Professional Documents
Culture Documents
Reviewer
Reviewer
1. Computer Security - generic name for the collection of Code An algorithm for transforming an intelligible
tools designed to protect data and to thwart hackers. message into an unintelligible one using a code-book
A. Symmetric key
B. Public key
Using this model requires us to: A source produces a message in plaintext, X = [X1, X2… XM]
where M, are the number of letters in the message. A key
Select appropriate gatekeeper functions to
of the form K = [K1, K2… KJ] is generated. If the key is
identify users.
generated at the source, then it must be provided to the
Implement security controls to ensure only
destination by means of some secure channel.
authorized users access designated information or
resources. With the message X and the encryption key K as input, the
Trusted computer systems can be used to encryption algorithm forms the cipher text Y = [Y1, Y2, YN].
implement this model. This can be expressed as Y = EK(X).
Conventional Encryption
The intended receiver, in possession of the key, is able to
Referred conventional / private-key / single-key. invert the transformation: X = DK(Y)
Sender and recipient share a common key An opponent, observing Y but not having access to K or X,
may attempt to recover X or K or both. It is assumed that
All classical encryption algorithms are private-key was only
the opponent knows the encryption and decryption
type prior to invention of public key in 1970‟
algorithms.
plaintext - the original message.
If the opponent is interested in only this particular
message, then the focus of effort is to recover X by
generating a plaintext estimate. Often if the opponent is
interested in being able to read future messages as well, in
which case an attempt is made to recover K by generating
an estimate.
The key is a value independent of the plaintext. Changing A substitution technique is one in which the letters of
the key changes the output of the algorithm. Once the plaintext are replaced by other letters or by numbers or
cipher text is produced, it may be transmitted. Upon symbols. If the plaintext is viewed as a sequence of bits,
reception, the cipher text can be transformed back to the then substitution involves replacing plaintext bit patterns
original plaintext by using a decryption algorithm and the with cipher text bit patterns.
same key that was used for encryption. The security
depends on several factors. First, the encryption algorithm
must be powerful enough that it is impractical to decrypt a Caesar cipher (or) shift cipher
message on the basis of cipher text alone. Beyond that, the
The earliest known use of a substitution cipher and the
security depends on the secrecy of the key, not the secrecy
simplest was by Julius Caesar. The Caesar cipher involves
of the algorithm.
replacing each letter of the alphabet with the letter
Two requirements for secure use of symmetric standing 3 places further down the alphabet.
encryption:
Playfair cipher
1. A strong encryption algorithm
The best known multiple letter encryption cipher is the
2. A secret key known only to sender / receiver playfair, which treats digrams in the plaintext as single units
and translates these units into cipher text digrams. The
Y = EK(X)
playfair algorithm is based on the use of 5x5 matrix of
X = DK(Y)
assume encryption algorithm is known letters constructed using a keyword. Let the keyword be
implies a secure channel to distribute key „monarchy‟. The matrix is constructed by filling in the
letters of the keyword (minus duplicates) from left to right
and from top to bottom, and then filling in the remainder GDPR and other laws mean that cyber security is no
of the matrix with the remaining letters in alphabetical longer something businesses of any size can ignore.
order. Security incidents regularly affect businesses of all sizes
and often make the front page causing irreversible
The letter “I‖ and “j‖ count as one letter. Plaintext is
reputational damage to the companies involved.
encrypted two letters at a time According to the following
rules: The importance of cyber security
1. To communicate and share information and There are a variety of security standards that must be
2. To communicate selectively. followed at all times, and these standards are implemented
These two needs gave rise to the art of coding the and highlighted by the OWASP. Most experienced web
messages in such a way that only the intended people developers from top cyber security companies will follow
could have access to the information. the standards of the OWASP as well as keep a close eye on
the Web Hacking Incident Database to see when, how, and
Earlier cryptography was effectively synonymous with
why different people are hacking different websites and
encryption but nowadays cryptography is mainly based on
services.
mathematical theory and computer science practice.
Available Technology
Modern cryptography concerns with:
There are different types of technologies available for
1. Confidentiality - Information cannot be
maintaining the best security standards. Some popular
understood by anyone.
2. Integrity - Information cannot be altered. technical solutions for testing, building, and preventing
3. Non-repudiation - Sender cannot deny his/her threats include:
intentions in the transmission of the information at Likelihood of Threat
a later stage.
4. Authentication - Sender and receiver can Black box testing tools
confirm each. Fuzzing tools
Cryptography is used in many applications like banking White box testing tools
transactions cards, computer passwords, and e- commerce Web application firewalls (WAF)
transactions. Security or vulnerability scanners
Password cracking tools
Three types of cryptographic techniques used in general. Your website or web application‟s security depends on
1. Symmetric-key cryptography the level of protection tools that have been equipped and
2. Hash functions. tested on it. There are a few major threats to security
3. Public-key cryptography which are the most common ways in which a website or
Symmetric-key Cryptography: Both the sender and web application becomes hacked. Some of the top
receiver share a single key. vulnerabilities for all web-based services include:
Firewall features All traffic from inside to outside, and vice versa, must
pass through the firewall.
