The OSI (Open System Interconnection) security architecture provides a systematic framework for defining security attacks, mechanisms & services.

1. Security Attacks: They are classified as either passive attacks (which include the unauthorized reading of a message, of file and traffic analysis) or active attacks such as modifications of messages or files & denial of services.

2. Security Mechanisms: It is any process that is designed to detect, prevent or recover from a security attack.

   Eg: encryption algorithm, digital signature & authentication protocols

3. Security Services: It includes authentication, access control, data confidentiality, data integrity, non-repudiation & availability.

Cryptographic and network security focuses on two broad areas:

1. Cryptographic Algorithms and Protocols (which have a broad range of applications)

2. Network Security & Internet Security (which rely heavily on cryptographic techniques)

Cryptographic algorithms and protocols can be grouped into four main areas:

• Symmetric encryption: Used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords.

• Asymmetric encryption: Used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.

• Data integrity algorithms: Used to protect blocks of data, such as messages from alteration.

• Authentication protocols: These are schemes based on the use of cryptographic algorithms designed to authenticate the identity of entities.