Computer Security ( CE-408)

Computer Security (CE-408)

An Overview

Muhammad Najmul Islam FarooquiAssistant Professor

Department of Computer Engineering

1

Muhammad Najmul Islam Farooqui (B) Ms. Roohi Kamal(A) Mr. Muhammad Naseem (C) Mr. Hisham Naeem (DE) Mr. Noman Ali Khan (F)

2

Course Tutors

3

Time Distribution

Theory Practical3/4 1/4

Mid Term Exam

Labs

Labs

Theoretical aspects of the course

Practical approachto the course

4

Performance Assessment Criteria

Marks DistributionTotal 100 points

Lectures Labs

Course Work Exams Weekly Labs Attendance

Assign. Quizzes Mid Term Final Lab1, Lab 2 ……Lab n

80 20

5 75 14 6

2 3 15 60

Pre-Mid TermCourse Coverage

5

6

Week Topics Covered Study Ref.

1.

Introduction, General discussion about course contents, Historical Review of Computer Security, Threats and attacks to Data Security, A Generic Model of Network Security Pg # 31-54

2.

What is Cryptography & Cryptanalysis, Concepts of Cryptographic Algorithm, Conventional Cryptographic techniques, Substitution and Transposition, Cryptanalysis Techniques Pg # 55-89

3.Introduction to S-DES, Overview and Mechanism of Encryption in DES, DES Design Principles Pg # 90-124

4.

Triple Data Encryption Standard (3-DES), Modes of Operations of Symmetric Key Algorithms, International Data Encryption Algorithm (IDEA) Pg # 217-241, IDEA

Handout

5.Raijndael Algorithm (The Finalist of AES), Simplified AES, Mechanism of Encryption in AES Pg # 171-214

6.Key Exchange Problem, Key Exchange Approaches using Symmetric Key algorithm and Need for Public Key Cryptography Pg # 435- 453

7.Number Theory, Modular Arithmetic, Euler’s Function and Public Key Cryptography, Diffie-Hellman Key Exchange Algorithm Pg # 267-275, 324-

332

8.Introduction to RSA, Key Generation and Encryption, Examples, RSA Applications in Network Security Pg # 290-331

Post-Mid TermCourse Coverage

7

8

9.

Authentication Functions, Hash Function and its properties, Secure Hashing Algorithm (SHA), Pg #351-376,

386-399

10.

Digital Signature and Authentication Requirements, Message Authentication Code, Introduction to Digital Signatures, RSA Approach, Digital Signature Standard (DSS) and its proof Pg # 419-430

11.

Email Security Standards, PGP Certificate and Algorithms, Introduction to Trust Models Pg # 591- 599,

636-638

12.

Introduction to IPSec, IPSec Security Model, IPSec modes and protocols, IPSec Technologies Pg # 639-662

13. Introduction to VPNs, VPN Features, Protocols used in VPNs, L2TP, PPTP Lecture Notes

14.

Introduction & History of SSL, SSL in Client-Server Architecture, Transport Layer Security Pg # 509-543

15.Introduction to Firewalls, Components of Firewalls, Types of Firewalls,

Lecture Notes, Online Chapter

16.

Architecture and Policies in Intrusion Detection Systems, Introduction to Viruses, and Trojans Lecture Notes,

Online Chapter

Final Examination

Text Book Reference Books

◦ Specific to the course◦ General to the topic

Internet Sources

9

Reading Resources

Cryptography and Network Security: Principles & Practice (Fifth Edition)◦ By William Stallings – Prentice Hall Publication

10

Text Book

Specific to the Course◦ Handbook of Cryptography

By Alfred J. Menezese, Paul C. van Orchi◦ Network Security Essentials, 2nd Edition

William Stallings, Prentice Hall, 2003◦ Web Security: A step-by-step Reference Guide

By Lincoln D. Stein – Addison Wesley Publication◦ Internet Security Protocols: Protecting IP Traffic

(Low Price Edition) By Uyless Black – Pearson Education Asia Publication

General to the Topic◦ Active Defense: A Comprehensive Guide to

Network Security By Chris Brenton & Cameron Hunt

11

Reference Books

http://www.ssuet.edu.pk/~mfarooqui http://sites.google.com/site/ibrahimmhr http://www.dcs.ed.ac.uk/home/compsec/ http://www.infosecuritymag.com/ http://www.w3.org/Security/Faq/ http://www.iwar.org.uk/comsec/resources/s

ecurity-lecture/

12

Internet Sources

Online Access http://www.ssuet.edu.pk/courses/ce408/CompSec/

Soft Copy http://www.ssuet.edu.pk/courses/ce408/CompSec/

Hard Copy Will not be provided

13

How to get what we discuss?

