Lect_1_support_Security Architecture

(1)

Cryptography and Security

Mechanisms

Nazar Abbas Saqib

[email protected]

(2)

Agenda

Definitions:

Information Security

Computer, Network , Internet and communication Security

Security Architecture

Security attacks

Security Services

(3)

Computer Security

Method of protecting information, computer programs, and other computer system assets while they are connected to the network. Include operating system security, software security, access control & physical security etc.

Network Security

Measures to protect data during their transmission on a computer network, like data protection, data and source authentication etc

(4)

Internet Security

:

M

easures to protect data during their transmission over a collection of interconnected networks

Communication Security

Measures and controls taken to deny unauthorized persons information derived from telecommunications and ensure the authenticity of such telecommunications. Communications security includes:

crypto-security, transmission security, emission security, and physical security

(5)

Information security Information security Information security

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption,

modification or destruction.

3 main components of Information system:

• Software

• Hardware

• Communications

3 main Information Security Goals: (3)

• Confidentiality (C)

• Integrity (I) [CIA]

• Availability (A)

3 levels of Information Security:

(6)

Security Technologies

Security technologies help protect systems and information against attacks, detect unusual or suspicious activities, and respond to events that affect security.

There are two core areas:

1.

1. Operational technology

Operational technology

• The purpose of operational technology is to maintain and defend the availability of data resources in a secure manner

• includes firewalls, monitoring tools, Security analysis tools etc

2.

2. Cryptography

Cryptography

(7)

Security policy

A set of rules and practices that specify or regulate

how a system or organization provides security

services to protect sensitive and critical system

resources

(8)

1. Restricting physical access to workstations to only authorized personnel.

2. Securing workstations (screen lock or logout) prior to leaving area to prevent unauthorized access. 3. Enabling a password-protected screen saver with a short timeout period to ensure that workstations

that were left unsecured will be protected

4. Complying with all applicable password policies and procedures.

5. Ensuring workstations are used for authorized business purposes only. 6. Never installing unauthorized software on workstations.

7. Storing all sensitivity information, including protected health information (PHI) on network servers 8. Keeping food and drink away from workstations in order to avoid accidental spills.

9. Securing laptops that contain sensitivity information by using cable locks or locking laptops up in drawers or cabinets.

10. Complying with the Portable Workstation Encryption policy 11. Complying with the Anti-Virus policy

12. Ensuring that monitors are positioned away from public view. If necessary, install privacy screen filters or other physical barriers to public viewing.

13. Ensuring workstations are left on but logged off in order to facilitate after-hours updates. Exit running applications and close open documents

14. Ensuring that all workstations use a surge protector (not just a power strip) or a UPS (battery backup). 15. If wireless network access is used, ensure access is secure by following the Wireless Access policy

Workstation Security P

Workstation Security Policy

olicy

(9)

Security Attack:

An intelligent act that is a deliberate attempt to evade

security services and violate the security policy of a system

Security Mechanism:

A mechanism that is designed to detect,

prevent, or recover from a security attack

Security Service:

A processing or communication service that is

provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms

Example: Data Confidentiality is a security service which can be provided through

encipherment- a security mechanism, to avoid data disclosure (security attack)

(10)

(11)

Security Attacks

Any action that compromises the security of information owned by

an organization

Often threat & attack used to mean same thing

Threat: a possible danger that might exploit a vulnerability

(RFC2828)

Attack: An intelligent act that is a deliberate attempt to evade

(12)

Security attack classification

Release of message contents

Traffic analysis

Masquerade

Replay

Modification of message contents

Denial of Service

Passive

Active

(13)

Passive Attacks

Passive attacks are those attacks where attacker aims to obtain

information that is in transit but does not affect the system resources

The attacker does by eavesdropping or monitoring of data transmission No modification of data - therefore referred to as ‘passive’

Difficult to detect

Passive attacks are further classified into two sub-categories:

Passive attacks

(14)

Passive Attacks (Interception)

Release

Release of

of message

message contents

contents

_to_{to intended}_{intended receiver}_{receiver only}_only..

