Unit 558 Information Systems Security Paper
CMP 558 Information Systems Security
Assignment 1 Chapter 1:
1.2) What is the OSI security architecture?
Ans) A Systematic way of defining the requirements for security and characterizing the approaches to satisfying them is generally defined as “OSI security architecture”.
This was developed as an international standard.
Focuses of OSI Security Architecture:
1) Security attacks – action that compromises the security of information owned by an organization.
2) Security mechanism – designed to detect, prevent, or recover from a security attack.
3) Security service – intended to counter security attacks.
1.3) What the difference between passive and active security threats?
Ans) Passive Threats makes attempt to learn or …show more content…
Authentication: The assurance that the communicating entity is the one that it claims to be. The problem of authorization is often thought to be identical to that of authentication; many widely adopted standard security protocols, obligatory regulations, and even statutes are based on this assumption.
Integrity: The assurance that data received are exactly as sent by an authorized entity.
End user will receive what is sent-guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity
Access control: The prevention of unauthorized use of a resource means this service controls that have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do.
Ability: Time for access-ensuring timely and reliable access to and use of
Assignment 1 Chapter 1:
1.2) What is the OSI security architecture?
Ans) A Systematic way of defining the requirements for security and characterizing the approaches to satisfying them is generally defined as “OSI security architecture”.
This was developed as an international standard.
Focuses of OSI Security Architecture:
1) Security attacks – action that compromises the security of information owned by an organization.
2) Security mechanism – designed to detect, prevent, or recover from a security attack.
3) Security service – intended to counter security attacks.
1.3) What the difference between passive and active security threats?
Ans) Passive Threats makes attempt to learn or …show more content…
Authentication: The assurance that the communicating entity is the one that it claims to be. The problem of authorization is often thought to be identical to that of authentication; many widely adopted standard security protocols, obligatory regulations, and even statutes are based on this assumption.
Integrity: The assurance that data received are exactly as sent by an authorized entity.
End user will receive what is sent-guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity
Access control: The prevention of unauthorized use of a resource means this service controls that have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do.
Ability: Time for access-ensuring timely and reliable access to and use of