Professional Documents
Culture Documents
Lecture 2
Lecture 2
Cyber Security
Lecture #2
Dr. Bhavani Thuraisingham
12/04/23 03:54
13-2
Outline
0 What is Cyber Security?
0 What is C. I. A.?
0 Ten Major Modules of Cyber Security
12/04/23 03:54
13-3
Cyber Security
0 Security traditionally has been about CIA (Confidentiality, Integrity,
Availability)
0 Security now also includes areas like Trustworthiness, Quality,
Privacy
0 Dependability includes Security, Reliability and Fault Tolerance
0 Initially the term used was Computer Security (Compusec); it then
evolved into Infosec – Information security – to include data and
networks – now with web its called Cyber Security
12/04/23 03:54
13-4
C. I.A.
0 Confidentiality: Preventing from unauthorized disclosure
0 Integrity: Preventing from unauthorized modification
0 Availability: Preventing denial of service
12/04/23 03:54
13-5
13-6
13-7
Access Control
0 Security Principles
0 Identification, Authentication, Authorization, Accountability
0 Access Control Models
0 Access Control techniques
0 Access Control Administration
0 Access Control Methods
0 Access Control Types
0 Accountability
0 Access Control practices
0 Access Control Monitoring
0 Threats to Access Control
12/04/23 03:54
13-8
13-9
13-10
13-11
Cryptography
0 History, Definitions and Concepts
0 Types of Ciphers
0 Methods of Encryption
0 Type of Asymmetric Systems
0 Message Integrity
0 PKI
0 Key Management
0 Link / End-to-end Encryption
0 Email standards
0 Internet security
0 Attacks
12/04/23 03:54
13-12
13-13
Applications Security
0 Database Security
0 Software and applications security issues
0 Secure systems development
0 Application development and security
0 Object-oriented systems and security
0 Distributed computing and security
0 Expert systems and security
0 Web security
0 Mobile code
0 Patch management
12/04/23 03:54
13-14
Operations Security
0 Role of the Operations Department
0 Administrative Management
0 Assurance Levels
0 Configuration management
0 Media Controls
0 Data Leakage
0 Network and Resource Availability
0 Mainframes
0 Email Security
0 Vulnerability testing
12/04/23 03:54
13-15
13-16
Security Management, Administration and
Governance
0 Information security (ISec) describes activities that relate to the
protection of information and information infrastructure assets
against the risks of loss, misuse, disclosure or damage. Information
security management (ISM) describes controls that an organization
needs to implement to ensure that it is sensibly managing these
risks.
0 The risks to these assets can be calculated by analysis of the
following issues:
0 Threats to your assets. These are unwanted events that could cause
the deliberate or accidental loss, damage or misuse of the assets
0 Vulnerabilities. How susceptible your assets are to attack
0 Impact. The magnitude of the potential loss or the seriousness of the
event.
12/04/23 03:54
13-17
Security Management, Administration and
Governance
0 Standards that are available to assist organizations implement the
appropriate programs and controls to mitigate these risks are for
example BS7799/ISO 17799, Information Technology Infrastructure
Library and COBIT.
0 Information Security Governance, Information Security Governance
or ISG, is a subset discipline of Corporate Governance focused on
information Security systems and their performance and risk
management.
0 Establish and maintain a framework to provide assurance that
information security strategies are aligned with business objectives
and consistent with applicable laws and regulations
12/04/23 03:54
13-18
Security Management, Administration and
Governance
0 Develop the information security strategy in support of business
strategy and direction.
0 Obtain senior management commitment and support
0 Ensure that definitions of roles and responsibilities throughout the
enterprise include information security governance activities.
0 Establish reporting and communication channels that support
information security governance activities.
0 Identify current and potential legal and regulatory issues affecting
information security and assess their impact on the enterprise.
0 Establish and maintain information security policies that support
business goals and objectives.
0 Ensure the development of procedures and guidelines that support
information security policies.
0 Develop business case for information security program
investments.
12/04/23 03:54
13-19
13-20
13-21
Information Classification
0 It is essential to classify information according to its actual value
and level of sensitivity in order to deploy the appropriate level of
security.
0 A system of classification should ideally be:
- simple to understand and to administer
- effective in order to determine the level of protection the
information is given.