The

The attackattack refersrefers releaserelease ofof messagemessage contentscontents inin transittransit toto aa third

third partyparty (attacker)(attacker) againstagainst thethe wishwish ofof thethe sendersender

ExampleExample:: SendingSending aa confidential mailmail toto aa friendfriend.. ItIt isis desireddesired thatthat

only

only he/shehe/she willwill getget itit

HowHow toto preventprevent it?it?

MessageMessage cancan bebe codedcoded usingusing aa codingcoding languagelanguage

understandable

understandable onlyonly toto bothboth endsends.. TheThe attackerattacker therefore

(15)

Passive Attacks (Interception)

TrafficTraffic analysisTrafficTraffic analysisanalysis attackanalysis attackattackattack:::: attempt to analyze (encoded) messages

to come up with likely patterns that provides some clues regarding the communication that is taking place b/w two parties

What could be observed?

How

How toto preventprevent it?it?

Example: Host and destination addresses, frequency of

the messages, type of messages, etc.

1.

1. Message can be coded Message can be coded 2.

2. Random messages when no Random messages when no message is transmitted

message is transmitted 3.

3. Message padding ( message Message padding ( message length)

(16)

Active Attacks

ActiveActive attacksattacks attemptattempt toto alteralter systemsystem resourcesresources oror affectaffect theirtheir

operation

operation.. TheThe contentscontents ofof thethe originaloriginal messagemessage areare modifiedmodified inin some

some wayway

ItIt cancan bebe inin thethe formform ofof interruption,interruption, modificationmodification andand fabricationfabrication

RelativelyRelatively easiereasier toto detectdetect

(17)

Active Attacks

MasqueradeMasqueradeMasqueradeMasqueradeMasqueradeMasqueradeMasqueradeMasquerade is caused when an unauthorized entity pretends to be

another entity.

Ex. User C might pose to user A, User B might led to believe that

the message indeed come from A

Ex. Capturing user’s authentication sequence (login ID &

(18)

Active Attacks

ModificationModification:::: refer a change in some part of legitimate message,ModificationModification

delay in the message, or reordering the message producing an unauthorized affect

Ex. “Allow John Smith to read confidential file accounts” is modified to

“Allow Fred Brown to read confidential file accounts”

Two sub-categories of Modification attack are Replay attack and Alteration

(19)

Active Attacks

In a ReplayReplayReplayReplayReplayReplayReplayReplay AttackAttackAttackAttackAttack, a user captures a sequence of events or some dataAttackAttackAttack

units and resends them

Ex. User A & User B have accounts in a bank myBank. Users A sends

(20)

Active Attacks

DenialDenialDenialDenialDenialDenialDenial ofDenial ofof Serviceofofofofof Service ((((((((DoSServiceServiceServiceServiceServiceService DoSDoSDoSDoS)))))))) attacks make an attempt to preventDoSDoSDoS

legitimate users from accessing services which they are eligible for

How to launch DoS?

1. Burning up computational resources, such as bandwidth, disk space, or processor time.

2. Disruption of configuration information, such as routing information.

3. Disruption of state information, such as unsolicited resetting of TCP sessions.

4. Disruption of physical network components.

5. Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

(21)

(22)

RFC 2828, provides the following definitionRFC 2828, provides the following definitionRFC 2828, provides the following definitionRFC 2828, provides the following definition

:

“A processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms”

X.800 divides these services into five categories:X.800 divides these services into five categories:X.800 divides these services into five categories:X.800 divides these services into five categories:

1) Authentication 2) Access Control

3) Data Confidentiality 4) Data Integrity

5) Non-repudiation

(23)

Data Confidentiality

Protection of data from unauthorized disclosure

Message sent by User A is only exposed to its intended recipient

‘User B’

Security Services

Example (Fig)

User A sends an extension plan of his future products to User B – highly confidential

The attacker gets access to data files while transmission w/o the permission or knowledge

(24)

