4/16/2017 Network Security Mehrdad Nourani.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Cryptography and Network Security Chapter 1
Chapter 1 This book focuses on two broad areas: cryptographic algorithms and protocols, which have a broad range of applications; and network and Internet.
Lecture 1: Overview modified from slides of Lawrie Brown.
Introduction to network security
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
CPE 5002 Network security. Look at the surroundings before you leap.
Computer and Information Security Jen-Chang Liu, 2004
Applied Cryptography for Network Security
Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security Chapter 1
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Network Security Essentials Chapter 1
Network Security Essentials Chapter 1 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)
Introduction to Computer and Network Security
Network Security Essentials Chapter 1
1 Introduction to Network Security Spring Outline Introduction Attacks, services and mechanisms Security threats and attacks Security services.
Chapter 1 Overview. The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on.
PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.
Network security Network security. Look at the surroundings before you leap.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Cryptography and Network Security (CS435) Part One (Introduction)
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Network Security Introduction
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Computer threats, Attacks and Assets upasana pandit T.E comp.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
CST 312 Pablo Breuer. measures to deter, prevent, detect, and correct security violations that involve the transmission of information.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Prof. Wenguo Wang Network Information Security Prof. Wenguo Wang Tel College of Computer Science QUFU NORMAL UNIVERSITY.
Introduction (Pendahuluan)  Information Security  Criptography.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
Information Security Principles course “Cryptology” Based of: “Cryptography and network Security” by William Stalling, 5th edition. Eng. Mohamed Adam Isak.
Cryptography and Network Security
By Marwan Al-Namari Author: William Stallings
Cryptography and Network Security
Information System and Network Security
Information Security.
Information and Network Security
10CS835 Information Security
Cryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1
Qishi Wu University of Memphis
Cryptography and Network Security
Cryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1
Introduction to Cryptography
Cryptography and Network Security
A Model For Network Security
Security Attacks Network Security.
Cryptography and Network Security Chapter 1
Presentation transcript:

4/16/2017 Network Security Mehrdad Nourani

Network Security Essentials 4/16/2017 Session 02 Network Security Essentials

Security Issues: Past & Present 4/16/2017 Security Issues: Past & Present

Security in Early Days In the early days of data processing, the security of information was provided primarily by physical and administrative means: Computer buildings, floors, rooms were guarded and alarmed to prevent outsides from intruding and disrupting operations. The focus was on physical break-ins, the theft of computer equipment, and the physical theft or destruction of disk packs, tape reels, punch cards, or other media. Insiders were kept at bay and access was limited to a small set of computer professionals.

Information Security The requirements of information security within organizations have undergone two major changes: The introduction of shared systems such as time-shared and/or systems that can be accessed over the public telephone or data network. The introduction of distributed systems and the use of networks and communications facilities for carrying data between terminal user and computer and between computer and computer.

Computer vs. Network Security Computer security is the generic term for a collection of tools designed to protect data and to thwart hackers. Network security is the security measures that are needed to protect data during their transmission. In most systems, the boundaries between computer security and network security are blurred since most, if not all, of today’s systems are distributed in nature. Networking is a core part of today’s environment.

Examples of Security Violations User A transmits a sensitive file to user B; User C intercepts the file and captures a part or all of it. An employee is fired without warning. The personnel manager sends a message to invalidate the employee’s account. The employee intercepts the message and then retrieves some sensitive information. A message is sent from a customer to a stockbroker with instructions for a transaction; the investment loses value and the customer denies sending the message. …

Different Aspects of Security Security attack: Any action that compromises the security of information owned by an organization. Security mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security service: A service that enhances the security of the data processing systems and the information transfers of an organization. A system designed to counter security attacks.

Information Integrity and Cheating 4/16/2017 Information Integrity and Cheating

Information Integrity Functions

Reasons for Cheating (1) 1. Gain unauthorized access to information. 2. Impersonate another user to shift responsibility or else to use the other’s license for the purpose of: a. Originating fraudulent information b. Modifying legitimate information c. Using fraudulent identity to gain unauthorized access d. Fraudulently authorizing transactions or endorsing them 3. Disavow responsibility or liability for information the cheater did originate 4. Claim to have received from some other user information that the cheater created (i.e., fraudulent attribution of responsibility or liability).

Reasons for Cheating (2) 5. Claim to have sent to a receiver (at a specified time) information that was not sent (or was sent at a different time) 6. Either disavow receipt of information that was in fact received, or claim a false time of receipt. 7. Enlarge cheater’s legitimate license (for access, origination, distribution, etc.) 8. Modify (without authority to do so) the license of others (fraudulently enroll others, restrict, or enlarge existing licenses, etc.)

Reasons for Cheating (3) 9. Conceal the presence of some information (a covert communication) in other information (the overt communication) 10. Insert self into a communication link between other users as an active (undetected) relay point. 11. Learn who accesses which information (sources, files, etc.) and when the accesses are made even if the information itself remains concealed (e.g., a generalization of traffic analysis from communications channels to databases, software, etc.)