- applied uniformly throughout the whole organization (note:
when in any doubt, the higher, more secure classification
should be employed).
12/04/23 03:54
13-22
Information Classification
0 With the exception of information that is already in the public
domain, information should not be divulged to anyone who is not
authorized to access it or is not specifically authorized by the
information owner.
0 Violations of the Information Classification Policy should result in
disciplinary proceedings against the individual.
0 Number of information classification levels in an organization
should be a manageable number as having too many makes
maintenance and compliance difficult.
12/04/23 03:54
13-23
Information Classification
0 Top Secret: Highly sensitive internal documents and data. For
example, impending mergers or acquisitions, investment strategies,
plans or designs that could seriously damage the organization if lost
or made public. Information classified as Top Secret has very
restricted distribution indeed, and must be protected at all times.
Security at this level is the highest possible.
0 Highly Confidential: Information which is considered critical to the
organization’s ongoing operations and could seriously impede or
disrupt them if made shared internally or made public. Such
information includes accounting information, business plans,
sensitive information of customers of banks (etc), patients' medical
records, and similar highly sensitive data. Such information should
not be copied or removed from the organization’s operational
control without specific authority. Security should be very high.
12/04/23 03:54
13-24
Information Classification
0 Proprietary: Procedures, project plans, operational work routines,
designs and specifications that define the way in which the
organization operates. Such information is usually for proprietary
use by authorized personnel only. Security at this level is high.
0 Internal Use Only: Information not approved for general circulation
outside the organization, where its disclosure would inconvenience
the organization or management, but is unlikely to result in financial
loss or serious damage to credibility/reputation. Examples include:
internal memos, internal project reports, minutes of meetings.
Security at this level is controlled but normal.
0 Public Documents: Information in the public domain: press
statements, annual reports, etc. which have been approved for
public use or distribution. Security at this level is minimal.
12/04/23 03:54
13-25
13-26
13-27
13-28
13-29
13-30
13-31
13-32
13-33
Operating Systems
0 Memory Management
0 Process management
0 File Management
0 Capability Domains
0 Virtual Machines
12/04/23 03:54
13-34
System Architecture
0 The software components that make up the system
0 Middleware
0 Database management
0 Networks
0 Applications
12/04/23 03:54
13-35
Security Architecture
0 Security critical components of the system
0 Trusted Computing Base
0 Reference Monitor and Security Kernel
0 Security Perimeter
0 Security Policy
0 Least Privilege
12/04/23 03:54
13-36
13-37
13-38
Security Models
0 Bell and LaPadula (BLP) Confidentiality Model
0 Biba Integrity Model (opposite to BLP)
0 Clark Wilson Integrity Model
0 Other Models
- information Flow Model
- Non Interference Model
- Graham Denning Model
- Harrison-Ruzzo-Ullman Model
- Lattice Model
12/04/23 03:54
13-39
13-40
Biba
0 In general, preservation of data integrity has three goals:
- Prevent data modification by unauthorized parties
- Prevent unauthorized data modification by authorized parties
- Maintain internal and external consistency (i.e. data reflects the real
world)
0 Biba security model is directed toward data integrity (rather than
confidentiality) and is characterized by the phrase: "no read down, no write
up". This is in contrast to the Bell-LaPadula model which is characterized by
the phrase "no write down, no read up".
0 The Biba model defines a set of security rules similar to the Bell-LaPadula
model. These rules are the reverse of the Bell-LaPadula rules:
0 The Simple Integrity Axiom states that a subject at a given level of integrity
must not read an object at a lower integrity level (no read down).
0 The * (star) Integrity Axiom states that a subject at a given level of integrity
must not write to any object at a higher level of integrity (no write up).
12/04/23 03:54
13-41
13-42
13-43
13-44
13-45
13-46
13-47
13-48
13-49
13-50
13-51
13-52
13-53
13-54
13-55
Access Control
0 Access Control Overview
0 Identification, Authentication, Authorization, Accountability
0 Single Sign-on and Kerberos
0 Access Control Models
0 Access Control Techniques and Technologies
0 Access Control Administration
0 Access Control Monitoring: Intrusion Detection
0 Threats to Access Control
12/04/23 03:54
13-56
13-57
Access Control
0 Access control models used by current systems tend to fall into one
of two classes: those based on capabilities and those based on
access control lists (ACLs).
