Intruduction - Computer and Network Security

Computer and network security are essential for several reasons, driven by the increasing reliance on digital systems and the growing sophistication of cyber threats. Here are some key needs for computer and network security:

  1. Protection of Data: To safeguard sensitive information such as personal data, financial records, intellectual property, and confidential business information from unauthorized access and breaches.

  2. Prevention of Cyber Attacks: To defend against various forms of cyber attacks including malware, ransomware, phishing, and denial-of-service attacks that can disrupt operations and cause significant damage.

  3. Integrity of Information: To ensure that data remains accurate and unaltered during transmission or storage, protecting it from tampering or corruption.

  4. Confidentiality: To ensure that information is accessible only to those authorized to have access, protecting it from unauthorized disclosure.

  5. Availability of Services: To ensure that computer systems and networks remain operational and accessible to authorized users, preventing downtime and service interruptions.

  6. Compliance and Legal Requirements: To adhere to legal and regulatory requirements related to data protection and privacy, such as GDPR, HIPAA, and other laws, which mandate specific security measures.

  7. Reputation Management: To protect the reputation and trustworthiness of organizations by preventing data breaches and security incidents that could lead to loss of customer trust and damage to the brand.

  8. Economic Protection: To prevent financial losses resulting from cybercrime, including theft, fraud, and the costs associated with responding to security incidents and recovering from breaches.

  9. National Security: To protect critical infrastructure and national interests from cyber espionage, sabotage, and attacks by hostile entities.

  10. Innovation and Growth: To create a secure environment that fosters innovation and growth by enabling businesses to adopt new technologies and digital practices without compromising security.

Ensuring robust computer and network security involves implementing a combination of technologies, policies, and practices designed to mitigate risks and protect against threats.

This course focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet security, which rely heavily on cryptographic techniques.


Cryptographic algorithms and protocols can be grouped into four main areas:

• Symmetric encryption: Used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords.


• Asymmetric encryption: Used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.


• Data integrity algorithms: Used to protect blocks of data, such as messages,from alteration.


• Authentication protocols: These are schemes based on the use of cryptographic algorithms designed to authenticate the identity of entities.


The field of network and Internet security consists of measures to deter, prevent,detect, and correct security violations that involve the transmission of information.

Comments

Post a Comment

Popular posts from this blog

Cryptographic Algorithms CST 393 KTU CS Honour Notes Semester V -Dr Binu V P

About Me About the Course and Scheme Syllabus Model Question Paper University Question Papers ******************************************************** Module-1 (Introduction to the Concepts of Security) Introduction CIA Triad  OSI Security Architecture Security Attacks Security Services Security Mechanisms Model for Network Security Classical Encryption Techniques     Symmetric Cipher Model     Cryptography -  Crypt Analysis Substitution Ciphers-Caesar Cipher     Mono-alphabetic Ciphers     Playfair Cipher     Hill Cipher Poly Alphabetic Ciphers- Vigenere Cipher     Vernam Cipher- One Time Pad Transposition Ciphers Module-2 (Symmetric Key Crypto Systems) Stream Cipher Vs Block Cipher Traditional Block Cipher Structure- Fiestel Structure Data Encryption Standard - DES Algorithm Differential and Linear Cryptanalysis Double DES and Triple DES International Data Encryption Algorithm ( IDEA) Advanced Encryption Standard ( AES) Block Cipher Modes of Operation Stream Cipher and RC4 Module-3
Read more

Syllabus CST 393 Cryptographic Algorithms

Syllabus Module-1 (Introduction to the Concepts of Security) Need for security, Security approaches, Principles of security, Types of attacks, OSI Security Architecture, Classical encryption techniques - Substitution techniques, Transposition techniques. Stream cipher, Block cipher, Public key cryptosystems vs. Symmetric key cryptosystems, Encrypting communication channels. Module-2 (Symmetric Key Cryptosystems) Overview of symmetric key cryptography, Block cipher principles, Data Encryption Standard (DES), Differential and Linear cryptanalysis, Double DES, Triple DES, International Data Encryption Algorithm (IDEA), Advanced Encryption Algorithm (AES),Block cipher modes of operation, Stream cipher, RC4. Module-3 (Public Key Cryptosystems) Principles of public key cryptosystems, RSA algorithm, RSA illustration, Attacks, ElGamal cryptographic system, Knapsack algorithm, Diffie-Hellman key exchange algorithm, Elliptic curve cryptosystems. Module-4 (Key Management) Symmetric key distributi
Read more

Computer Security Concept- CIA Triad

Image
Definition of Computer Security The NIST Computer Security Handbook [NIST95] defines the term computer security as follows: Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability,and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).   This definition introduces three key objectives that are at the heart of computer  security: Confidentiality: This term covers two related concepts:             Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals.      Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.   Integrity: This term covers two related concepts:      Data integrity: Assures that information
Read more