Strictly practice your attendance in the class and labs.

No relaxation, compensation or adjustment in your attendance.

Be in Uniform (at least in the class) Preserve the sanity of the class, teachers,

department and the University. Help us in serving you for a better future.

14

Codes of Conduct

The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) is called Computer Security.

15

What is Computer Security?

16

Computer Security

Computer security is a heady concoction of science, technology, and engineering. A secure system is only as strong as the weakest

link, so each part of the mix needs to be good.

Security◦ The protection of assets.

Computer Security ◦ Focuses on protecting assets within computer

systems. Just as real-world physical security systems vary in their security provision (e.g., a building may be secure against certain kinds of attack, but not all), so computer security systems provide different kinds and amounts of security.

17

Definitions

For some Computer Security is controlling access to hardware, software and data of a computerized system.

A large measure of computer security is simply keeping the computer system's information secure.

In broader terms, computer security can be thought of as the protection of the computer and its resources against accidental or intentional disclosure of confidential data, unlawful modification of data or programs, the destruction of data, software or hardware.

Computer security also includes the denial of use of one’s computer facilities for criminal activities including computer related fraud and blackmail.

Finally, computer security involves the elimination of weaknesses or vulnerabilities that might be exploited to cause loss or harm.

18

What is Computer Security?

Why the need for Computer Security?◦ The value of computer assets and services

What is the new IT environment?◦ Networks and distributed applications/services◦ Electronic Commerce (E-commerce, E-business)

19

The Need for Computer Security

Most companies use electronic information extensively to support their daily business processes.

Data is stored on customers, products, contracts, financial results, accounting etc.

If this electronic information were to become available to competitors or to become corrupted, false or disappear, what would happen? What would the consequences be? Could the business still function?

20

The Value of Computer Assets and Services

“The network is the computer” Proliferation of networks has increased security

risks much more. Sharing of resources increases complexity of

system. Unknown perimeter (linked networks), unknown

path. Many points of attack. Computer security has to find answers to

network security problems. Hence today the field is called Computer and

Network Security.

21

Network Security Issues

22

Security Trends

Computer fraud in the U.S. alone exceeds $3 billion each year.

Less than 1% of all computer fraud cases are detectedover 90% of all computer crime goes unreported.

“Although no one is sure how much is lost to EFT crime annually, the consensus is that the losses run in the billions of dollars. Yet few in the financial community are paying any heed.”

Average computer bank theft amounts to $1.5 million.

23

Is there a Security Problem in Computing?

24

Computer Security Losses

25

Security Technologies Used

Millions of dollars of damage resulted from the 1989 San Francisco earthquake.

The fire at Subang International Airport knocked out the computers controlling the flight display system. A post office near the Computer Room was also affected by the soot which decommissioned the post office counter terminals. According to the caretaker, the computers were not burnt but crashed because soot entered the hard disks.

Fire, Earthquakes, Floods, Electrical hazards, etc. How to prevent?

26

Natural Disasters – Another Dimension

Secrecy Integrity Availability Authenticity Non-repudiation Access control

27

Computer Security Requirements

Secrecy requires that the information in a computer system only be accessible for reading by authorized parties.

This type of access includes:◦ Printing◦ Displaying◦ Other forms of disclosure, including simply

revealing the existing of an object

28

Secrecy (Confidentiality)

Integrity requires that the computer system asset can be modified only by authorized parties.

Modification includes:◦ Writing◦ Changing◦ Changing status◦ Deleting and ◦ Creating

29

Integrity

Availability requires that computer system assets are available to authorized parties.

Availability is a requirement intended to assure that systems work promptly and service is not denied to authorized users.

30

Availability

Integrity: In lay usage, information has integrity when it is timely, accurate, complete, and consistent. However, computers are unable to provide or protect all of these qualities. Therefore, in the computer security field, integrity is often discussed more narrowly as having two data integrity and system integrity.

“Data integrity is a requirement that information and programs are changed only in a specified and authorized manner.”

System integrity is a requirement that a system “performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.”

The definition of integrity has been, and continues to be, the subject of much debate among computer security experts.

31

More About Integrity

32

Security of Data

Data

Confidentiality

Data

Integrity

Data

Availability

Secure Data

Data

Authenticity means that parties in a information services can ascertain the identity of parties trying to access information services.

Also means that the origin of the message is certain.

Therefore two types:◦ Principal Authentication◦ Message Authentication

33

Authenticity

Originator of communications can’t deny it later.