Reasons for Cheating (4) 12. Impeach an information integrity protocol by revealing information the cheater is supposed to (by terms of the protocol) keep secret 13. Pervert the function software, typically by adding a covert function 14. Cause others to violate a protocol by means of introducing incorrect information 15. Undermine confidence in a protocol by causing apparent failures in the system 16. Prevent communication among other users, in particular, surreptitious interference to cause authentic communication to be rejected as unauthentic

Goal of Network Security 4/16/2017 Goal of Network Security

Internet Security Our focus is on Internet Security It consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information We need systematic way to define requirements Consider three aspects of information security: security attack security mechanism security service

4/16/2017 Security Attacks

Security Attack Any action that compromises the security of information owned by an organization Information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems Should include a wide range of attacks Can focus of generic types of attacks Note: often threat & attack mean same

Categories of Security Attacks Interruption Attack on availability Interception Attack on confidentiality Modification Attack on integrity Fabrication Attack on authenticity

Normal Flow Normal Flow is the flow of information from an information source, such as a file, or a region of main memory, to a destination, such as another file or user. Information Source Information Destination

Interruption An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability. Examples: The destruction of hardware, the cutting of a communication line, or the disabling of the file management system. Information Source Information Destination

Interception An unauthorized party gains access to an asset. This is an attack on confidentiality. The unauthorized party could be a person, a program, or a computer. Examples: Wiretapping to capture data in a network and the unauthorized copying of files or programs. Information Source Information Destination Unauthorized Party

Modification An authorized party not only gains access to but tampers with an asset. This is an attack on integrity. Examples: Changing values in a data file, altering a program so that it performs differently, or modifying the content of messages being transmitted in a network. Information Source Information Destination Unauthorized Party

Fabrication An authorized party inserts counterfeit objects into the system. This is an attack on authenticity. Examples: The insertion of spurious (fake) messages in a network or the addition of records to a file. Information Source Information Destination Unauthorized Party

Passive Attacks Passive attacks eavesdrop or monitor the transmission. Goal: To obtain transmitted information Two types of passive attacks: 1. Release of contents: A telephone conversation, an electronic mail message, or confidential information. 2. Traffic analysis: Using the location and identities of hosts and the frequency and length of messages to determine the type of communication taking place. Passive attacks are difficult to detect since they do not involve any alteration of data. The emphasis is on prevention rather than detection.

Active Attacks Active attacks may modify of the data stream or create a false stream. Four Types of active attacks: 1. Masquerade: takes place when one entity pretends to be a different entity. This form usually includes one of the other forms of active attack. 2. Replay: involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. 3. Modification: occurs when an unauthorized party gains access to and tampers with an asset. This is an attack on integrity. 4. Denial of service: prevents or inhibits the normal use or management of communications facilities.

4/16/2017 Security Mechanisms

Method and Procedure A mechanism that is designed to detect, prevent, or recover from a security attack No single mechanism that will support all functions required However, one particular element underlies many of the security mechanisms in use: cryptographic techniques Hence, we will cover this area

Mechanisms Explain Details specific security mechanisms: digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization pervasive security mechanisms: trusted functionality, security labels, event detection, security audit trails, security recovery

4/16/2017 Security Services

Importance of Security Service Is something that enhances the security of the data processing systems and the information transfers of an organization Intended to counter security attacks Makes use of one or more security mechanisms to provide the service Replicates functions normally associated with physical documents E.g. have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed

Security Services Confidentiality is the protection of transmitted data from passive attacks. Authentication is concerned with assuring that a communication is authentic. Integrity assures that messages are received as sent. A connection-oriented integrity service should assure that there are no duplicates, insertions, deletions, modifications, reordering, or replays. A connectionless integrity service deals only with an individual message.

Security Services (cont.) Non-Repudiation prevents either the sender or receiver from denying a transmitted message. Access Control is the ability to limit and control the access to host systems and applications via communications links. Availability is the ability to prevent the loss or a reduction in availability of elements of a distributed system.

Network Security Model

Requirement of the Security Model Design a suitable algorithm for the security transformation Generate the secret information (keys) used by the algorithm Develop methods to distribute and share the secret information Specify a protocol enabling the principals to use the transformation and secret information for a security service

Operation of the Model A message is presented to be transferred from one party to another across some sort of internet. The two parties (principals) in the transaction must cooperate for the exchange to take place. A logical information channel is established by defining a route through the internet from source to destination using a communications protocol such as TCP/IP.

Components of the Model Security is an issue when it is necessary to protect the transmission from an opponent. All techniques for providing security have two components: 1. A security-related transformation on the information to be sent 2. Some secret information share by the two principles and hopefully unknown to opponent. Additionally, in some cases a trusted third party may be used for distributing the secret information or arbitrating disputes between the two parties over authenticity.

Network Access Security Model

Requirement of the Security Model Select appropriate gatekeeper functions to identify users Implement security controls to ensure only authorised users access designated information or resources Trusted computer systems can be used to implement this model

Internet Standards Internet Society is responsible for the development and publication of standards for use over the Internet. Internet Society is a professional membership organization. Internet Society is involved in Internet development and standardization. Internet Society is the coordinating committee for Internet design, engineering, and management.

Organizations to Review Standards Internet Society consists of three organizations: 1. Internet Architecture Board (IAB) which is responsible for defining the overall architecture of the Internet. 2. Internet Engineering Task Force (IETF) which is the protocol development arm of the Internet. 3. Internet Engineering Steering Group (ISEG) which is responsible for technical management of OETF activities and the Internet standard process.

Request For Comments (RFC) RFCs are the Internet Standards RFC is developed and published by the Internet Engineering Task Force (IETF) Approved by the Internet Engineering Steering Group (IESEG). To become a standard, the RFC must … Be stable and well-understood Be technically competent Have multiple, independent, and interoperable implementations with substantial operational experience. Enjoy significant public support Be recognizably useful in some or all parts of the Internet