Chapter-2-Identification Authentication and Operation Security

Chapter-2 : Computer Security – Gscheme -- 2014
Chapter-2
Identification, Authentication and

Operational Security
Syllabus --- 20 Marks ---- 10 Hours
Objectives:
 To understand role of people in security
 To study access control methods
 To understand biometrics and network security.
Contents:
2.1.User name and password, Managing passwords, choosing password.
2.2 Role of people in Security: Password selection, Piggybacking, Shoulder surfing,
Dumpster diving, Installing unauthorized software/hardware, Access by
Nonemployees, Security awareness, Individual User responsibilities
2.3 Access controls: Definition, principle, policies: DAC, MAC, RBAC.
2.4 Biometrics: finger prints, hand prints, Retina, patterns, voice patterns, signature
and writing patterns, keystrokes.
Role of people in Security
People—A Security Problem

The operational model of computer security acknowledges that prevention
technology is not sufficient to protect our computer systems and networks. There are
number of explanations for this, some of them technical, but one of the biggest reasons
that prevention technologies are not sufficient is that every network and computer
system has at least one human user.
Poor Security Practices

A significant portion of human-created security problems result from poor security
practices. These poor practices may be individual practices where the user is not
following established security policies or processes, or they maybe caused by a lack of
security policies, procedures, or training within the user’s organization.
What is Role of People in Security

1. Password Selection
2. Piggybacking and Shoulder Surfing
3. Dumpster Diving
4. Installing un Authorized Hardware and Software
5. Access by Non Employee
6. Social Engineering
7. Reverse Social Engineering
Password Selection
For many years, computer intruders have relied on users selecting poor passwords
to help them gain unauthorized access to a system or network. If attackers could obtain
a list of the users’ names, chances were good chance they could eventually access the
sys tem. Users pick passwords that are easy for them to remember and what easier
1
password could there be than the same sequence of characters that they use for their
user ID?
 If a system had an account with the username of jdoe, a reasonable first guess of
the account’s password would be jdoe. If this didn’t work, then variations on the
same would be tried: doej, johndoe, johnd, or eodj. All of which would be
reasonable possibilities.
 If variations on the username did not yield the correct password all was not lost—
more information was simply needed. Users also frequently pick names of family
members, pets, or favorite sports team.
 If the user lived in San Antonio, TX, for example, a possible password might be
gospurs in honor of their professional basketball team. If these didn’t work, then
hobbies of the user might be tried, or the names of their favorite make or model of
car, or similar pieces of information.
 The key is that the user often picks something easy for them to remember, which
means that the more you know about the user, the better your chance of
discovering their password.
 In an attempt to complicate the attacker’s job organizations have encouraged their
users to mix upper- and lowercase characters and to include numbers and special
characters in their password.
 While this does make it harder, the basic problem still re mains: users will pick
something that is easy for them to remember. Thus, our user in San Antonio may
select the password GO* Spurs, capitalizing two of the letters, inserting a special
character, and substituting the number zero for the letter 0.
 This has made the password harder to crack, but there are a finite number of
variations on the basic gospurs password so, while the attacker’s job has been
made more difficult, it is still possible to guess the password.
Password Selection Policies

Organizations have also instituted additional policies and rules relating to password
selection to further complicate an attacker’s efforts.
 Organizations, for example, may require users to frequently change their
password. This means that if an attacker is able to guess a password, it is only
valid for a limited period of time before a new password is selected and the
attacker is locked out.
 All is not lost for the attacker, however, since as we mentioned before, users will
select passwords they can remember. For example, password changes often result
in a new password that simply incorporates a number at the end of the old one.
Thus, our San Antonio user might select GO*spurs1 as the new password and if
so, the benefit in forcing password changes on a periodic, or even frequent, basis
has been totally lost. It is a good bet that the next password chosen will be
Grspurs2, followed by GO*Spurs3, and so forth.
 Another policy or rule governing password selection often adopted by
organizations is that passwords should not be written down. This, of course, is
difficult to enforce and thus users will frequently write them down, often as a
result of what we can refer to as the password dilemma.
 The more difficult we make it for attackers to guess our passwords, and the
more frequently we force password changes, the more difficult the passwords are
for authorized users to remember and the more likely they are to write them down.
2
 Writing them down and pulling them in a secure place is one thing, but all too
often users will write them on a slip of paper and keep them in their calendar,
wallet, or purse. Most security consultants generally agree that if they are given
physical access to an office they will be able to find a password somewhere—the
top drawer of a desk, inside of a desk calendar, attached to the underside of the
keyboard, or even simply on a yellow ―stickie‖ attached to the monitor.
 With the proliferation(is always a great word to know) of computers, networks, and
users, the password dilemma(A difficult situation or problem) has gotten worse.
Today, the avenge Internet user probably has at least a half dozen different
accounts and passwords to remember.
 Selecting a different password for each account, following the guidelines
mentioned previously regarding character selection and frequency of changes, only
aggravates the problem of remembering the passwords. This results in users all
too frequently using the same password for all accounts. If a user does this, and
then one of the accounts is broken, all other accounts are subsequently also
vulnerable to attack.
 As a final comment good password selection and the protection of passwords
also applies to another common feature of today’s electronic world.
 Most people have at least one Personal Identification Number (PIN) associated with
things such as their automated teller machine, or a security code to gain physical
access to a room.
 Again, users will invariably select numbers that are easy to remember, Specific
numbers, such as the individual’s birth year, or their spouse’s birth year, or the-
date of some other significant event are all common numbers to select.
 Other people will pick patterns that are easy to remember—2580, for example,
uses all of the center numbers on a standard numeric pad on a telephone.
Attackers know this, and guessing PINs follows the same sort of process that
guessing a password does.
Piggybacking and Shoulder Surfing

People are often in a hurry and will frequently not follow good physical security
practices and procedures. Attackers know this and may attempt to exploit this
characteristic in human behavior, Piggybacking is the simple tactic of following closely
behind a person who has just used their own access card or PIN to gain physical access
to a room or building. An attacker can thus gain access to the facility without having to
know the access code or having to acquire an access card.
Shoulder surfing is a similar procedure in which attackers position themselves in
such away as -to be-able to observe the authorized user entering the correct access
code. Both of these attack techniques can be easily countered by using simple
procedures to ensure nobody follows you too closely or is in a position to observe your
actions.
Dumpster Diving
Attackers need a certain amount of information before launching their attack. One
common place to find this information, if the attacker is in the vicinity of the target, is to
go through the target’s trash in order to find little bits of information that could be
useful. This process of going through a target’s trash is known in the computer
community as dumpster diving.
3
If the attackers are very lucky, and the target’s security procedures are very poor,
they may actually find user IDs and passwords. Users sometimes write their password
down. If, when the password is changed, they discard the paper the old password was
written on without shredding it, the lucky dumpster diver can gain a valuable clue.
Even if the attacker isn’t lucky enough to obtain a password directly, employee
names will undoubtedly be found and from that it’s not hard to determine user IDs.
Manuals from hardware or software that have been purchased may also provide clues as
-to what vulnerabilities exist on the target’s computer systems and networks.
The attacker may gather a variety of information which can be useful in a social
engineering attack. With the cost of shredders being so small today, there is no excuse
for not properly disposing of trash, no matter how small the organization.
Installing Unauthorized Hardware and Software

