In-depth notes on Cyber Security Concepts (Introduction to Cyber Security)

Computer Security Concepts

• Definition: Tools and measures designed to protect data and prevent unauthorized access.

• Importance of transitioning from physical to automated security due to tech advancements, particularly networks and distributed systems.

The CIA Triad

• Confidentiality: Protecting sensitive data from unauthorized access.

• Integrity: Ensuring data remains unaltered during storage and transmission.

• Availability: Guaranteeing authorized access to data when needed.

Security Challenges

• Complexity of security: requiring constant updates and monitoring.

• Potential attacks must be analyzed proactively.

• Balancing strong security without impinging on user experience.

Security Services & Mechanisms

• Security Mechanism: Processes designed to prevent, detect or recover from attacks on information systems.

• Security Service: Enhances the security of data processing and ensures protection in data transfers.

Types of Security Attacks

• Passive Attacks: Eavesdropping or monitoring of transmissions.

• Active Attacks: Involve data stream modification or create false streams.

Security Services as per X.800

1. Authentication: Verifying user identities.

2. Access Control: Limiting system access based on authenticated identities.

3. Data Confidentiality: Protecting transmitted data.

4. Data Integrity: Ensuring received data matches sent data.

5. Nonrepudiation: Proof of communication between sender and receiver.

6. Availability Service: Ensuring system resources are accessible as needed.

Important Concepts

• Authenticity: Verifying the legitimacy of users or data sources.

• Accountability: Tracing actions to responsible entities.

Conclusion

• Cyber security is an essential and evolving field requiring comprehensive understanding of various tools, challenges, and strategies to protect information and systems effectively.