Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
84 views18 pages

Lec 03 Key Security Concepts

This document discusses key concepts in information security including confidentiality, integrity, availability, authenticity, accountability, non-repudiation, disruption, and misappropriation. It also outlines the six steps for responding to a security breach incident: early preparation, identification, containment, eradication, recovery, and future preparation. Each step of the incident response plan is defined with examples of activities that would occur during that step.

Uploaded by

Ali Hussnain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
84 views18 pages

Lec 03 Key Security Concepts

This document discusses key concepts in information security including confidentiality, integrity, availability, authenticity, accountability, non-repudiation, disruption, and misappropriation. It also outlines the six steps for responding to a security breach incident: early preparation, identification, containment, eradication, recovery, and future preparation. Each step of the incident response plan is defined with examples of activities that would occur during that step.

Uploaded by

Ali Hussnain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

Information Security

Imtiaz Hussain
PhD Computer Science (Scholar)
Lecturer
Dept. of Computer Science
Key Information Security Concepts
Key Information Security Concepts

 Confidentiality
 Integrity
 Availability
 Authenticity
 Accountability
 Non Repudiation
 Disruption
 Misappropriation
Confidentiality

 Preserving authorized restrictions on information access and


disclosure.
 Protecting personal privacy and proprietary information.
 A loss of confidentiality is the unauthorized disclosure of
information.
 Ensuring that information is accessible only to those authorized to
have access.
Integrity

 Guarding against improper information modification or destruction.


 Ensuring information non-repudiation and authenticity.
 Safeguarding the accuracy and completeness of information and
processing methods
 A loss of integrity is the unauthorized modification or destruction of
information.
Availability

 Ensuring timely and reliable access to and use of information.


 Ensuring that authorized users have access to information and
associated assets when required.
 Availability does not mean that information is accessible to any user,
only authorized person can access.
 A loss of availability is the disruption of access to or use of
information or an information system.
Authenticity

 The property of being genuine and being able to be verified and


trusted.
 Authentication is the act of verifying a claim of identity.
 Confidence in the validity of a transmission, a message, or message
originator.
 Authentication (ID & password) is performed each time when
access the system
Accountability

 The principle that a entity safeguarding and controlling equipment,


keying material, and information and is answerable to proper
authority for the loss or misuse of that equipment or information.
 The security goal that generates the requirement for actions of an
entity to be traced uniquely to that entity.
Non Repudiation

 The inability to deny responsibility for performing a specific act


 Way to guarantee that the sender of a message cant of deny having
message send.
 Way to guarantee that the recipient cant not deny having message
received.
 Non-repudiation is a legal concept that is widely used in
information security, which provides proof of the origin of data and
the integrity of the data.
Disruption

 Disruption is a hazardous threat arising from intentional or


unintentional incidents that cause a breach in security, damage to
digital devices and networks, or a network outage.
 Prevent system operation by disabling a system component
 Modifying system function or data
 Interrupts delivery of system services by delaying system operations
Misappropriation

 Misappropriation is the unauthorized or illegal use of system or use


of identity of other person without permission, resulting damage of
harm to that system.
 Unauthorized logical or physical control of system resources
 Causes a system to perform a function or service by damaging
security.
Security Breach Incident response planes

 Early preparation
 Identification
 Containment
 Eradication
 Recovery
 Future Preparation
Early preparation

 Good preparation demands the development of an Incident


Response Team (IRT).
 Skills need to be used by this team would be, penetration testing,
computer forensics, network security, etc.
 This team should also keep track of trends in cybersecurity and
modern attack strategies.
 A training program for end users is important.
Identification

 A strong identification mechanism is established to identify security


breach.
 When an end user reports information or an admin notices
irregularities, an investigation is launched.
 An incident log is a crucial part of this step.
 All of the members of the team should be updating this log to ensure
that information flows as fast as possible.
 If it has been identified that a security breach has occurred the next
step should be activated.
Containment

 The IRT works to isolate the areas that the breach took place to limit
the scope of the security event.
 During this phase it is important to preserve information
forensically.
 Containment could be as simple as physically containing a server
room or as complex as segmenting a network to not allow the spread
of a virus
Eradication

 The threat that was identified is removed from the affected systems.
 This could include using deleting malicious files, terminating
compromised accounts, or deleting other components.
 This will help to ensure that the threat is completely removed
Recovery

 Whether the systems are restored back to original operation.


 This stage could include the recovery of data, changing user access
information.
 Updating firewall rules or policies to prevent a breach in the future.
 Without executing this step, the system could still be vulnerable to
future security threats
Future Preparation

 Information that has been gathered during this process is used to


make future decisions on security.
 This step is crucial to the ensure that future events are prevented.
 Using this information to further train admins is critical to the
process.
 This step can also be used to process information that is distributed
from other entities who have experienced a security event

You might also like