0 In a capability-based model, holding an unforgeable reference or
capability to an object provides access to the object
0 Access is conveyed to another party by transmitting such a
capability over a secure channel.
0 In an ACL-based model, a subject's access to an object depends on
whether its identity is on a list associated with the object
12/04/23 03:54
13-58
13-59
13-60
13-61
13-62
13-63
Single Sign-On
0 Single sign-on (SSO) is a property of access control of multiple,
related, but independent software systems. With this property a user
logs in once and gains access to all systems without being
prompted to log in again at each of them. Single sign-off is the
reverse property whereby a single action of signing out terminates
access to multiple software systems.
0 As different applications and resources support different
authentication mechanisms, single sign-on has to internally
translate to and store different credentials compared to what is used
for initial authentication.
12/04/23 03:54
13-64
13-65
Kerberos
0 Kerberos uses as its basis the symmetric Needham-Schroeder
protocol. It makes use of a trusted third party, termed a key
distribution center (KDC), which consists of two logically separate
parts: an Authentication Server (AS) and a Ticket Granting Server
(TGS). Kerberos works on the basis of "tickets" which serve to prove
the identity of users.
0 The KDC maintains a database of secret keys; each entity on the
network — whether a client or a server — shares a secret key known
only to itself and to the KDC. Knowledge of this key serves to prove
an entity's identity. For communication between two entities, the
KDC generates a session key which they can use to secure their
interactions.
0 The security of the protocol relies heavily on participants
maintaining loosely synchronized time and on short-lived assertions
of authenticity called Kerberos tickets.
12/04/23 03:54
13-66
Kerberos
0 The client authenticates itself to the Authentication Server and
receives a ticket. (All tickets are time-stamped.)
0 It then contacts the Ticket Granting Server, and using the ticket it
demonstrates its identity and asks for a service.
0 If the client is eligible for the service, then the Ticket Granting
Server sends another ticket to the client.
0 The client then contacts the Service Server, and using this ticket it
proves that it has been approved to receive the service.
12/04/23 03:54
13-67
Kerberos: Drawbacks
0 Single point of failure: It requires continuous availability of a central server.
When the Kerberos server is down, no one can log in. This can be mitigated
by using multiple Kerberos servers and fallback authentication mechanisms.
0 Kerberos requires the clocks of the involved hosts to be synchronized. The
tickets have a time availability period and if the host clock is not
synchronized with the Kerberos server clock, the authentication will fail. The
default configuration requires that clock times are no more than five minutes
apart. In practice Network Time Protocol daemons are usually used to keep
the host clocks synchronized.
0 The administration protocol is not standardized and differs between server
implementations.
0 Since all authentication is controlled by a centralized KDC, compromise of
this authentication infrastructure will allow an attacker to impersonate any
user.
12/04/23 03:54
13-68
13-69
Access Control
0 Access control techniques: Access control techniques are sometimes
categorized as either discretionary or non-discretionary. The three most
widely recognized models are Discretionary Access Control (DAC),
Mandatory Access Control (MAC), and Role Based Access Control (RBAC).
MAC and RBAC are both non-discretionary.
0 Attribute-based Access Control: In attribute-based access control, access is
granted not based on the rights of the subject associated with a user after
authentication, but based on attributes of the user. The user has to prove so
called claims about his attributes to the access control engine. An attribute-
based access control policy specifies which claims need to satisfied in order
to grant access to an object. For instance the claim could be "older than 18" .
Any user that can prove this claim is granted access. Users can be
anonymous as authentication and identification are not strictly required. One
does however require means for proving claims anonymously. This can for
instance be achieved using Anonymous credentials.
12/04/23 03:54
13-70
Access Control
0 Discretionary access control: (DAC) is an access policy determined
by the owner of an object. The owner decides who is allowed to
access the object and what privileges they have.
0 Two important concepts in DAC are
0 File and data ownership: Every object in the system has an owner. In
most DAC systems, each object's initial owner is the subject that
caused it to be created. The access policy for an object is
determined by its owner.
0 Access rights and permissions: These are the controls that an owner
can assign to other subjects for specific resources.
0 Access controls may be discretionary in ACL-based or capability-
based access control systems. (In capability-based systems, there is
usually no explicit concept of 'owner', but the creator of an object
has a similar degree of control over its access policy.)
