Security service (telecommunication)

Êtes-vous un étudiant de l'EPFL à la recherche d'un projet de semestre?

Travaillez avec nous sur des projets en science des données et en visualisation, et déployez votre projet sous forme d'application sur GraphSearch.

Découvrez-en plus sur les applications Graph.

Security service is a service, provided by a layer of communicating open systems, which ensures adequate security of the systems or of data transfers as defined by ITU-T X.800 Recommendation. X.800 and ISO 7498-2 (Information processing systems – Open systems interconnection – Basic Reference Model – Part 2: Security architecture) are technically aligned. This model is widely recognized A more general definition is in CNSS Instruction No. 4009 dated 26 April 2010 by Committee on National Security Systems of United States of America: A capability that supports one, or more, of the security requirements (Confidentiality, Integrity, Availability). Examples of security services are key management, access control, and authentication. Another authoritative definition is in W3C Web service Glossary adopted by NIST SP 800-95: A processing or communication service that is provided by a system to give a specific kind of protection to resources, where said resources may reside with said system or reside with other systems, for example, an authentication service or a PKI-based document attribution and authentication service. A security service is a superset of AAA services. Security services typically implement portions of security policies and are implemented via security mechanisms. Information security Information security and Computer security are disciplines that are dealing with the requirements of Confidentiality, Integrity, Availability, the so-called CIA Triad, of information asset of an organization (company or agency) or the information managed by computers respectively. There are threats that can attack the resources (information or devices to manage it) exploiting one or more vulnerabilities. The resources can be protected by one or more countermeasures or security controls. So security services implement part of the countermeasures, trying to achieve the security requirements of an organization. OSI model In order to let different devices (computers, routers, cellular phones) to communicate data in a standardized way, communication protocols had been defined.

À propos de ce résultat

Cette page est générée automatiquement et peut contenir des informations qui ne sont pas correctes, complètes, à jour ou pertinentes par rapport à votre recherche. Il en va de même pour toutes les autres pages de ce site. Veillez à vérifier les informations auprès des sources officielles de l'EPFL.

Publications associées (5)

Concepts associés (6)

Cours associés (1)

Séances de cours associées (4)

Privacy-preserving federated neural network training and inference

Sinem Sav

Training accurate and robust machine learning models requires a large amount of data that is usually scattered across data silos. Sharing, transferring, and centralizing the data from silos, however, is difficult due to current privacy regulations (e.g., H ...

EPFL2023

Provably Secure Authenticated Encryption

Damian Vizár

Authenticated Encryption (AE) is a symmetric key cryptographic primitive that ensures confidentiality and authenticity of processed messages at the same time. The research of AE as a primitive in its own right started in 2000. The security goals of AE wer ...

EPFL2018

An Improved Technique to Discover Compromising Electromagnetic Emanations

Martin Vuagnoux, Sylvain Pasini

The techniques generally used to detect compromising emanations are based on a wide-band receiver tuned on a specific frequency or a spectral analyzer with a limited bandwidth. However, these methods may not be optimal since a significant amount of informa ...

Ieee Service Center, 445 Hoes Lane, Po Box 1331, Piscataway, Nj 08855-1331 Usa2010

Cyberattaque

Une cyberattaque est un acte offensif envers un dispositif informatique à travers un réseau cybernétique. Une cyberattaque peut émaner de personnes isolées ou d'un groupe de pirates informatiques, éventuellement étatique. Une cyberattaque est presque systématiquement malveillante, mais peut s'inscrire dans une approche éthique, lorsqu'elle a pour seul but de mettre en évidence une faille de sécurité. Il existe de très nombreuses définitions selon les pays, les ONG, les organisations internationales Pour A.

Security controls

Security controls are safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets. In the field of information security, such controls protect the confidentiality, integrity and availability of information. Systems of controls can be referred to as frameworks or standards. Frameworks can enable an organization to manage security controls across different types of assets with consistency.

Countermeasure (computer)

In computer security a countermeasure is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken. The definition is as IETF RFC 2828 that is the same as CNSS Instruction No. 4009 dated 26 April 2010 by Committee on National Security Systems of United States of America.

COM-301: Computer security and privacy

This is an introductory course to computer security and privacy. Its goal is to provide students with means to reason about security and privacy problems, and provide them with tools to confront them.

Explore les violations de données dans les organismes sans but lucratif, les plans d'intervention en cas d'incident, les exigences juridiques, les stratégies de cybersécurité et les défis auxquels sont confrontées les organisations.

Explore le modèle Bell La Padula, les canaux secrets, les défis de déclassification et les propriétés de sécurité dans les modèles de confidentialité.

Explore l'importance de comprendre les attaques et le raisonnement derrière la pensée contradictoire dans le développement de mécanismes de sécurité.