Professional Documents
Culture Documents
COMPUTER DATA
- often travels from one computer to another, leaving the safety of its
protected physical surroundings.
CRYPTOGRAPHY
- can reformat and transform our data, making it safer on its trip between
computers.
- The technology is based on the essentials of secret codes, augmented by
modern mathematics that protects our data in powerful ways.
BASIC CONCEPT
1
C. CIPHER - An algorithm for transforming an intelligible message into one
that is unintelligible by transposition and/or substitution methods.
D. KEY - Some critical information used by the cipher, known only to the
sender & receiver.
E. ENCIPHER (encode) - The process of converting plaintext to cipher text
using a cipher and a key.
F. DECIPHER (decode) - the process of converting ciphertext back into
plaintext using a cipher and a key.
CRYPTANALYSIS
- The study of principles and methods of transforming an unintelligible message
back into an intelligible message without knowledge of the key. Also called
code breaking.
B. Number of key
1. Symmetric key
2. Public Key
2
Cryptanalysis
- The process of attempting to discover X or K or both is known as cryptanalysis.
The strategy used by the cryptanalysis depends on the nature of the encryption
scheme and the information available to the cryptanalyst.
There are various types of cryptanalytic attacks based on the amount of information
known to the cryptanalyst:
SECURITY SERVICES
1. CONFIDENTIALITY
- Ensures that the information in a computer system and transmitted
information are accessible only for reading by authorized parties. E.g.
Printing, displaying and other forms of disclosure.
2. AUTHENTICATION
- Ensures that the origin of a message or electronic document is correctly
identified, with an assurance that the identity is not false.
3. INTEGRITY
- Ensures that only authorized parties are able to modify computer system
assets and transmitted information. Modification includes writing,
changing status, deleting, creating and delaying or replaying of
transmitted messages.
4. NON REPUDIATION
- Requires that neither the sender nor the receiver of a message be able to
deny the transmission.
5. ACCESS CONTROL
- Requires that access to information resources may be controlled by or the
target system.
6. AVAILABILITY
- Requires that computer system assets be available to authorized parties
when needed.
3
Security Mechanisms
- One of the most specific security mechanisms in use is cryptographic
techniques. Encryption or encryption-like transformations of information are
the most common means of providing security.
SECURITY ATTACKS
1. INTERRUPTION
- An asset of the system is destroyed or becomes unavailable or unusable.
- This is an attack on availability
2. INTERCEPTION
- An unauthorized party gains access to an asset.
- This is an attack on confidentiality.
3. MODIFICATION
- An unauthorized party not only gains access to but tampers with an
asset.
- This is an attack on integrity.
4. FABRICATION
- An unauthorized party inserts counterfeit objects into the system.
- This is an attack on authenticity.
4
SYMMETRIC KET AND PUBLIC KEY ALGORITHM
CONVENTIONAL ENCRYPTION
● Referred conventional / private-key / single-key.
● Sender and recipient share a common key
5
1970 - All classical encryption algorithms are private-key only type prior to invention of
the public key.
● Y = EK(X)
● X = DK(Y)
ENTERPRISE SECURITY
- dealing with providing confidentiality, integrity, authentication, authorization
and non-repudiation related to the entire organization‟s computing resources.
CYBER SECURITY
- it encompasses everything that pertains to protecting our sensitive data.
6
● Communicate data breaches
● Appoint a data-protection officer
● Require user consent to process information
● Anonymize data for privacy
INFORMATION THEFT
- The most expensive and fastest growing segment of cybercrime.
CYBERCRIMINALS
- are becoming more sophisticated, changing what they target, how they affect
organizations and their methods of attack for different security systems.
SOCIAL ENGINEERING
- remains the easiest form of cyber-attack with ransomware and phishing being
the easiest form of entry.
