Chapter 2: Context and Background
n this chapter, we introduce the main concepts related to the problem we are addressing, in order to provide the casual reader with the necessary background information for this dissertation. As the title of this thesis is “Analysis of Security and QoS in Network with time constraints”, it is clear that our work requires a deep understanding of three main topics: security, Quality of Service (QoS) and network applications with time constraints. These three fundamental topics will be addressed in this chapter.
In today's business environment, users demand seamless connectivity and ...view middle of the document...
Protecting confidentiality involves implementing procedures and measures to prevent malicious and accidental disclosure of information to unauthorized readers. This means that the computer system must:
* prevent users from reading confidential information (unless permitted),
* and prevent authorized users from disclosing secret information to other unauthorized users.
The term “information” must be taken in the widest sense: it covers not only the data itself, but also the flow of information and knowledge of the existence of data or communications. Ensuring the confidentiality of a system is a complex task. We must analyze all the paths that information in a particular system can take to ensure they are secure.
Attacks against confidentiality are attempts to obtain information that must be protected, despite the means of protection and security measures. For example, passive eavesdropping involves accessing data transmitted over a communication channel (such as, a cable network) or stored on a vulnerable storage medium (external drives, for example). Such eavesdropping may, under certain circumstances, allow access to sensitive information, such as the password of a user typing on a terminal connected to a central computer and transmitting clear text between the terminal and the machine. We also see that this attack can be particularly difficult to identify a posteriori, given the total absence of traces left in the system [Abouelkalam 2003a].
Integrity is the property that refers to ensuring that information is unaltered. It is the assurance that information remains intact, correct, and authentic. Protecting the integrity involves preventing and detecting unauthorized creation, modification, or destruction of information [Cole et al. 2005]. To protect the integrity of information, we must also prevent incorrect modification by authorized user or process.
To protect data integrity, it is important to implement some mechanisms to perform two important functions: the first is to detect changes of information; and the second is to control access to information (by managing access rights for programs and users).
An example of a malicious attack against the integrity is user intervention to modify a communication between two other users. Another example is of an accidental damage of information integrity caused by the modification of data when it is transmitted through unreliable wireless communication media. Clearly, the protection of information integrity from both accidental or malicious alteration is a must for the proper functioning of information technology.
Availability refers to ensuring that authorized users can access and work with information assets, resources, and systems when needed and with the required response and performance. This means that the computer system must:
* provide access to information so that authorized users can read or...