Organizations should have-a policy that restricts the ability of normal users to
install software and new hardware on their systems. A common example is
communication software and a modem used to allow an individual to connect to their
machine at work via a modem from their home.
In this example, the user that does this sets up a backdoor into the network
which can be used to circumvent all of the other security mechanisms in place.
Backdoors are avenues that can be used to access a system while circumventing normal
security mechanisms.
Another common example of software that users often install on their systems is
games. Unfortunately, not all games come in shrink-wrapped packages. Numerous small
games can be downloaded from the Internet.
The problem with this is that users don’t always know where the software
originally came from and what may be hidden inside it. Many individuals have
unwittingly installed what seemed to be an innocuous game, only to have downloaded a
piece of malicious code capable of many things, including opening a backdoor that
allows attackers to connect to, and control, the system from across the Internet.
Because of these potential hazards, many organizations do not allow their users to
load software or install new hardware without the -knowledge and assistance of
administrators. Many also re strict what individuals can do via received e-mails. Ibis
helps prevent users froth, say, unwillingly executing a hostile program that was sent as
part of a worm or virus. Consequently, many organizations have their mail servers strip
off executable attachments to e-mail so users can’t accidentally cause a security
problem.
Access by Non-Employees
If an attacker can gain physical access to a facility; chances are very good that
enough information can be obtained to penetrate computer systems and networks. Many
organizations require employees to wear identification badges when at work. This is an
easy method to quickly spot who has permission to have physical access to the
organization and who does not.
While this method is easy to implement and can be a significant deterrent to
unauthorized individuals, it also requires that employees actively challenge individuals
who are not wearing the required identification badge. This is one area where
organizations fail.
Combine an attacker who slips in by piggybacking off of an authorized individual
and an environment where employees have not been encouraged to challenge
4
individuals without appropriate credentials and you have a situation where you might as
well not have any badges in the first place.
Organizations also frequently become complacent when faced with what appears
to be a legitimate reason to access the facility, such as when an individual shows up
with a warm pizza claiming it was ordered by an employee.
It has often been stated by security consultants that it is amazing what yell can
obtain access to with a pizza box or a vase of flowers. If the organization doesn’t enforce
good password policies, a casual stroll through an office may yield passwords or other
important information.
Another aspect that must be considered is personnel who have
legitimate(Conforming to the law or to rules) access to a facility but may not have the
same regard for the intellectual property rights bf the organization that their coworkers
do.
Physical access provides an easy opportunity for individuals to look for the
occasional piece of critical information carelessly left out. With the proliferation of
devices such as cell phones with built-in cameras, an individual could easily photograph
information without it being obvious to employees.
Contractors, consultants, and partners frequently not on have physical access to
the facility but may also have network access. Other individuals that typically have
unrestricted access to the facility when no one is around are nighttime custodial crew
members and security guards. Such positions are often contracted out. As a result,
hackers have been known to take temporary custodial jobs simply to gain access to
facilities.
Social Engineering
Social engineering is a technique in which the attacker uses various deceptive
(Giving an appearance or impression different from the true one; misleading) practices to
obtain information they would normally not be privileged to, or to convince the target of
the attack to do something they normally wouldn’t.
Social engineering is very successful because of two general reasons.
Reason No -1
The basic desire by many to be helpful. When somebody asks a question for which
we know the answer, our normal response is not to be suspicious but rather to answer
the question. The problem with this is that seemingly innocuous information can be
used either directly in an attack or to build, a bigger picture that can be used to create
an aura of authenticity for the attacker.
The more information an individual has about an organization, the easier it will be
to convince others that he is part of the company and has a right to even sensitive
information. This type of reasoning can be further broken down into one of three
categories.
The attacker may simply ask a question hoping to immediately- obtain the
desired information. For the most basic of information that is not considered sensitive,
this generally will work. An example of this might be to call and ask who the IT manager
is. If the attacker’s desired information might be even slightly sensitive in nature, and
possibly arouse suspicion then another technique may be tried.
The attacker may first attempt to engage the target in conversation and try
to evoke sympathy so the target feels sorry for the individual and may more freely
release the information. An example might be an attacker who calls and claims to be
under some deadline from a supervisor who is upset for some reason.
5
The target, feeling sorry for a fellow worker, may give up the information
thinking that by doing so they are helping the attacker keep out of trouble. The attacker
may also try another approach, appealing to the individual’s ego. An example might be
an individual who calls the IT department, claiming to have some sort of problem, and
praising them for work they supposedly did to help another worker.
After having somebody tell you how great you are and how much you helped
somebody else, you will often be tempted to supply the same level of help to another
individual.
Reason No -2
Social engineering is successful is that individuals will normally seek to avoid
confrontation and trouble, lithe attacker attempts to intimidate the target, threatening to
call the targets supervisor because of a lack of help, the target may give in and provide
the information to avoid confrontation. This variation on the attack is often successful in
organizations that have a strict hierarchical structure.
In the military, for example, a lower ranking individual may be coerced into
providing information from an individual claiming to be of higher rank or who claims to
be working for another individual higher up in the chain of command.
A variation on social engineering uses means other than direct contact between
the target and the attacker. An example of this type of attack might be a forged
electronic mail or a bogus web site to obtain information from an individual or convince
the individual to accomplish some action.
Again, the goal in social engineering is to convince the target to provide
information or accomplish some act that they normally would not do. An example
of a slightly different attack that is generally still considered a social engineering attack
is an attacker who replaces the blank deposit slips in a bank’s lobby with ones
containing his or her own account number but no name. When an unsuspecting
customer uses one of the slips, a teller who is not observant may end up crediting the
attacker’s account with the deposit.
Social engineering has been discussed in the context of an outsider attempting to
gain information about the organization. This does not have to be the case. Insiders may
also attempt to gain information they are not authorized to have. In many cases, the
insider may be much more successful since they will already have a certain level of
information regarding the organization.
Reverse Social Engineering

A slightly different approach to social engineering is called reverse social
engineering. In this technique, the attacker hopes to convince the target to initiate the
contact. This obviously differs from the traditional approach where the target is the one
that is contacted. The reason this attack may be successful is that, since the target is
the one initiating the contact, attackers may not have to convince the target of their
authenticity. The tricky part of this attack is, of course, convincing the target to make
that initial contact.
Possible methods to accomplish this might include sending out a spooled e-mail
claiming to be from a reputable source that provides another e-mail address or phone
number to call for ―tech support,‖ or posting a notice or creating a bogus web site for a
legitimate company that also claims to provide ―tech support.‖ This may be especially
successful if accomplished in conjunction with the deployment of a new software or
hardware platform.
6
Another potential(Nice) time to target an organization with this sort of attack is
when there is a significant change in the organization itself. The sort of upheaval
referred to here would occur if two companies merge or if a smaller company is acquired
by a larger one. During these times, employees are not familiar with the new
organization or its procedures and amidst the confusion it is easy to conduct either a
social engineering or reverse social engineering attack.
People as a Security Tool
When talking of social engineering attacks is that people are not only the biggest
problem and security risk but they are also the best tool in defending against a social
engineering attack. The first step a company should take to fight potential social
engineering attacks is to create the policies and procedures that establish the roles and
responsibilities for not only security administrators but for all users. What is it that
management expects, security-wise, from all employees? What is it that the organization
is trying to protect, and what mechanisms are important for that protection?
Security Awareness
Probably the single most effective method to counter potential social engineering
attacks after establishment of the organization’s security goals and policies is an active
security awareness program. The extent of the training will vary depending on the
organization’s environment and the level of threat, but initial employee training on social
engineering at the time a person is hired is important, as well as periodic refresher
training.
Many government organizations have created security awareness posters to
constantly remind individuals of this possible avenue of attack. Security newsletters,
often in the form of e-mail, have also been used to remind employees of their security
responsibilities.
An important element that should be stressed in training about social engineering
is the type of information that the organization considers sensitive and which may be
the target-of a social engineering attack.
There are undoubtedly signs that the organization could point to as indicative of
an attacker attempting to gain access to sensitive corporate information. All employees
should be aware of these indicators.
Individual User Responsibilities

Several times we’ve alluded (Suggest or call attention to indirectly )to specific duties
that Users should be expected to perform. These vary between organizations and -the
type of business the organization is involved in, but there are certain very basic
responsibilities that all users should adopt. These include:
 Locking the door to your office or workspace
 Not leaving sensitive information inside your car unprotected
 Securing storage media containing sensitive information in a secure storage device
 Shredding paper containing organizational information before discarding it
 Not divulging sensitive information to individuals (including other employees) that
do not have an authorized need to know it
 Not discussing sensitive information with family members (the most common
violation of this rule occurs in regards to human resources information as
7
employees, especially supervisors, may complain to their spouse about other
employees or problems that are occurring at work)
 Protecting laptops that contain sensitive or important organization information
wherever the laptop may be stored or left (it’s a good idea to ensure that sensitive
information is encrypted on the laptop so that should the equipment be lost or
stolen, the information remains safe)
 Being aware of who is around you when discussing sensitive corp information.
Does everybody within earshot have the need to hear this information?
 Enforcing corporate access control procedures. Be alert to, and do riot allow,
piggybacking, shoulder surfing, or access without the proper credentials.
 Being aware of the correct procedures to report suspected or actual violations of
security policies
 Establishing procedures to enforce good password security practices that all
employees should follow. Passwords are such a critical element that they are
frequently the ultimate target of a social engineering attack. Though such
password procedures may seem too oppressive or strict, they are often the best
line of defense.
Finally what….
On user responsibilities, corporate security officers must cultivate an environment of
trust in their office, as well as an understanding of the importance of security. If users
fee! that security personnel are on there to make their life difficult or dredge up
information that will result in an employee’s termination, the atmosphere will quickly
turn adversarial and be transformed into an ―us versus them‖ situation.
Security personnel need the help of all users and should strive to cultivate a team
environment where users when faced with a questionable situation, will not hesitate to
call the security office. In situations like this, security officers should remember the old
adage of ―don’t shoot the messenger.‖
Security Policies
Prevention technologies are designed to keep individuals from being able to gain
access to systems or data they are not authorized to use. Originally, this was the sole
approach to security. In an operational environment, prevention was extremely difficult
and relying on prevention technologies alone was not sufficient. This led to the rise of
technologies to detect and respond to events that occur when prevention failed. This
gave rise to the operational model for computer security.
Prevention technologies are static in the sense that they are put in place and generally
left alone. This is not to say that they are not periodically updated as needed, but they
are generally designed to serve in some way as a static barrier to intruders.
Detection and response technologies, on the other hand, are dynamic in the sense that
they acknowledge that security is an ongoing process. Systems and networks are
constantly changing. They therefore need to be constantly monitored.
Monitoring the operation of the various components that make up your security
perimeter is an essential part of any organization’s security program.
Policies, Procedures, Standards, and Guidelines
8
An important part of any organization’s approach to implementing security are the
policies, procedures, standards, and guidelines that are established to detail what users
and administrators should be doing to maintain the security of the systems and
network.
Policies – General management Statement
Standard – Specific Mandatory
Guideline – Recommendation/Best Practice
Procedure – Step by Step instruction
Policies are high-level, broad statements of what the organization wants to accomplish.
They are made by management when laying out the organizations position on some
issue.
Standards are mandatory elements regarding the implementation of a policy. They are
accepted specification providing specific details on how a policy is to be enforced. Some
standards may be externally driven. Regulations for banking and financial institutions,
for example, may require certain security measures be taken by law. Other standards
maybe set by the organization for its own goals.
Guidelines are recommendations relating to a policy. The key term in this case is
recommendation—guide lines are not mandatory steps.
Procedures are the step-by-step instructions on how to implement policies in the

