网络安全-01-引-言.pptVIP

* Have “passive attacks” which attempt to learn or make use of information from the system but does not affect system resources. By eavesdropping on, or monitoring of, transmissions to: + obtain message contents (as shown above in Stallings Figure 1.3a), or + monitor traffic flows Are difficult to detect because they do not involve any alteration of the data. * Also have “active attacks” which attempt to alter system resources or affect their operation. By modification of data stream to: + masquerade of one entity as some other + replay previous messages (as shown above in Stallings Figure 1.4b) + modify messages in transit + denial of service Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical,software,and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them. * Now introduce “Security Mechanism” which are the specific means of implementing one or more security services. Note these mechanisms span a wide range of technical components, but one aspect seen in many is the use of cryptographic techniques. * Some examples of mechanisms from X.800. Note that the “specific security mechanisms” are protocol layer specific, whilst the “pervasive security mechanisms” are not. We will meet some of these mechanisms in much greater detail later. See Stallings Table 1.3 for details of these mechanisms in X.800, and Table 1.4 for the relationship between services and mechanisms. * Consider the role of a security service, and what may be required. Note both similarities and differences with traditional paper documents, which for example: have signatures dates; need protection from disclosure, tampering, or destruction; may be notarized or witnessed; m