KEMBAR78
Web Security Services and Mechanism.pptx
Uploaded byumanggargcse
PPTX, PDF4 views

Web Security Services and Mechanism.pptx

It provides the web security and sercives.

Download to read offline
Security Fundamentals Need for Security | Principles | Services | Mechanisms
Need for Security • Protect sensitive data (personal, financial, organizational) • Ensure integrity of information • Keep systems and services available • Prevent unauthorized access or misuse • Build trust among users • Meet compliance and legal requirements • Example: Online banking transactions
Principles of Security (CIA +) • Confidentiality – Only authorized users can access data • Integrity – Data must remain accurate and unchanged • Availability – Resources must be accessible when needed • Authentication – Verify identity • Authorization – Grant appropriate access • Non-repudiation – Cannot deny an action/transaction • Accountability – Actions can be traced
OSI Security Architecture • To assess effectively the security needs of an organization and to evaluate and choose various security products and policies, the manager responsible for security needs some systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. This is difficult enough in a centralized data processing environment; with the use of local and wide area networks, the problems are compounded. • ITU-T Recommendation X.800, Security Architecture for OSI, defines such a systematic approach. The open systems interconnection (OSI) security architecture is useful to managers as a way of organizing the task of providing security. Furthermore, because this architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to this structured definition of services and mechanisms. For our purposes, the OSI security architecture provides a useful, if abstract, overview of many of the concepts that this book deals with
OSI Security Architecture Security attack Security Services Security Mechanism
Security Services
Security Services (ISO 7498-2) • Authentication – Prove identity • Access Control – Restrict unauthorized users • Data Confidentiality – Prevent data leakage • Data Integrity – Detect changes in data • Non-Repudiation – Proof of origin & delivery • Availability Service – Reliable access to resources
Security Mechanism
Security Mechanisms • Encryption – Protect confidentiality • Digital Signatures – Authentication, integrity, non-repudiation • Hash Functions – Verify data integrity • Authentication Protocols – Passwords, OTPs, biometrics • Access Control Lists (ACLs) – Define permissions • Firewalls / IDS / IPS – Block & detect attacks • Audit Logs – Track user actions • Backups & Redundancy – Maintain availability
Example Diagram: Security Concepts Flow Services (Authentication, Confidentiality, Integrity, Availability) Mechanisms (Encryption, Hashing, Firewalls, Logs)
Real-Life Case Studies • Data Breach – Weak authentication → confidential data leaked • Ransomware Attack – No backup → data unavailable • DDoS Attack – Service unavailable → loss of trust
Summary • Security is essential for data & systems • CIA + principles form the foundation • Security services define what is required • Mechanisms provide the tools to achieve services

More Related Content

PPTX
OSI Security Architecture.pptx shshhd shshjdjdjdd dhdjdjjdjdjdjdjjdjdjdjjdjdj...
by9102165122aa
 
PPT
Chapter 1.ppt
byTamer Nadeem
 
PPT
computer architecture.ppt
byPandiya Rajan
 
PPT
Network Security 1st Lecture
bybabak danyal
 
PPT
Cryptography - Unit I | Introduction to Security Concepts
byCUO VEERANAN VEERANAN
 
PPTX
CRYPTOGRAPHY & NETWORK SECURITY.pptx
byNavanathDarwante1
 
PPT
Intro-2013.pptIntro-2013.pptIntro-2013.ppt
bytahirnaquash2
 
PPTX
Osi security architecture in network.pptx
byVinzoCenzo
 
OSI Security Architecture.pptx shshhd shshjdjdjdd dhdjdjjdjdjdjdjjdjdjdjjdjdj...
by9102165122aa
 
Chapter 1.ppt
byTamer Nadeem
 
computer architecture.ppt
byPandiya Rajan
 
Network Security 1st Lecture
bybabak danyal
 
Cryptography - Unit I | Introduction to Security Concepts
byCUO VEERANAN VEERANAN
 
