What is Security ?

Security = PROTECTION OF DATA

Security is the degree of protection against danger, damage, loss, and crime.
4

Background
Information Security requirements have changed in recent times traditionally provided by physical and administrative mechanisms computer use requires automated tools to protect files and other stored information use of networks and communications links requires measures to protect data during transmission

Definitions
Computer Security - generic name for the collection of tools designed to protect data from hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks
6

Aim of Course
our focus is on Internet Security which consists of measures to deter, prevent, detect, and correct security violations that involve the transmission & storage of information

Aspects of Security
consider 3 aspects of information security:
security attack security mechanism security service

OSI SECURITY ARCHITECTURE

Security architecture for OSI offers a systematic way of defining security requirements and characterizing the approaches to achieve these requirements. It was developed as an international standard. (ITU) The OSI security architecture focus on security attack, mechanism, and services. These can be defined briefly as fallows:
Security Attack: Any action that compromise the security of information owned by an organization. Security Mechanism: A process that is designed to detect, prevent or recover from a security attack. And security mechanism is a method which is used to protect your message from unauthorized entity. Security Services: Security Services is the services to implement security policies and implemented by security mechanism.

 any action that compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems often threat & attack used to mean same thing have a wide range of attacks

Security Attack

Information Source (Normal Flow)

Information Destination

10

Interruption: Any asset of the system is destroyed or becomes unavailable or unusable. Ex. Destroying some H/W -Cutting the communication link -Disabling file system

Information Source (Interruption)

Information Destination

11

Interception: An unauthorized user group access to an asset. This is a attack on confidentiality. Ex. Wiretapping to capture data in network. -Unauthorized copying of files or programs.
Wiretapping-(Connect a device to listen secretly monitor)

Information Source (Interception)

Information Destination

12

Modification: An unauthorized party gains access and tampers an asset. This is attack on integrity. Ex. Changing data files. -Altering a program or the contents of a message.

Information Source

Information Destination

(Modification)
13

Fabrication: An unauthorized party inserts counterfeit object into the system. This is a attack on authenticity. Ex. Insertion of records in data files. -Insertion of spurious messages.
Counterfeit illegally imitate (copy) Spurious fake

Information Source

Information Destination

(Fabrication)
14

Type of Attacks :Passive Attacks :

(i) Passive Attacks (ii) Active Attacks

A Passive Attack is an attack where an unauthorized attacker monitors or listens communication between two parties. Eavesdropping or monitoring of information transmissions without modifying it.
Eavesdropping Secretly listen to a conversation

Type of Passive Attacks (i)Release of Message contents (ii)Traffic analysis

15

Passive Attacks

16

(i) Release of Message contents : Attack on like telephone conversation, an email message, or a transferred file have confidential information.
(ii) Traffic Analysis : Traffic analysis is a interception of message without modification, actually find the location of data and identity of communicating host and observe the frequency and length of messages.

17

Active Attacks

18

Active Attack: Active attack means that the attackers actively attempting to cause harm to a network or system. The attacker is not just monitoring on the traffic but disturb or shutdown a service.
Types of Active attacks Masquerade Attack :- It is a type of attack in which one system assumes the identity of another. (false identity)

Message Replay :- It involves the re-use of captured data at a later time than originally intended in order to repeat some action of benefit to the attacker.
19

Active Attack cont

1.

2.

Message Modification :- It involve modifying a packet header address for the purpose of directing it to an unintended destination or modifying the user data. Denial of Service (DoS):- It is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. (Ex-Ping of death (bugs
in TCP/IP implementation)

Disrupts service provided by server Internet or other comms facility Server

20

Security Service
enhance security of data processing systems and information transfers of an organization intended to counter security attacks using one or more security mechanisms often replicates functions normally associated with physical documents
which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
21

Security Services
X.800:
a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers X.800 is a information processing system open systems interconnection

RFC 2828:
a processing or communication service provided by a system to give a specific kind of protection to system resources 22

Security Services (X.800)

Authentication This service concerned with assuring that a communication is authentic.
Authentication verify that who you are ? Authorization verify that what you are authorized to do ?

Access Control is the ability to limit and control the access to host systems and application via communication links. Data Confidentiality is the protection of transmitted data from the assurance to an entity that one can read a particular piece of data except the receiver explicitly intended.
23

 Data Integrity In integrity service that a message assures that messages are received as sent, with no duplication, insertion, modification, reordering or replays. Non-Repudiation means the ability to prove that transaction originated from a particular party, so that party cannot deny that he performed a certain transaction. A receiver cannot deny that received a certain message from a sender and sender cannot deny that he sent a message to the receiver.

24

Security Mechanism
feature designed to detect, prevent, or recover from a security attack no single mechanism that will support all services required however one particular element underlies many of the security mechanisms in use:
cryptographic techniques

hence our focus on this topic

25

Security Mechanisms (X.800)

specific security mechanisms:
encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization

pervasive security mechanisms:

trusted functionality, security labels, event detection, security audit trails, security recovery

26

Model for Network Security

28

Model for Network Security

using this model requires us to:
1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service

29

Model for Network Access Security

Password based login procedures, unauthorized users, virus, spyware attack

30

Model for Network Access Security

using this model requires us to:
1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources

trusted computer systems may be useful to help implement this model

31

Summary
have considered:
definitions for:
computer, network, internet security

X.800 standard security attacks, services, mechanisms models for network (access) security

32