BITS Pilani

Pilani | Dubai | Goa | Hyderabad

Network Security
Lecture-1, January 9, 2012 Rahul Banerjee, PhD (CSE)
Professor, Department of Computer Science & Information Systems
E-mail:rahul@bits-pilani.ac.in, Home: http://universe.bits-pilani.ac.in/pilani/rahulbanerjee/Profile

Interaction Points
About the focus of the course How shall this course be conducted? Resources & Timelines for the course What is Network Security? Elements involved in Network Security Select References to the literature Summary

BITS Pilani, Deemed to be University under Section 3 of UGC Act, 1956

About the Focus of the Course

This course aims at:
Learning about the basics of Computer Networking Developing an ability to:
Understand security requirements of a given network or internetwork, Conceptualizing a simple but effective solution to reasonably secure a given network or internetwork, Designing a verifiable network security system, Configure a simple network for ensuring required level of security, Analyze a given network security systems architecture / design & Selecting / developing software element required to secure a simple network / internetwork / service
11/01/12 (c) Dr. Rahul Banerjee, BITS Pilani, INDIA 3

Methodology to be used:

The Course Plan

42 Classroom lectures (three per week, as per the provided course handout) Learning Reinforcements through:
Online Discussion Forum (at the LMS: hNp://nalanda.bits-pilani.ac.in/ ) Case-studies interlaced with design discussions (in classroom) Mini-project / TheoreQcal Study / Research Seminar / Laboratory Experiments: 25% Self-study assignments <for learning enhancement at appropriate points of Qme, no evaluaQon weightage> Only ONE Test: Mid-Semester Test <closed book> 30% Quizzes <Open Book / Open Notes> 5% Comprehensive ExaminaQon <Open Book: 20%, Closed Book: 20%> 30%
<You are allowed to carry Laptops/Notebooks/Netbooks/Tablets/iPads etc. with wireless access disabled in classrooms as well as in open-book examinaQons and quizzes>
11/01/12 (c) Dr. Rahul Banerjee, BITS Pilani, INDIA 4

Resources for the Course

Course Home Page:
URL: http://universe.bits-pilani.ac.in/pilani/rahulbanerjee/NetworkSecurity

This page shall have the original slides <in PDF> developed by me

Course Forum at the Nalanda LMS portal:

URL: http://nalanda.bits-pilani.ac.in This page shall carry links to: Discussion Forum Reading advisories Challenges for bright students <meant for self-learning, no evaluation weightage> Occasional Links to News items of contemporary relevance to the topic under discussion Laboratory tips developed with the help of student volunteers Indicative Solutions to Test / Quiz / Compre. Exam papers

IntraBITS Page for Course:

http://intraBITS.bits-pilani.ac.in <January 15, 2012 onward>
11/01/12 (c) Dr. Rahul Banerjee, BITS Pilani, INDIA 5

AddiQonal Resources for the Course

Digital Library resources:
As accessible from the http://library.bits-pilani.ac.in < including relevant online IEEE / ACM journals / magazines / standards & e-books as advised through Reading Advisories>> Access to select complete E-books via Books 24x7
Laboratory resources:

Fixed and Mobile Networking equipment located at

IBM Laboratory for Open Source Computing, Microsoft Laboratory for Mobile Computing and

Chamber Consultation Hours:

Monday: 1700 1800 Hrs.
11/01/12 (c) Dr. Rahul Banerjee, BITS Pilani, INDIA 6

Network Security: An IntroducQon

Network Security
Network Security is o^en viewed as the branch of study dealing with need to protect: one or more aspects of operaQon of Computer Networks; and, permiNed use (access, behaviour, performance, privacy and condenQality), Security requirements of a Network may be Local or Global in their scope, depending upon the networks or internetworks purpose of design and deployment.
(c) Dr. Rahul Banerjee, BITS Pilani, INDIA 7

11/01/12

AcQve versus Passive ANacks

AcQve aNacks involve ac.ve a0empts on security leading to modica.on, redirec.on, blockage or destruc.on of data, devices or links.
Examples:
ModicaQon / corrupQon of data or access control bits Denial-of Service aNacks

Passive aNacks involve simply gedng access to link or device and consequently data.
(c) Rahul Banerjee, BITS, Pilani (India) 8

 Role of Cryptography

Role of Cryptography, OS & ConguraQon

Role of OperaQng Systems

Symmetric / ConvenQonal cryptography Asymmetric cryptography Built-in OS Security at the Kernel-level Support for Cryptographic APIs Network Protocol Stack design based security

Role of ConguraQon in Security

Network conguraQon OS conguraQon ApplicaQon conguraQon (c) Rahul Banerjee, BITS, Pilani Security System conguraQon 9 (India)

Symmetric-Key Cryptography
Symmetric-Key cryptography is called so since in this class of cryptographic algorithms, encrypQon as well as decrypQon processes are performed using the same (i.e. symmetric) key. The algorithms / schemes / programs that use this paradigm are o^en termed as Symmetric-Key Ciphers / Private-Key Ciphers / Secret-Key Ciphers / ConvenQonal Ciphers etc. In such cases, Plaintext, EncrypQon-DecrypQon Algorithm, Key and Ciphertext form four basic components of the Symmetric Cipher Model. Such schemes should exhibit:
Security of Key Distribu0on to the legal recipients) Adequate (c) Rahul Banerjee, BITS, Pilani strength of Encryp0on
(India) 10

References
Bruce Schneier: Applied Cryptography, Wiley Student EdiQon, Second EdiQon, Singapore, 1996. Alfred Menezes, Paul van Oorschot, and ScoN Vanstone: Handbook of Applied Cryptography. CRC Press, NY. William Stallings: Cryptography and Network Security. Fi^h EdiQon, Pearson, New Delhi, 2011. C.Kauman, R.Perlman and M.Spenser: Network Security, Second EdiQon, PrenQce Hall, Englewood Clis, 2002. S.Bellovin and W.Chesvick: Internet Security and Firewalls, Second EdiQon, Addison-Wesley, Reading, 1998.
(c) Rahul Banerjee, BITS, Pilani (India) 11

RecommendaQons for Further Reading

Journals & Magazines
IEEE / ACM TransacQons on Networking IEEE TransacQons on Wireless CommunicaQons IEEE TransacQons on Computers IEEE Security & Privacy IEE Proceedings on InformaQon Security IEEE Network IEEE Computer IEEE Pervasive CompuQng IEEE Personal CommunicaQons Elseviers Pervasive CompuQng

(c) Rahul Banerjee, BITS, Pilani (India)

12

RecommendaQons for Further Reading

On-line Resources
IETF PosQngs at ieo.org Periodic updates at nist.gov Select FIPS documents at ps.org Digital Libraries / Archives / Technical Reports at major research universiQes acQve in this area as shall be menQoned from Qme to Qme during lectures Rahul Banerjee: Lecture Notes on Network Security, Electronic Read-only ediQon to be available just before Mid-Sem Test at the course page
(c) Rahul Banerjee, BITS, Pilani (India)

13

Thank you for your kind attention!

BITS Pilani
Pilani | Dubai | Goa | Hyderabad

Rahul Banerjee