12/04/23 03:54
13-71
Access Control
0 Mandatory access control: (MAC) is an access policy determined by the
system, not the owner. MAC is used in multilevel systems that process highly
sensitive data, such as classified government and military information. A
multilevel system is a single computer system that handles multiple
classification levels between subjects and objects.
0 Sensitivity labels: In a MAC-based system, all subjects and objects must have
labels assigned to them. A subject's sensitivity label specifies its level of
trust. An object's sensitivity label specifies the level of trust required for
access. In order to access a given object, the subject must have a sensitivity
level equal to or higher than the requested object.
0 Data import and export: Controlling the import of information from other
systems and export to other systems (including printers) is a critical function
of MAC-based systems, which must ensure that sensitivity labels are properly
maintained and implemented so that sensitive information is appropriately
protected at all times.
12/04/23 03:54
13-72
Access Control
0 Two methods are commonly used for applying mandatory access
control:
0 Rule-based (or label-based) access control: This type of control
further defines specific conditions for access to a requested object.
All MAC-based systems implement a simple form of rule-based
access control to determine whether access should be granted or
denied by matching:
- An object's sensitivity label
- A subject's sensitivity label
0 Lattice-based access control: These can be used for complex access
control decisions involving multiple objects and/or subjects. A
lattice model is a mathematical structure that defines greatest lower-
bound and least upper-bound values for a pair of elements, such as
a subject and an object.
12/04/23 03:54
13-73
Access Control
0 Role-based access control: (RBAC) is an access policy determined
by the system, not the owner. RBAC is used in commercial
applications and also in military systems, where multi-level security
requirements may also exist. RBAC differs from DAC in that DAC
allows users to control access to their resources, while in RBAC,
access is controlled at the system level, outside of the user's
control.
0 Although RBAC is non-discretionary, it can be distinguished from
MAC primarily in the way permissions are handled. MAC controls
read and write permissions based on a user's clearance level and
additional labels. RBAC controls collections of permissions that may
include complex operations such as an e-commerce transaction, or
may be as simple as read or write. A role in RBAC can be viewed as
a set of permissions.
12/04/23 03:54
13-74
Access Control
0 Three primary rules are defined for RBAC:
0 1. Role assignment: A subject can execute a transaction only if the
subject has selected or been assigned a role.
0 2. Role authorization: A subject's active role must be authorized for
the subject. With rule 1 above, this rule ensures that users can take
on only roles for which they are authorized.
0 3. Transaction authorization: A subject can execute a transaction
only if the transaction is authorized for the subject's active role. With
rules 1 and 2, this rule ensures that users can execute only
transactions for which they are authorized.
0 Additional constraints may be applied as well, and roles can be
combined in a hierarchy where higher-level roles subsume
permissions owned by sub-roles.
0 Most IT vendors offer RBAC in one or more products.
12/04/23 03:54
13-75
What is Biometrics?
0 Biometrics are automated methods of recognizing a person based
on a physiological or behavioral characteristic
0 Features measured: Face, Fingerprints, Hand geometry, handwriting,
Iris, Retinal, Vein and Voice
0 Identification and personal certification solutions for highly secure
applications
0 Numerous applications: medical, financial, child care, computer
access etc.
0 Biometrics replaces Traditional Authentication Methods
0 Provides better security
0 More convenient
0 Better accountability
0 Applications on Fraud detection and Fraud deterrence
0 Dual purpose: Cyber Security and National Security
12/04/23 03:54
13-76
13-77
Why Biometrics?
0 Authentication mechanisms often used are User ID and Passwords
0 However password mechanisms have vulnerabilities: Stealing
passwords
0 Biometrics systems are less prone to attacks
0 Need sophisticated techniques for attacks
- Cannot steal facial features and fingerprints
- Need sophisticated image processing techniques for modifying
facial features
0 Biometrics systems are more convenient, Need not have multiple
passwords or difficult passwords
- E.g., characters, numbers and special symbols, Need not
remember passwords
0 Need not carry any cards or tokens
0 Better accountability: Can determine who accessed the system with
less complexity
12/04/23 03:54
13-78
13-79
Security Vulnerabilities
0 Type 1 attack: present fake biometric such a synthetic
biometric
0 Type 2 attack: Submit a previously intercepted biometric
data: replay
0 Type 3 attack: Compromising the feature extractor module to
give results desired by attacker
0 Type 4 attack: Replace the genuine feature values produced
by the system by fake values desired by attacker
0 Type 5 attack: Produce a high number of matching results
0 Type 6 attack: Attack the template database: add templates,
modify templates etc.
