Chapter
1
Computer
and Network Security Concepts
Cryptography is the art of secret writing. When a
message is transferred in a network from sender to a receiver over a network
cryptographic techniques are applied for secure transmission.
These Cryptographic algorithms and protocols can be
grouped into four main areas:
Symmetric Encryption:
Used to hide the contents of blocks or streams of data of any size, including
messages, files, encryption keys, and passwords.
Asymmetric Encryption:
Used to hide small blocks of data, such as encryption keys and hash function
values, which are used in digital signatures
Data Integrity Algorithms:
Used to guard blocks of data, such as messages, from alteration
Authentication Protocols: Schemes based on the use of cryptographic
algorithms designed to authenticate the identity of entities
Computer Security: (Definition)
Computer
security is the protection of computer system and its information from unauthorized
use.
The
NIST (National Institute of Standards and Technology) Computer Security
Handbook defines the term computer security as:
“The
protection afforded to an automated information system in order to attain the
applicable objectives of preserving the integrity, availability and
confidentiality of information system resources” (includes hardware, software,
firmware, information/sdata, and telecommunications)
Computer Security Objectives: There
are objectives for computer security which have to be met by any system.
Confidentiality:
·
Data confidentiality
o
Guarantees that private or confidential
information is not made available or disclosed to unauthorized individuals
·
Privacy
o
Guarantees that individuals control or effect
what information related to them may be collected and stored and by whom and to
whom that information may be disclosed
Integrity:
o Data
integrity
o
Guarantees that information and programs are changed only in
a identified and authorized manner
o System
integrity
o
Guarantees that a system performs its proposed
function in a perfect manner, free from deliberate or unintended unauthorized
manipulation of the system
Availability:
•
Guarantees that systems work promptly and
service is not denied to authorized users
Essential Network and Computer Security
Requirements: Generally for the data and services of a
system, CIA(Confidentiality, Integrity and Availability) triad is used to define
security objectives but some of the security field sense that additional
concepts are needed to offer a complete picture. Two of them are Authenticity
and Accountability.
Accountability:The
property of being able to trace the activities carried out in the system. The
security goal that generates the requirement for actions of an entity to be
traced uniquely to that entity.Must be able to trace a security breach to a
responsible party. Systems must keep records of their activities to permit
later legal analysis to trace security breaches or to aid in transaction differences.
Breach of Security Levels of Impact :There
are three levels of impact on organizations or individuals should there be a
breach of security (i.e., a loss of confidentiality, integrity, or
availability)
Computer Security Challenges
Computer and network
security is both interesting and complex. Some of the reasons as follows:
1. Security
is not as simple as it might first appear to the novice. The requirements seem
to be straightforward. But the mechanisms used to meet those requirements can
be quite complex, and understanding them may involve rather subtle reasoning.
2. Security
mechanisms typically involve more than a particular algorithm or protocol.
3. Potential
attacks on the security features need to be considered.
4. Procedures
used to provide particular services are often counter-intuitive.
5. Security
is essentially a battle of wits between a perpetrator and the designer.
6. It
is necessary to decide where to use the various security mechanisms.
7. Little
benefit from security investment is perceived until a security failure occurs.
8. Requires
constant monitoring.
9. Strong
security is often viewed as an impediment to efficient and user-friendly
operation.
10. Finally
for people security is always an afterthought.
THE OSI SECURITY
ARCHITECTURE
The OSI security
architecture focuses on security attacks, mechanisms, and services. These can
be defined briefly as
Security attack: Any
action that cooperates the security of information owned by an organization.
Security mechanism:
A procedure (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.
Security service: A
processing or communication service that improves the security of the data
processing systems and the information transfers of an organization. The
services are intended to counter security attacks, and they make use of one or
more security mechanisms to provide the service.
SECURITY ATTACKS
Security attacks can be categorized into two generic
types of attacks.
Generic types of attacks
1. Passive
attacks
2. Active
attacks
A passive attack attempts
to learn or make use of information from the system but does not affect system
resources.
An active attack attempts
to alter system resources or affect their operation.
