In present day scenario security of the system is the sole priority of any organisation. The main aim of any organisation is to protect their data from attackers. In cryptography, attacks are of two types such as Passive attacks and Active attacks.
Passive attacks are those that retrieve information from the system without affecting the system resources while active attacks are those that retrieve system information and make changes to the system resources and their operations.
Figure : 1.1
In figure 1.1 it made the text secure by forming it into cipher text using encryption algorithm and further decryption to use it.
The Principles of Security can be classified as follows:
- Confidentiality:
The degree of confidentiality determines the secrecy of the information. The principle specifies that only the sender and receiver will be able to access the information shared between them. Confidentiality compromises if an unauthorized person is able to access a message.For example, let us consider sender A wants to share some confidential information with receiver B and the information gets intercepted by the attacker C. Now the confidential information is in the hands of an intruder C.
- Authentication:
Authentication is the mechanism to identify the user or system or the entity. It ensures the identity of the person trying to access the information. The authentication is mostly secured by using username and password. The authorized person whose identity is preregistered can prove his/her identity and can access the sensitive information. - Integrity:
Integrity gives the assurance that the information received is exact and accurate. If the content of the message is changed after the sender sends it but before reaching the intended receiver, then it is said that the integrity of the message is lost.
- System Integrity: System Integrity assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
- Data Integrity: Data Integrity assures that information (both stored and in transmitted packets) and programs are changed only in a specified and authorized manner.
4. Non-Repudiation:
Non-repudiation is a mechanism that prevents the denial of the message content sent through a network. In some cases the sender sends the message and later denies it. But the non-repudiation does not allow the sender to refuse the receiver.
5. Access control:
The principle of access control is determined by role management and rule management. Role management determines who should access the data while rule management determines up to what extent one can access the data. The information displayed is dependent on the person who is accessing it.
6. Availability:
The principle of availability states that the resources will be available to authorize party at all times. Information will not be useful if it is not available to be accessed. Systems should have sufficient availability of information to satisfy the user request.
7. Issues of ethics and law
The following categories are used to categorize ethical dilemmas in the security system.
Individuals’ right to access personal information is referred to as privacy.
Property: It is concerned with the information’s owner.
Accessibility is concerned with an organization’s right to collect information.
Accuracy: It is concerned with the obligation of information authenticity, fidelity, and accuracy.
Last Updated : 24 Jan, 2023
Like Article
Save Article
Share your thoughts in the comments
Please Login to comment...
FAQs
Cryptography is used to protect the private information shared between two communicating parties from a third party. Confidentiality, Data Integrity, Authentication, and Non-Repudiation are the main principles of cryptography. Network security is the actions taken or procedures followed to protect the computer network.
What are the key principles of security in cryptography and network security? ›
Cryptography is used to protect the private information shared between two communicating parties from a third party. Confidentiality, Data Integrity, Authentication, and Non-Repudiation are the main principles of cryptography. Network security is the actions taken or procedures followed to protect the computer network.
What are the 5 pillars of cryptography? ›
What are the 5 pillars of cryptography? The five pillars of cryptography are confidentiality, integrity, authenticity, non-repudiation, and availability, ensuring secure communication and data protection.
What are the 5 basic principles of security and their meaning? ›
The U.S. Department of Defense has promulgated the Five Pillars of Information Assurance model that includes the protection of confidentiality, integrity, availability, authenticity, and non-repudiation of user data.
What are the 4 principles of security? ›
There are four basic security principles: access, authentication, authorization, and accounting. Use physical and software controls to protect your hardware or data from intrusion. For hardware, access limits usually mean physical access limits. For software, access limits usually mean both physical and virtual means.
What are the 3 aspects of security in cryptography? ›
The three letters in "CIA triad" stand for Confidentiality, Integrity, and Availability. The CIA triad is a common model that forms the basis for the development of security systems.
What are 4 key cryptography pillars? ›
Data Confidentiality, Data Integrity, Authentication and Non-repudiation are core principles of modern-day cryptography. Confidentiality refers to certain rules and guidelines usually executed under confidentiality agreements which ensure that the information is restricted to certain people or places.
What are the four fundamental goals of cryptography? ›
There are four main goals in cryptography: confidentiality, integrity, authentication, and non-repudiation Read the section on the goals of cryptography to understand each concept.
What is the basics of cryptography? ›
Cryptography ensures confidentiality by encrypting sent messages using an algorithm with a key only known to the sender and recipient. A common example of this is the messaging tool WhatsApp, which encrypts conversations between people to ensure they cannot be hacked or intercepted.
What is the principle key in cryptography? ›
Here are the fundamental principles of public-key cryptography: Key Pairs: Public-key cryptography uses a pair of keys - a public key and a private key. These keys are mathematically related, but it is computationally infeasible to derive the private key from the public key.
In network security, cryptography serves as a fundamental tool. Its primary goal is to protect data confidentiality, integrity, and authenticity. This means that information shared over networks is kept secret, remains unaltered during transmission, and can be trusted as coming from a verified source.
What are the principles and uses of cryptography to secure and protect data? ›
Cryptography ensures the integrity of data using hashing algorithms and message digests. By providing codes and digital keys to ensure that what is received is genuine and from the intended sender, the receiver is assured that the data received has not been tampered with during transmission.
What are the 5 C's in security? ›
In cybersecurity, a model known as the “5C” emerges as a crucial framework. This article discusses and explains the 5 C's of cybersecurity—Change, Continuity, Cost, Compliance, and Coverage—highlighting their importance in modern-day digital defense mechanisms.
What are the 7 P's of information security? ›
We outline the anatomy of the AMBI-CYBER architecture adopting a balanced scorecard, multistage approach under a 7Ps stage gate model (Patient, Persistent, Persevering, Proactive, Predictive, Preventive, and Preemptive).
What are the 5 A's of security? ›
The Five A's cover Authentication, Authorization, Administration, Audit, and Analytics – each is explained in detail in the following.
What are the key principles of computer security? ›
What are the 3 Principles of Information Security? The basic tenets of information security are confidentiality, integrity and availability. Every element of the information security program must be designed to implement one or more of these principles. Together they are called the CIA Triad.
What are the key principles of network and cyber security? ›
These cyber security principles are grouped into four key activities: govern, protect, detect and respond.
- Govern: Identifying and managing security risks.
- Protect: Implementing controls to reduce security risks.
- Detect: Detecting and understanding cyber security events to identify cyber security incidents.
Here are the fundamental principles of public-key cryptography: Key Pairs: Public-key cryptography uses a pair of keys - a public key and a private key. These keys are mathematically related, but it is computationally infeasible to derive the private key from the public key.
What are the key principles of information security? ›
Confidentiality, integrity, and availability are the core information security principles (CIA). Together, these three principles are read as the CIA triad.
