Information and Network Security Introduction Dr. Hadi AL Saadi Edited by Huda Saadeh

Objectives To define three security goals To define security attacks that threaten security goals To define security services and how they are related to the three security goals To define security mechanisms to provide security services To introduce two techniques, cryptography and steganography, to implement security mechanisms.

Backgrounds Information Security requirements have changed in recent times traditionally provided by physical and administrative mechanisms computer use requires automated tools to protect files and other stored information use of networks and communications links requires measures to protect data during transmission

Definitions Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers Network Security - measures to protect data during their transmission over a computer network Internet Security - measures to protect data during their transmission over a collection of interconnected networks

A security vulnerability: is a flaw or weakness in a system’s design, implementation or operation that could be exploited to violate the system’s security (RFC 2828). A security vulnerability is not a risk, a threat, or an attack Security threat: is a potential violation of security, which can be active (when the state of a system can be changed), or passive (unauthorized disclosure of information without changing the state of the system).

A security risk: originates when a security vulnerability is combined with a security threat. For example, an overflow bug in an operating system application (i.e. a vulnerability) associated with a hacker’s knowledge, appropriate tools and access (i.e. a threat) can develop the risk of a web server attack. Consequences of security risks are data loss, data corruption, privacy loss, fraud, downtime, and loss of public confidence Security attack: Any actions that compromises the security of information owned by an organization (or a person)

Integrity Confidentiality Availability

1-1 SECURITY GOALS Confidentiality– Can you keep a secret? Specifies that only the sender and the intended recipients should be able to access the content of a message. Confidentiality gets compromised if an unauthorized person is able to access a message. This type of an attack is called as interception Integrity – Did you get the message I sent? When the contents of the message are changed after the sender sends it, but before it reaches the intended recipient , we said the Integrity of the message is lost. This type of attack is called modification.

Availability – Are you there when needed? The principle of availability states that resources (i.e) information should be available to authorized parties at all times For example due to the intentional actions of another unauthorized user C , an authorized user A may not be able to contact server computer B. This would defeats the principle of availability . such an attack is called as interruption.

1.2 Security Attacks Passive Attack : are in the nature of eavesdropping on, or monitoring of transmissions. The goal of the opponent is to obtain information that is being transmitted Active attacks: involve some modification of the data stream or the creation of a false stream . Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical, software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.

The three goals of security- confidentiality, integrity, and availability- can be threatened by security attacks.

Snooping

Fig.2 Replay

1.2.3 Attacks Threatening Availability Denial of service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system.

intended to counter security attacks enhance security of data processing systems and information transfers of an organization intended to counter security attacks using one or more security mechanisms often replicates functions normally associated with physical documents Consider the role of a security service, and what may be required. Note both similarities and differences with traditional paper documents, which for example: have signatures & dates; need protection from disclosure, tampering, or destruction; may be notarized or witnessed; may be recorded or licensed

X.800: “a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers” RFC 2828: “a processing or communication service provided by a system to give a specific kind of protection to system resources”

1.3.2 Security Services X.800 Authentication - assurance that the communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality –protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication This list includes the various "classic" security services which are traditionally discussed. Note there is a degree of ambiguity as to the meaning of these terms, and overlap in their use. See Stallings Table 1.2 for details of the 5 Security Service categories and the 14 specific services given in X.800.

Access control: rules and policies that limit access to confidential information to those people and/or systems with a “need to know.” This need to know may be determined by identity, such as a person’s name or a computer’s serial number, or by a role that a person has, such as being a manager or a computer security specialist.

Authentication: the determination of the identity or role that someone has. This determination can be done in a number of different ways, but it is usually based on a combination of something the person has (like a smart card or a radio key fob storing secret keys), something the person knows (like a password), something the person is (like a human with a fingerprint). Something you are Something you know Something you have radio token with secret keys password=ucIb()w1V mother=Jones pet=Caesar human with fingers and eyes

Authorization: the determination if a person or system is allowed access to resources, based on an access control policy. Such authorizations should prevent an attacker from tricking the system into letting him have access to protected resources. Physical security: the establishment of physical barriers to limit access to protected computational resources. Such barriers include locks on cabinets and doors, the placement of computers in windowless rooms, the use of sound dampening materials, and even the construction of buildings or rooms with walls incorporating copper meshes (called Faraday cages) so that electromagnetic signals cannot enter or exit the enclosure.

1.3.3 Security Mechanism Encipherment : hiding or covering data , can prove confidentiality , two techniques , cryptography and steganography . Data integrity : appends to the data a short check value that has been created by a specific process from data itself. Digital signature: the sender can electronically sign the data and receiver can verify the signature, Authentication exchange: two entities exchange some message to prove their identity to each other. Traffic Padding: inserting some bogus data into the traffic to thwart the adversary’s attempt to use traffic analysis. Routing control: selecting and continuously changing different available routes between the sender and the receiver. Notarization: selecting a third trusted party to control the communication between two entities ( to prevent repudiation ) Access control: uses a method to prove that the user has access right to the data or resources owned by system (PINs or password)

1.3.3 Relation between Services and Mechanisms

1.4 TECHNIQUES Mechanisms discussed in the previous sections are only theoretical recipes to implement security. The actual implementation of security goals needs some techniques. Two techniques are prevalent today: cryptography and steganography.

1.4.1 Cryptography Cryptography, a word with Greek origins, means “secret writing.” However, we use the term to refer to the science and art of transforming messages to make them secure and immune to attacks.

Communication channel Encryption: the transformation of information using a secret, called an encryption key, so that the transformed information can only be read using another secret, called the decryption key (which may, in some cases, be the same as the encryption key). Usually used to provide Confidentiality encrypt decrypt ciphertext plaintext shared secret key Communication channel Sender Recipient Attacker (eavesdropping)

1.4.2 Steganography The word steganography, with origin in Greek, means “covered writing,” in contrast with cryptography, which means “secret writing.” Example: covering data with text

Example: using dictionary Example: covering data under color image

1.5 Model for Network Security

1.5.1 Data Transfer In considering the place of encryption, its useful to use the following two models from Stallings section 1.6. The first, illustrated in Figure 1.4, models information being transferred from one party to another over an insecure communications channel, in the presence of possible opponents. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. They can use an appropriate security transform (encryption algorithm), with suitable keys, possibly negotiated using the presence of a trusted third party. Parts One through Four of this book concentrates on the types of security mechanisms and services that fit into the model shown here.

Model for Network Security using this model requires us to: design a suitable algorithm for the security transformation generate the secret information (keys) used by the algorithm develop methods to distribute and share the secret information specify a protocol enabling the principals to use the transformation and secret information for a security service

1.5.2 Model for Network Access Security using this model requires us to: select appropriate gatekeeper functions to identify users implement security controls to ensure only authorised users access designated information or resources The second, illustrated in Figure 1.5, model is concerned with controlled access to information or resources on a computer system, in the presence of possible opponents. Here appropriate controls are needed on the access to and within the system, to provide suitable security. The security mechanisms needed to cope with unwanted access fall into two broad categories (as shown in this figure). The first category might be termed a gatekeeper function. It includes password-based login procedures that are designed to deny access to all but authorized users and screening logic that is designed to detect and reject worms, viruses, and other similar attacks. Once either an unwanted user or unwanted software gains access, the second line of defense consists of a variety of internal controls that monitor activity and analyze stored information in an attempt to detect the presence of unwanted intruders. These issues are explored in Part Four.