what are the principles of network security?

Network security involves around three key principles of confidentiality, integrity and availability. Depending upon the application and context, one of these principles might be more important than the others. For example, a government agency would encrypt an electronically transmitted classified document to prevent an unauthorized person form reading its contents. Thus, confidentiality of the information is paramount. If an individual succeeds in breaking the encryption cipher and then, retransmits a modified encrypted version, the integrity of the message is compromised. On the other hand, an organization such as Amazon.com would be severely damaged if its network were out of commission for an extended period of time. Thus, availability is a key concern of such e-commerce companies.

Confidentiality

Confidentiality is concerned with preventing unauthorized disclosure of sensitive information. This disclosure could be intentional, such as breaking a cipher and reading the information, or it could be unintentional due to the carelessness or incompetence of individuals handling the information.

Integrity

There are three goals of integrity.

Preventing the modification of information by unauthorized users

Preventing the unauthorized or unintentional modification of information by unauthorized users

Preserving the internal and external consistency

Internal consistency: Ensures that internal data is consistent. For example, in an organizational database, the total number of items owned by an organization must be equal to the sum of the same items shown in the database as being held by each element of the organization.

External Consistency: Ensures that the data stored in the database is consistent with the real world. Relative to the above example, the total number of items physically sitting on the shelf must equal the total number of items indicated by the database.

Availability

Availability assures that a system’s authorized users have timely and uninterrupted access to the information in the system and to the network.

Other important terms include:

Identification: The act of a user professing an identity to the system, such as login ID

Authentication: Verification that the user’s claimed identity is valid, such as through the use of password.

Accountability: Determination of the actions and behavior of a single individual within a system and holding the individual responsible for his/her actions.

Authorization: The privileges allocated to an individual or process that enable access to a computer resource.

know more at : https://www.helpwithassignment.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s