Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Secure Computing CMSC 100, Fall 2011 Adapted from slides provided by Marie desJardins Some slides borrowed from book slides for Computer Science: An Overview by J. Glenn Brookshear

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Security Issues Network security (protecting against unwanted intrusions; chap. 4.5) Software quality assurance (ensuring software does what is is meant to; chap. 5.6, 7.6) Database integrity (ensuring stored information is maintained correctly; chap. 9.4) Protecting confidential information (encryption & other methods for access control; chap. 12.6) Protecting intellectual property (copyrights, patents, trademarks) 4-2

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley ISO 27002: Information Security Standard Key issues for organizations: [quoted from –intellectual property rights –safeguarding of organizational records –data protection and privacy of personal information –information security policy document –information security education and training –reporting security incidents –business continuity management 4-3

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley NETWORK SECURITY 4-4

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 25 Worst Passwords of password qwerty 5. abc monkey letmein 9. trustno1 10. dragon baseball iloveyou 14. master 15. sunshine 16. ashley 17. bailey 18. passw0rd 19. shadow superman 23. qazwsx 24. michael 25. football Source: SplashData

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 4-6 Source:

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 4-7 Security Attacks –Malware (viruses, worms, Trojan horses, spyware, phishing software) –Denial of service –Spam Protection –Firewalls –Spam filters –Proxy servers –Antivirus software

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Malware Malware: Software designed to get into your computer without your consent/knowledge Viruses: self-replicating software that travels with a “host” ( attachment, downloaded file) Effects range from pranks (displaying messages on the user’s screen) to malicious behavior (destroy data on the hard disk) 4-8

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Malware (cont.) Worms: Like viruses, but spread by copying themselves (rather than being transmitted with a “host” file) Spyware: Collects information (about user, websites accessed, etc.) surreptitiously Trojan horses: Apparently non-malicious software that actually provides remote access to the designer/hacker –downloaded software, executable website content (ActiveX), attachments 4-9

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Source:

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Prevention: Firewalls Block unauthorized network access –Packet filtering –Port blocking –Password protection 4-11

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Prevention: Virus Checkers Most virus checkers rely on a library of known virus “signatures” –These libraries have to be constantly maintained and updated –Updated your virus checker lately?? Heuristics can also be used to identify likely new viruses –False negatives: True viruses go undetected –False positives: Legitimate software flagged as virus 4-12

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Denial of Service Attempt to make a computer resource inaccessible to its intended users –Saturate with access attempts to slow down the computer/connection –Deliberately cause the resource to enter an error state and reset itself –Disrupt the physical network or network connection 4-13

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Prevention: Intrusion Detection Monitor and analyze network traffic –Look for known patterns of “bad behavior” –Anomaly detection: Determine when traffic patterns are different than normal patterns 4-14

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Spam Spam: Defined as unsolicited bulk mail –Unwanted individual is (technically) not spam –Mailing lists are not necessarily spam –Costs industry and individuals billions of dollars to send, process, detect, and deal with unwanted spam –Costs spammers close to nothing! 4-15

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Prevention: Spam Filtering Preprocessors in programs to identify and discard (or refile) likely spam –Regular expression matching (hand-designed rules) –User-specified filters –AI learning-based techniques (train with tagged “spam” and “ham”) 4-16

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Prevention: Anti-Spam Legislation CAN-SPAM Act of 2003 –Covers all commercial messages, not just spam –Header line information must be truthful –Subject lines must be accurate (reflect the content of the message) –Commercial messages must be explicitly identified as such –A valid postal address must be included –Recipients must be told how to opt out of future mailings –Such opt out procedures must be honored July 2009: Five spammers pled guilty, facing fines of up to $1M and 6+ years in prison 4-17

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Phishing (or IM, or text message, or Facebook message) that purports to be from an official organization, used to gather confidential information –Disguised to look like from banks, credit card companies, universities, etc. –Often ask you to update your information or reset your password, or threaten to close your account –Link text is often different than URL 4-18