1. Passive
Attacks
Passive attacks are in
the nature of eavesdropping on, or monitoring of, transmissions. The goal of
the opponent is to obtain information that is being transmitted. Two types of
passive attacks are the release of message contents and traffic analysis.
a) Release of message
contents:
The release of message
contents is easily understood .A telephone conversation, an electronic mail
message, and a transferred file may contain sensitive or confidential
information.We would like to prevent an
opponent from learning the contents of these transmissions.
b) Traffic analysis:
A second type of passive
attack, traffic analysis, is subtler .Suppose that we had a way of masking the
contents of messages or otherinformation traffic so that opponents, even if
they captured the message, couldnot extract the information from the message.
The common technique formasking contents is encryption. If we had encryption
protection in place, anopponent might still be able to observe the pattern of
these messages. Theopponent could determine the location and identity of
communicating hosts andcould observe the frequency and length of messages being
exchanged. Thisinformation might be useful in guessing the nature of the
communication thatwas taking place.
Passive attacks are very
difficult to detect, because they do not involve any alteration of the data.
2. Active attack:
An active attack attempts to alter system resources or affect their operation.
Active attacks involve some modification of the data stream or the creation of
a false stream. Active attacks can be subdivided into four categories:
masquerade, replay, modification of messages, and Denial of service.
a) Masquerade:
A masquerade takes place when one entity pretends to be a different entity
(Figure:). A masquerade attack usually includes one of the other forms of
active attack.
For example,
authentication sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling an authorized entity
with few privileges to obtain extra privileges by impersonating an entity that
has those privileges.
b) Replay : Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
c) Modification of
messages: Modification of messages simply means that some
portion of a legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect (Figure: c). For example, a
message meaning “Allow John Smith to read confidential file accounts” is
modified to mean “Allow Fred Brown to read confidential file accounts
d) Denial of service:
The denial of service prevents or inhibits the normal use or management of
communications facilities (Figure d). This attack may have a specific target;
For example, an entity may suppress all messages directed to a particular
destination (e.g., the security audit service). Another form of service denial
is the disruption of an entire network—either by disabling the network or by
overloading it with messages so as to degrade performance
SECURITY SERVICES
The classification of
security services are as follows: Confidentiality, Authentication, Integrity,
Non Repudiation, Access Control and Availability.
1.Confidentiality:
Ensures that the information in a computer system and transmittedinformation
are accessible only for reading by authorized parties. Confidentiality is the
protection of transmitted data from passive attacks. For example, when a TCP
connection is set up between two systems, this broad protection prevents the
release of any user data transmitted over the TCP connection.
a) Connection
Confidentiality
The protection of all
user data on a connection.
b) Connectionless
Confidentiality
The protection of all user
data in a single data block
c) Selective-Field
Confidentiality
The confidentiality of
selected fields within the user data on a connection or in a single data block.
d) Traffic-Flow
Confidentiality
The protection of the
information that might be derived from observation of traffic flows.
2.Authentication:
The authentication service is concerned with assuring that a communication is
Authentic. The assurance that the communicating entity is the one that it
claims to be.Ensures that the origin of a message or electronic document is
correctly identified, with an assurance that the identity is not false.
a) Peer Entity
Authentication
Used in association with
a logical connection to provide confidence in the identity of the entities
connected.
b) Data-Origin
Authentication
In a connectionless
transfer, provides assurance that the source of received data is as claimed.
3.Integrity:Ensures
that only authorized parties are able to modify computer system assets and
transmitted information. Modification includes writing, changing status,
deleting, creating and delaying or replaying of transmitted messages.
4.Non Repudiation:
Requires that neither the sender nor the receiver of a message be able to deny
the transmission. when a message is sent, the receiver can prove that the
alleged sender in fact sent the message. Similarly, when a message is received,
the sender can prove that the alleged receiver in fact received the message.
5.Access Control:
Requires that access to information resources may be controlled by the target
system . access control is the ability to limit and control the access to host
systems and applications via communications links. To achieve this, each entity
trying to gain access must first be identified, or authenticated
6.Availability:Requires
that computer system assets be available to authorized parties when needed.
SECURITY MECHANISMS
One of the most specific
security mechanisms in use is cryptographic techniques.
