What is OSI Security Architecture?
The OSI security architecture helps the managers responsible for the security of an organization in defining the requirements for security. It was introduced as an ‘international standard’ which let the computer and communication vendor develop products that have security features based on this architecture.
In addition, the OSI security architecture has a structure definition of services and mechanisms for providing security to the organization’s information.
Table of Contents
Security Attacks
Security attacks can be defined as an action that risks the security of information owned by the company. X.800 and RFC 4949 classify the security attack into two types, as discussed below:
Passive Attack
In a passive attack, the attacker monitors or eavesdrops on the transmission between, and sender and receiver, and the attacker try to retrieve the information being transmitted. In a passive attack, neither the sender nor the receiver is aware of the attack as the attacker only retrieves the message; he doesn’t perform any alteration to the captured message. Further, the message is sent and received in a normal fashion.
Therefore, it is more difficult to identify the passive attack. Though identification of passive attacks is tedious, you can definitely implement encryption in order to prevent the success of this attack. This means even if the attack happens, the attacker is unable to extract the information.
Besides, the passive attack is further classified into two types.
- Release of message content
The release of the message content is a kind of attack where the attacker listens to the telephone conversation and tracks electronic mail or the transferred file to retrieve the confidential message being transmitted. The opponent is quite interested in the content of the released message. - Traffic analysis
To protect the released message content, the organization may apply a mask over the content of the message so that even if the attacker captures the message, he would not be able to understand the message. This technique of masking the released message is termed encryption.
Further, in a traffic analysis passive attack, the attacker monitors the pattern, length and frequency of the released message to guess the original message.
Active Attack
We have seen that in the passive attack, the attacker does not alter the message. But, in the active attack, the attacker alters and modifies the transmitted message by creating a false data stream.
It is quite difficult to prevent active attacks. Instead, the goal is to identify the source of the active attack and apply a recovery measure.
Moreover, the active attack is classified into four types:
- Masquerade
In a masquerade active attack, the attacker pretends to be the sender. To understand it better, consider that in figure 2 above, only path 2 is active in the masquerade attack. - Replay
In the replay, the message is captured in a passive way and is retransmitted to produce an unauthorized effect. To understand replay, consider that in figure 2, paths 1, 2 and 3 are active. - Modification of message
Modification of the message means some data stream of the message is altered or modified to create an unauthorized effect. Path 1 and 2 are active in this kind of attack. - Denial of services
The attacker suppresses all the messages directed to a particular receiver by overloading the network to degrade the network performance
Must Read: Information Technology
Security Mechanism
The security mechanism is an entire process that is specifically designed to identify the attack and develops a strategy to recover or prevent the attack.
Security Services
Considering X.800’s security services, the services can be classified into five categories. So, we are going to discuss them here:
- Authentication: It assures that the entity involves in the communication is the one it is claiming for.
- Access Control: This service assures that only authorized entities are accessing the resources and prevents unauthorized access.
- Data Confidentiality: This service manages to maintain the confidentiality of data by preventing the exposure of the message content to the attacker.
- Data Integrity: This service makes sure that the data received at the receiver end is from an authorized entity.
- Nonrepudiation: This service restricts the sending and receiving entity from denying the transmitted message.
Must Read: Internet
Wrap Up
Summing up, in all the OSI security architecture, the things that need to be concentrated are security attacks, services and mechanisms to prevent the risk to the security of information of an organization.