Data branches can involve financial information like:
1. Credit card number / bank account details
2. Protected health information (PHI)
3. Personally identifiable information (PII)
4. Trade secrets
5. Intellectual property
6. And other targets of industrial espionage.
lack of focus on cyber security can damage your business in range of ways including:
1. Economic costs
- Theft of intellectual property, corporate information, disruption in trading
and the cost of repairing damaged systems
2. Reputational costs
- Loss of consumer trust, loss of current and future customers to
competitors and poor media coverage
3. Regulatory costs
- GDPR and other data breach laws mean that your organization could
suffer from regulatory fines or sanctions as a result of cybercrimes.
Laundry list of Companies who are household names that have been affected:
1. EQUIFAX
- cybercrime identity theft (approximately 145.4 M usd)
7
2. EBAY
- victim of breach of encrypted password, which resulted in asking all of its
145M users (february to march 2014)
3. ADULT FRIEND FINDER
- Hackers collected 20 years of data on its six databases
4. YAHOO
- Group of hackers had compromised 1B accounts (August 2013)
CYBERDEFENSE
CYBERDEFENSE
- Computer network defense mechanism w/c includes response to action and
critical infrastructure protection.
- Focuses on preventing, detecting, and providing timely response.
- Essential for most entities in order to protect sensitive info.
business to protect itself against attack and respond to a rapidly evolving threat
landscape. This will include:
● Cyber prevention
● Preventative controls
● Attack detection
● Reaction and response
8
C2 : BRIEF OVERVIEW OF COMMERCIAL ISSUES ON SECURITY
BSIT - 3A SUMMER CLASS | INFORMATION ASSURANCE AND SECURITY 2
MODERN CRYPTOGRAPHY
1. Symmetric-key cryptography
- Both the sender and receiver share a single key.
2. Hash functions
- No key is used in this algorithm
3. Public-key cryptography
- two related keys (public and private key) are used.
WEB SECURITY
- Known as “Cyber Security”
- Basically means protecting a website.
Available Technology (technical solution for testing, building, and preventing threts)
Likelihood of Threats:
1. Black box tools
2. Fuzzing tool
3. White box tool
4. Web application firewall (WAF)
5. Security or vulnerability scanner
6. Password cracking tool
9
Top Vulnerabilities for all web-based services:
1. SQL injection
2. Password breach
3. Cross-site scripting
4. Data breach
5. Remote file inclusion
6. Code injection
Two big defense strategies that a developer can use to protect their website:
_________
10
FIREWALL SECURITY
● Minimize external access to LAN
● Done by means of firewall and proxy server
● Firewall provide a secure interface b/w an inner and outer
● Requires hardware and software to implement
FIREWALL FEATURES
● Additional Feature:
1. Data Encryption
2. Authentication
3. Connection relay (hide internal network)
● It protects from:
1. Remote logins
2. Ip spoofing
11
3. Source addressing
4. SMTP session hijacking
5. Spam
6. Denial of Service
7. E-mail bombs
1. Service control
- determines the type of internet services that can be accessed,
inbound or outbound.
2. Direction control
- determines the direction in which particular service request may
be initiated and allowed to flow through the firewall.
3. User control
- Controls access to a service according to w/c users are attempting
to access.
4. Behavior Control
- Controls how particular services are used.
12
- Defines the transport protocol
5. Interface
- Router w/c 3 or more ports.
Advantage:
● Simple Transparent to user
● Very Fast
Weakness:
● Do not examine upper layer data
● Limited info available to the firewall
● Not support advance user authentication
● Generally vulnerable to attacks
13
2. Application-Level Gateway / Proxy Server Firewall
- called a proxy server, acts as a relay of application level traffic.
Advantage:
● More secure than packet filter
● Easy to log and audit
Disadvantage:
● Additional overhead on each connection
3. Circuit-Level Gateway
- stand-alone system or it can be a specified function.
- Don’t allow end to end TCP connection
14
3 COMMON FIREWALL CONFIGURATION
15