1. CSE2500 System Security and Privacy

2. CSE2500 System Security and Privacy  Nandita&Srini 2 Lecturers Prof B Srinivasan Phone: 990 31333 Room No: C4.47 srini@infotech.monash.edu.au srini@infotech.monash.edu.au Ms Nandita Bhattacharjee Phone: 990 32185/990 53293 Room No C4.05 nandita@csse.monash.edu.au

3. CSE2500 System Security and Privacy  Nandita&Srini 3 Organisation and Evaluation 12 weeks of lectures 2 hours of tutorials per week – mainly problem solving, starting from week 2 to week 12.

4. CSE2500 System Security and Privacy  Nandita&Srini 4 Weekly Lectures Lectures  Wednesdays 7p.m. to 9p.m. in Caulfield K Block K3.21 Alternative Lecture times?  Fridays 12 noon to 2p.m. in Caulfield – K block 3.09  Fridays 3p.m. to 5p.m. in Caulfield B block B2.13

5. CSE2500 System Security and Privacy  Nandita&Srini 5 Tutorials Tutorials from week 2 to week 12:  Wednesdays 10a.m. in Caulfield/B471  Wednesdays 4p.m. in Caulfield/B471  Wednesdays 4p.m. in Caulfield/B476  Thursdays 10a.m. in Caulfield/A212  Thursdays 2p.m. in Caulfield/B224  Thursdays 6p.m. in Caulfield/F206 or Wednesday 5p.m in Caulfield/??  Pl use Allocate+ for allocating tutorials. If you have any problems, please see us during the tutorial times next week.

6. CSE2500 System Security and Privacy  Nandita&Srini 6 Assessment Four assessment components  Two 30 min tests during the tutorial sessions in weeks 6 and 12, worth 15% each.  Individual question solving during the tutorial session from weeks 7 to 11, worth 10% Each student will be assigned a time slot and a problem and they have to make a presentation of the solution to the rest of the group.  Examination – 2 hours duration – worth 60% You need to get at least 50% to pass this unit.

7. CSE2500 System Security and Privacy  Nandita&Srini 7 References Primary Reference book:  Security in Computing – C P Pfleeger and S L Pfleeger, Third Edition, 2003, Prentice Hall Secondary Reference book:  Computer Security—Dieter Gollmann, 1999, John Wiley

8. CSE2500 System Security and Privacy  Nandita&Srini 8 Subject: CSE2500 Lecturers:  Prof. Bala Srinivasan  Mrs. Nandita Bhattacharjee Prescribed Text: Pfleeger Security in Computing 3e Available from the University Bookshop

9. CSE2500 System Security and Privacy  Nandita&Srini 9 Where to look for the subject materials? http://www.csse.monash.edu.au/courseware/cse 2500 http://www.csse.monash.edu.au/courseware/cse 2500 http://beast.csse.monash.edu.au/cse2500 Please down load and print the lecture materials before coming to the class as NO further photocopies of notes will be distributed in the class. The lecture notes is complementary to the prescribed text.

10. CSE2500 System Security and Privacy  Nandita&Srini 10 Security  Why do you lock your house before you leave?  How do you choose the kind of lock for your house?  Any added devices (such as alarms, bull terrier, etc…)  What you do when you observe that things in the house are scattered around?

11. CSE2500 System Security and Privacy  Nandita&Srini 11 What are you protecting? Brick and walls Money and jewellery Music CDs and tapes Etc ….

12. CSE2500 System Security and Privacy  Nandita&Srini 12 Threats to Computer and Communications systems Domain of information and network security Taxonomy of security attacks Aims or services of security Model of system/(inter)network security Methods of defense

13. CSE2500 System Security and Privacy  Nandita&Srini 13 Security Human nature  physical, financial, mental,…, data and information security

14. CSE2500 System Security and Privacy  Nandita&Srini 14 There are Problems Theft - of equipment Theft – e.g. Copying of confidential material Modification - for gain – e.g. Adding false names to payroll Modification - malicious – e.g. Virus infections Access - easy for ‘us’ and difficult for ‘them’ ….

