Scribd
Upload
5 views

unit 1 second part

Information security models are structured frameworks that guide the implementation of security mechanisms to protect information systems and data. The defense-in-depth model consists of four layers: computer security, network security, service security, and application security, each addressing different aspects of protection. Additional concepts include extended security architecture, perimeter security, controlled access security, and resource security, which collectively ensure comprehensive protection against various threats.

Uploaded by

hs6854420
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
5 views

unit 1 second part

Information security models are structured frameworks that guide the implementation of security mechanisms to protect information systems and data. The defense-in-depth model consists of four layers: computer security, network security, service security, and application security, each addressing different aspects of protection. Additional concepts include extended security architecture, perimeter security, controlled access security, and resource security, which collectively ensure comprehensive protection against various threats.

Uploaded by

hs6854420
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Informa on Security Models

Informa on security models are frameworks or systema c approaches that guide the
implementa on of security mechanisms to protect informa on systems and data. They
provide a structured and principled way to design, implement, and manage security
controls.

The defense-in-depth model is defined in four layers:

1. Computer security

2. Network security

3. Service security

4. Applica on securety

Computer security
This involves protec ng individual computer systems from damage, the , or
unauthorized access. It includes using an virus programs, implemen ng
firewalls, and ensuring opera ng system security patches are up to date.

Network security
This focuses on protec ng the integrity, confiden ality, and availability of data
and resources as they are transferred across or within networks.
Methods include the use of

 firewalls
 encryp on
 VPNs
 intrusion detec on systems.

These are characters c of network security in the following list:


• Transmission Security. The protec on of data as it is transmi ed from one
loca on to another
. • Protocol Security. The construc on of packets and how they are processed
and used to transmit informa on.
• Rou ng Protocol Security. The informa on that is shared by network devices
to work together to support communica ons.

Service Security:
This ensures that services, whether internal or user-facing,
are protected from unauthorized access and other threats.
This includes things like ensuring secure authen ca on and
authoriza on processes.
The following are examples of opera onal services used in
Microso Windows:
• Security Accounts Manager. Stores security informa on for
local user accounts.
• Plug and Play. Enables a computer to recognize and adapt
to hardware changes with li le or no user input.
• Net Logon. Supports pass-through authen ca on of
account logon events for computers in a domain.
• Event Log. Enables event log messages issued by Windows-
based programs and components to be viewed in Event
Viewer. This service cannot be stopped.
• Logical Disk Manager. Configures hard disk drives and
volumes. The service only runs for configura on processes
and then stops.
• Indexing Service. Indexes contents and proper es of files on
local and remote computers; provides rapid access to files
through flexible querying language.

Applica on Security:
This deals with the security measures at the applica on level,
protec ng so ware applica ons from threats like malware,
SQL injec on, and other exploits.
Techniques include secure coding prac ces, code reviews,
and applica on firewalls.
1. Extended Security Architecture
Extended security architecture takes tradi onal security
measures and integrates them with extended networks and
services. This includes securing cloud environments, third-
party services, and mobile networks. As organiza ons
increasingly rely on external resources, extended security
ensures that data remains protected wherever it goes.
2. Perimeter Security
Perimeter security involves protec ng the boundary between
an organiza on's internal network and the outside world. It
aims to prevent unauthorized access and detect poten al
threats. Key elements include:
 Firewalls: Filter traffic to prevent unauthorized access.
 Intrusion Detec on/Preven on Systems (IDS/IPS):
Monitor network traffic to detect and respond to
threats.
 Virtual Private Networks (VPNs): Securely connect
remote users to the internal network.
3. Controlled Access Security
Controlled access security focuses on defining and enforcing
access controls to ensure that only authorized users can
access specific resources. Techniques include:
 Iden ty and Access Management (IAM): Manages user
iden es and permissions.
 Mul -Factor Authen ca on (MFA): Requires mul ple
forms of verifica on to grant access.
 Role-Based Access Control (RBAC): Grants permissions
based on user roles.
4. Resource Security
Resource security ensures that all resources within an
organiza on, such as data, applica ons, and servers, are
protected. Key strategies include:
 Data Encryp on: Secures data both at rest and in transit.
 Applica on Security: Protects applica ons from
vulnerabili es and exploits.
 Regular Audits and Monitoring

You might also like