Professional Documents
Culture Documents
UNIT 1
INTRODUCTION
➢ NEED FOR SECURITY:
- Earlier computer applications had no or at best,
very little security.
- This continued for a number of years until the
importance of data was truly realized.
- Until then, computer data was considered to be
useful, but not something to be protected.
- When computer applications were developed to handle
financial and personal data, the real need for
security was felt like never before.
- People realized that data on computers was an
extremely important aspect of modern life.
- Therefore, various areas in security began to gain
prominence.
- Computer Security is the protection of computing
systems and the data that they store or access.
- With the advent of computers, information storage
became electronic. Instead of being stored on
physical media, it was stored in computers.
- The files stored in computers require
confidentiality, integrity and availability.
- The implementation of these requirements, however,
is different and more challenging.
- So from all these this we can conclude that the main
reasons for the need of security are as follows :
a) To protect secret information. So that no other
person should be able to access it.
b) To protect the information from unwanted
editing from unauthorized users.
c) To protect the information from loss and make
it delivers to its destination properly.
d) To manage for acknowledgement of message
received by any node in order to protect from
denial by the sender.
e) To restrict the user to send some message to
another user with name of third one.
f) To protect the message from unwanted delay in
transmission.
g) To protect the data from wandering data packets
in the network for infinitely long time.
➢ NEW THREATS/RISKS:
- Computing systems are the assets to attackers. Today
d)Scareware:
Fake security software warnings: This type
of scam can be particularly profitable for
cyber criminals, as many users believe the
pop-up warnings telling them their system is
infected and are lured into downloading and
paying for the special software to "protect"
their system.
e)Social Network Attacks:
Social network attacks are major sources
of attacks because of the volume of users and
the amount of personal information that is
posted. Users' inherent trust in their online
friends is what makes these networks a prime
target. For example, users may be prompted to
follow a link on someone's page, which could
bring users to a malicious website.
➢ SECURITY APPROACHES:
a)TRUSTED SYSTEMS:
A trusted system is a computer system that can
be trusted to a specified extent to enforce a
specified security policy.
- Trusted systems were initially of primary
interest to the military.
- However,these days,the concept has spanned
across various areas,most prominently in the
banking and financial community,but the concept
never caught on.
- Trusted systems often use the term
reference
monitor.
- This is an entity that is at the logical heart
of the computer system.
- It is mainly responsible for all the decision
related to access controls.
- Naturally following are the three main
expectations from the reference monitor :
1) It should be tamper proof.
2) It should always be invoked.
3) It should be small enough so that it can
be independently tested.
b)SECURITY MODELS:
An organization can take several approaches to
implement its security model which are as follows :
● No Security: In this simplest case, the approach could be
a decision to implement no security at all.
● Security through obscurity: In this model, a system is
secure simply because nobody knows about its existence
and contents. This approach cannot work for too long, as
there are many ways an attacker can come to know about
it.
● Hot Security: In this scheme, the security for each host
is enforced individually. This is a very safe approach,
but the trouble is that it cannot scale well. The
complexity and diversity of modern sites/organizations
makes the task even harder.
● Network Security: Host security is tough to achieve as
organizations grow and become more diverse. In this
technique, the focus is to control network access to
various hosts and their services, rather than individual
host security. This is a very efficient and scalable
model.
● AFFORDABILITY:
Cost and effort in security implementation.
● FUNCTIONALITY:
Mechanism of providing security.
● CULTURAL ISSUES:
Whether the policy gets well with people’s
expectation
● LEGALITY :
Whether the policy meets the legal requirements.
➢ PRINCIPLES OF SECURITY:
Following are the principles of security :
a) CONFIDENTIALITY :
The principle of confidentiality specifies that
only the sender and the intended recipient(s) should
be able to access the contents of a message.
Confidentiality gets compromised if an unauthorized
person is able to access a message.
As we can observe in the
above figure, it is an
example of comprising the confidentiality of message,
in which the user of computer A want to send message
to user of computer B. Another user C gets access to
this message which is not intended to get this
message then it defeat purpose of confidentiality. If
confidential email sent by A to B is accessed by C
without permission from A or B then this type of
attack is known as
interception
.
Interception causes loss of message confidentiality.
b) AUTHENTICATION :
Authentication mechanism helps to establish
proof of identity.This process ensures that origin
of an electronic document or message is correctly
identified.
c) INTEGRITY :
When content of message change after sending
the message by sender but before receiver receive it
then we can say that integrity of message is lost.
For example if user A sent message to user B
but somehow user C managed to access that message
and change content of message. User B have no way to
knowing that message is tampered after user A sent
that message. User A also does not know that message
is tampered.This type of attacks is known as
modification.
d) NON-REPUDIATION :
There are situation where a user sends a message,
and later on refuses that he had sent that message .
Non-Repudiation does not allow the sender of a message to refuse the claim
of not sending that message.
e) ACCESS CONTROL :
The principle of access control determines who
should be able to access what. For instance, we should
be able to specify that user A can view the records in
the database, but cannot update them.HOwever , user B
might be allowed to make updates as well. An access
control mechanism can be setup to ensure this. Access
control can be broadly related to two areas :
role
management and rule
management
. Role management
concentrates on the user side, whereas rule management
focuses on the resources side.