organization. They describe exactly how employees are expected to act in a given
situation Otto accomplish a specific task.
Just as the network itself constantly changes, the policies, procedures, and
guidelines should be living documents that ale periodically evaluated and changed if
necessary. The constant monitoring of the network and the periodic review of the
relevant documents are part of the process that is the operational model. When applied
to policies, this process results in what is known as the policy life cycle. This operational
process roughly consists of four steps:
1. Plan (adjust)
2. Implement
3. Monitor
4. Evaluate
1) The first step is to plan for security in your organization. In this step, you develop
the policies, procedures, and guidelines that will be implemented and design the
security components that will protect your network. Once these are designed and
developed, you can implement the plans.
2) Part of the implementation of any policy, procedure, or guideline will be an
instruction period where those who will be affected by the change or introduction
of this new document will learn about its contents.
3) Next, you monitor to ensure that both the hardware and the software as well as
the policies, procedures, and guidelines are effective in securing your systems.
4) Finally, you evaluate the effectiveness of the security measures you have in place.
This step may include a vulnerabilities assessment and penetration test of your
system to ensure the security is adequate. After evaluating your security posture,
you begin again with step one this time adjusting the security mechanisms you
have in place, and then continue with this cyclical process.
9
Physical Security
Physical security is the protection of personnel hardware, programs, networks,
and data from physical circumstances and events that could cause serious losses
or damage to an enterprise, agency, or institution. This includes protection from fire,
natural disasters, theft and terrorism.
Physical security describes both measures that prevent or deter attackers from
accessing a facility, resource, or information stored on physical media and guidance on
how to design structures to resist various hostile acts.
Security at the physical level is a must. It should be provided to physically protect
the assets and resources in the secured perimeter.
Control against natural calamities
 Using fire resistant and water resistant material
 Implementation of fire monitoring, fire alarm and fire control system
 Using fire extinguishers
 Proper site design
 Insurance cover
Control against power supply problems

 Installation of UPS systems
 Installation of alternative power sources like generator sets
 To improve quality of power using stabilizers, spike guards etc.
Controls for physical access/authentication

 Use of token based access control such as barcode, magnetic strip cards, SIM and
smart cards, proximity cards and RFID based identification system
 Biometric identification and authentication systems
 Multifactor identification system
 Door locks, magnetic locks and other physical access controls
 Security guards
Controls for protection of Hardware

 Burglar alarm systems and intruder detection systems
 CCTV (close circuit television) monitoring systems
 Locks, padlocks, chain locks etc
Controls for declassification and removing electronic waste

 Paper shredders, burners, crushers
 Formatting and degaussing of magnetic media
 Destruction of electronic waste
Controls against emanation

 TEMPEST (Telecommunications Electromagnetic Protection, Equipment,
 Standards and Techniques) certification.
 Shielding and jamming techniques
10
Controls for data protection
 Data redundancy measures such as mirroring shadowing and RAID
 configurations
 Regular onsite and offsite data backups
Controls for trusted human resources

 Security training and ethics training for the organization employees
 Screening of vendors and service personnel
 Physical frisking at the entry points
Access Controls
Q.What is Access Control?List Different types of it?
Ans. The term access control has been used to describe a variety of protection schemes.
It is sometimes used to refer to all security features used to prevent unauthorized access
to a computer system or network. In this sense, it may be confused with authentication.
More properly, access is the ability of a subject (such as an individual or a process
running on a computer system) to interact with an object (such as a file or hardware
device).
Authentication, on the other hand, deals with verifying the identity of a subject. To
help understand the difference, consider the example of an individual attempting to log
in to a computer system or network. Authentication is the process used to verify to the
computer system or network that the individual is who they claim to be. The most
common method to do this is through the use of a userid and password. Once the
individual has verified their identity, access controls regulate what the individual can
actually do on the system. Just because a person is granted entry to the system, that
does not mean that they should have access to all data the system contains.
To further illustrate, consider another example. When you go to your bank to

make a withdrawal, the teller at the window will verify that you are indeed who you
claim to be. This is usually done by asking you to provide some form of identification
with your picture on it, such as your driver’s license. You may also have to provide
information such as your bank account number. Once the teller verifies your identity,
you will have proved that you are a valid (authorized) customer of this bank. This does
not, however, mean that you have the ability to view all information that the bank
protects—such as your neighbor’s balance. The teller will control what information, and
funds, you may have access to and will grant you access only to that which you are
authorized. In this example, your identification and bank account number serve as your
method of authentication and the teller serves as the access control mechanism.
In computer systems and networks, there are several ways that access controls
can be implemented. An access control matrix provides the simplest framework for
illustrating the process. An example of an access control matrix is provided in Table 1-1.
In this matrix, the system is keeping track of two processes, two files, and one hardware
device.
Process 1 can read both File 1 and File 2 but can write only to File 1. Process 1 cannot
access
11
Process 2, but Process 2 can execute Process 1. Both processes have the ability to write
to the printer. While simple to understand, the access control matrix is seldom used in
computer systems because it is extremely costly in terms of storage space and
processing. Imagine the size of an access control matrix for a large network with
hundreds of users and thousands of files. The actual mechanics of how access controls
are implemented in a system varies, though access control lists (ACLs) are common. An
ACL is nothing more than a list that contains the subjects that have access rights to a
particular object. The list will identify not only the subject but the specific access that
that subject has for the object. Typical types of access include read, write, and execute
as indicated in our example access control matrix.
No matter what specific mechanism is used to implement access controls in a
computer system or network, the controls should be based on a specific model of access.
Several different models are discussed in security literature, including discretionary
access control (DAC), mandatory access control (MAC), and role-based access control
(RBAC).
Discretionary Access Control

