Computer Security

Chapter 1
Introduction to Security
 What is computer Security?

 The terms Computer security, network security and information security are often
used interchangeably.
 Network security is generally taken as providing protection at the boundaries of
an organization by keeping out intruders or hackers.
 Network security starts from authenticating the user, commonly with a username
and a password.
 Once authenticated, a firewall enforces access policies such as what services are
allowed to be accessed by the network users.
Continued
Information security, however, explicitly focuses on protecting data resources from
malware attack or simple mistakes by people within an organization by use of data loss
prevention (DLP) techniques.
DLP techniques are used to identify sensitive data (in motion, at rest, or in use).

•Computer security is the protection of the items you value, called the assets of a
computer or computer system. There are many types of assets, involving hardware,
software, data, people, processes, or combinations of these.
•Computer systems—hardware, software, and data—have value and deserve security
protection.
Security services
Security services are as follow.

Confidentiality:
•Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals
or systems.
•For example, a credit card transaction on the Internet requires the credit card number to be transmitted
from the buyer to the merchant and from the merchant to a transaction processing network.

Integrity
•In information security, integrity means that data cannot be modified undetectably.
Security services
Availability
•The information must be available when it is needed.
•This means that the computing systems used to store and process the information, the
security controls used to protect it, and the communication channels used to access it must be
functioning correctly.
•High availability systems aim to remain available at all times, preventing service disruptions
due to power outages, hardware failures, and system upgrades.
Authenticity
•In computing, e-Business and information security it is necessary to ensure that the data,
transactions, communications or documents are genuine.
•It is also important for authenticity to validate that both parties involved are who they claim
they are.
 Security services

Access control
•Access to protected information must be restricted to people who are authorized to
access the information.
•The computer programs, and in many cases the computers that process the information,
must also be authorized.
•This requires that mechanisms be in place to control the access to protected information.
 The Vulnerability–Threat–Control Paradigm
The goal of computer security is protecting valuable assets.
o A Vulnerability is a weakness in the system, for example, in procedures, design,
or implementation, that might be exploited to cause loss or harm.
o For instance, a particular system may be vulnerable to unauthorized data
manipulation because the system does not verify a user’s identity before allowing
data access.
o A threat is a breach of security which can be either natural, physical, or
accidental examples of these include flood, fire, earthquake, electrical spark,
manufacturer error, vandalism and so on.
o A threat is a set of circumstances that could cause harm.
o A threat to a computing system is a set of circumstances that has the potential to
cause loss or harm.
 The Vulnerability–Threat–Control Paradigm
We can classify the security attacks as
•Passive attacks: A passive attack attempts to learn or make use of information from the system
but does not affect the system resources. The passive attackers are in the nature of
eavesdropping(secretly listen to a conversation) on, or monitoring of transmissions with a goal of
obtaining information being transmitted.
•The passive attacks are very difficult to detect because they do not involve any alteration of data.
Measures are available to prevent their success.
•Two types of passive attacks are: - release of message content and traffic analysis.
o Release of message content: The process of preventing an opponent from learning the
contents of transmissions
o Traffic analysis: The process of guessing the information being transmitted by observing
the frequency and length of message being exchanged.
oActive attack: Active attacks attempts to alter system resources or affects their operation. It is
very difficult to prevent active attacks absolutely.
 Classification of active attacks/threats:
• These threats can be classified as:
• Interruption
• Interception
• Modification
• Fabrication
• Interruption
• happens when an asset is destroyed or becomes unavailable or cannot be used.
This is an attack on the availability of the system. Diagram (b) shows how
interruption can occur.
 Continued
•  Examples of interruption are destruction of a piece of hardware, the cutting
of cable and disabling of a file management system.
Interception:
• Interception occurs when any unauthorized unit gains access to an asset. This
attack means that there is no privacy therefore it is an attack on
confidentiality. The unauthorized unit or party could be an individual, a
program or even another computer. Diagram (c) reveals the nature of
interception.
• Examples of interception can be seen
in wiretapping to capture data into a
network and coping of files which is not permitted.
 Modification:
• If an unauthorized party gains access to a system and make some changes to
it, then this tampering is known as Modification. This medication is an attack
on the integrity of the system or the organization. Diagram (d) depicts this
attack.
• Examples of such tampering includes the
changing of values in a file, altering a
program so that it performs differently and
changing the contents of messages that are
sent over the network.
 Fabrication:
• If an unauthorized party gains access to the system and inserts false objects
into it, this is Fabrication and it degrades the authenticity of the system.
Diagram (e) reflects this information.

• Examples: of such an attack include a hacker gaining access to a person’s

email and sending messages. This makes the recipients believe that it is indeed
the person sending the message when it is in fact not so OR it could be
addition of records to a file.
 Security mechanism
• A mechanism that is designed to detect, prevent or recover the system from
the security attacks. The security mechanisms are as follow.
• Decipherment: The use of mathematical algorithms to transfer the data into a form
that is not readily intelligible.
• Digital signatures: Used to protect the data against forgery. Digital signature
appended to the data unit that allows a recipient of the data unit to prove the source
and integrity of the data unit.
• Access Control: These mechanisms enforce access rights to resources.

• Data integrity: A variety of mechanisms are used to assure the integrity of data unit.
 Security mechanism
o Authentication exchange: A mechanism intended to ensure the identity of an entity by
means of information exchange.
o Traffic padding: The insertion of bits into gaps in a data stream to control traffic
analysis attacks
o Notarization: The use of trusted third party to assure certain properties of a data
exchange.
o Routing control: Enables selection of particular physically secure routes for certain
data and allows routing changes.
 A Model for network security
A model for network security contains six different parts.
• Plain text: The message with the sender.
• Encryption algorithm: which will convert the plain text into unreadable form
• Cipher text: It consists of scrambled information.
• Decryption algorithm: Which will convert the cipher text into plain text back
• Sender: The device which is sending the message
• Receiver: The device which is receiving the message.
Diagram: A model for network security in class
Room
This general model shows that there are four basic tasks in designing a security
service:
• Designing an algorithm for performing the security related transformation.

• Generate the secret information to be used with the algorithm.

• Develop a method for distribution and sharing of the secret information

• Specify a protocol to be used by the two principals that make use of security
algorithm and the secret information to achieve a particular security service.
አዘመዘግዝናዛለዘሁዝ!!!
Thank you!!!

17