Appearance

Color mode

Font

Default
Sans
Arizona
Old
System
Dyslexic
June 12, 2026 • Originals • 1 min read
Introduction to Information and Network Security

Computer and network security protect your data, devices, and online communications from unauthorized access, tampering, and disruption. This unit introduces core concepts like the CIA triad, OSI security architecture, types of security attacks, and the key security services and mechanisms that form the foundation of modern secure networks.

Introduction to Information and Network Security
Jinansh
Jinansh
Jinansh
Writer, Creator
Passionate about building interactive web experiences and exploring new ideas.
Jinansh
Listen
0

Computer Security Concept

You save exam notes on your laptop, connect to public Wi-Fi, and later notice suspicious activity in your email account. In that moment, you need protection not just for one file, but for the whole system, your stored data, and your communication channels. Computer security exists to protect computer systems and information from unauthorized access, misuse, modification, and disruption.

Why Security Is Needed

Computer systems hold personal data, business records, passwords, financial information, and communication logs. If an attacker steals, changes, or blocks this information, you may lose privacy, trust, money, or service availability.

The three foundational goals of security are shown below.

Goal What it means Example
Confidentiality Only authorized users can access data A password-protected email account
Integrity Data remains correct and unaltered Marks in a result system are not changed illegally
Availability Data and services remain accessible when needed A college website stays online during admissions

What Threatens a Computer System

  • Unauthorized access: An attacker logs into a system without permission.
  • Data modification: Someone changes files, messages, or records.
  • Data disclosure: Sensitive information gets exposed.
  • Service disruption: Users cannot access a system when needed.

How Security Supports Daily Use

Without proper security: Anyone on the same network can read your messages, copy your files, or interrupt your connection.

With proper security controls: Authentication checks identity, encryption hides content, and access control restricts who can use resources.

Security Objectives in Real Systems

You can view computer security as a set of protections working together.

  • Authentication: Confirms that a user or system is genuine.
  • Authorization: Decides what an authenticated user is allowed to do.
  • Accountability: Keeps logs so actions can be traced.
  • Non-repudiation: Prevents a sender or receiver from denying an action later.

A Simple Protection Flow

The following flow shows how security controls protect information during use.

flowchart LR
    U[User] --> L[Login Check]
    L --> A[Access Decision]
    A --> D[Data Use]
    D --> G[Activity Log]
  • User: The person or device requesting access.
  • Login Check: Verifies identity using credentials.
  • Access Decision: Applies permission rules.
  • Data Use: Allows approved operations.
  • Activity Log: Records important actions for review.

MCQ

Which group represents the basic goals of computer security?

The OSI Security Architecture

Now that you understand why computer security is necessary, consider this: a network has many layers, many devices, and many ways to fail. You need a structured way to describe attacks, protections, and services across communication systems. The OSI Security Architecture provides that organized framework.

What the Architecture Describes

The OSI Security Architecture is a model developed to classify security attacks, security mechanisms, and security services in a consistent way. It does not only list threats; it also explains how protection can be designed and discussed across networked systems.

The Three Main Parts

Security Attacks

A security attack is any action that compromises the security of information owned by an organization.

Security Mechanisms

A security mechanism is a process or device designed to detect, prevent, or recover from a security attack.

Security Services

A security service is a communication or processing service that enhances the security of data transfer and information processing systems.

How the Architecture Helps You

Without a common model: Security discussions become random, and you mix up threats, protections, and goals.

With the OSI security architecture: You can clearly separate what the problem is, what protection is needed, and what tool will implement it.

Classification View

Category What it focuses on Example
Security attacks How systems are threatened Replay attack
Security services What protection is required Data confidentiality
Security mechanisms How protection is implemented Encryption

Relationship Among the Parts

The architecture connects all three ideas in one flow.

flowchart LR
    T[Threat or Attack] --> S[Required Security Service]
    S --> M[Implementing Security Mechanism]
  • Threat or Attack: The risk or harmful action.
  • Required Security Service: The type of protection needed.
  • Implementing Security Mechanism: The actual method or tool used.

Why It Matters in Network Security

When you study network security, this model gives you a common vocabulary. It helps you answer three important questions: what is being attacked, what must be protected, and how the protection will be carried out.