CRYPTOGRAPHY & NETWORK SECURITY.pptx
byNavanathDarwante1
 
Intro-2013.pptIntro-2013.pptIntro-2013.ppt
bytahirnaquash2
 
Osi security architecture in network.pptx
byVinzoCenzo
 

Similar to Web Security Services and Mechanism.pptx

PPT
ch01.ppt
byssuser4198c4
 
PPT
lecture2-1 part one about cryptography.ppt
byabduganiyevbekzod011
 
PPT
ch01.pptch01.pptch01.pptch01.pptch01.ppt
bykelumsd
 
PPT
ch01.ppt University of Education Lahore D
byMuhammadShan87
 
PPT
ch01 cryptographyand network security.ppt
byalwaseimostafa2
 
PPTX
chapter 1 INTROoooooooooooooooooooo.pptx
bymailshivaiah
 
PPT
Unit 1.ppt
byDHANABALSUBRAMANIAN
 
PPT
CH01.ppt
byShahidMehmood285010
 
PPT
Ch01
byJoe Christensen
 
PPTX
osi-security-architectureppt.pptx
bykumarkaushal17
 
PPT
ch01 cryptography1cryptography1cryptography1
bykavyams22
 
PPT
Ch01
byn C
 
PPTX
2-OSI SECURITY ARCHITECTURE F1.pptxfdddss
bymaniv2769
 
PPT
Module-1.ppt cryptography and network security
byAparnaSunil24
 
PPT
Ch01
byssusere796b3
 
PPTX
I MSc CS CNS Day 1.pptx
byArumugam90
 
PPTX
CS8792 - Cryptography and Network Security
byvishnukp34
 
PPT
Cryptography_and_network_security170.ppt
byinaamulh66
 
PPT
COMPUTER SECURITY
bySHUBHA CHATURVEDI
 
PPTX
Ch1 Cryptography network security slides.pptx
bysalutiontechnology
 
ch01.ppt
byssuser4198c4
 
lecture2-1 part one about cryptography.ppt
byabduganiyevbekzod011
 
ch01.pptch01.pptch01.pptch01.pptch01.ppt
bykelumsd
 
ch01.ppt University of Education Lahore D
byMuhammadShan87
 
ch01 cryptographyand network security.ppt
byalwaseimostafa2
 
chapter 1 INTROoooooooooooooooooooo.pptx
bymailshivaiah
 
Unit 1.ppt
byDHANABALSUBRAMANIAN
 
CH01.ppt
byShahidMehmood285010
 
Ch01
byJoe Christensen
 
osi-security-architectureppt.pptx
bykumarkaushal17
 
ch01 cryptography1cryptography1cryptography1
bykavyams22
 
Ch01
byn C
 
2-OSI SECURITY ARCHITECTURE F1.pptxfdddss
bymaniv2769
 
Module-1.ppt cryptography and network security
byAparnaSunil24
 
Ch01
byssusere796b3
 
I MSc CS CNS Day 1.pptx
byArumugam90
 
CS8792 - Cryptography and Network Security
byvishnukp34
 
Cryptography_and_network_security170.ppt
byinaamulh66
 
COMPUTER SECURITY
bySHUBHA CHATURVEDI
 
Ch1 Cryptography network security slides.pptx
bysalutiontechnology
 

Recently uploaded

PPTX
English Home Language & First Additional Language P2 Preparation.pptx
byMasingita Maswanganye
 
PDF
BUSINESS ETHICS – UNIT V: Ethical Insights from Thirukkural and Modern Thought
byD NANEE
 
PPTX
Agriculture Lesson Note for Grade 11 Chapter 3 & 4.pptx
byNajibMuhidin
 
PPTX
Essay Type Answer Writing Analysis Workshop.pptx
byDhatriParmar
 
PPTX
Nerve lecture 2:strength-duration curve and an introduction to action potential
bydina merzeban
 
PPTX
Project Dashboard in Odoo 18 Project
byCeline George
 
PPTX
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
PDF
TUYỂN CHỌN 30 ĐỀ THI CHỌN HỌC SINH GIỎI LỚP 9 CÁC TỈNH NĂM 2024-2025 MÔN TIẾN...
byNguyen Thanh Tu Collection
 
PPTX
Capitol Webinar October 2025 Dr. Jha.pptx
byCapitolTechU
 
PDF
Admin Slides for Oct'25 semester (Progression)
byGreat Files
 
PPTX
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
PPTX
Exploring Entrepreneurial Qualities: A Curated Presentation for Grade 11 Busi...
bySamanthaNkoana
 
PPTX
ILA 2025 Prague CLS Presentation of Leadership journal
byjohanalvehus
 
PDF
Learning English by Project Based Learning: How to Make Foreign Friends
bysilvianalevana
 
PPTX
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
PPTX
Basics for Conducting Bibliometric Analysis - Dr Ahsan Riaz
bySystematic Reviews Network (SRN)
 
PPTX
How can education build trust in a polarised world_Jonathan James_OECD .pptx
byEduSkills OECD
 
PPTX
How to Create a Manifest File in Odoo 18
byCeline George
 
PDF
Yaksha Prashna | General Quiz at RLAC | Amlan Sarkar | Full Set
byAmlan Sarkar
 