Both discretionary access control and mandatory access control are terms originally
used by the military to describe two different approaches to controlling what access an
individual had on a system. As defined by the ―Orange Book,‖ a Department of Defense
document that at one time was the standard for describing what constituted a trusted
computing system, discretionary access controls are ―a means of restricting access to

objects based on the identity of subjects and/or groups to which they belong. The
controls are discretionary in the sense that a subject with a certain access permission is
capable of
passing that permission (perhaps indirectly) on to any other subject.‖ While this may
appear to many to be typical ―government-speak‖ and confusing, the principle is really
rather simple. In systems that employ discretionary access controls, the owner of an
object can decide which other subjects may have access to the object and what specific
access they may have. One common method to accomplish this is the permission bits
used in UNIX-based systems. The owner of a file can specify what permissions
(read/write/execute) members in the same group may have and also what permissions
all others
may have. Access control lists are another common mechanism used to implement
discretionary access control.
12
Mandatory Access Control
A less frequently employed system for restricting access is mandatory access control.
This system, generally used only in environments where different levels of security
classifications exist, is much more restrictive of what a user is allowed to do. Again
referring to the Orange Book, we can find a definition for mandatory access controls,
which is ―a means of restricting access to objects based on the sensitivity (as
represented by a label) of the information contained in the objects and the formal
authorization (i.e., clearance) of subjects to access information of such sensitivity.‖
In this case, the owner or subject can’t determine whether access is to be granted
to another subject; it is the job of the operating system to decide. In MAC, the security
mechanism controls access to all objects and individual subjects cannot change that
access. The key here is the label attached to every subject and object. The label will
identify the level of classification for that object and the level that the subject is entitled
to. Think of military security classifications such as Secret and Top Secret. A file that
has been identified as Top Secret (has a label indicating that it is Top Secret) may be
viewed only by individuals with a Top Secret clearance.
It is up to the access control mechanism to ensure that an individual with only a
Secret clearance never gains access to a file labeled as Top Secret. Similarly, a user
cleared for Top Secret access will not be allowed by the access control mechanism to
change the classification of a file labeled as Top Secret to Secret or to send that Top
Secret file to a user cleared only for Secret information. The complexity of such a
mechanism can be further understood when you consider today’s windowing
environment. The access control mechanism will not allow a user to cut a portion of a
Top Secret document and paste it into a window containing a document with only a
Secret label.
It is this separation of differing levels of classified information that results in this
sort of mechanism being referred to as multilevel security. A final comment should be
made: just because a subject has the appropriate level of clearance to view a document,
that does not mean that they will be allowed to do so. The concept of ―need to know,‖
which is a discretionary access control concept, also exists in mandatory access control
mechanisms.
Role-Based Access Control

Access control lists can be cumbersome and can take time to administer properly.
Another access control mechanism that has been attracting increased attention is the
role-based access control (RBAC). In this scheme, instead of each user being assigned
specific access permissions for the objects associated with the computer system or
network, that user is assigned a set of roles that the user may perform. The roles are in
turn assigned the access permissions necessary to perform the tasks associated with the
role. Users will thus be granted permissions to objects in terms of the specific duties
they must perform—not of a security classification associated with individual objects.
Q.Write short note on Authentication

Ans. Authentication
Access controls define what actions a user can perform or what objects a user can have
access to. These controls assume that the identity of the user has been verified. It is the
job of authentication mechanisms to ensure that only valid users are admitted.
Described another way, authentication is using some mechanism to prove that you are
who you claim to be. There are three general methods used in authentication. In order
13
to verify your identity, you can provide:
• Something you know
• Something you have
• Something about you (something that you are)
The most common authentication mechanism is to provide something that only
you, the valid user, should know. The most frequently used example of this is the
common userid (or username) and password. In theory, since you are not supposed to
share your password with anybody else, only you should know your password, and thus
by providing it you are proving to the system that you are who you claim to be. In
theory, this should be a fairly decent method to provide authentication. Unfortunately,
for a variety of reasons, such as the fact that people have a tendency to choose very poor
and easily guessed passwords, this technique to provide authentication is not as reliable
as it should be. Other authentication mechanisms are consequently always being
developed and deployed.
Another method to provide authentication involves the use of something that only
valid users should have in their possession. A physical-world example of this would be a
simple lock and key. Only those individuals with the correct key will be able to open the
lock and thus provide admittance to your house, car, office, or whatever the lock was
protecting. A similar method can be used to authenticate users for a computer system or
network (though the key may be electronic and may reside on a smart card or similar
device).
The problem with this technology is that people will lose their keys (or cards),
which means they can’t log in to the system and somebody else who finds the key may
then be able to access the system, even though they are not authorized. To address this
problem, a combination of the something-you-know/something-you-have methods is
often used so that the individual with the key may also be required to provide a
password or passcode. The key is useless unless you know this code. An example of this
is the ATM card most of us carry. The card is associated with a personal identification
number (PIN), which only you should know. Knowing the PIN without having the card is
useless, just as having the card without knowing the PIN will also not provide you
access to your account.
The third general method to provide authentication involves something that is
unique about you. We are used to this concept in our physical world, where people’s
fingerprints, or a sample of their DNA, can be used to identify them. This same concept
can be used to provide authentication in the computer world. The field of authentication
that uses something about you or something that you are is known as biometrics. A
number of different mechanisms can be used to accomplish this type of authentication,
such as a voice print, a retinal scan, or hand geometry. All of these methods obviously
require some additional hardware in order to operate. While these three approaches to
authentication appear to be easy to understand and in most cases easy to implement,
authentication is not to be taken lightly, since it is such an important component of
security. Potential attackers are constantly searching for ways to get past the system’s
authentication mechanism, and there have been some fairly ingenious methods
employed to do so. Consequently, security professionals are constantly devising new
methods, building on these three basic approaches, to provide authentication
mechanisms for computer systems and networks.
14
BioMetrics
Biometrics" means "life measurement" but the term is usually associated with the
use of unique physiological characteristics to identify an individual. The application
which most people associate with biometrics is security. However, biometrics
identification has eventually a much broader relevance as computer interface becomes
more natural. Knowing the person with whom you are conversing is an important part of
human interaction and one expects computers of the future to have the same
capabilities.
A number of biometric traits have been developed and are used to authenticate the
person's identity. The idea is to use the special characteristics of a person to identify
him. By using special characteristics we mean the using the features such as face, iris,
fingerprint, signature etc.
The method of identification based on biometric characteristics is preferred over
traditional passwords and PIN based methods for various reasons such as: The person
to be identified is required to be physically present at the time-of-identification.
Identification based on biometric techniques obviates the need to remember a password
or carry a token. A biometric system is essentially a pattern recognition system which
makes a personal identification by determining the authenticity of a specific
physiological or behavioral characteristic possessed by the user. Biometric technologies
are thus defined as the "automated methods of identifying or authenticating the identity
of a living person based on a physiological or behavioral characteristic".
A biometric system can be either an 'identification' system or a 'verification'

(authentication) system, which are defined below.
Identification - One to Many: Biometrics can be used to determine a person's identity

even without his knowledge or consent. For example, scanning a crowd with a camera
and using face recognition technology, one can determine matches against a known
database.
Verification - One to One: Biometrics can also be used to verify a person's identity. For
example, one can grant physical access to a secure area in a building by using finger
scans or can grant access to a bank account at an ATM by using retinal scan.
Biometric authentication requires to compare a registered or enrolled biometric sample

(biometric template or identifier) against a newly captured biometric sample (for
example, the one captured during a login).
This is a three-step process
 Capture,
 Process,
 Enroll
followed by a
 Verification or
 Identification process.
During Capture process, raw biometric is captured by a sensing device such as a
fingerprint scanner or video camera.
15
In this phase of processing is to extract the distinguishing characteristics from
the raw biometric sample and convert into a processed biometric identifier record
(sometimes called biometric sample or biometric template).
In this phase of enrollment the processed sample (a mathematical representation
of the biometric - not the original biometric sample) is stored / registered in a storage
medium for future comparison during an authentication.
In many commercial applications, there is a need to store the processed biometric
sample only. The original biometric sample cannot be reconstructed from this identifier.
Type of Biometrics
Biometrics refers study of methods for uniquely recognizing humans based upon one of
more intrinsic physical or behavioral characteristics
Biometric identification Is used on the basis of some unique physical attribute of the
user that positively identifies the user.
Examples: Finger print recognition, retina scan techniques, palm capillary mapping,
voice synthesis and recognition, face recognition.
16
Biometric characteristics can be divided in two main classes Physiological are related to
the shape of the body.
For example, finger print face recognition, DNA, Palm print, hand geometry, iris
recognition, which has largely replaced retina, and odor/scent.
Behavioral are related to the behavior of a person.
For example, typing rhythm, gait, signature and voice. This class of biometrics is termed
as behaviometrics.
Physiological vs. Behavioral Biometrics
Physiological biometrics analyzes the physiological characteristics of an individual.