MCQ

What are the three major categories in the OSI Security Architecture?

Security Attacks

You've already seen that the OSI framework separates attacks from defenses. The next step is to understand how attackers actually threaten systems in practice. Security attacks are actions that attempt to compromise confidentiality, integrity, or availability.

Two Broad Classes of Attacks

Security attacks are mainly divided into passive attacks and active attacks.

Passive Attacks

A passive attack tries to learn or make use of information from the system, but does not affect system resources. The attacker watches communication silently.

Active Attacks

An active attack attempts to alter system resources or affect their operation. The attacker does not just observe; the attacker interferes.

Passive Attack Types

Attack type What happens Example
Release of message contents The attacker reads the actual data Reading an email during transmission
Traffic analysis The attacker studies communication patterns Observing who talks to whom and how often

Active Attack Types

Attack type What happens Example
Masquerade One entity pretends to be another Logging in with stolen credentials
Replay Captured data is retransmitted Reusing a valid login token
Modification of messages Message content is changed Altering bank transaction data
Denial of Service Service is blocked or degraded Flooding a server with requests

Passive and Active Compared

Feature Passive attack Active attack
Main intention Observe information Change or disrupt information
Effect on system No direct alteration Direct alteration or interruption
Detection difficulty Hard to detect Easier to detect
Prevention difficulty Easier to prevent Harder to prevent

Real-World Understanding

  • Passive attacks matter because privacy can be lost without any visible damage.
  • Active attacks matter because the attacker can corrupt data or stop services.
  • Both types are serious because one steals information and the other damages trust or operation.

Note: A good security design aims to prevent passive attacks and also detect and recover from active attacks.

MCQ

Which of the following is a passive attack?

Security Services

Security attacks show what can go wrong, but they do not tell you what protection a system should provide. To answer that, you define the protections a system must offer during communication and processing. Security services are those protections.

What Security Services Do

A security service improves the security of data processing systems and information transfer. Each service addresses a particular kind of threat.

Main Security Services

Authentication Service

Authentication assures that the communicating entity is the one it claims to be. This service is essential in login systems, online payments, and message exchange.

Access Control Service

Access control prevents unauthorized use of resources. After identity is verified, the system decides what operations are allowed.

Data Confidentiality Service

Data confidentiality protects data from unauthorized disclosure. It ensures that only permitted entities can read sensitive information.

Data Integrity Service

Data integrity ensures that data is not changed, inserted, deleted, or replayed without authorization. It helps the receiver trust that the message is still correct.

Non-Repudiation Service

Non-repudiation provides proof so that one party cannot later deny sending or receiving data. This is important in legal, business, and financial transactions.

Services and Their Purpose

Security service Main purpose Typical use
Authentication Verify identity User login
Access control Restrict operations File permissions
Data confidentiality Keep data secret Encrypted communication
Data integrity Protect correctness Secure message transfer
Non-repudiation Prevent denial of action Digital contract exchange

How Services Relate to Attacks

The following mapping helps you connect services with the threats they reduce.

flowchart TD
    P[Passive Attack] --> C[Confidentiality Service]
    M[Message Modification] --> I[Integrity Service]
    F[Fake Identity] --> AU[Authentication Service]
    U[Unauthorized Resource Use] --> AC[Access Control Service]
    D[Denial of Action] --> N[Non-repudiation Service]
  • Confidentiality Service: Prevents exposure of private data.
  • Integrity Service: Detects unauthorized changes.
  • Authentication Service: Validates identity claims.
  • Access Control Service: Restricts resource usage.
  • Non-repudiation Service: Creates undeniable proof.

Why Services Come Before Mechanisms

You first decide what protection is needed, and only then decide how to implement it. For example, if you need confidentiality, encryption may be chosen as the mechanism.

MCQ

Which security service ensures that data is not altered without authorization?

Security Mechanism

You've already defined the protection a system should provide through security services. Now you need actual techniques to enforce those protections in software, hardware, and communication protocols. Security mechanisms are the methods and tools that make security services work.

What a Mechanism Does

A security mechanism is designed to detect, prevent, or recover from security attacks. Some mechanisms are directly visible, such as encryption, while others support the system in the background, such as audit trails.

Specific Security Mechanisms

These mechanisms are used directly to implement security services.

