UNIT-I

WHAT DOES "SECURE" MEAN?

How to protect the valuable assets? One option is to place them in a safe place, like a bank to protect the valuable assets. But bank is not a safe place, where bank robbery is the crime of stealing assets from a bank during opening hours.

Now a day’s asset protection is easier, with many factors working against the potential criminal. Very sophisticated alarm and camera systems silently protect secure places like banks whether people are around or not.

The effective techniques are used to identify a person by genetic material (DNA), fingerprints, retinal patterns, voice, a composite sketch, and so on.

Many bank branches now contain less cash, because of a bank's business is conducted with checks, electronic transfers, credit cards, or debit cards by using networks and communication links. So, it requires methods to protect during transmission.

From the criminal's point of view, there are usually easier ways than bank robbery to make money.

Computer security:

  • Techniques used fordatastored in a computer cannot be read or compromised by any individuals without authorization. The data encryption and password techniques are mostly used.
  • Data encryption is the translation of data from readable form into unreadable form.
  • A password is a secret word or phrase that allows a user to access a particular program or system.

Network security:

  • Techniques are used to protect data during their transmission over a network.

Internet security:

  • Techniques are used to protect data during their transmission over a collection of interconnected networks.

ASSET: people, property, and information

Protecting Valuables

Reasons for the need of security,

  • Fast growth of computer networking for information sharing.
  • Availability of different tools and resources on Internet.
  • Increasing rate of attacks

THE MEANING OF COMPUTER SECURITY

The purpose of computer security is to provide ways to prevent or detect unauthorized actions by users.

1.3.1 Security Goals

Confidentiality

Integrity

availability.

Confidentiality

Confidentiality ensures that computer resources are accessed only by authorized parties. Confidentiality means that unauthorized people cannot read information, either it is on a computer or it is traveling over a network. Confidentiality is also called secrecy or privacy. Confidentiality is the protection of transmitted data from passive attacks.

Integrity

Integrity means that assets can be modified only by authorized parties or only in authorized ways. Integrity ensures that information is not modified in transit. This modification includes writing, changing, deleting, and creating.

Availability

Availability refers to the availability of information resources. Availability means that resources are accessible to authorized parties when is required and should not be prevented from access.

These three concepts referred as the CIA triad. Two additional concepts are needed to provide a complete security.

Authenticity

The property of being genuine and being able to be verified andtrusted; confidence in the validity of a transmission, a message, or messageoriginator.

(Or)

Authentication is a process by which a system verifies the identity of aUserwho wishes to access it.

THE OSI SECURITY ARCHITECTURE

The OSI security architecturefocuses on security attacks,mechanisms, and services.

Security attack: Any action that compromises the security of information owned by an organization.

Security mechanism: A process that is designed to detect, prevent, or recover from a security attack.

Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.

ATTACKS

A computer system has three valuable components: hardware, software, and data. Securities of these components are evaluated by Vulnerabilities, Threats, Attacks, and Controls.

Vulnerabilities, Threats, Attacks, and Controls

Vulnerability:

  • Vulnerability is weakness in a security system that can allows a threat or attack to gain unauthorized access to an asset.

Example: System without a password.

System does not verify a user's identity before allowing data access.

Threat:

  • A threat is a possible danger that might exploit vulnerability.
  • The difference between a threat and a vulnerability, consider the Figure 1-1. Here, a wall is holding water back. The water on the left of the wall is a threat to the man on the right of the wall: When the water could rise, overflowing causing the wall to collapse. So the threat of harm is the potential for the man to get wet.

Figure 1-1 Threats, Controls, and Vulnerabilities

Control:

  • Control is an action, device, procedure, or technique that removes or reduces a vulnerability.
  • In Figure 1-1, the man is placing his finger in the hole, controlling the threat of water leaks until he finds a more permanent solution to the problem.
  • In general, we can describe the relationship among threats, controls, and vulnerabilities in this way:A threat is blocked by control ofvulnerability.

There are four kinds of harmful acts: interception, interruption, modification, and fabrication.

These are classified as threats and attacks. Both the threats and attacks having the same meaning, threats are caused by nature and attacks are performed by the people.

  • An interception means that some unauthorized party has gained access to an asset by monitoring the network. The outside party can be a person, a program, or a computing system.

Example: copying of program or data files, or wiretapping to obtain data in a network.

  • In an interruption, an asset of the system becomes lost, unavailable, or unusable.

Example: malicious damage of a hardware device, erasure of a program or data file.

  • In modification an unauthorized party not only gain access to an asset, but alter the data.

Example: someone might change the values in a database, alter a program so that it performs an

additional computation.

  • In fabrication, an unauthorized party act as an authorized party and put false objects on a computing system.

SecurityAttacks:

Any action that compromises the security of information owned by an organization.

  • Attacks are classified as passive attacks and active attacks.