Data Integrity

Assurance that data received are exactly as is sent by an authorized

entity

Contain no modification, insertion, deletion, or replay

Can be applied to stream of messages, a single message or selected

fields within a message

(25)

Authentication:

Assurance that the communicating entity is the one

claimed

Peer Entity Authentication: established at the time of connection or a the time

of data transfer (thus associated with a logical connection). It provides confidence that

– Entity is not performing a masquerade or

– Entity is not performing unauthorized replay of a previous connection

Data Origin Authentication (in a connectionless transfer)

– provides confirmation about the source of the data

– Does not provide protection against duplication or modification of data units

Security Services

Example (Fig)

The attacker pose User A and sends a funds transfer request to bank (from A to attacker’s

(26)

Access Control :

Determines who should be able to access

what

e.g. User A can view the records in database but cannot update Role Based: which user can do what (

User Side

)

Rule based: which resource is accessible and under what

circumstances (

Resource Side

)

Access Control List (ACL)

specifies and controls who can access

what

Security

(27)

Non-repudiation

Protection against denial by one of the parties in a

communication

Sender cannot deny that he has not sent the message

Receiver cannot deny that he has not received the message

(28)

Availability

Ensures that a service or information is available to an (authorized)

user upon demand and without delay.

Denial of Service (DoS) attacks

seek to interrupt a service or make

some information unavailable to legitimate users

Security Services

Example (Fig)

Due to the intentional action of attacker, Users A is not able to access

(29)

Security Attacks

Security Attacks vs

vs Security Services

Security Services

Process of an attacker getting hold of a message in transit before it reaches the intended recipient. This is attack on confidentiality

Attack on a message where its contents are changed. This is attack on integrity

False message created by Attacker to distort the attention of the authorized users. This is attack on authenticity

(30)

(31)

Terminologies

Plaintext

The actual text or original data (The input to an encryption function or

the output of a decryption function)

Encryption

The conversion of plaintext or data into unintelligible form by means of

a reversible translation, based on a translation table or algorithm. Also called enciphering

Ciphertext

The output of an encryption algorithm; the encrypted form of a

message or data

Decryption

The translation of encrypted text or data (called ciphertext) into

original text or data (called plaintext). Also called deciphering.

Cipher

An algorithm for encryption and decryption. A cipher replaces a piece

(32)

Terminologies

Key

The secret information in a cryptographic operation

Digital Signature

An authentication mechanism that enables the creator of a message to

attach a code that acts as a signature. The signature is formed by taking the hash of the message and encrypting the message with the creator's private key. The signature guarantees the source and

integrity of the message

Hash

Fingerprint of the message. Identifies a message uniquely

Hash function

A function that maps a variable-length data block or message into a

(33)

Security Mechanism

Encipherment

The use of mathematical algorithms to transform data into a form

that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys.

Access Control

A variety of mechanisms that enforce access rights to resources. Data Integrity

A variety of mechanisms used to assure the integrity of a data

(34)

Security Mechanism

Authentication Exchange

A mechanism intended to ensure the identity of an entity by

means of information exchange.

Traffic Padding

The insertion of bits into gaps in a data stream to frustrate

traffic analysis attempts.

Routing Control

Enables selection of particular physically secure routes for

certain data and allows routing changes, especially when a breach of security is suspected.

Notarization

The use of a trusted third party to assure certain properties of a

(35)

Relationship b/w

Relationship b/w Security Services &

Security Services &

Mechanisms

Security Mechanisms

Service Encipherment Digital signatur e Access control Data integrity Authenticatio n exchange Traffic paddin g Routing Control Notarizati on

(36)

Model for Network Security

Using this model requires to:

1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the

(37)

Model for Network

Model for Network Access Security

Access Security

Using this model requires us to:

1. First line of Defence: First line of Defence: First line of Defence: First line of Defence: Select appropriate gatekeeper functions to identify authorized and to stop unauthorized(hackers, intruders, disgruntled employees)

2. Second Line of Defence:Second Line of Defence:Second Line of Defence:Second Line of Defence: Implement security controls to monitor