Monday, September 20, 2021

Security Goals in Cryptography | Confidentiality | Integrity | Availability | Authentication | Non - Repudiation

 

Security Goals

Main goal of security is to protect data or information which is being transmitted and achieve the confidentiality, integrity and availability of the data. Following are the main goal of information security: Confidentiality, Integrity, Availability.

Figure: CIA Traingle

Confidentiality:

Principle of security, which ensure that only the sender & the receiver of a message come to know about the content of message. For example, in military application information from one higher authority is sending to another higher authority. During this transmission process when third unknown person is trying to get this confidential information. This type of information leakage caused because of interception of third person. Here it means loss of message confidentiality. The attack threatening the confidentiality is traffic analysis.


Integrity:

Principle of security, which ensure that the content of message must not be altered/modified during its transmission from sender to receiver. In this case change in the information need to be done by authorized person and through authorized mechanisms only. Integrity gives assurance that data received exactly as sent by an authorized sender. The attack threatening integrity is modification of message.


Availability:

Principle of security, which ensures that a resources/computer system is available for authorized users only. Information of bank account stored in bank server; student’s information stored in university. All this information needs to be available to all authorized users only. Imagine the situation arise, if all above information is not available to authorized users. This is only one attack which threatening principle of availability called denial of services.


Authentication:

Data authentication allows user or receiver to check whether that data really was sent by the actual sender or not. In the two-party communication this mechanism is achieved through symmetric cryptography. The sender and receiver share a secret key to calculate a message authentication code of all communication data.  Receiver knows that the data is send by exact or actual sender, if and only if message will accept by the receiver. The attack threatening integrity is masquerade.


Figure: CIA Traignle Compromised

Non-repudiation:

It prevents either sender or the receiver from denying that participated in all or part of the communication.

Non-repudiation, Origin: Proof that the message was sent by the specified party.

Non-repudiation, destination: Proof that the message was received by the specified party.


To learn more about Security Goals in cryptography, Click here



     Watch more videos click here.

No comments:

Post a Comment