Presented By Sandeep Verma

Introduction to Security

Need of Security
Security Threats and Attacks Security Services

Network security Model

Conclusion References

Network security is about balancing the goals of "OPEN" and "SECURE" and "COSTEFFECTIVE

 Security is a state of well-being of information and

infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable Security rests on confidentiality authenticity Integrity availability

 The past decade has seen an explosion in the concern for

the security of information

Malicious codes (viruses, worms, etc.) caused over $28

billion in economic losses in 2003, and went on over $75 billion by 2007
Internet attacks are increasing in frequency, severity and

sophistication

 Denial of service (DoS) attacked

Cost $1.2 billion in 2000

1999 CSI/FBI survey 32% of respondents detected DoS

attacks directed to their systems Thousands of attacks per week in 2001 Yahoo, Amazon, eBay, Microsoft, White House, etc., attacked

 well-known in network security world Bob, Alice (lovers!) want to communicate securely Trudy (intruder) may intercept, delete, add messages

Alice secure sender

Bob channel
data, control messages

data

secure receiver

data

Trudy

 Unauthorized access to information

Packet sniffers and wiretappers Illicit copying of files and programs

Eavesdropper

 Stop the flow of the message

Delay and optionally modify the message Release the message again

Perpetrator

 Unauthorized assumption of others identity

Generate and distribute objects under this identity

Masquerader: from A

 Destroy hardware (cutting fiber) or software Modify software in a subtle way (alias commands)

Corrupt packets are transmitted

Denial Of Services(DoS): Crashing the server Overwhelm the server

Passive Attacks

Active Attacks

 Involved in Eavesdropping or monitoring

the transmissions Goal of opponent is to obtain information that is being transmitted Types :The release of message contents Traffic analysis

Release of Message content

Traffic Analysis

Involves some modification of data stream or the creation of a false stream and divided in to four categories
Masquerade of one entity as some other Replay previous messages Modify messages in transit Denial of service

Mosquerade

Replay

Modification of messages

Denial Of Service

 Financial institutions and banks

Internet service providers

Pharmaceutical companies Government and defense agencies Contractors to various government agencies Multinational corporations

ANYONE ON THE NETWORK

 ITU-T X.800 Security Architecture for OSI

Defines a systematic way of defining and

providing security requirements. For us it provides a useful, if abstract, overview of concepts of security services.

 Security Attack: Any action that compromises the

security of information owned by organization. Security Mechanism: A process that is designed to detect, prevent, or recover from a security attack. Security services : A processing or communication service that enhances the security of the data processing system and information transfer of an organization. These are intended to counter security attacks.
X.800 defines security services in 5 major

categories

Authentication - assurance that the communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication

Data Integrity
Assurance that the data that arrives is the same as when it was sent.

Contd

Authentication
The process of verifying the identity of a user Typically based on
Something user knows
Password

Something user have

Key, smart card, disk, or other device

Something user is
fingerprint, voice, or retinal scans

Authentication Cont.
Authentication procedure
Two-Party Authentication
One-Way Authentication Two-Way Authentication

Third-Party Authentication

Client

Server

UserID & Password

One-way Authentication Authenticated

ServerID & Password

Two-way Authentication

Authenticated

Two-Party Authentications

Security Server

Se

or

er rv

as sw

,P ID

nt ic at ed

ID ,P

sw as

e th Au

Cl ie

nt

Au th e

d or

ed at ic nt

Exchange Keys Client Exchange Data Server

Third-Party Authentications

Authentication using MAC

Access Control
The process of enforcing access right and is based on following three entities
Subject
is entity that can access an object

Object
is entity to which access can be controlled

Access Right
defines the ways in which a subject can access an object.

Confidentiality
Assurance that sensitive information is not visible to an eavesdropper. So it involves the protection of transmitted data from passive attacks This is usually achieved using encryption.
Includes Cryptography

Message confidentiality using symmetric key in two directions

Non-repudiation
Provides protection against denial by one of entities involved in communication of having participated in all or part of the communication

Nonrepudiation, Origin Proof that message was sent by specified party Nonrepudiation,Destination Proof that message was received by specified party

Using this model requires to : Design a suitable algorithm for the security transformation Generate the secret information (keys) used by the algorithm Develop methods to distribute and share the secret information Specify a protocol enabling the principals to use the transformation and secret information for a security service

 Using this model requires to:

Select appropriate gatekeeper functions to

identify users Implement security controls to ensure only authorised users access the designated information or resources Trusted computer systems can be used to implement this model

 Information security is the ongoing process

of exercising due care and due diligence to protect information, and information systems, from Unauthorized access, Use, Disclosure, Destruction, Modification, or Disruption or Distribution.

The never ending process of information security involves ongoing training, assessment, protection, monitoring & detection, incident response & repair, documentation, and review. ii. This makes information security an indispensable part of all the business operations across different domains.
i.

 http://www.robertgraham.com/pubs/network-intrusion

detection.html http://online.securityfocus.com/infocus/1527 http://www.snort.org/ http://www.cert.org/ http://www.nmap.org/ http://grc.com/dos/grcdos.htm http://lcamtuf.coredump.cx/newtcp/ http://www.isfsecuritystandard.com http://security.practitioner.com http://www.security.mtu.edu

Cryptography and network security by Stallings Fourth edition Data cmmunication and Network by Behrouz A forouzan Fourth edition http://lecturesppt.blogspot.in/2011/09/networksecurity-ppt-pdf-slides.html http://www.csl.mtu.edu/cs6461/www/Slide/Chapter8. pdf http://www.authorstream.com/Presentation/aSGuest1 14509-1195743-network-security-model/