12/04/23 03:54
13-80
13-81
Biometric Process
0 User enrolls in a system and provides biometric data
0 Data is converted into a template
0 Later on user provides biometric data for verification or
identification
0 The latter biometric data is converted into a template
0 The verification/identification template is compared with the
enrollment template
0 The result of the match is specified as a confidence level
0 The confidence level is compared to the threshold level
0 If the confidence score exceeds the threshold, then there is a
match
0 If not, there is no match
12/04/23 03:54
13-82
13-83
Data Types and Associated Biometric
Technologies
0 Finger scan: Fingerprint Image
0 Voice scan: Voice recording
0 Face scan: Facial image
0 Iris scan: Iris image
0 Retina scan: Retina image
0 Hand scan: Image of hand
0 Signature scan: Image of signature
0 Keystroke scan: Recording of character types
12/04/23 03:54
13-84
Templates
0 Templates are NOT compressions of biometric data; they are
constructed from distinctive features extracted
0 Cannot reconstruct the biometric data from templates
0 Same biometric data supplied by a user at different times may
results in different templates
0 When the biometric algorithm is applied to these templates, it
will recognize them as the same biometric data
0 Templates may consist of strings of characters and numeric
values
0 Vendor systems are heterogeneous; standards are used for
common templates and for interoperability
12/04/23 03:54
13-85
Biometric Matching
0 Part of the Biometric process: Compares the user provided
template with the enrolled templates
0 Scoring:
- Each vendor may use a different score for matching; 1-10
or -1 to 1
- Scores also generated during enrollment depending on
the quality of the biometric data
- User may have to provide different data if enrollment
score is low
0 Threshold is generated by system administrator and varies
from system to system and application to application
0 Decision depending on match/ nomatch
- 100% accuracy is generally not possible
12/04/23 03:54
13-86
13-87
13-88
13-89
13-90
13-91
13-92
Crypography
0 Definition of Cryptography
0 Important concepts
- Symmetric and Asymmetric, Hash, Digital Signature etc.
0 Steganography and Digital watermarking
0 Algorithms
0 Attacks
12/04/23 03:54
13-93
Definitions
0 Cryptography
- Mathematical manipulation of information that prevents the
information being disclosed or altered
0 Cryptanalysis
- Defeating the protected mechanisms of cryptography
0 Cryptology
- Study of Cryptography and Cryptanalysis
12/04/23 03:54
13-94
Goals of Cryptography
0 Confidentiality
0 Integrity
0 Authenticity
0 Non-repudiation
0 Access Control
0 Make compromise difficult
12/04/23 03:54
13-95
Process
0 Input (also called Plaintext or Clear Text)
0 Cryptosystem (device that performs encryption/decryption)
0 Cryptographic Algorithms (Mathematical functions)
0 Output (Cipher text or Cryptogram)
0 Key (Crypto variable)
12/04/23 03:54
13-96
Key Clustering
0 In cryptography, key clustering is said to occur when two different
keys generate the same ciphertextfrom the same plaintext, using the
same cipher algorithm. A good cipher algorithm, using different keys
on the same plaintext, should generate a different ciphertext,
irrespective of the key length.
0 If an 'attacker' tries to break a cipher by brute-force (trying all
possible keys until it finds the correct key) then key clustering will
result in an easier attack on a particular cipher text. If there are N
possible keys with out any key clustering then the attacker will on
average need to try N/2 keys to decrypt it and a worst case of trying
all N keys. If there are two keys that are clustered then the average
number of keys to try is reduced to N/4 (worst case is N-1 keys). If
three keys cluster than average attempt is only N/6 attempts.
12/04/23 03:54
13-97
13-98
13-99
13-100
Initialization Vector
0 In cryptography, an initialization vector (IV) is a block of bits that is
required to allow a stream cipher or a block cipher to be executed in
any of several modes of operation to produce a unique stream
independent from other streams produced by the same encryption
key, without having to go through a (usually lengthy) re-keying
process.
