密码学——OSI安全框架(Cryptography
来源:互联网 发布:ajax提交form表单json 编辑:程序博客网 时间:2024/05/22 12:16
The OSI Security Architecture
To assess effectively the security needs of an organisation and to evaluate and choose various security products and policies, we need some systematic way of defining the requirements for security and characterising the approaches to satisfying those requirements. The OSI Security Architecture focuses on three essential parts: security attacks, security mechanisms and security services.
Security attack: Any action that compromise the security of information owned by an organization.
Security mechanism: Any process that is used to detect, prevent or recover from a security attack.
Security service: Any processing or communication service that enhances the security of data processing systems and the information transformation of an organisation.
Security Attack
Security attacks can be classified into passive attacks and active attacks.
A passive attack attempts to learn or make use of information from a system without affecting system resources.
An active attack attempts to modify system resources or affect their operations.
Passive Attack
The goal of opponent is to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic analysis.
The release of message contents is quite clear. For example, somebody is watching your secret email, monitoring what information you are sending and receiving.
Traffic analysis. For example, to prevent the release of messages of your secret email, you use some encryption algorithm to mask your email contents. The hacker might not see the contents but could determine the location, identify the communication hosts and observe the frequency and the length of exchanged messages.
Passive attack is vey difficult to detect due to huge amount of data. Hence, we are focusing on prevention rather than detection.
Active attack
Active attack involves some modification of data stream and creation of false stream. It can be divided into four categories: masquerade, replay, modification of messages and denial of services.
masquerade: one entity pretends to be a different entity. For example,
Replay: refers to the passive capture of a data unit and its subsequent retransmission to produce an unauthorised effort.
Modification of message: means some portion of a legitimate message is altered. For example, a message means “I love you” is altered to be “I hate you”.
The denial of service prevents the access of some services or the use of some facilities.
Security Mechanism
Security Service
写在最后的话(PS)
All texts above are from “Cryptography and Network Security: Principles and Practice, 6/E by William Stallings “.
Welcome questions always and forever. ^_^
- 密码学——OSI安全框架(Cryptography
- 信息安全——密码学基础
- 【IT】我是计算机系统大师(二)——密码学安全
- Java 密码学架构 - Java Cryptography Architecture (JCA)
- An Overview of Cryptography 密码学概述
- CCIE学习笔记框架——OSI详解
- 信息安全基础-密码学
- OSI安全体系结构
- OSI安全体系结构
- OSI安全体系结构
- 趣味密码学之三:长话短说——密码学发展史
- 《现代密码学》第一章——经典密码学介绍
- Java安全框架—Shiro
- 密码学历史(The History of Cryptography)(1)
- 密码学历史(The History of Cryptography)(2)
- 密码学历史(The History of Cryptography)(3)
- 密码学历史(The History of Cryptography)(4)
- 密码学历史(The History of Cryptography)(5)
- UE4_代理(Delegate)
- 教你少走点弯路
- Mysql编码之查看、修改总结
- PHP 开发者该知道的 5 个 Composer 小技巧
- Spark RDD基本操作
- 密码学——OSI安全框架(Cryptography
- 微服务:Spring Boot第一篇——什么是Spring
- python3异常使用
- 一张图看懂数据科学家、数据工程师和软件工程师之间的区别
- 3.fiddler
- iOS真机播放MP4视频文件不出来的解决方法 AVPlayer
- 唠一唠Linux系统入门的方法和经验
- 思维的重要性
- 简单的QT绘图程序(把全部的点都记录下来,然后在paintEvent里使用drawLine函数进行绘制,貌似效率很低。。。)