  • Encipherment: Converts readable data into an unreadable form.
  • Digital signature: Confirms origin and supports integrity.
  • Access control: Enforces who can use resources.
  • Data integrity mechanism: Detects unauthorized changes.
  • Authentication exchange: Verifies identity during communication.
  • Traffic padding: Adds extra data to hide communication patterns.
  • Routing control: Chooses secure network routes.
  • Notarization: Uses a trusted third party to support trust.

Pervasive Security Mechanisms

These mechanisms support the whole environment rather than a single function.

  • Trusted functionality: Relies on components known to behave securely.
  • Security labels: Mark data with sensitivity levels.
  • Event detection: Detects security-relevant events.
  • Security audit trail: Keeps records of system activity.
  • Security recovery: Restores secure operation after failure or attack.

Specific and Pervasive Compared

Feature Specific mechanisms Pervasive mechanisms
Main role Implement a direct protection Support overall secure operation
Scope Particular communication or data task Entire system environment
Example Encryption Audit trail

Mechanism-to-Service Examples

Security service Possible mechanism What it achieves
Confidentiality Encipherment Hides message content
Integrity Digital signature Detects unauthorized change
Authentication Authentication exchange Verifies identity
Access control Access control mechanism Limits resource usage

A Practical Sequence

The following sequence shows how services and mechanisms work together during communication.

flowchart LR
    U[User Request] --> AE[Authentication Exchange]
    AE --> AC[Access Control]
    AC --> E[Encipherment]
    E --> AT[Audit Trail]
  • Authentication Exchange: Confirms identity.
  • Access Control: Checks permissions.
  • Encipherment: Protects sensitive data.
  • Audit Trail: Records what happened.

Note: A mechanism is not the security goal itself. It is the implementation used to achieve the goal.

MCQ

Which of the following is a specific security mechanism?

A Model for Network Security

Shared concepts such as attacks, services, and mechanisms become much clearer when you place them into one communication model. Imagine you want to send a confidential message across an untrusted network where attackers may read or alter traffic. A model for network security explains how secure communication is established between sender and receiver.

Core Idea of the Model

The model shows that two parties communicate over the internet or another insecure network while using a security transformation and secret information. An opponent may observe or interfere with the communication, so the protection must be built into the communication process itself.

Main Components of the Model

Sender

The sender creates the original message and applies a security transformation before transmission.

Security Transformation

This is the algorithm applied to the message, such as encryption or a cryptographic function. It changes the message into a protected form.

Secret Information

This usually means a key used by the algorithm. The strength and secrecy of the key directly affect the strength of protection.

Receiver

The receiver uses corresponding secret information and a related algorithm to recover or verify the original message.

Opponent

The opponent tries to read, modify, delay, replay, or block the message while it moves across the network.

Trusted Third Party

In many systems, a trusted third party helps distribute keys or certify identities. This becomes important when the sender and receiver do not already trust each other.

Security Model Flow

The following diagram shows the basic communication structure.

flowchart LR
    OM[Original Message] --> ST[Security Transformation + Secret Key]
    ST --> SM[Secure Message]
    SM --> IN[Insecure Network]
    IN --> RP[Receiver Processing]
    RP --> OR[Original Message Restored]
  • Original Message: The actual data the sender wants to send.
  • Security Transformation + Secret Key: The protection step applied before transmission.
  • Secure Message: The transformed output sent across the network.
  • Insecure Network: The path where an attacker may observe or interfere.
  • Receiver Processing: Decryption or verification at the receiver side.
  • Original Message Restored: The intended information recovered correctly.

What the Model Requires

  • A strong algorithm: The method should remain secure even if attackers know how it works.
  • Secret key protection: The key must remain known only to authorized parties.
  • A secure way to share trust: Often done through key distribution or certification.
  • Protection against attacks: The model should address confidentiality, integrity, and authentication needs.

Two Common Communication Cases

Case What is needed Example
Confidential communication Encryption and key sharing Secure email
Authenticated communication Identity verification and integrity checks Online banking session

Why This Model Matters

This model ties the whole unit together. It shows how attacks create risk, how services define required protection, and how mechanisms implement that protection in real communication systems.

MCQ

In the network security model, what is typically used along with a security transformation to protect a message?