0 The size of the IV depends on the encryption algorithm and on the
cryptographic protocol in use and is normally as large as the block
size of the cipher or as large as the encryption key.
0 The IV must be known to the recipient of the encrypted information
to be able to decrypt it.
12/04/23 03:54
13-101
Initialization Vector
0 This can be ensured in a number of ways: by transmitting the IV
along with the cipher text, by agreeing on it beforehand during the
key exchange or the handshake, by calculating it (usually
incrementally), or by measuring such parameters as current time
(used in hardware authentication tokens such as RSA SecurID) IDs
such as sender's and/or recipient's address or ID, file ID, the packet,
sector or cluster number, etc.
0 A number of variables can be combined or hashed together,
depending on the protocol. If the IV is chosen at random, the
cryptographer must take into consideration the probability of
collisions, and if an incremental IV is used as a nonce, the
algorithm's resistance to related-IV attacks must also be considered.
0 Nonce – number used once
12/04/23 03:54
13-102
Block Cipher
0 In cryptography, a block cipher is a symmetric key cipher operating
on fixed-length groups of bits, called blocks, with an unvarying
transformation. A block cipher encryption algorithm might take (for
example) a 128-bit block of plaintext as input, and output a
corresponding 128-bit block of ciphertext. The exact transformation
is controlled using a second input — the secret key. Decryption is
similar: the decryption algorithm takes, in this example, a 128-bit
block of ciphertext together with the secret key, and yields the
original 128-bit block of plaintext.
0 To encrypt messages longer than the block size (128 bits in the
above example), a mode of operation is used.
12/04/23 03:54
13-103
Block Cipher
0 Block ciphers can be contrasted with stream ciphers; a stream
cipher operates on individual digits one at a time, and the
transformation varies during the encryption.
0 The distinction between the two types is not always clear-cut: a
block cipher, when used in certain modes of operation, acts
effectively as a stream cipher.
0 An early and highly influential block cipher design was the Data
Encryption Standard (DES), developed at IBM and published as a
standard in 1977. A successor to DES, the Advanced Encryption
Standard (AES), was adopted in 2001.
12/04/23 03:54
13-104
Stream Cipher
0 In cryptography, a stream cipher is a symmetric key cipher where
plaintext bits are combined with a pseudorandom cipher bit stream (,
(keystreams) typically by an exclusive-or (XOR) operation.
0 In a stream cipher the plaintext digits are encrypted one at a time,
and the transformation of successive digits varies during the
encryption. An alternative name is a state cipher, as the encryption
of each digit is dependent on the current state.
0 In practice, the digits are typically single bits or bytes.
12/04/23 03:54
13-105
Stream Cipher
0 Stream ciphers represent a different approach to symmetric
encryption from block ciphers.
0 Block ciphers operate on large blocks of digits with a fixed,
unvarying transformation. This distinction is not always clear-cut: in
some modes of operation, a block cipher primitive is used in such a
way that it acts effectively as a stream cipher.
0 Stream ciphers typically execute at a higher speed than block
ciphers and have lower hardware complexity. However, stream
ciphers can be susceptible to serious security problems if used
incorrectly: see stream cipher attacks — in particular, the same
starting state must never be used twice.
12/04/23 03:54
13-106
Digital Signature
0 A digital signature or digital signature scheme is a mathematical
scheme for demonstrating the authenticity of a digital message or
document. A valid digital signature gives a recipient reason to
believe that the message was created by a known sender, and that it
was not altered in transit. Digital signatures are commonly used for
software distribution, financial transactions, and in other cases
where it is important to detect forgery and tampering.
0 Digital signatures are often used to implement electronic signatures,
a broader term that refers to any electronic data that carries the
intent of a signature, but not all electronic signatures use digital
signatures.[In some countries, including the United States, India, and
members of the European Union, electronic signatures have legal
significance. However, laws concerning electronic signatures do not
always make clear whether they are digital cryptographic signatures
in the sense used here, leaving the legal definition, and so their
importance, somewhat confused.