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley SOFTWARE QUALITY ASSURANCE 4-19

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 7-20 Software Testing Strategies Verification – conforms to specifications Validation – meets requirements Glass-box testing –Pareto principle (80% of the errors will come from 20% of the code) –Basis path testing Black-box testing –Boundary value analysis –Redundancy testing –Beta testing

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Software Testing Consequences Blackberry outage, October 2011 (unconfirmed) Northeast blackout of 2003 AT&T network outage, January 1990 Therac-25, ; National Cancer Inst, 2000 Soviet gas pipeline, Sources:

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Software Testing Consequences Buffer Overflow SQL Injection Malformed Packet Attack 4-22

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley DATABASE INTEGRITY 4-23

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 9-24 Maintaining Database Integrity Transaction: A sequence of operations that must all happen together –Example: transferring money between bank accounts Transaction log: A non-volatile record of each transaction’s activities, built before the transaction is allowed to execute –Commit point: The point at which a transaction has been recorded in the log –Roll-back: The process of undoing a transaction

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 9-25 Maintaining database integrity (continued) Simultaneous access problems –Incorrect summary problem –Lost update problem Locking = preventing others from accessing data being used by a transaction –Shared lock: used when reading data –Exclusive lock: used when altering data

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley CRYPTOGRAPHY 4-26

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 4-27 Encryption FTPS, HTTPS, SSL Public-key Encryption –Public key: Used to encrypt messages –Private key: Used to decrypt messages Certificates and Digital Signatures

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Public-Key Cryptography Key: A value used to encrypt or decrypt a message –Public key: Used to encrypt messages –Private key: Used to decrypt messages RSA: A popular public key cryptographic algorithm –Relies on the (presumed) intractability of the problem of factoring large numbers

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 4-29 Figure 4.16 Public-key encryption

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Figure Public key cryptography

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Figure Establishing an RSA public key encryption system

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley RSA Scheme Constructing public & private keys: –p, q: large random primes (can find efficiently) –n = pq This implies that phi(n) = (p-1)(q-1) –e: 1 < e < phi(n) AND e and phi(n) are coprime –d: de = 1 (mod phi(n)) Public key: (n, e) Private key exponent: d –p and q are also private 4-32 Additional reference:

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley RSA Encryption and Decryption Convert the message to be encrypted into an integer m in the range [0,n] Encoded message: c = m e mod n Decrypted message: m = c d mod n 4-33

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Encrypting the Message Recall: n=pq phi(n)=(p-1)(q-1) 1<e<phi(n) de = 1 (mod phi(n)) Public keys: n = 91 and e = 5 Message: two = 23 ten 23 e = 23 5 = 6,436,343 6,436,343 ÷ 91 has a remainder of 4 4 ten = 100 two Thus, encrypted version of is 100. Additional example:

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Decrypting the Message 100 Decrypting keys: d = 29, n = two = 4 ten 4 d = 4 29 = 288,230,376,151,711, ,230,376,151,711,744 ÷ 91 has a remainder of ten = two Therefore, decrypted version of 100 is

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Properties of RSA Public key can be made freely available – does not need to be kept secret RSA can only be “broken” in one of three ways: –Get the private key –Factor the very large number, n (typicaly bits) – computationally too hard –Solve the RSA problem (invert exponentiation and modulus) – also too hard 4-36

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley INTELLECTUAL PROPERTY 4-37

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 7-38 Software Ownership Copyright –The “substantial similarity” test –Filtration criteria: what is not copyrightable Features covered by standards Characteristics dictated by software purpose Components in the public domain –The “look and feel” argument

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 7-39 Software Ownership (continued) Patents –“Natural laws” are traditionally not patentable Trade secrets –Non-disclosure agreements are legally enforceable In general, laws haven’t kept up with technology...