Access control specifies and controls who can access
what.
f) AVAILABILITY :
the time.
user C, an authorized user A may not be able to contract
known as i
nterruption.
➢ SECURITY ATTACKS:
We can classify the types of attacks on computers
and network systems into two categories for better
understanding.
a) Theoretical concepts behind these attacks
b) Practical approaches used by the attackers.
● Theoretical concepts
The principles of security face threat from
various attacks. These attacks are generally
classified into four categories, as mentioned
earlier. They are
1) Interception
2) Fabrication
3) Modification
4) Interruption
These attacks are further grouped into two
types: passive attacks and active attacks.
1) Passive Attacks :
- Passive attacks are those, where in the
attacker indulges in eavesdropping or
monitoring of data transmission.
- In other words, the attacker aims to obtain
information that is intrinsic.
- The term passive indicates that the attacker
does not attempt super form any modifications
to the data.
- In fact, this is also why passive attacks are
harder to detect. Thus, the general approach to
deal with passive attacks is to think about
prevention, rather than detection or corrective
actions.
Fig.1. Types of attacks
- The following figure shows classification of passive
attacks into two sub-categories.
- These categories are release of message contents and
traffic analysis.
Fig.2. Passive attacks
- Release of message contents is quite simple to
understand. When we send a confidential email message to
our friend, we desire that only she be able to access it.
Otherwise, the contents of the message are released
against our wishes to someone else. Using certain
security mechanisms, we can prevent release of message
contents.
- For example, we can encode messages using a code
language, so that only the desired parties understand the
contents of a message, because only they know the code
language. However, if many such messages are passing
through. A passive attacker could try to figure out the
similarities between them to come up with some sort of
pattern that provides her some clues regarding the
communication that is taking place. Such attempts of
analyzing (encoded) messages to come up with likely
patterns are the work of the traffic analysis attack.
2) Active attacks :
- Unlike passive attacks, the active attacks are based on
modification of the original message in some manner, or
on creation of a false message. These attacks cannot be
prevented easily.
- However, they can be detected with some effort, and
attempts can be made to recover from them. These attacks
can be in the form of interruption, modification and
fabrication.
● Interruption attacks are called as masquerade
attacks.
● Modification attacks can be classified further into
replay attacks and alteration of messages.
● Fabrication causes Denial of Service (DOS) attacks.
- The classification of active attacks are as follows
Fig 3 : Active Attacks
- Masquerade is caused when an unauthorized entity pretends
to be another entity .
- As we have seen, user C might pose as user A and send a
message to user B. User B might be led to believe that
the message indeed came from user A. In a replay attack,
a user captures a sequence of events, or some data units,
and resends them.
- For instance, suppose user A wants to transfer some
amount to user C’s bank account.
- Both users A and C have accounts with bank B. Bank B
would have no idea that this is an unauthorized message,
and would treat this as a second, and different, funds
transfer request from user A. Therefore user C would get
the benefit of the funds transfer twice: ones authorized
and ones through a reply attack.
- Alteration of massages involves some change to the
original massage.
- For instance, suppose user A sends and electronic
messages transfer $ 1000 to D’s account to bank B. User C
might capture this, and change it to transfer $ 10000 to
C’s account. Note that both the beneficiary and the
amount have been change –instead, only one of these could
have also cause alteration of the message.
- Denial Of Service (DOS) attacks make and attempt to
prevent legitimate users from accessing some services.
Which they are eligible for. For instance, an
unauthorized user might send two many login requests to a
server using random user ids one after the other in quick
succession, so as to flood the network and deny other
legitimate users an access to the network.
● The Practical Side of Attacks
The attacks discussed earlier can come in a number
of forms in real life. They can be classified into two
broad categories: application-level attacks and
network-level attacks, as shown in following fig.
Fig.4. Practical side of attacks
● Application level attacks:
- These attacks happen at an application level in the
sense that the attacker attempts to access , modify
or prevent access to information of a particular
application, or the application itself.
- Examples of this are trying to obtain someone’s
credit card information on the internet, or changing
the contents of a message to change the amount in a
transaction, etc.
Fig : Model For Network Security
- Security aspects come into play when it is necessary
or desirable to protect the information transmission
from an opponent who may present a threat to
confidentiality,authenticity and so on.
- All the techniques that providing security nave two
components:
1) A security related transmission on the
information to be sent. Examples include
encryption of message which scrambles the
message so that it is unreadable by the
component and the addition of code based on the
contents of message which can be used to verify
the identity of the sender.
2) Some secret information shared by the two
principles and it is hoped unknown to the
opponent. Example includes An encryption key
used in conjunction with the transformation to
scramble the message before transmission and
unscramble it on reception.
- A trusted third party may be needed to achieve
secure transmission. For example, a third party may
be responsible for distributing the secret
information to the two principles while keeping it
from any opponent.Or a third party may be needed to
arbitrate disputes between the two principles
concerning the authenticity of a message
transmission.
- This general model shows that there are four basic
tasks in designing a particular security service:
a) Design an algorithm for performing the security
related transformation. The algorithm should be
such that an opponent cannot defeat its
purpose.
b) Generate the secret information to be used with
algorithm.
c) Develop methods for the distribution and
sharing secret information.
d) Specify a protocol to be used by two principles
that makes use of the security algorithm and
the secret information to achieve a particular
security service.
Fig : A Network Access Security Model