PDF
History of Department of AIHC and Archaeology_BHU
byBanaras Hindu University
 
English Home Language & First Additional Language P2 Preparation.pptx
byMasingita Maswanganye
 
BUSINESS ETHICS – UNIT V: Ethical Insights from Thirukkural and Modern Thought
byD NANEE
 
Agriculture Lesson Note for Grade 11 Chapter 3 & 4.pptx
byNajibMuhidin
 
Essay Type Answer Writing Analysis Workshop.pptx
byDhatriParmar
 
Nerve lecture 2:strength-duration curve and an introduction to action potential
bydina merzeban
 
Project Dashboard in Odoo 18 Project
byCeline George
 
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
TUYỂN CHỌN 30 ĐỀ THI CHỌN HỌC SINH GIỎI LỚP 9 CÁC TỈNH NĂM 2024-2025 MÔN TIẾN...
byNguyen Thanh Tu Collection
 
Capitol Webinar October 2025 Dr. Jha.pptx
byCapitolTechU
 
Admin Slides for Oct'25 semester (Progression)
byGreat Files
 
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
Exploring Entrepreneurial Qualities: A Curated Presentation for Grade 11 Busi...
bySamanthaNkoana
 
ILA 2025 Prague CLS Presentation of Leadership journal
byjohanalvehus
 
Learning English by Project Based Learning: How to Make Foreign Friends
bysilvianalevana
 
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
Basics for Conducting Bibliometric Analysis - Dr Ahsan Riaz
bySystematic Reviews Network (SRN)
 
How can education build trust in a polarised world_Jonathan James_OECD .pptx
byEduSkills OECD
 
How to Create a Manifest File in Odoo 18
byCeline George
 
Yaksha Prashna | General Quiz at RLAC | Amlan Sarkar | Full Set
byAmlan Sarkar
 
History of Department of AIHC and Archaeology_BHU
byBanaras Hindu University
 

Web Security Services and Mechanism.pptx

  • 1.
    Security Fundamentals Need forSecurity | Principles | Services | Mechanisms
  • 2.
    Need for Security •Protect sensitive data (personal, financial, organizational) • Ensure integrity of information • Keep systems and services available • Prevent unauthorized access or misuse • Build trust among users • Meet compliance and legal requirements • Example: Online banking transactions
  • 3.
    Principles of Security(CIA +) • Confidentiality – Only authorized users can access data • Integrity – Data must remain accurate and unchanged • Availability – Resources must be accessible when needed • Authentication – Verify identity • Authorization – Grant appropriate access • Non-repudiation – Cannot deny an action/transaction • Accountability – Actions can be traced
  • 4.
    OSI Security Architecture •To assess effectively the security needs of an organization and to evaluate and choose various security products and policies, the manager responsible for security needs some systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. This is difficult enough in a centralized data processing environment; with the use of local and wide area networks, the problems are compounded. • ITU-T Recommendation X.800, Security Architecture for OSI, defines such a systematic approach. The open systems interconnection (OSI) security architecture is useful to managers as a way of organizing the task of providing security. Furthermore, because this architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to this structured definition of services and mechanisms. For our purposes, the OSI security architecture provides a useful, if abstract, overview of many of the concepts that this book deals with
  • 5.
  • 7.
  • 8.
    Security Services (ISO7498-2) • Authentication – Prove identity • Access Control – Restrict unauthorized users • Data Confidentiality – Prevent data leakage • Data Integrity – Detect changes in data • Non-Repudiation – Proof of origin & delivery • Availability Service – Reliable access to resources
  • 9.
  • 10.
    Security Mechanisms • Encryption– Protect confidentiality • Digital Signatures – Authentication, integrity, non-repudiation • Hash Functions – Verify data integrity • Authentication Protocols – Passwords, OTPs, biometrics • Access Control Lists (ACLs) – Define permissions • Firewalls / IDS / IPS – Block & detect attacks • Audit Logs – Track user actions • Backups & Redundancy – Maintain availability
  • 11.
    Example Diagram: SecurityConcepts Flow Services (Authentication, Confidentiality, Integrity, Availability) Mechanisms (Encryption, Hashing, Firewalls, Logs)
  • 12.
    Real-Life Case Studies •Data Breach – Weak authentication → confidential data leaked • Ransomware Attack – No backup → data unavailable • DDoS Attack – Service unavailable → loss of trust
  • 13.
    Summary • Security isessential for data & systems • CIA + principles form the foundation • Security services define what is required • Mechanisms provide the tools to achieve services