Information Security deals with protection of information against unauthorized access and adding various security measures. Moreover, there are various security objectives. Let’s take a look at them.
Information Security Objectives
- Confidentiality
- Integrity
- Availability
- Authenticity
- Accountability
Firstly, confidentiality deals with protection of data and is confidential. In addition, the data is secure against unauthorize access.
Secondly, integrity means that modification or any change in data can only be done by authorized user.
Thirdly, availability means that the system works promptly and service is available to users.
Authenticity means that the data comes from a trusted source and is verified.
Lastly, accountability supports non repudiation.
Impact of Security Breaches
- Financial loss
- Damage to assets
- Damage to individual
Security attacks
Firstly, a passive attack attempts to learn about the information from the system but does not affect system resources. For instance, release of message contents and traffic analysis are examples of passive attack.
Secondly, an active attack tries to alter or modify system resources. For instance, masquerade and denial of service are types of active attack.
Difference in Threat and Attack
Firstly, threat is a potential violation of security. It occurs when an action or event cracks the security and causes harm. It might exploit vulnerability.
Secondly, attack is violation on system security derive from potential threat. Moreover, it is an calculated attempt that violates security policy of the system.
Security Mechanisms
Security mechanisms are the measures taken to prevent the above mentioned attacks. Moreover, most common security mechanisms are cryptographic techniques.
First is specific security mechanisms, here it is integrated with protocols to provide OSI security services.
Second is pervasive security mechanisms, here it does not integrate with any protocols.
Third method is digital signature where we generate signature for verification of sender.
Transposition methods
Transposition methods will change the location of plaintext rather than substituting other symbols. Let’s take a look.
First is Rail Fence Transposition. It is the simplest transposition method. Moreover, it is easy to break since there is no complexity in rearranging the letters.
Second is Row/Column Transposition. In this method, plaintext is written in row form. Ciphertext is obtain by column by column.
Summary
In conclusion, we have learnt how information security deals with protection of information against unauthorized access. Confidentiality, Authenticity, Integrity, Availability and Accountability are various security objectives.
In addition, we have seen some of the transposition techniques and difference between threat and attack.
Moreover, we have learnt about security attacks and measures to prevent it.