Encryption or
encryption-like transformations of information are the most common means of
providing security. Some of the mechanisms are:
1 Encipherment
2 Digital Signature
3 Access Control
4 Data Integrity
5 Authentication Exchange
6 Traffic Padding
7 Routing Control
8 Notarization
1. Encipherment:
It refers to the process of applying mathematical algorithms for converting
data into a form that is not intelligible. This depends on algorithm used and
encryption keys.
2. Digital
Signature: The appended data or a cryptographic transformation
applied to any data unit allowing to prove the source and integrity of the data
unit and protect against forgery.
3. Access
Control: A variety of techniques used for enforcing access
permissions to the system resources.
4. Data
Integrity: A variety of mechanisms used to assure the
integrity of a data unit or stream of data units.
5. Authentication
Exchange: A mechanism intended to ensure the identity of an
entity by means of information exchange.
6. Traffic
Padding: The insertion of bits into gaps in a data stream to
frustrate traffic analysis attempts.
7. Routing
Control: Enables selection of particular physically secure
routes for certain data and allows routing changes once a breach of security is
suspected.
8. Notarization:
The use of a trusted third party to assure certain properties of a data
exchange
MODEL FOR NETWORK
SECURITY
A message is to be
transferred from one party to another across some sort of Internet service. The
two parties, who are the principals in this transaction, must cooperate for the
exchange to take place. A logical information channel is established by
defining a route through the Internet from source to destination and by the cooperative
use of communication protocols (e.g., TCP/IP) by the two principals.
The techniques for providing security have two
components:
1. A
security-related transformation on the information to be sent. Examples include
the encryption of the message, which scrambles the message so that it is
unreadable by the opponent, and the addition of a code based on the contents of
the message, which can be used to verify the identity of the sender.
2. Some
secret information shared by the two principals and, it is hoped, unknown to
the opponent. An example is an encryption key used in ––conjunction with the
transformation to scramble the message before transmission and unscramble it on
reception.
A trusted third party may
be needed to achieve secure transmission. For example, a third party may be
responsible for distributing the secret informationtothe two
Model
For Network Security
principals while keeping
it from any opponent. Or a third party may be needed to arbitrate disputes
between the two principals concerning the authenticity of a message
transmission.
This general model shows
that there are four basic tasks in designing a particular security service:
1. Design an algorithm
for performing the security-related transformation. The algorithm should be
such that an opponent cannot defeat its purpose.
2. Generate the secret
information to be used with the algorithm.
3. Develop methods for
the distribution and sharing of the secret information.
4. Specify a protocol to
be used by the two principals that makes use of the security algorithm and the
secret information to achieve a particular security service.
Difference between Hacker
and Intruder:There are other security-related
situations of interest that do not neatly fit this model.
The hacker can be
someone who, with no malign intent, simply gets satisfaction from breaking and
entering a computer system.
The intruder can
be a disgruntled employee who wishes to do damage or a criminal who seeks to
exploit computer assets for financial gain (e.g., obtaining credit card numbers
or performing illegal money transfers).
Another type of unwanted
access is the placement in a computer system of logic that exploits
vulnerabilities in the system and that can affect application programs as well
as utility programs, such as editors and compilers.
Programs can present two
kinds of threats:
·
Information access threats:
Intercept or modify data on behalf of users who should not have access to that
data.
·
Service threats:
Exploit service flaws in computers to inhibit use by legitimate users.
Network
Access Security Model
Viruses and worms are two
examples of software attacks. Such attacks can be introduced into a system by
means of a disk that contains the unwanted logic concealed in otherwise useful
software. They can also be inserted into a system across a network; this latter
mechanism is of more concern in network security.
Gatekeeper Function:
The
security mechanisms needed to cope with unwanted access fall into two broad
categories (see Figure ).
i)
The first category might be termed a
gatekeeper function. It includes password-based login procedures that are
designed to deny access to all but authorized users and screening logic that is
designed to detect and reject worms, viruses, and other similar attacks.
ii)
Once either an unwanted user or unwanted
software gains access, the second line of defense consists of a variety of
internal controls that monitor activity and analyze stored information in an
attempt to detect the presence of unwanted intruders.
No comments:
Post a Comment