Introduction to Network Services
First, we will know what is Network security services? Network security services is the attack which means gaining the axis of data by another rigid person. So, we know the categories of attack that is a passive attack and activated so when we call as a passive attack and when we call it an activator, if there is a modification of a message by the another is in person then we call it as activated and if there is no modification done on the message but the content is gained by the term another is a person that we call it as password. So, in that we have seen two types of passive attacks that leaves of message content and traffic analysis and also, we know the four types of active attacks that is masquerade attack, replay attack and then modification of message and finally there are service attacks.
So here let us have a look on security services. So, what are the services provided by our network security. so here the question is we are sending the message to the receiver so that how to secure the data will be sent to the receiver. So, for example here J and B is a sender and B is a receiver. So how to send a message to your B. so we have to provide the security for this data over the network by transmitting from the sender to receiver. So, imagine there are different security services. Among the first one is access control. So, here the access control, the name itself indicates the access control means the access should be given to only the authorized persons. So, we have to prevent another reason axis of resources so that means unauthorized access to resources and the second service provided by our network security is aggregation. Here the other indication means verifying the receiver or a sender that means we have to verify the identity of a person who is sending the message or who is receiving the message.
So, we have to check their identity so whether the message has been received by the correct person or whether the message has been sent by the correct person that means the user. The identity verification of user and the third one the persons is confidentiality. This is also very important. So here the confidentiality means providing security for the data which is transmitted from sender to receiver so sender will send the message to the receiver. So that our duty is to provide the security for the data which is sent by the sender. So that we call it as a confidential that means security providing security to the data sent to anyone.
Next one is Data integrity. So, we can refer it as theta application or simply authentication. So, the next one is integrity so by providing the security for the data which has been sent from Center to Reserve is not the final thing so one more thing we have to take care is there should be no modification done during the transmission from the sender to this point so that service we call it as indegree. So, after sending the message from the sender, the law authorizes the original person should not modify the message during the transmission of the data from sender to the receiver. During the transmission, after sending the data and before receiving the data there should be no modification done on the data that service, we call it as indegree.
For easy access control, we have to prevent the average access of resources and then next one is authentication so before communicating the receiver or the sender we have to verify the identity of sender and receiver. So, after verification of sender and receiver identity, then the actual communication should be stopped, then next confidential. So after another negation is completed, we have to send the data from sender to receiver so we have to provide the security for that particular data which has been sent from the sender to receiver next after sending the data from the sender and before receiving the data by the receiver we have to take in about no modification should return on the data during the transmission that we call it as integral.
What is Non-repudiation?
Non-repudiation means preventing from the denial of service attacks. So, what denial of service attack means? Denial of service attack means without the intervention of user; the server will terminate its services or the consumer will stop its services to all the users. So, in such type of attack in order to prevent such type of denial of service attacks, we call it as non-repudiation.
Services provided by network security -
There are the five services provided by our network security. The things we have to provide all these five services while sending the data from the sender to the receiver. So first one is access control authentication confidentiality integrity and the market. we know there is this wide variation between authorization and authentication. Now let us see the difference between authorization and authentication. So, authorization means to access permissions whether the user is having the access to permissions or not the things what the user actually wants to do but what the user wants to do this is called a legend and no authentication. So here the authentication means who is doing the actual work and what the user wants to do what the user wants to do is their authorization and who is doing authentication.
Let’s take an example, I had an ATM card of a bank ABC. So, ABC Bank name is ever seen I'm having some ATM card. So, as I am having this ATM card and all the reason, authorized person to get this service because I'm having the ATM of particular Bank. So, I can use the service I can utilize the services provide product by the particular Bank and coming to this other location whenever you will go and insert this idiom in the ATM machine it will prompt for a password or a pin. So, a pin is other education, so after you press the corresponding pin the machine will check it, will compare the actual pin with your ATM card. If it matches, then only you will be getting access to the services provided by the particular ATM. So, here the film is called other education that means the pin verification you can say yes in verification is called on occasion. So, having an ATM card is only an authorizer gun and if you had the exact pin of that particular ATM card, we can say this authentication.
There is a slightly difference between authorization and authentication. So here authorization means just verifying the user permissions and other education means the user identity so that makes our login details our Gmail login password, or YouTube username and passwords. So, this is we call it as authentication so it will compare them or it will verify the user identity. So, we have learned various security services that is access control, the prevention of unauthorized access of resources and then authentication verifying, the user identity confidentiality providing the security to the data which is sent from the sender to receiver and integrity. So, after sending the data from the sender and before receiving the data by the receiver we have to take care that no modification should be done on the data during the transmission and non-repudiation that is in order to prevent from the manner of service attacks.