SECURITY SERVICES
Network security can provide the following services related to a message and entity.
1. Message confidentiality
· It means that the content of a message when transmitted across a network must remain confidential, i.e. only the intended receiver and no one else should be able to read the message.
· The users, therefore, want to encrypt the message they send so that an eavesdropper on the network will not be able to read the contents of the message.
2. Message integrity
· It means the data must reach the destination without any adulteration i.e. exactly as it was sent.
· There must be no changes during transmission, neither accidently nor maliciously.
· Integrity of a message is ensured by attacking a checksum to the message.
· The algorithm for generating the checksum ensures that an intruder cannot alter the checksum or the message.
3. Message authentication
· In message authentication the receiver needs to be sure of the sender`s identity i.e. the receiver has to make sure that the actual sender is the same as claimed to be.
· There are different methods to check the genuineness of the sender:
1. The two parties share a common secret code word. A party is required to show the secret code word to the other for authentication.
2. Authentication can be done by sending digital signature.
3. A trusted third party verifies the authenticity. One such way is to use digital certificates issued by a recognized certification authority.
4. Message non-reproduction
· Non-repudiation means that a sender must not be able to deny sending a message that is actually sent.
· The burden of proof falls on the receiver.
· Non-reproduction is not only in respect of the ownership of the message; the receiver must prove that the contents of the message are also the same as the sender sent.
· Non-repudiation is achieved by authentication and integrity mechanisms.
5. Entity authentication
· In entity authentication the entity or user is verified prior to access to the system resources.
No comments:
Post a Comment