Skip to content

Dated: 11-11-2024

Ch02. what is the Osi Security Architecture

  • ITU-T X.800, Security Architecture For OSI ('91)
  • Defines a technique for defining security requirements, and characterizes the approaches to satisfy those requirements
  • Defines security attack, mechanism, and service

Security Attack

It is an action that compromises the security of information owned by an organization (or person)
s - Passive: aims to learn or make use of system information only - Active: attempts to alter system resources/operation

Security Service

Security service is a service that ensures adequate security of the system or data transfer.

Authentication

Assurance that communicating entity is the one claimed
have both peer entity and data origin authentication

Access Control

Prevention of unauthorized use of a resource

Data Confidentiality

Protection of data from unauthorized disclosure

Data Integrity

Assurance that data received is as sent by an authorized entity

Non-repudiation

Protection against denial by one of the parties in a communication

Availability

Resource accessible / usable

Security Mechanism

  • Feature designed to detect, prevent, or recover from a security attack
  • Cryptography underlies many of the mechanisms

Pasted image 20241111165155.png

Pasted image 20241111165248.png