Security Goals
Main goal of security is to protect data or information which is being transmitted and achieve the confidentiality, integrity and availability of the data. Following are the main goal of information security: Confidentiality, Integrity, Availability.
Figure: CIA Traingle |
Confidentiality:
Principle of security, which ensure that only the sender & the receiver of a message come to know about the content of message. For example, in military application information from one higher authority is sending to another higher authority. During this transmission process when third unknown person is trying to get this confidential information. This type of information leakage caused because of interception of third person. Here it means loss of message confidentiality. The attack threatening the confidentiality is traffic analysis.
Integrity:
Principle of security, which ensure that the content of message must not be altered/modified during its transmission from sender to receiver. In this case change in the information need to be done by authorized person and through authorized mechanisms only. Integrity gives assurance that data received exactly as sent by an authorized sender. The attack threatening integrity is modification of message.
Availability:
Principle of security, which ensures that a resources/computer system is available for authorized users only. Information of bank account stored in bank server; student’s information stored in university. All this information needs to be available to all authorized users only. Imagine the situation arise, if all above information is not available to authorized users. This is only one attack which threatening principle of availability called denial of services.
Authentication:
Data
authentication allows user or receiver to check whether that data really was
sent by the actual sender or not. In the two-party communication this mechanism
is achieved through symmetric cryptography. The sender and receiver share a
secret key to calculate a message authentication code of all communication
data. Receiver knows that the data is
send by exact or actual sender, if and only if message will accept by the
receiver. The attack threatening integrity is masquerade.
Figure: CIA Traignle Compromised |
Non-repudiation:
It
prevents either sender or the receiver from denying that participated in all or
part of the communication.
Non-repudiation,
Origin: Proof that the message was sent by the specified party.
Non-repudiation,
destination: Proof that the message was received by the
specified party.
To learn more about Security Goals in cryptography, Click here
Useful blog, keep sharing with us.
ReplyDeleteCyber Security Goals
Fundamental Objectives of Cyber Security
Thank u so much.... Please follow my blog and share with others....
DeleteSubscribe my channel: Chirag Bhalodia