strong identification and authentication mechanisms are used, and then the risk that unauthorized users will gain admission to a system is significantly decreased. Authentication is done using one or more combinations of - what you have (like smartcards), what yous know (Countersign), and what you are (Biometrics similar Fingerprints, retina scans).
One time the user is authenticated, the admission controls for the user are also divers. Access controls is what the user tin access once he is authenticated.
Intrusion Detection Arrangement (IDS)
- Intrusion detection is the process of identifying and responding to malicious activity targeted at resource.
- IDS is system designed to test/analyze network system traffic/events against a given fix of parameters and alert/capture data when these threshold are met.
- IDS uses collected data and pre-defined knowledge-based arrangement to reason about the possibility of an intrusion.
- IDS also provides services to cop with intrusion such as giving alarms, activating programs to try to deal with intrusion, etc.
jacquesthersemeaten.blogspot.com
Source: https://collegenote.pythonanywhere.com/curriculum/introduction-to-information-technology/23/77/
Belum ada Komentar untuk "What Security Mechanism Can Be Used to Detect"
Posting Komentar