12/04/23 03:54
13-107
Digital Signature
0 Digital signatures employ a type of asymmetric cryptography. For messages
sent through an insecure channel, a properly implemented digital signature
gives the receiver reason to believe the message was sent by the claimed
sender. Digital signatures are equivalent to traditional handwritten signatures
in many respects; properly implemented digital signatures are more difficult
to forge than the handwritten type. Digital signature schemes in the sense
used here are cryptographically based, and must be implemented properly to
be effective.
0 Digital signatures can also provide non-repudiation, meaning that the signer
cannot successfully claim they did not sign a message, while also claiming
their private key remains secret; further, some non-repudiation schemes offer
a time stamp for the digital signature, so that even if the private key is
exposed, the signature is valid nonetheless. Digitally signed messages may
be anything representable as a bitstring: examples include electronic mail,
contracts, or a message sent via some other cryptographic protocol.
12/04/23 03:54
13-108
Work Factor
0 Work Factor is defined as the amount of effort (usually measured in
units of time) needed to break a cryptosystem.
0 The Work Factor of a cryptosystem is related to its key-length and
the working mechanism used (encryption and decryption
algorithms). For example, if the brute force attack method is used to
break the system (trying all possible combinations of the key), then
the work factor is directly proportional to the length of the key. For
every addition of one bit to the key length, the time needed (work
factor) is doubled.
12/04/23 03:54
13-109
Hash Function
0 A hash function is any well-defined procedure or mathematical
function that converts a large, possibly variable-sized amount of
data into a small datum, usually a single integer that may serve as an
index to an array. The values returned by a hash function are called
hash values, hash codes, hash sums, checksums or simply hashes.
0 A hash function may map two or more keys to the same hash value.
In many applications, it is desirable to minimize the occurrence of
such collisions, which means that the hash function must map the
keys to the hash values as evenly as possible.
12/04/23 03:54
13-110
Checksum
0 A checksum or hash sum is a fixed-size datum computed from an
arbitrary block of digital data for the purpose of detecting accidental
errors that may have been introduced during its transmission or
storage.
0 The integrity of the data can be checked at any later time by
recomputing the checksum and comparing it with the stored one. If
the checksums do not match, the data was almost certainly altered
(either intentionally or unintentionally).
0 The procedure that yields the checksum from the data is called a
checksum function or checksum algorithm. A good checksum
algorithm will yield a different result with high probability when the
data is accidentally corrupted; if the checksums match, the data is
very likely to be free of accidental errors.
12/04/23 03:54
13-111
Substitution Ciphers
0 In cryptography, a substitution cipher is a method of encryption by
which units of plaintext are replaced with cipher text according to a
regular system; the "units" may be single letters (the most common),
pairs of letters, triplets of letters, mixtures of the above, and so forth.
The receiver deciphers the text by performing an inverse
substitution.
0 Substitution ciphers can be compared with transposition ciphers. In
a transposition cipher, the units of the plaintext are rearranged in a
different and usually quite complex order, but the units themselves
are left unchanged. By contrast, in a substitution cipher, the units of
the plaintext are retained in the same sequence in the ciphertext, but
the units themselves are altered.
12/04/23 03:54
13-112
Substitution Ciphers
0 There are a number of different types of substitution cipher. If the
cipher operates on single letters, it is termed a simple substitution
cipher; a cipher that operates on larger groups of letters is termed
polygraphic. A monoalphabetic cipher uses fixed substitution over
the entire message, whereas a polyalphabetic cipher uses a number
of substitutions at different times in the message, where a unit from
the plaintext is mapped to one of several possibilities in the
ciphertext and vice-versa.
0 Substitution over a single letter—simple substitution—can be
demonstrated by writing out the alphabet in some order to represent
the substitution. This is termed a substitution alphabet. The cipher
alphabet may be shifted or reversed (e.g., Caesar ) or scrambled in a
more complex fashion, in which case it is called a mixed alphabet.
12/04/23 03:54
13-113
13-114
Key Management
0 Key management is the provisions made in a cryptography system
design that are related to generation, exchange, storage,
safeguarding, use, vetting, and replacement of keys. It includes
cryptographic protocol design, key servers, user procedures, and
other relevant protocols.
0 Key management concerns keys at the user level, either between
users or systems. This is in contrast to key scheduling; key
scheduling typically refers to the internal handling of key material
within the operation of a cipher.