15. CSE2500 System Security and Privacy  Nandita&Srini 15 Fact sheet bank robbery through computers industrial espionage on corporate information loss of individual privacy (email, mobile phone/computer, fax,...) information vandalism computer viruses (more can be found in “comp.risks”)

16. CSE2500 System Security and Privacy  Nandita&Srini 16 What we mean by Security? Protection of assets - can take several forms:  Prevention  Detection  Reaction

17. CSE2500 System Security and Privacy  Nandita&Srini 17 Reactions active research in security & privacy (numerous conferences each year) new laws education collaborations between governments, industries & academia employment of computer security specialists

18. CSE2500 System Security and Privacy  Nandita&Srini 18 What that means for computer assets? What are the assets (for system security)?

19. CSE2500 System Security and Privacy  Nandita&Srini 19 Information Security System and information security Shift from the physical security to the protection of data (on systems) and to thwart hackers (by means of automated software tools) – called System and information security

20. CSE2500 System Security and Privacy  Nandita&Srini 20 Network Security With the widespread use of distributed systems and the use of networks and communications require protection of data during transmission – called network security

21. CSE2500 System Security and Privacy  Nandita&Srini 21 Internetwork security The term Network Security may be misleading, because virtually all businesses, govt., and academic organisations interconnect their data processing equipment with a collection of interconnected networks – probably we should call it as (inter)network security

22. CSE2500 System Security and Privacy  Nandita&Srini 22 Aspects of System (and information) security Security attack – any action that compromises the security of system and information. Security mechanism – to detect, prevent, or recover from a security attack. Security service – service that enhances and counters security attacks.

23. CSE2500 System Security and Privacy  Nandita&Srini 23 Other terminology vulnerability  a weakness in a computer system that might be exploited to cause loss or harm attack  an action that exploits a vulnerability threat  circumstances that have the potential to cause loss or harm control - a protective measure

24. CSE2500 System Security and Privacy  Nandita&Srini 24 Security mechanisms No single mechanism that can provide the services mentioned in the previous slide. However one particular aspect that underlines most (if not all) of the security mechanism is the cryptographic techniques. Encryption or encryption-like transformation of information are the most common means of providing security.

25. CSE2500 System Security and Privacy  Nandita&Srini 25 Why Security? Security is not simple as it might first appear. In developing a particular security measure one has to consider potential counter measures. Because of the counter measures, the problem itself becomes complex. Once you have designed the security measure, it is necessary to decide where to use them. Security mechanisms usually involve more than a particular algorithm or protocol.

26. CSE2500 System Security and Privacy  Nandita&Srini 26 Security and Cost Analysis cost Security level 100%

27. CSE2500 System Security and Privacy  Nandita&Srini 27 Security Attacks - Taxonomy Interruption – attack on availability Interception – attack on confidentiality Modification – attack on integrity Fabrication – attack on authenticity Property that is compromised

28. CSE2500 System Security and Privacy  Nandita&Srini 28 Interruption Also known as denial of services. Information resources (hardware, software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction. e.g: cutting a communication line, disabling a file management system, etc.

29. CSE2500 System Security and Privacy  Nandita&Srini 29 Interception Also known as un-authorised access. Difficult to trace as no traces of intrusion might be left. e.g: illegal eavesdropping or wiretapping or sniffing, illegal copying.

30. CSE2500 System Security and Privacy  Nandita&Srini 30 Modification Also known as tampering a resource. Resources can be data, programs, hardware devices, etc.

31. CSE2500 System Security and Privacy  Nandita&Srini 31 Fabrication Also known as counterfeiting (of objects such as data, programs, devices, etc). Allows to by pass the authenticity checks. e.g: insertion of spurious messages in a network, adding a record to a file, counterfeit bank notes, fake cheques,… impersonation/masquerading  to gain access to data, services etc.

32. CSE2500 System Security and Privacy  Nandita&Srini 32 Security Attacks - Taxonomy Information Source Information Destination Normal Information Source Information Destination Interruption Information Source Information Destination Interception Information Source Information Destination Modification Information Source Information Destination Fabrication Source and Destination - can be what is supposed to be and what you get

33. CSE2500 System Security and Privacy  Nandita&Srini 33 Attacks – Passive types Passive (interception) – eavesdropping on, monitoring of, transmissions. The goal is to obtain information that is being transmitted. Types here are: release of message contents and traffic analysis.

34. CSE2500 System Security and Privacy  Nandita&Srini 34 Attacks – Active types Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service.