General Firewall Features
Port Control o This is achieved by physically blocking all access
Network Address Translation to the local network except via the firewall.
Application Monitoring
Various configurations are possible. Only authorized
Packet Filtering
Access control traffic, as defined by the local security policy, will be
allowed to pass. Various types of firewalls are used, which
Additional features implement various types of security policies.
Data encryption
The firewall itself is immune to penetration. This implies
Authentication
that use of a trusted system with a secure operating
Connection relay (hide internal network)
reporting/logging system.
e-mail virus protection FOUR TECHNIQUES that firewall use to control access and
spy ware protection enforce the site‟s security policy is as follows:
Use one or both methods 1. Service control – determines the type of internet
Packet filtering services that can be accessed, inbound or outbound.
Proxy service
2. Direction control – determines the direction in which
It protects from particular service request may be initiated and allowed to
Remote logins flow through the firewall.
IP spoofing
3. Behavior control – controls how particular services are
Source addressing
used.
SMTP session hijacking
Spam Capabilities of firewall
Denial of service
E-mail bombs… A firewall defines a single choke point that keeps
unauthorized users out of the protected network, prohibits
Firewall design principles potentially vulnerable services from entering or leaving the
network, and provides protection from various kinds of IP
Internet connectivity is no longer an option for most
spoofing and routing attacks.
organizations. However, while internet access provides
benefits to the organization, it enables the outside world to
A firewall provides a location for monitoring security Interface – for a router with three or more ports,
related events. Audits and alarms can be implemented on which interface of the router the packet come from
the firewall system. or which interface of the router the packet is
destined for.
A firewall is a convenient platform for several internet
functions that are not security related. A firewall can serve
as the platform for IPsec.
Limitations of firewall
Advantages of application level gateways The Bastion host serves as a platform for an application
Tend to be more secure than packet filters. level and circuit level gateway.
It is easy to log and audit all incoming traffic at Common characteristics of a Bastion host are as follows:
the application level.
A prime disadvantage is the additional processing The Bastion host hardware platform executes a
overhead on each connection. secure version of its operating system, making it a
trusted system.
Figure 3: Screened-subnet firewall system Each entry in the matrix indicates the access rights of that
subject for that object. The matrix may be decomposed by
One way to enhance the ability of a system to defend
columns, yielding access control lists. Thus, for each object,
against intruders and malicious programs is to implement
an access control list lists users and their permitted access
trusted system technology.
rights.
Data access control
The access control list may contain a default, or public,
Following successful logon, the user has been granted entry.
access to one or set of hosts and applications.
a. Access matrix Access control list for Program1:
This is generally not sufficient for a system that includes 1. Process1 (Read, Execute) Access control list for
sensitive data in its database. Segment A:
2. Process1 (Read, Write) Access control list for
Through the user access control procedure, a user can be Segment B: Process2 (Read)
identified to the system. b. Access control list Capability list for Process1: Program1
Associated with each user, there can be a profile that (Read, Execute) Segment A (Read) Capability list for
specifies permissible operations and file accesses. The Process2: Segment B (Read)
operating system can then enforce rules based on the user c. Capability list Decomposition by rows yields capability
profile. The database management system, however, must tickets. A capability ticket specifies authorized objects and
control access to specific records or even portions of operations for a user.
records. Each user has a number of tickets and may be
authorized to loan or give them to others. Because
The operating system may grant a user permission to tickets may be dispersed around the system, they present a
access a file or use an application, following which there greater security problem than access control lists.
are no further security checks, the database management
system must make a decision on each individual access In particular, the ticket must be un-forgeable. One way to
attempt. That decision will depend not only on the user‘s accomplish this is to have the operating system hold all
identity but also on the specific parts of the data being tickets on behalf of users. These tickets would have to be
accessed and even on the information already divulged to held in a region of memory inaccessible to users.
the user.
The concept of Trusted Systems When multiple Host Security
categories or levels of data are defined, the requirement is
Host Security refers to securing the operating system, file
referred to as multilevel security.
system and the resources of the Host from unauthorized
The general statement of the requirement for multilevel access or modification or destruction.
security is that a subject at a high level may not convey
This is in contrast to things like: firewalls and VPNs
information to a subject at a lower or non-comparable level
(network security) or Apache or Oracle penetration testing
unless that flow accurately reflects the will of an
(application security).
authorized user. For implementation purposes, this
requirement is in two parts and is simply stated. Doing a good job at Host Security on all of your hosts is
one of the most important ways to prevent break-ins.
A multilevel secure system must enforce: