Security Requirements: There are five principle requirements that are addressed by network security:

• Confidentiality requires that data is accessible only to authorized parties
• Integrity requires that only authorized persons can modify the data
• Availability requires that data be available to the authorized parties
• Authenticity requires that services are able to verify the identity of users
• Non-repudiation requires that services can ensure that a user cannot deny a previous action.

Security Attacks: Two major categories of security attacks are: 1) passive and 2) active attacks.

Passive attacks involve exposure of a message to a non-authorized party, such as in eavesdropping, but do not involve any alteration of the message content. These attacks are very difficult to detect, and they are best prevented by using various types of message encryption.

Active attacks involve some data modification and can be grouped in four categories:

• Masquerade - when one entity pretends to be another one
• Replay - passive capture of a data unit, and its retransmission
• Modification of message - involves alteration of a portion of a message
• Denial of Service - prevents the normal use of communication facilities