By definition, physiology is ―a branch of biology that deals with the functions and
activities of life or of living matter (as organs, tissues, or cells) and of the physical and
chemical phenomena involved". This division of biometrics includes the following:
fingerprints face recognition, iris recognition, hand and finger geometry, and DNA
analysis. A second division of biometrics is behavioral. Behavioral biometrics deals with
the identification or verification of individuals based on the manner in which they
conduct themselves through various activities. The behavioral division of biometrics
includes the following: keystroke recognition, speaker (voice) recognition, and signature
recognition.
17
Block Diagram of Biometric System
(Above Shown Block Diagram can be used)
A biometric system can operate in the following two modes
Verification - A one to one comparison of a captured biometric with a stored template to

verify that the individual is who he claims to be. Can be done in conjunction with a
smart card, username or ID number.
Identification - A one to many comparison of the captured biometric against a

biometric database in attempt to identify an unknown individual. The Identification only
succeeds in identifying the individual if the comparison of the biometric sample to a
template in the database falls within a previously set threshold.
The first time an individual uses a biometric system is called an enrollment. During
the enrollment, biometric information from an individual is stored. In subsequent uses,
biometric information Is detected and compared with the information stored at the time
of enrollment.
 The (sensor) is the interface between the real world and the system; it has to
acquire all the necessary data.
 The next it performs all the necessary pre-processing: it has to remove artifacts
from the sensor, to enhance the input (For example, removing background noise),
to use some kind of normalization, etc.
 After preprocessing system extracts necessary features. This step is an important
step as the correct features need to be extracted in the optimal way. A vector of
numbers or an image with particular properties Is used to create a template. A
template is a synthesis of the relevant characteristics extracted from the source.
Elements of the biometric measurement that are not used in the comparison
algorithm are source. Elements of the biometric measurement that are not used in
the comparison algorithm are discarded in the template to reduce the file size and
to protect the identity of the enrollee.
 If enrollment is being performed, the template is simply stored somewhere (on a
card or within a database or both). If a matching phase is being performed, the
18
obtained template is passed to a matcher that compares it with other existing
templates, estimating the distance between them using any algorithm (For
example, Hamming distance). The matching program will analyze the template
with the input. This will then be output for any specified use or purpose (For
example, entrance in a restricted area).
Hand Geometry
Background
Hand geometry is a form of physiological biometrics
that uses the shape of the hand for authentication purposes.
Various traits of the hand, such as finger length, width and
curvature, as well as unique features may be used for
identification. Hand geometry scan require that users place
their hands onto a surface with 5 pegs. This aligns the hand
so that the scanner can get a consistent reading on each
scan. The scan is then compared to the database for
verification. A typical scan will take two pictures of the hand:
one of the top and one of the side.
Another type of biometric scan can be done to identify
the dorsal venous network of the hand. This essentially
shows the blood vessels on the back of the hand and may be another useful factor for
verification.
Studies on the use of hand geometry have been performed by Michigan State
University. In their tests, users interacted with hand verification systems to grant access
to web-based services. The use of hand verification as opposed to another form of
biometric security might be favorable due to the sensitive nature of fingerprint, DNA, or
iris-based systems.
Problems and Implementation

Hand geometry is not a unique form of biometric security. More than one person
may have the same or very similar hand shapes. This limits the usefulness of hand
geometry to verification, not identification. Combining hand geometry with another form
of biometric security, such as fingerprint biometrics, would provide a very secure
19
identification system. A system where hand geometry was used to verify the fingerprint
input would add an additional layer of security and create a very effective identification
system.
Hand geometry is currently in use for physical security purposes, namely building
access, due to its ease of use, low cost and relatively impersonal data it uses.
Implementing a security system based on hand geometry alone would not be a viable
security system, however when combined with fingerprint biometrics it is a suitable
security system for almost any business need.
Eye Biometric
Background
As early as the 1930’s researchers began to notice that the blood vessels on the back of
a human eye are unique to every person. Even identical twins have different patterns of
these blood vessels. In the thirties, however, there was not sufficient technology to
implement these retinal characteristics into a form of advanced security. Once the
correct technology was acquired, retina biometrics, one of the most sophisticated forms
of security, was born.
How it Works
Today, there are many different machines designed to perform retina scans but all follow
the same basic principles. These machines require a person to take off any glasses they
may be wearing and stand with their eyes very close to a scanner. The machine takes
around ten seconds to shine a ―low intensity coherent light source‖ onto the retina to
illuminate the blood vessels.The individual being scanned must remain still and stare at
a specific point while the device is processing the scan. Once the machine has a copy of
the scan, it compares the picture to all the different scans on file, looks for a match, and
identifies the individual.
Machine Scanning an Eye:
Example of a scanned retina:
Advantages
A few advantages to Retina Biometrics include:
 No two retinas will ever be exactly alike
 Even after deceased, the blood vessels cannot be
imitated since they decay rapidly
 Fast, accurate scan
Implementation
Since the retina scan machines are fairly expensive, a popular use of this type of
security is with government agencies to identify employees. Also, some companies (both
large and small) use the retina scan machines to keep track of attendance of employees
and control access areas within a building.Since these machines are extremely accurate,
they tend to be used in highly protected areas. Companies use retina scans to limit
access to, usually, the top employees only. This ensures that important data will only be
seen by the people with clearance. Companies also like to use these retina scanning
machines since they are highly accurate in a short amount of time. Employees only have
to spend around ten seconds at the machine to be granted access or denied.
20
Facial BioMetrics
Background
Facial recognition Biometrics was introduced in the 1960’s. The US government hired a
man named Woodrow W. Bledsoe to create the very first semi-automated face
recognition system. The machine located key features on the face and calculated the
ratios between them for identification. A decade later three men named Goldstein,
Harmon, and Lesk joined forces to enhance the existing machines. They developed a 21
point check for the machines to identify and calculate the ratios between these facial
structures. The 21 points included very intricate features of the face such as thickness
of the lips and color of the hair. In the 1980’s facial recognition systems were beginning
to become available in commercial retail.
How it Works
Facial recognition starts by using a digital video camera to record a person’s face as they
enter a certain area. This type of biometrics does not require anyone to physically touch
a machine, just stand within a designated space. The picture is then analyzed by
―comparing distances between things like the eyes, nose, mouth, and jaw edges‖ of a
person. This method compares angles and ratios of a person’s face to a database of
previously collected ratios to correctly identify the individual.
Application in Business
Facial recognition biometrics is slowly creeping into many aspects of today’s world. For
example, starting in 1988, a sheriff’s department in Los Angeles started the first
commercial facial recognition system to combine a database of digital mug shots to help
ensure arresting the correct suspect. Also, after the terrorist attack of September 11th,
many airports have implemented a facial recognition system. This seems like the ideal
place for this type of security since it can process the large amount of traffic moving
through an airport. Another system implemented after 9/11 was at the Super Bowl of
2001. The staff scanned everyone hoping to be able to identify anyone with any sort of
criminal record. Other ideal locations for facial recognition systems are places like
―casinos, public transportation, financial institutions‖ or anywhere with numerous
people.
Future Implementation Problems

Many businesses like facial recognition biometrics since their patrons aren’t even aware
that they are being screened, yet for this same reason, some patrons get upset about
this invasion of privacy. Ethical problems such as this may make implementation in the
future difficult. Also, advancement in media technology may prove to be an obstacle for
companies that have already implemented a facial recognition system. Most systems use
a 2D picture to store in their database, yet when technology advances to 3D the systems
database will not combine since the files are different. Also, the more advanced
technology gets, the more expensive this media equipment will get.
DNA Biometics
What is DNA?
21
Deoxyribonucleic acid (DNA) is the genetic material found in most organisms,
including humans. Each individual human is identifiable by hereditary traits found in
their DNA, which is located in the nucleus of the cells as well as the mitochondria. DNA
serves as a genetic code that is unique to every organism, no two being exactly alike;
only identical twins are an exact DNA match. An organism’s DNA code is comprised of
four bases: adenine (A), guanine (G), cytosine (C), and thymine (T). These bases combine
in a specific sequence to form base pairs that determine the anatomy and physiology of
the organism. Each base pair is attached to a sugar and phosphate molecule creating a
nucleotide. Nucleotides compose two long strands connected by the base pairs in a
ladder-like formation that form the common spiral
known as the double helix.
In the case of human beings, there are about 3 million
bases, 99% of which are the same from person to
person. The variations found in the final 1% are the
means by which DNA becomes unique to each
individual. The final 1% also serves as the foundation
for DNA biometrics, being the location of the unique
traits by which DNA recognition can identify or verify
the identification of an individual person. Image:
How DNA recognition works?
The cells that contain DNA share genetic material (information) through chromosomes.
Humans have 23 chromosomes that house a person’s DNA and their genes. Of the 46
total chromosomes, 23 come from each parent of an offspring. 99.7% of an offspring’s
DNA is shared with their parents. The remaining .3% of an individuals DNA is variable
repetitive coding unique to an individual. This repetitive coding is the basis of DNA
biometrics. DNA recognition uses genetic profiling, also called genetic fingerprinting, to
isolate and identify these repetitive DNA regions that are unique to each individual to
either identify or verify a person’s identity.
The basic steps of DNA profiling include:
1. Isolate the DNA (sample can originate from blood, saliva, hair, semen, or tissue)
2. Section the DNA sample into shorter segments containing known variable number
tandem repeats (VNTRs)—identical repeat sequences of DNA
3. Organize the DNA segments by size
4. Compare the DNA segments from various samples
The more repeats of sequences there are for a given sample, the more accurate the DNA
comparison will be, thus decreasing the likelihood of the sample matching multiple
individuals. In other words, the more detailed the sample is, the more precise the
comparison is in identifying the individual who possesses the DNA from the sample. A
few drawbacks of this technique are the depth of the procedure, the physical
invasiveness of obtaining the DNA sample, and the time required to perform a DNA
comparison. Also contamination of the sample renders the comparison impossible.
Most often, DNA biometrics is used for identification purposes as opposed to verification
because the technique has yet to automate through technological advances. DNA
sequencing, the process of generating a DNA profile, is compared to DNA samples
previously acquired and catalogued in a database. The most common DNA database in
existence is the CODIS System used by the Federal Bureau of Investigation. DNA
biometrics technology is not advanced enough for universal use. Current DNA
biometrics is far from that depicted in the movies.
22
The Future of DNA Biometrics