Without non-repudiation you could place an order for 1 million dollars of equipment online and then simply deny it later.

Or you could send an email inviting a friend to the dinner and then disclaim it later.

Non-repudiation associates the identity of the originator with the transaction in a non-deniable way.

34

Non-repudiation

Unauthorized users are kept out of the system.

Unauthorized users are kept out of places on the system/disk.

Typically makes use of Directories or Access Control Lists (ACLs) or Access Control Matrix

Objects: Resources that need to be protected

Subjects: Entities that need access to resources

Rights: Permissions Each entry is a triple <subject, object,

rights>35

Access Control

36

Access Control Matrix

OBJECT 1 OBJECT 2 OBJECT 3 OBJECT 4

SUBJECT 1 RW RW R X

SUBJECT 2 R RW R R

SUBJECT 3 X X RW RW

SUBJECT 4 R R R RW

SUBJECT N X R R X

37

Security Requirements are often Combined

For example: User

authentication used for access authorization control purposes in confidentiality.

Non-repudiation is combined with authentication.

Confidentiality

AvailabilityIntegrity

38

Type of Attacks/Threats in Computer Systems

A threat is a danger which could affect the security (confidentiality, integrity, availability) of assets, leading to a potential loss or damage.

Interruption Interception Modification Fabrication

39

Type of Attacks in Computer Systems

40

Normal Flow of Information

An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on the availability.

Examples include destruction of a piece of hardware, such as a hard disk, the cutting of a communication link, or the disabling of the file management system.

DOS - Denial of Service Attacks have become very well known.

41

Interruption

42

Interruption

Information disclosure/information leakage An unauthorized party gains access to an

asset. This is an attack on confidentiality. The unauthorized party could be a person, a

program, or a computer. Examples include:

◦ wiretapping to capture data in a network◦ the illicit copying of files or programs

43

Interception

44

Interception

Modification is integrity violation. An unauthorized party not only gains access

to but tampers with an asset. This is an attack on the integrity. Examples include changing values in a data

file, altering a program so that it performs differently, and modifying the content of a message being transmitted in a network.

45

Modification

46

Modification

An unauthorized party inserts counterfeit objects into the system. This is an attack on the authenticity.

Examples include the insertion of spurious messages in a network or the addition of records to a file.

47

Fabrication

48

Fabrication

Computer Security attacks can be classified into two broad categories:◦ Passive Attacks can only observe

communications or data.◦ Active Attacks can actively modify

communications or data. Often difficult to perform, but very powerful. Examples include Mail forgery/modification TCP/IP spoofing/session hijacking

49

Classification of Attacks

50

Passive Attacks and Active Attacks

51

Passive Attacks and Active Attacks

Eavesdropping on or monitoring of transmission.

The goal of the opponent is to obtain information that is being transmitted.

Two types:◦ Release-of-message contents◦ Traffic Analysis

52

Passive Attacks

Opponent finds out the contents or the actual messages being transmitted.

How to protect?◦ Encryption◦ Steganography

53

Release-of-message Contents

More subtle than release-of-message contents.

Messages may be kept secret by masking or encryption but …

The opponent figures out information being carried by the messages based on the frequency and timings of the message.

How to protect?◦ Data/Message Padding◦ Filler Sequences

54

Traffic Analysis

Difficult to detect because there is no modification of data.

Protection approach should be based on prevention rather than detection.

55

Passive Attacks Problems

Active attacks involve some sort of modification of the data stream or the creation of a false stream.

Four sub-categories:◦ Masquerade◦ Replay◦ Modification of Messages◦ Denial of service

56

Active Attacks

An entity pretends to be another. For the purpose of doing some other form of

attack. Example a system claims its IP address to

be what it is not, IP spoofing. How to protect?

◦ Principal/Entity Authentication

57

Masquerade

First passive capture of data and then its retransmission to produce an unauthorized effect.

Could be disastrous in case of critical messages such as authentication sequences, even if the password were encrypted.

How to protect?◦ Time stamps◦ Sequence Numbers

58

Replay

Some portion of a legitimate message is altered or messages are delayed or reordered to produce an unauthorized effect.

How to protect?◦ Message Authentication Codes◦ Chaining

59

Modification of Messages

Prevents the normal use or management of communication facilities.

Such attacks have become very common on the Internet especially against web servers.

On the Internet remotely located hackers can crash the TCP/IP software by exploiting known vulnerabilities in various implementations.

One has to constantly look out for software updates and security patches to protect against these attacks.

60

Denial of Service - DOS

Easy to detect but difficult to prevent. Efforts are directed to quickly recover from

disruption or delays. Good thing is that detection will have a

deterrent effect.

