The OSI Security Architecture is an outline that gives a sorted-out
method for characterizing the prerequisites for security and describing the
techniques to filling those requirements. The documents characterize security
attacks, services and mechanism and the relationship among the categories.
Active security threats include data transmitted being
modified and efforts to gain unauthorized access to computer systems.
Passive security threats are usually associated with eavesdropping
on, or, monitoring, transmissions. Electronic mail, client or server exchanges
and file transfers are examples.
Active security attacks: masquerade, replay, modification of
messages and denial of service
Passive security attacks: release of message contents and
Access control: prevention of unauthorized use of a resource
that is this is the service controls who can have access to a resource, under
what conditions access can occur and what those accessing the resource are
allowed to do.
Authentication: it is the assurance that the communicating
entity is the one that it claims to be.
Availability service: this the property of a system or a
system resource being accessible and usable upon demand by an authorized system
entity, according to performance specifications for the system.
Data confidentiality: it the protection of data from unofficial
Data integrity: it the confirmation that information got are
precise as sent by an approved element.
Nonrepudiation: this provides security against denial by one
of the elements involved in a communication of having taken part in all or part
of the communication.
May be combined into the suitable protocol layer in order to
offer some of the OSI security services.
Encipherment: This is the use of mathematical algorithms to change
data into a form that is not readily understandable. The conversion and
subsequent recovery of the data depend on an algorithm and zero or more
Digital Signature: Data appended to, or a cryptographic
transformation of, a data unit that allows a recipient of the data unit to
prove the source and integrity of the data unit and protect against forgery
(e.g., by the recipient).
Access Control: A variety of mechanisms that enforce access
rights to resources.
Data Integrity: A variety of mechanisms used to assure the
integrity of a data unit or stream of data units.
Authentication Exchange: A mechanism intended to ensure the
identity of an entity by means of information exchange.
Traffic Padding: The inclusion of bits into gaps in an
information stream to disappoint traffic analysis attempts.
Routing Control: Enables determination of specific
physically secure routes for specific information and permits steering changes,
particularly when a breach of security is suspected.
Notarization: The use of a trusted third party to guarantee convinced
properties of a data exchange.
Mechanisms that are not definite to any certain OSI security
service or protocol layer.
Trusted Functionality: That which is alleged to be correct
with respect to some criteria (e.g., as established by a security policy).
Security Label: The marking bound to a resource (which may
be a data unit) that names or designates the security attributes of that
Event Detection: Detection of security-relevant events.
Security Audit Trail: Data collected and potentially used to
simplify a security audit, which is a self-determining review and examination
of system records and happenings.
Security Recovery: Deals with demands from systems, for
example, events taking care of and administration capacities, and takes
Economy of Mechanism: This
principle says that the design of security measures personified in both
hardware and software should be as basic and little as could be expected under
the circumstances. The inspiration for this rule is that moderately
basic, little outline is simpler to test and confirm altogether. With a complex
design, there are many more opportunities for an adversary to discover subtle
weaknesses to exploit that may be difficult to spot ahead of time.
Fail-safe defaults: This
principle says that access decisions should be based on permission rather than
exclusion. That is, the default situation is lack of access, and the protection
scheme identifies conditions under which access is permitted.
Complete mediation: This principle says that every access must be checked against
the access control mechanism. Systems should not rely on access decisions
retrieved from a cache.
Open design: This principle says that the design of a security mechanism
should be open rather than secret
Separation of privilege: This
principle says can be defined as a practice in which multiple privilege
attributes are required to achieve access to a restricted resource.
Least privilege: This standard says that every procedure and each
client of the system should operate using the least set of freedoms necessary
to perform the duty
Least common mechanism:
This principle says that the design should to limit the
capacities shared by various clients, giving common security. This principle
helps reduce the number of unintended communication paths and reduces the
amount of hardware and software on which all users depend, thus making it
easier to verify if there are any undesirable security implications.
Psychological acceptability: This principle implies that the security
mechanisms should not interfere unduly with the work of users, while at the
same time meeting the needs of those who authorize access. If security
mechanisms hamper the usability or availability of resources, then users may
opt to turn off those mechanisms.
traits in programming so that you can make changes in one place
without having to also make changes in the other parts of an application
Modularity: design approach that divides a
system into smaller parts called modules or skids, that can be independently
created and then used in different systems.
the act of joining numerous moderating security controls to protect resources
least astonishment: applies to user
interface and software design, from
the ergonomics standpoint.
Attack Surface: Comprises of the reachable and usable
vulnerabilities in a system.
Attack Tree: is a spreading, progressive information structure that speaks to
an arrangement of potential strategies for misusing security vulnerabilities