The future of DNA biometrics in terms of physical and network security will rely on
experts’ ability to make it a more cost efficient method of identification. Whether this
means portability or mass production, development will depend on technological
advances in the areas of DNA sequencing and sample comparison techniques. A
professor at National University in San Diego, California is working on creating a
portable DNA sequencer that will combine existing DNA biosensors with a new device
called the ion-selective field-effect transistor (ISFET). This product would allow a
handheld device to perform the same activities that currently must take place in a
laboratory. As these kinds of advancements take place, the implementation of DNA
biometrics into civilian business environments for use in physical and network security
will expand to a great extent. The precision and accuracy of DNA recognition will make it
a much desired means of identification, and hopefully verification, in the foreseeable
future.
KeyStrokes
Introduction
Keystroke Dynamics are the behavioral study of how
individual humans type on a keyboard, considering
factors such as Flight Time (the time it takes to move
from one key to another) and Dwell time (the time a
person spends on any given key).
The history of keystroke as a field of study dates back
to early days of the telegraph, where operators learned
the ―voices‖ of other operators as they transmitted
messages. During World War II, as part of the
cryptanalysis of the British, female code breakers learned the ―voices‖ of telegraph
transmitters in the German military.This allowed the Allies to point when transmissions
were highly important or likely falsified information. The identification mark, an
individual rhythmic pattern to transmitting signals known as the ―fist of the sender‖
became the cornerstone for the study of Keystroke Dynamics.
How Keystroke Dynamics Work?

The basis for testing or observing one’s pattern for typing is the repetition of typing so
that differences can be noted and patterns observed between words. Today, a template is
made consisting of the user typing a series of words over several sessions to break up
the time. Forced typing over long periods of time can induce fatigue, stress, and other
factors, such as simple typing mistakes, which may inhibit the template’s
accuracy.Once proper calibrated, the template will be easily able to distinguish whether
the acceptable user is typing or not by comparing the flight and dwell times to those set
on the template.
Disadvantages
The failure of ease in regards to using this system is what inhibits its uses from the
public arena. Setting up a series of accepted users is time consuming and based on the
studies of one particular study, may be hard to duplicate by that user than by that of
23
another user. Also, the failure of the system to easily identify new acceptable user while
in place limits its use. Although developments are being made to prepare the system for
such intelligence, it has not yet been incorporated.
Applications
One of the most likely possible uses for Keystroke Dynamics in the business and
information world today would be for user identification purposes. By having the specific
user calibrated to typing a specific phrase or password, the analytical software would be
able to decipher whether or not the user is the allowed source based upon hesitation
and rapidity of the stroke. Thus simply typing the password or pasting it within the
appropriate filed would not work because the flight time and dwell times would not
match. This would eliminate security threats to an information system even if the actual
text or character combination was revealed to an outside source.
Additionally, this software could be used to distinguish one person from another in
signal based communications, such as typing or telegraphing, where the user is
manually inputting the signals according to their own rhythmic patterns. Although not
able to identify new users, the software can compare input signals to established
templates and determine whether or not the desired user is the one transmitting the
signal.
Signature
Signature
Introduction
Dynamic Signature Verification refers to the process of analyzing one’s signature
according to the speed, pressure, and
timing that the user takes to complete the
signature. The process is ideal for security
purposes because it allows a frequently
used writing (the signature) that is unique
to each user based upon the amount of
time and effort that they specifically put
into their writing.
History
Signatures date back to the early
beginnings of written language, which
began in the Sumerian civilization.It wasn’t until the Romans, under Valentitian III,
began using the subscripto(a short phrase used to verify wills), that the signature had
its birth. It quickly spread to other legal documents as a unique verification tool to
ascertain several key elements: message authentication, message/data integrity, and
non-repudiation (legal aspect of events). From this base, the signature has become a
staple of western civilization, to the point that today, the signature is a legally binding
entity.
Advantages
The key advantage to this particular system of behavioral biometrics is that it is based
on an already accepted form of identification. Incorporation of a security system based
24
on Dynamic Signature Verification would require a certain amount of investment in
equipment and software to analyze the inputs, but no real cost to train people on how to
input signals. At the same time, it is reliant upon unique characteristics that are not
easily duplicable, with even the same users having slight (neglible) differences between
their own signatures. Many companies, such as IBM, are already offering software that
provides this service, easily comparing the input signature to six given templates by the
authenticated user. Not only does it boast a low total error rate (1.5%) but it also
requires little time (1 sec/signature), cheap equipment cost, and low storage space.
Applications
Signature Verification itself is used and has been successfully
incorporated into the public domain. Each time a user signs on a digital
notepad to approve a credit card transaction, they are using a form of
signature verification. The difference though is that this form does not
take into account the pressure, timing, and speed with which the user inputs the signal,
it only compares the input signature to the one on file. This is due to the simplicity of
the system, which often uses only a simple scanner. Thus a forger who can reasonably
reproduce the signature of a copy submitted electronically can easily be mistaken for the
authentic. Dynamic Signature Verification would require the use of a scanner, a camera
to observe how the signature is being made(speed and timing), and a pen with sensors
or that uses ultrasonic sensing to observe the pressure. By incorparating these elements
into the observed cateogory, the percentage of successful forging attempts is
significantly reduced.
Voice Biometrics
Background Information
Much like the uniqueness of fingerprints, voice can also be used as a form of security for
identifying an individual.
25
Voice is able to be used because of each individuals tone, pitch, and atonality of words.
The voice is unique because of the individual shape of the vocal cavities and the way the
individual moves their mouth when they speak
Matching Techniques
The wave patterns in the voice and the measurement of physiological
characteristics, such as the nasal passages and vocal chords, as well as the frequency,
cadence and duration of the vocal pattern are all included in considering a voiceprint.
The voiceprint is a biometric voice identifier not a recording or a sound file; so an
imposter could not record one’s words and replay them into the system and get access
granted. A voiceprint allows the user to gain access to information or give authorization
without being physically present; this way the user can give authorization by way of a
simple phone call.
Advantages
A couple major advantages of Voice biometrics are:
 Security
 Accuracy
 Convenience
 Shortened Verification/ Speeds
 Protects Privacy
All of these reasons demonstrate voice biometrics as an easy, quick, and safe method for
identifying individuals.
26
Disadvantages
Voiceprints are not a perfected technology; as in every technology based system,
there are still glitches still to be worked out. A way has been configured for unauthorized
users to hack the system by simply obtaining a recording of the authorized person's
password (this is usually by way of phone). To counteract this fraudulent activity, many
systems have randomly chosen passwords or general voiceprints instead of prints for
specific words to decrease possibility of access.
Business Applications
Many companies have freed up a lot of space on their hard drives by the
implementation of voice printing; due to the fact that voice printing eliminates the need
for passwords. Companies such as VoiceVault have created special filters and
algorithms to eliminate background noise as well as to aid in detecting and rejecting any
attempt to use voice recordings . Another good example of this ―special filter‖ is
automated voicemail systems. Many companies have utilized voiceprints to help them in
dealing with their many customers by allowing the voiceprint to acknowledge and
understand what the customer is saying and transfer them to the right department
accordingly.
27
Q.Describe methods of Defense
Security is the process of ensuring the confidentiality, integrity, authenticity, non-
repudiation, and availability of electronic communications and transactions. To ensure
the security of an e-business and e-commerce it is necessary to implement security
policies and technologies that enable trusted electronic transactions and
communalizations. The methods for ensuring security in systems include:
Authentication
Authentication is the process of determining whether someone or something is, in fact,
who or what it is declared to be. In private and public computer networks (including the
Internet), authentication is commonly done through the use of logon pas words.
Knowledge of the password is assumed to guarantee that that user is authentic. Each
user registers initially (or is registered by someone else), using an assigned or self-
declared password. On each subsequent use, the user must know and use the
previously declared password. The weakness in this system for transactions that are-
significant (such as the exchange of money) is that passwords can often be stolen,
accidentally revealed, or forgotten.
For this reason, Internet business and many other transactions require a more stringent
authentication process. The use of digital certificates issued and verified by a Certificate
Authority (CA) as part of a PM is considered likely to become the standard way to
perform authentication on the Internet. Logically, authentication precedes authorization
(although they may often seem to be combined).
Authorization:
Authorization is the process of giving someone permission to do or have something. In
multi-u4er computer systems, a system administrator defines for the system which
users are allowed access to the system and what privileges of use (such as access to
which file directories, hours of access, amount of allocated storage space, and so forth).
Assuming that someone has logged in to a computer operating system or aç4plication,
the system or application may want to identify what resources the user can be given
during this session. Thus, authorization is sometimes seen as both the preliminary
setting up of permissions by a system administrator and the actual checking of the
permission values that have been set up when a user is getting access. Logically,
authorization is preceded by authentication.
Cryptography:
Cryptography mathematical methods and techniques are used to ensure the
confidentiality, integrity and non-repudiation of communications and transactions.
Cryptography will be discussed in detail in next chapter.
Risks Analysis:
In order for an effective security strategy to be implemented, assets must be identified,
probable risks determined, and an approximate value placed on organizational assets.
Value in an intangible electronic medium can sometimes be difficult to determine.
However the enterprise must assess the value of issues like reputation, customer
confidence, financial fraud, disclosure of proprietary information, and trade secrets.
After a detailed risk analysis is conducted, cost- effective e-business and e-commerce
enabling policies, processes, and procedures can be developed to minimize the risk of
unauthorized access and disclosure of organizational assets. Costs associated with
minimizing risks should never exceed the cost of replacing the asset.
Security Policy:
28
It is essential that easy-to-understand and enforceable security policies be documented
and disseminated to all e-business and e-commerce constituencies including employees,
customers, partners, and suppliers. Security policies should clearly define the proper
use of network resources and e-business assets. Roles and responsibilities- need to be
defined for policy creation, revision, and implementation. Security technologies are
designed to implement, monitor, and verify organizational security policies. Processes
and procedures need to be established for the implementation and - maintenance of
authentication, authorization, accounting, and cryptography standards in support of the
e business and e-commerce. In order for a secure e-business and e-commerce initiative
to be effective it Is critical that an organization establish simple and effective ground
rules for the proper use of network resources and assets.
Audit and Assessment:

The purpose of a security assessment is to determine the effectiveness of the
current security infrastructure by identi1 the extent of network-level vulnerabilities and
the organization’s ability to monitor, detect, and respond to network-driven attacks.
Legal framework:
To fight against the crime the cyber laws has been adopted by the various
countries of the world. In 1996, the United Nations Commission on International Trade
Law (UNCITRAL) adopted the UNCITRAL Model Law on Electronic Commerce. Its
consent is to harmonize and unify international trade law to remove unnecessary legal
obstacles. The Model Law is prepared to serve as a model to countries for the evaluation
and modernization of certain aspects of their laws and practices in the field of
commercial relationship involving the use of computerized or other modern
communication technique, and for the establishment of relevant legislation where none
presently exist.
The model law enables or facilitates the use of electronic commerce and provides
equal treatment to users of paper-based documentation and to the users of computer-
based information. Depending on the situation in each enacting State, the Model Law
could be implemented in various ways, either as a single statute or in several pieces of
legislation
In addition to information technology act of .the respective countries the
international rules and regulate has strengthen the power against cyber crimes. The
International Corporation for Assigned Names and Numbers (ICANN) has adopted
Uniform Domain Name Dispute Resolution Policy to resolve domains name disputes.
World Intellectual Property Organization (WIPO) has prepared new copyright treaties viz,
the Copyright treaty, and the Performance and Phonograms treaty to fight against
Intellectual Property and Licensing.
Controls:
Above mentioned methods of defense like authentication, authorization and
cryptography are implemented using various Hardware and Software controls.
Different hardware controls like smart cards, firewalls, intrusion detection system, locks
or cables limiting access, devices to verify user’s identities etc. are used.
Software controls that aids in a secure computing environment are internal
program controls that are themselves parts of the program and enforce security
restrictions, operating system and network. System controls are the limitations enforced
29
by operating systems or networks. Independent control programs are the application
programs which verifies passwords, detect intrusion, scans viruses etc. Quality
standards that are enforced in software development like cycle to prevent software faults
from becoming exploitable vulnerabilities.
30
Q.What is Kerberos and CHAP describe
Ans. Kerberos
Developed as part of MIT’s project Athena, Kerberos is a network authentication protocol
designed for a client/server environment. Taking its name from the three-headed
dog of Greek mythology, Kerberos is designed to work across the Internet, an inherently
insecure environment. Kerberos uses strong encryption so that a client can prove its
identity to a server and the server can in turn authenticate itself to the client. The basis
for authentication in a Kerberos environment is something known as a ticket. Tickets are
granted by the authentication server, which is an entity trusted by both the client and
the server the client wishes to access. The client can then present this ticket to the
server to provide proof of identity. Since the entire session can be encrypted, this will
eliminate the inherently insecure transmission of items such as a password that can be
intercepted on the network. Since the tickets are time-stamped, attempting to reuse
them will not be successful. To illustrate how the Kerberos authentication service works,
think about the common driver’s license. You have received a license that you can
present to other entities to prove you are who you claim to be. Because these other
entities trust the state the license was issued in, they will accept your license as proof of
your identity. The state the license was issued in is analogous to the Kerberos
authentication service. It is the trusted entity both sides rely on to provide valid
identifications. This analogy is not perfect, because we all probably have heard of
individuals who obtained a phony driver’s license, but it serves to illustrate the basic
idea behind Kerberos.
CHAP
CHAP, the Challenge Handshake Authentication Protocol, is used to provide
authentication across a point-to-point link using the Point-to-Point Protocol (PPP). In
this protocol, authentication after the link has been established is not mandatory. CHAP
is designed to provide authentication periodically through the use of a
challenge/response system sometimes described as a three-way handshake, as
illustrated in Figure . The initial challenge (a randomly generated number) is sent to the
client.
The client uses a one-way hashing function to calculate what the response should be
and then sends this back. The server compares the response with what it calculated the
response should be. If it matches, communication continues. If the two values don’t
match, then the connection is terminated. This mechanism relies on a shared secret
between the two entities so that the correct values can be calculated.
Certificates
31
Certificates are a method to establish authenticity of specific objects such as an
individual’s public key (more on this specific subject in Chapter 10) or downloaded
software. A digital certificate is generally seen as an attachment to a message and is
used to verify that the message did indeed come from the entity it claims to have come
from. The digital certificate can also contain a key that can be used to encrypt further
communication.
Tokens
A token is a hardware device that can be used in a challenge/response authentication
process. In this way, it functions as both a something-you-have and something- you-
know authentication mechanism. There have been several variations on this type of
device, but they all work on the same basic principles. The device has an LCD screen
and may or may not have a numeric keypad. Devices without a keypad will display a
password (often just a sequence of numbers) that changes at a constant interval, usually
about every 60 seconds. When an individual attempts to log in to a system, they enter
their own user identification number and then the number that is showing on the LCD.
The system knows which device they have and is synchronized with it so that it will
know the number that should have been displayed. Since this number is constantly
changing, a potential attacker who is able to see the sequence will not be able to use it
later, since the code will have changed. Devices with a keypad work in a similar fashion
(and may also be designed to function as a simple calculator). The individual who wants
to log in to the system will first type their personal identification number into the
calculator. They will then attempt to log in. The system will then provide a challenge;
the user must enter that challenge into the calculator and press a special function key.
The calculator will then determine the correct response and display it. The user provides
the response to the system they are attempting to log in to, and the system verifies that
this is the correct response. Since each user has a different PIN, two individuals
receiving the same challenge will have different responses. The device can also use the
date or time as a variable for the response calculation so that the same challenge at
different times will yield different responses, even for the same individual.
Multifactor
Multifactor is a term used to describe the use of more than one authentication
mechanism at the same time. An example of this is the hardware token, which requires
both a personal identification number or password and the device itself to determine the
correct response in order to authenticate to the system. This means that both the
something- you-have and something-you-know mechanisms are used as factors in
verifying authenticity of the user. Biometrics are also often used in conjunction with a
personal identification number so that they too can be used as part of a multifactor
authentication scheme, in this case something you are as well as something you know.
The purpose of multifactor authentication is to increase the level of security, since more
than one mechanism would have to be spoofed in order for an unauthorized individual
to gain access to a computer system or network. The most common example of
multifactor security is the common ATM card most of us have in our wallets.
Mutual Authentication
32
Mutual authentication is a term used to describe a process in which each side of an
electronic communication verifies the authenticity of the other. We are used to the idea
of having to authenticate ourselves to our Internet service provider (ISP) before we
access the Internet, generally through the use of a user identification/password pair,
but how do we actually know that we are really communicating with our ISP and not
some other system that has somehow inserted itself into our communication (a man-in-
the-middle attack). Mutual authentication would provide a mechanism for each side of a
client/ server relationship to verify the authenticity of the other to address this issue.
B
o
a
r
d
Q
u
e
s
t
i
o
n
P
a
p
e
r
S
o
l
u
t
i
o
n
Sample Paper -1
a. List and Describe basic components of computer security
Ans.Refer Q.No.
b. Describe the of denial of service attack with help of diagram.