61

Problems with Active Attacks

62

How Threats Affect Computer Systems

HARDWARE

SOFTWARE

DATA

Interception (Theft)

Interruption (Denial of Service)

Interception (Eavesdropping)

Interruption (Loss)

Interception (Theft)

Interruption (Deletion)

Modification (Malicious Code)

FabricationModification

63

A Model for Network Security

A protocol is a series of steps, involving two or more parties, designed to accomplish a task.◦ Every one involved in a protocol must know the protocol

and all of the steps to follow in advance.◦ Everyone involved in the protocols must agree to follow

it.◦ The protocol must be unambiguous; each step must be

well defined and there must be no chance of misunderstanding.

◦ The protocol must be complete; there must be a specified action for every possible situation.

◦ It should not be possible to do more or learn more than what is specified in the protocol.

64

Security Protocols

Alice First participant in all the protocols Bob Second participant in all the protocols Carol Participant in three- and four-party

protocols Dave Participant in four-party protocols Eve Eavesdropper Mallory Malicious active intruder Trent Trusted arbitrator Victor Verifier Peggy Prover Walter Warden; he’ll be guarding Alice and

Bob in some protocols65

The Actors in Security Protocols

Arbitrated Protocols Adjudicated

Protocols Self Enforcing

Protocols Example Protocols

◦ Key Exchange Protocols

◦ Authentication Protocols

◦ Time stamping Service

◦ Digital Cash66

Security Protocol Types

Bob

Trent

Alice

(a) Arbitrated Protocol

Bob TrentAlice

(b) Adjudicated Protocol

Evidence Evidence(After the fact)

BobAlice

(c) Self-enforcing Protocol

67

Security Protocol LayersThe further

down you go, the more transparent it is

The further up you go, the easier it is to deploy

Application

Presentation

Session

Transport

Netw ork

Datalink

Physical

Application

Presentation

Session

Transport

Netw ork

Datalink

Physical

Email - S/MIME

SSL

IPSec

PPP - ECP

PHYSICAL NETW ORKEncryptingNIC

EncryptingNIC

Access control: Protects against unauthorized use.

Authentication: Provides assurance of someone's identity.

Confidentiality: Protects against disclosure to unauthorized identities.

Integrity: Protects from unauthorized data alteration.

Non-repudiation: Protects against originator of communications later denying it.

68

Security Services Provided by Security Protocols

Three basic building blocks are used:◦ Encryption is used to provide confidentiality, can

provide authentication and integrity protection.◦ Digital signatures are used to provide

authentication, integrity protection, and non-repudiation.

◦ Checksums/hash algorithms are used to provide integrity protection, can provide authentication.

One or more security mechanisms are combined to provide a security service/protocol.

69

Security Mechanisms

A typical security protocol provides one or more security services (authentication, secrecy, integrity, etc.)

Services are built from mechanisms. Mechanisms are implemented using

algorithms.

70

Services, Mechanisms, Algorithms

SSL

Signatures Encryption Hashing

DSA RSA RSA DES SHA1 MD5

Services (Security Protocols)

Mechanisms

Algorithms

71

Services, Mechanisms, Algorithms

Security Protocols (Services)Standards-based Security Protocols Proprietary Security Protocols

SSL IPSec PrivateWire Big Brother

Mechanisms

Encryption Signature Hashing Key Exchange

Algorithms

Symmetric Asymmetric Asymmetric SymmetricMD-5

SHA-1 Diffie-HellmanDESAES

RSAECC

DSARSA DESMAC

Encryption is a key enabling technology to implement computer security.

But Encryption is to security like bricks are to buildings.

In the next module we will study encryption in detail.

72

Encryption and Security

73

Network Access Security ModelFirewalls and Security Gateways are based on this model

1. Computer security should support the mission of the organization.

2. Computer security is an integral element of sound management.

3. Computer security should be cost-effective.4. Computer security responsibilities and

accountability should be made explicit.5. System owners have computer security

responsibilities outside their own organizations.6. Computer security requires a comprehensive

and integrated approach.7. Computer security should be periodically

reassessed.8. Computer security is constrained by societal

factors.74

Computer security is based on eight major elements:

75

Usability and Security

Security

Convenience / Usability

0

Determine where on this

line your organization

needs lie

Physical security Encryption Access control Automatic call back Node authentication Differentiated

access rights Antivirus software Public Key

Infrastructure Firewalls

User authentication Passwords and

passphrases Challenge-response

systems Token or smart cards Exchange of secret

protocol Personal

characteristics - Biometrics

76

Typical Security Solutions and Technologies