Paper Presentation

On
INFORMATION SECURITY
PRESENTED BY

K.PRIYA, P.BHARATHI,
III/IV B.TECH, III/IV B.TECH,
.

Avanthi Institute of Engg and Tech:

Makavarapalem,
Narsipatnam,
Visakhapatnam dt.
ABSTRACT:
Information is one of a financial institution’s
most important assets. Protection of
information assets is necessary to establish
and maintain trust between the financial in
situation and its customers, maintain
compliance with the law, and protect the
reputation of the institution. Information
security is the process by which an
organization protects and secures its
systems, media, and facilities that process
and maintain information vital to its
operations. Information security is a
complicated subject, historically only
tackled by well-trained and experienced
experts Security Attacks:
Attacks, Services &Mechanisms:  Interruption: This is an attack on
Security Attack: Any action that availability
compromises the security of information.
 Interception: This is an attack on
Security Mechanism: A mechanism that is
confidentiality
designed to detect, prevent, or recover from
a security attack.  Modification: This is an attack on
integrity
Security Service: A service that enhances
the security of data processing systems and Fabrication: This is an attack on authenticity
information transfers. A security service Security Goals:
makes use of one or more security
mechanisms.
Security Attacks:

1
Types of Attacks:
A second type of passive attack, traffic
analysis, Suppose that we had a way of
masking the contents of messages or other
information traffic so that opponents, even if
they captured the message, could not extract
the information from the message.

Active Attacks:

Passive Attacks:

A masquerade takes pIace when one entity

pretends to be a different entity.A
masquerade attack usually inc1udes one of
the other forms of active attack.
(a) A telephone conversation, an electronic
mail message, and a transferred file may
contain sensitive or confidential
information. We would like to prevent an
opponent from leaning the contents of these
transrnissions.

2
 The denial of service prevents or inhibits the
normal use or management of
communications facilities.
Security Services:
Replay involves the passive capture of a  Confidentiality (privacy)
data unit and its subsequent retransmission
to produce an unauthorized effect.  Authentication (who created or sent
the data)

 Integrity (has not been altered)

 Non-repudiation (the order is final)

 Access control (prevent misuse of

resources)

 Availability (permanence, non-

erasure)

 Denial of Service Attacks

Modification of messages simply means that
some portion of a Legitimate message is
altered, or that messages are delayed or
reordered, to produce an unauthorized
effect.
 Virus that deletes files
Conclusion:Everyone has a different
idea of what ``security'' is, and what
levels of risk are acceptable.It's
important to build systems and networks
in such a way that the user is not
constantly reminded of the security
system around him. As and when new
security methods are developed,
breaking of these methods has increased.
So measures have to be taken to fill the

3
 loopholes, of which cryptography has
and is playing a major role.
“Cryptography” is evergreen and
developments in this area are a better
option.

REFERENCES:
 William Stallings: Cryptography
and Network security: principles and
practice: 2nd edition.

 J.P. Holbrook, J.K. Reynolds.”Site

Security Handbook”

 Douglas R.Stinson. Cryptography:

theory and practice: 2nd edition

 A.Menezes, P.van Oorschot and

S.Vanstone: Handbook of Applied
Cryptography.

 Smith, Laurence Dwight.

Cryptography, the Science of Secret
Writing.

 Speciner, M. Perlman, R: Network

security, Englewood Cliffs, NJ