网络安全基础—第一章.pptVIP

* NETWORK SECURITY 参考书 William Stallings, Cryptography and? Network Security: Principles and Practice,? Third Edition Charlie Kaufman, Radia Perlman, Mike Speciner, Network Security:Private Communication in a Public World, Second Edition Chapter 1 – Introduction Outline X.800 Security Architecture Security attacks Security services A model for Internetwork Security Internet standards and RFCs Security Motivation: Why do we need security? Increased reliance on Information technology with or with out the use of networks. The use of IT has changed our lives drastically. We depend on E-mail, Internet banking, and several other governmental activities that use IT Increased use of E-Commerce and the World wide web on the Internet as a vast repository of various kinds of information (immigration databases, flight tickets, stock markets etc.) Security Concerns Concerns such as the following are common How do I know the party I am talking on the network is really the one I want to talk? How can I be assured that no one else is listening and learning the data that I send over a network Is the web site I am downloading information from a legitimate(合法的) one, or a fake(伪装的)? How do I ensure that the person I just did a financial transaction denies having done it tomorrow or at a later time? That is why… ..we need security To safeguard the confidentiality(机密性), integrity(完整性), authenticity(真实性) and availability(可用性) of data transmitted over insecure networks Internet is not the only insecure network in this world Many internal networks in organizations are prone to insider attacks In fact, insider attacks are greater both in terms of likelihood of happening and damage caused OSI Security Architecture ITU-T Recommendation X.800 Security Architecture for OSI International Telecommunications Union (ITU) is a United Nations sponsored agency that develops standards relating to telecommunications and to Open system Interconnection (OSI) Attacks, Services and Mechanisms Security A