Passive Attacks

  • Passive attacks are performingeavesdropping (secret listening) on transmissions, or monitoring of transmissions. The goal of the opponent is to obtain information that is being transmitted.
  • Two types of passive attacks are the release of message contents and traffic analysis.
  • The release of message contents is easily understood (Figure 1.2a).

A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.

We would like to prevent an opponent from learning the contents of these transmissions.

Figure 1.2 Passive Network Security Attacks

  • A second type of passive attack, traffic analysis (Figure 1.2b).

Suppose we had a way of masking the contents of messages, if an opponent captured the message could not extract the information from the message.

The common technique for masking contents is encryption. If we use an encryption, an opponent still might be able to observe the pattern of these messages.

The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged.

This information might be useful in guessing the nature of the communication that was taking place.

  • Passive attacks are very difficult to detect, because they do notinvolve any alteration of the data. However, it is possible to prevent the success of these attacks by using an encryption.

Active Attacks

  • Active attacks involve alteration of the system resources such as modification of the data stream or the creation of a false stream.
  • Active attacks can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.
  • A masquerade takes place when one entity act as a differententity (Figure 1.3a).

  • Replay involves the capture of a data unit and its subsequent retransmission to produce an unauthorized effect (Figure 1.3b).

  • Modification of messages means that some portion of a original message is altered, to produce an unauthorized effect (Figure 1.3c).

For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.”

  • The denial of service prevents the normal use or management of communications facilities.

This attack may have a specific target; for example, an entity may send all messages directed to a particular destination to degrade performance.

Another form of service denial is the disruption of an entire network by disabling the network.

  • Active attacks are easy to detect, but very difficult to prevent.

Differences between the Passive and Active attacks:

S.NO / Passive Attacks / Active Attacks
1 / Passive attacks are perform eavesdropping on transmissions, or monitoring of transmissions. / Active attacks involve alteration of the system resources such as modification of the data stream or the creation of a false stream.
2 / Types: release of message contents and traffic analysis. / Types: masquerade, replay, modification of messages, and denial of service.
3 / Very difficult to detect. / Easy to detect.
4 / Prevention is easier than detection. / Difficult to prevent.
5 / It does not affect the system resources / It affects the system resources

SECURITY SERVICES

A communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.

The security servicesimplement security policies and are implemented by security mechanisms.

AUTHENTICATION
The assurance that the communicating entity is authorized.
Peer Entity Authentication
Used in connection oriented communication toprovide confidence in the identity of the entitiesconnected.
Data-Origin Authentication
In a connectionless transfer, provides assurance thatthe source of received data is original.
ACCESS CONTROL
The prevention of unauthorized use of a resourceand allows authorized use of resources.
DATA CONFIDENTIALITY
The protection of data from unauthorizedaccess.
Connection Confidentiality
The protection of all user data on a connection.
Connectionless Confidentiality
The protection of all user data in a single data block.
Selective-Field Confidentiality
The confidentiality of selected fields within the userdata on a connection or in a single data block.
Traffic-Flow Confidentiality
The protection of the information that might beaccessed from observation of traffic flows.
DATA INTEGRITY
The assurance that data received are exactly assent by an authorized entity (i.e., contain nomodification, insertion, deletion, or replay).
Connection Integrity with Recovery
Provide integrity of all user data on aconnection and detects any modification, insertion,deletion, or replay of any data, then recovery attempted.
Connection Integrity without Recovery
Provide integrity of all user data on aconnection and only detects any modification, insertion,deletion, or replay of any data, without recovery.
Selective-Field Connection Integrity
Provides for the integrity of selected fields within theuser data of a data block transferred over a connection
and takes the form of determination of whethertheselected fields have been modified,inserted,deleted, or replayed.
Connectionless Integrity
Provides for the integrity of a single connectionlessdata block and may take the form of detection ofdata modification. Additionally, a limited form ofreplay detection may be provided.
Selective-Field Connectionless Integrity
Provides for the integrity of selected fields within a singleconnectionless data block; takes the form of determinationof whether the selected fields have been modified.
NONREPUDIATION
Provides protection against denial by one of theentities involved in a communication of havingparticipated in all or part of the communication.
Nonrepudiation, Origin
Proof that the message was sent by the specified party.
Nonrepudiation, Destination
Proof that the message was received by the specifiedparty.