Ans.Refer Q.No.
c. What is virus and Worms? Describe the virus spreading mechanism.
33
Ans.Refer Q.No.
d. Describe Threat , Vulnerability and attack as characteristics of Computer

Ans.Refer Q.No.
Sample Paper – II
a. Describe Criminal organization and Terrorist and Information warfare.
Ans.Refer Q.No.
b. What is attack, Describe DOS , DDOS , POD.

Ans.Refer Q.No.
c. Describe stealth virus , polymorphic virus , macro Virus ,Boot sector

virus.
Ans.Refer Q.No.
d. Describe in details different layers of security.

Ans.Refer Q.No.
e. What is threat , describe Interruption , modification , fabrication related

to threat.
Ans.Refer Q.No.
Winter 2008
a. Describe the following terms:
(i)Overwriting viruses (ii)Stealth viruses
Ans.Refer Q.No.
b. Describe the different phase of viruses

Ans. Refer Q.No.
c. What is computer security? Describe any three function of computer

security
Ans. Refer Q.No.
d. With neat sketch diagram, explain the following:

(i) SYN flood attack (ii) Bucket-Bridge attack
Ans. Refer Q.No.
Summer 2009
a. Describe the term authentication. Explain authenticity
Ans. Refer Q.No.
b. Describe the term virus and worms with example.

Ans. Refer Q.No.
Winter 2009
a. Compare Intruders and Insiders.
34
Ans. Refer Q.No.
b. Explain denial of service attack

Ans. Refer Q.No.
c. Explain different methods of authentication.

Ans. Refer Q.No.
d. What are the different ways of spoofing ? Explain

Ans. Refer Q.No.
Summer 2010
a. List and describe basic component of computer security.
Ans. Refer Q.No.
b. Define the terms data security, information security n/w security and
computer security
Ans. Refer Q.No.
c. What is virus and worm? Describe the worms spreading mechanism

Ans. Refer Q.No.
d. Describe Sniffing and Spoofing.

Ans. Refer Q.No.
e. Describe Trojan horse, Rabbit Bacterium and Scavenging.

Ans. Refer Q.No.
Question Bank
Chapter-1
Q1. Describe the basic components of Computer Security.
Q2. Differentiate between Viruses and Worms.
Q3. Describe the term Viruses.
Q4. Describe the term Worms,
Q5. Describe the term Trojan Horse.
Q6. Describe the term Logic Bombs.
Q7. Discuss why insiders are considered such a threat to organization?
Q8. What is Threats? Describe all types of Threats.
Q9. Describe the importance of Security.
Q10. What are the main types of PC Viruses?
Q11. Describe the term Polymorphic Virus.
Q12. List different types of attacks.
Q13. Describe the two categories of Viruses.
Q14. List the Triggers of the Virus Attack,
Q15. Describe the steps for protection against viruses.
Q16. Draw the structure of a worm.
Q17. Describe two example of worm.
Q18. What is meant by Attacks? List the types of Attack.
35
Q19. What is meant by Backdoors Attack?
Q20. What is meant by Trapdoors Attack?
Q21. Explain the operational model of computer security?
Q22. Explain in why the criminal organizations are to flow into the structured threat
category?
Q23. What is Information warfare? Why many nations are conducting Information
warfare?
Q24. What are different possible ways of attack?
Q25. Explain the Backdoor and Trapdoor attacks?
Q26. What are different ways of spoofing?
Q27. Describe the term Denial of Service (DOS) Attack.
Q28. Describe the term Sniffing.
Q29. Describe the term Spooling Attack.
Q30. Draw and describe the Man-in-the Middle Attack.
Q31. What is TCP/IP Hijacking?
Q32. What is CIA of a security?
Q33. what are layers of security?
Q34. Explain different models of access controls?
Q35. Explain different methods of authentication?
Q36. Describe the basic components of Computer Security?
Q37. Differentiate between Viruses And Worms.
Q38. What is Threats? Describe all types of Threats.
Q39. What are the main types of PC Viruses?
Q40. Describe the two categories of Viruses.
Q41. List the triggers of the Virus Attack.
Q42. Describe the steps for protection against viruses.
Q43. Describe the term TCP/IP Hijacking
Q44. Describe the term Boot Sector Viruses.
Q45. Describe the layers of the Computer Security.
Q46. Describe the two methods used in Mandatory Access Control.
Q47. Describe two Access Control Techniques.
Q48. Describe the term Memory Resident Viruses.
Q49. Describe the term TCP/IP Hijacking.
Q50. Describe the term Encryption Attacks.
Q51. Describe the term Malware.
Q52. List the types of Malicious Code.
Q53. List the characteristics of Virus.
Q54. Describe the term Boot Sector Viruses.
Q55. Describe the term Memory Resident Viruses.
Q56. Describe the details of Security Basics.
Q57. Describe the layers of Computer Security.
Q58. Describe two Access Control Techniques.
Q59. What are the two concept in Discretionary Access Control?
Q60. Describe the two methods used in Mandatory Access Control.
Q61. Describe the three primary rules for role Based Access Control
Q62. What is Authentication? List the two example.
Q63. Write a short note on
- DOS
- Sniffing
36
- Viruses
- Man-In-Middle attack
37

Chapter-2-Identification Authentication and Operation Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter-2-Identification Authentication and Operation Security

Uploaded by

Copyright:

Available Formats

Chapter-2 : Computer Security – Gscheme -- 2014

Identification, Authentication and

Role of people in Security

People—A Security Problem

Poor Security Practices

What is Role of People in Security

Password Selection Policies

Piggybacking and Shoulder Surfing

Installing Unauthorized Hardware and Software

Reverse Social Engineering

People as a Security Tool

Individual User Responsibilities

Policies, Procedures, Standards, and Guidelines

Procedures are the step-by-step instructions on how to implement policies in the

Control against power supply problems

Controls for physical access/authentication

Controls for protection of Hardware

Controls for declassification and removing electronic waste

Controls against emanation

Controls for trusted human resources

To further illustrate, consider another example. When you go to your bank to

Discretionary Access Control

computing system, discretionary access controls are ―a means of restricting access to

Role-Based Access Control

Q.Write short note on Authentication

A biometric system can be either an 'identification' system or a 'verification'

Identification - One to Many: Biometrics can be used to determine a person's identity

Biometric authentication requires to compare a registered or enrolled biometric sample

Behavioral are related to the behavior of a person.

Physiological vs. Behavioral Biometrics

Physiological biometrics analyzes the physiological characteristics of an individual.

(Above Shown Block Diagram can be used)

A biometric system can operate in the following two modes

Verification - A one to one comparison of a captured biometric with a stored template to

Identification - A one to many comparison of the captured biometric against a

Problems and Implementation

Future Implementation Problems

The Future of DNA Biometrics

How Keystroke Dynamics Work?

Audit and Assessment:

b. Describe the of denial of service attack with help of diagram.

c. What is virus and Worms? Describe the virus spreading mechanism.

d. Describe Threat , Vulnerability and attack as characteristics of Computer

b. What is attack, Describe DOS , DDOS , POD.

c. Describe stealth virus , polymorphic virus , macro Virus ,Boot sector

d. Describe in details different layers of security.

e. What is threat , describe Interruption , modification , fabrication related

b. Describe the different phase of viruses

c. What is computer security? Describe any three function of computer

d. With neat sketch diagram, explain the following:

b. Describe the term virus and worms with example.

b. Explain denial of service attack

c. Explain different methods of authentication.

d. What are the different ways of spoofing ? Explain

c. What is virus and worm? Describe the worms spreading mechanism

d. Describe Sniffing and Spoofing.

e. Describe Trojan horse, Rabbit Bacterium and Scavenging.

You might also like