35. CSE2500 System Security and Privacy  Nandita&Srini 35 Attacks Passive Interception (confidentiality) Release of Message contents Traffic analysis Active Modification (integrity) Fabrication (integrity) Interruption (availability)

36. CSE2500 System Security and Privacy  Nandita&Srini 36 Security threats (to maintain) are Confidentiality Integrity Availability  to give us secure data (and information) Authenticity

37. CSE2500 System Security and Privacy  Nandita&Srini 37 Confidentiality Only accessible by authorised parties Not revealed More that just not reading Confidentiality is distinct from secrecy and privacy ( ?)

38. CSE2500 System Security and Privacy  Nandita&Srini 38 Integrity Associated with loss and corruption Data Integrity as  Computerised data same as external, source data  Data not exposed to alteration or destruction No inappropriate modification

39. CSE2500 System Security and Privacy  Nandita&Srini 39 Availability The property of being accessible and useable (without delay) upon demand by an authorised entity We want there to be no denial of service

40. CSE2500 System Security and Privacy  Nandita&Srini 40 Other issues Accountability Reliability Safety Dependability

41. CSE2500 System Security and Privacy  Nandita&Srini 41 Security is defined as Computer security deals with the prevention and detection of unauthorised actions by users of a computer system Security deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others

42. CSE2500 System Security and Privacy  Nandita&Srini 42 The security dilemma security deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others. Security-unaware users have specific security requirements but (usually) no security expertise. But

43. CSE2500 System Security and Privacy  Nandita&Srini 43 The security dilemma The costs of additional resources to implement security mechanisms can be quantified. Security mechanisms interfere with users, and can lead to loss of productivity. Managing security also costs. Need to perform risk analysis (which will be the next topic)

44. CSE2500 System Security and Privacy  Nandita&Srini 44 Principles of Security Principle of easiest penetration  an intruder will use any means of penetration Principles of timeliness  items only need to be protected until they lose their value Principles of effectiveness  controls must work, and they should be efficient, easy to use, and appropriate.

45. CSE2500 System Security and Privacy  Nandita&Srini 45 Layers of technology (and Onion Model) In which layer should security mechanisms be placed ? Should controls be placed in more that one layer ? See slide 46 too. Hardware Kernel Operating System Services Applications

46. CSE2500 System Security and Privacy  Nandita&Srini 46 Layers The presence of layers is a feature of technology Separate layers often perform very different functions Similar functions are combined in one layer The boundary between two layers is usually easily defined Layers can often be independently implemented

47. CSE2500 System Security and Privacy  Nandita&Srini 47 Vulnerabilities The three broad computing system resources are  hardware interruption (denial of service), interception (theft)  software interruption (deletion), interception, modification  data interruption (loss), interception, modification and fabrication

48. CSE2500 System Security and Privacy  Nandita&Srini 48 One method of defence By controls  What should be the focus of the controls? For example: should protection mechanisms focus on data or operations on that data or on the users who use the data?  Since there are layers of technology, where controls should apply? Applications, services, operating systems, kernel, hardware.

49. CSE2500 System Security and Privacy  Nandita&Srini 49 Controls Can be applied at hardware, software, physical or polices. Simple mechanisms or lots of features? Should defining and enforcing security mechanism be a centralised function? How to prevent access to the layer below the security mechanism?

50. CSE2500 System Security and Privacy  Nandita&Srini 50 Examples of Controls Modern cryptology  Encryption, authentication code, digital signature,etc. Software controls  Standard development tools (design, code, test, maintain,etc)  Operating systems controls  Internal program controls (e.g: access controls to data in a database)  Firewalls

51. CSE2500 System Security and Privacy  Nandita&Srini 51 Examples of Controls Hardware controls  Security devices, smart cards, … Physical controls  Lock, guards, backup of data and software, thick walls, …. Security polices and procedures User education Law

52. CSE2500 System Security and Privacy  Nandita&Srini 52 Effectiveness of Controls Merely having controls does no good unless they are used properly. The factors that affect the effectiveness are  Awareness of protection  Likelihood of users  Overlapping controls  Periodic review

53. CSE2500 System Security and Privacy  Nandita&Srini 53 Model for network security Information channel Message Secret Info. Secret Info. Principal Opponent – security threads and possible attacks Trusted Third party Gate Keeper [Borrowed from Stallings]

54. CSE2500 System Security and Privacy  Nandita&Srini 54 Two questions to ponder Having backup copies of the data – is it a solution to security? The internetwork security model (the previous slide) has the gate keeper at the receiver (or destination) end – why not at the sender (source)?