SECURITY MECHANISMS

SPECIFIC SECURITY MECHANISMS
Encipherment
The use of mathematical algorithms to transformdata into a form that is not readable. Thetransformation and subsequent recovery of thedata depend on an algorithm and encryption keys.
Digital Signature
A cryptographic transformationof a data unit that allows a recipient of the data unitto prove the source and integrity of the data unit andprotect against forgery (e.g., by the recipient). Signing a hash is called digital signature.
Access Control
A variety of mechanisms that enforce access rights toresources.
Data Integrity
A variety of mechanisms used to assure the integrityof a data unit or stream of data units.
Authentication Exchange
A mechanism intended to ensure the identity of anentity by means of information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream tomake difficulty on traffic analysis attempts.
Routing Control
Enables selection of secureroutes for certain data and allows routing changes,especially when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certainproperties of a data exchange.
PERVASIVE SECURITY MECHANISMS
Mechanisms those are not specific to any particularOSI security service or protocol layer.
Trusted Functionality
That which is perceived to be correct with respect tosome criteria (e.g., as established by a security policy).
Security Label
The marking bound to a resource that names or designates the securityattributes of that resource.
Event Detection
Detection of security-relevant events.
Security Audit Trail
Data collected and potentially used to facilitate asecurity audit, which is an independent review andexamination of system records and activities.
Security Recovery
Deals with requests from mechanisms, such as eventhandling and management functions, and takesrecovery actions.

A MODEL FOR NETWORK SECURITY

A message is to be transferred from one party to another across some sortof Internet service.

A logical information channel is established by the two parties. All the techniques for providing security have two components:

• A security-related transformation on the information to be sent. The encryption scrambles the message so that it is unreadable by the opponent.

• Some secret information shared by the two principals and it is unknown to the opponent. An example is an encryption key used to scramble the message before transmission and unscramble it on reception.

A trusted third party may be needed to achieve secure transmission. For example, a third party may be responsible for distributing the secret information to the two parties.

This general model shows that there are four basic tasks in designing a particular security service:

1. Design an algorithm for performing the security-related transformation.

2. Generate the secret information to be used with the algorithm.

3. Develop methods for the distribution and sharing of the secret information.

4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.

TERMINOLOGY AND BACKGROUND

Symmetric Encryption Principles (symmetric cipher model)

A symmetric encryption scheme has five ingredients (Figure 2.1):

  • Plaintext: This is the original message or data that is fed into the algorithm as input.
  • Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.

PRINCIPLES

  • Secret key: The secret key is also input to the algorithm. The exact substitutions and transformations performed by the algorithm depend on the key.
  • Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts.
  • Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the same secret key and produces the original plaintext.

SUBSTITUTION CIPHERS

Caesar Cipher

  • Caesar cipher using a left rotation of three places (the shift parameter, here 3, is used as the key):

Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ

Cipher text: DEFGHIJKLMNOPQRSTUVWXYZABC

  • When encrypting, a person looks up each letter of the message in the "plain" line and writes down the corresponding letter in the "cipher" line. Deciphering is done in reverse.

Plaintext: the quick brown fox jumps over the lazy dog

Cipher text: WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ

  • Let us assign a numerical equivalent to each letter:
  • Then the algorithm can be expressed as follows. For each plaintext letter , substitute the ciphertext letter:

C = E(3, p) = (p + 3) mod 26

A shift may be of any amount, so that the general Caesar algorithm is

C = E(k, p) = (p + k) mod 26

Where kis a key which value lies on the range of 1 - 25. The decryption algorithm is simply

p = D(k, C) = (C - k) mod 26

  • Disadvantages of the Caesar cipher:

1. The encryption and decryption algorithms are known.

2.There are only 25 keys to try.

Monoalphabetic Substitution

  • With only 25 possible keys, the Caesar cipher is not secure.A monoalphabetic substitution is one where a letter ofplaintext always produces the same letter of cipher text.
  • The relationship between a character in the plaintext and the characters in the ciphertext is one-to-one.
  • In general, an example of a monoalphabetic substitution is shown below.

PLAINTEXT : a b c d e f g h i j k l m n o p q r s t u v w x y z

CIPHERTEXT : Q R S K O W E I P L T U Y A C Z M N V D H F G X J B

Playfair Cipher

  • The Playfair algorithm is based on the use of a 5 × 5 matrix of letters constructed using a keyword.
  • The key can be written in the top rows of the table.The spaces in the table filled with the letters of the keyword first(dropping any duplicate letters), then fill the remaining spaces with the rest of the letters of the alphabet in order (usually put both "I" and "J" in the same space).
  • The technique encrypts pairs of letters (digraphs), instead of single letters.
  • To encrypt a message, one would break the message into digraphs (groups of 2 letters) such that, for example, "HelloWorld" becomes "HE LL OW OR LD", and map them out on the key table.

Then apply the following 4 rules, in order, to each pair of letters in the plaintext:

  1. If both letters are the same or only one letter is left, add an "X" after the first letter. Encrypt the new pair and continue.
  2. If the letters appear on the same row of your table, replace them with the letters to their immediate right respectively.
  3. If the letters appear on the same column of your table, replace them with the letters immediately below respectively.
  4. If the letters are on the different row or column, make a rectangle shape and replace them with the letters on the same row of corners of the rectangle

Example

  • Using "playfair example" as the key, (assuming I and J are interchangeable) the table becomes: