Security goals are the fundamental objectives of information security that ensure the protection of data through confidentiality, integrity, availability, and authentication.
Confidentiality ensures that information is accessed only by authorized persons. Unauthorized users should not be able to view sensitive data.
Significance: It protects sensitive information such as military data, bank details, passwords, and personal records from unauthorized disclosure. Techniques like encryption are used to maintain confidentiality.
Integrity ensures that data is not modified, altered, or deleted by unauthorized persons during transmission or storage.
Significance: It guarantees that the received data is exactly the same as the sent data. It prevents attacks like modification and masquerading. Integrity maintains trust and accuracy of information.
Availability ensures that system resources and data are available to authorized users whenever required.
Significance: It ensures continuous system operation and service access. Attacks like Denial of Service (DoS) threaten availability. Without availability, even secure data is useless.
Data authentication ensures that the message is sent by the legitimate sender and not by an attacker. It verifies the identity of the sender.
Significance: It prevents impersonation and ensures data origin authenticity. Methods like Message Authentication Code (MAC) and digital signatures are used.
A security attack is any attempt to gain unauthorized access, alter, disable, or destroy information or system resources.
In passive attacks, the attacker only monitors or observes the data transmission. There is no modification of data. These attacks are difficult to detect.