0 Successful key management is critical to the security of a
cryptosystem. In practice it is arguably the most difficult aspect of
cryptography because it involves system policy, user training,
organizational and departmental interactions, and coordination
between all of these elements.
12/04/23 03:54
13-115
Certificate Authority
0 In cryptography, a certificate authority or certification authority (CA)
is an entity that issues digital certificates for use by other parties. It
is an example of a trusted third party. CAs are characteristic of many
public key infrastructure (PKI) schemes.
0 Commercial CAs charge to issue certificates that will automatically
be trusted by most web browsers (Mozilla maintains a list of at least
36 trusted root CAs, though multiple commercial CAs or their
resellers may share the same trusted root ).
0 The number of web browsers and other devices and applications
that trust a particular certificate authority is referred to as ubiquity.
0 Aside from commercial CAs, some providers issue digital
certificates to the public at no cost. Large institutions or government
entities may have their own CAs.
12/04/23 03:54
13-116
Certificate Authority
0 Certificate-based encryption is a system in which a certificate
authority uses ID-based cryptography to produce a certificate. This
system gives the users both implicit and explicit certification, the
certificate can be used as a conventional certificate (for signatures,
etc.), but also implicitly for the purpose of encryption.
0 A user Alice can doubly encrypt a message using another user's
(Bob) public key and his (Bob's) identity.
0 This means that the user (Bob) cannot decrypt it without a currently
valid certificate and also that the certificate authority cannot decrypt
the message as they don't have the user's private key (i.e., there is
no implicit escrow as with ID-based cryptography, as the double
encryption means they cannot decrypt it solely with the information
they have).
12/04/23 03:54
13-117
13-118
Web of Trust
0 An alternative approach to the problem of public authentication of
public key information is the web of trust scheme, which uses self-
signed certificates and third party attestations of those certificates.
The singular term Web of Trust does not imply the existence of a
single web of trust, or common point of trust, but rather any number
of potentially disjoint "webs of trust". Examples of implementations
of this approach are PGP (Pretty Good Privacy)
0 Because PGP and implementations allow the use of e-mail digital
signatures for self-publication of public key information, it is
relatively easy to implement one's own Web of Trust. One of the
benefits of the Web of Trust, such as in PGP, is that it can
interoperate with a PKI CA fully-trusted by all parties in a domain
(such as an internal CA in a company) that is willing to guarantee
certificates, as a trusted introducer.
12/04/23 03:54
13-119
Steganography
0 Steganography is the art and science of writing hidden messages in
such a way that no one, apart from the sender and intended
recipient, suspects the existence of the message, a form of security
through obscurity.
0 Generally, messages will appear to be something else: images,
articles, shopping lists, or some other covertext and, classically, the
hidden message may be in invisible ink between the visible lines of a
private letter.
0 The advantage of steganography, over cryptography alone, is that
messages do not attract attention to themselves.
0 Cryptography protects the contents of a message, steganography
can be said to protect both messages and communicating parties.
12/04/23 03:54
13-120
Steganography
0 Steganography includes the concealment of information within
computer files.
0 In digital steganography, electronic communications may include
steganographic coding inside of a transport layer, such as a
document file, image file, program or protocol.
0 Media files are ideal for steganographic transmission because of
their large size.
0 As a simple example, a sender might start with an innocuous image
file and adjust the color of every 100th pixel to correspond to a letter
in the alphabet, a change so subtle that someone not specifically
looking for it is unlikely to notice it.
12/04/23 03:54
13-121
Digital Watermarking
0 Digital watermarking is the process of embedding information into a
digital signal in a way that is difficult to remove. The signal may be
audio, pictures or video, for example. If the signal is copied, then the
information is also carried in the copy. A signal may carry several
different watermarks at the same time.
0 In visible watermarking, the information is visible in the picture or
video. Typically, the information is text or a logo which identifies the
owner of the media. The image on the right has a visible watermark.
When a television broadcaster adds its logo to the corner of
transmitted video, this is also a visible watermark.
0 In invisible watermarking, information is added as digital data to
audio, picture or video, but it cannot be perceived as such (although
it may be possible to detect that some amount of information is
hidden).
12/04/23 03:54
13-122
Digital Watermarking
0 The watermark may be intended for widespread use and is thus
made easy to retrieve or it may be a form of Steganography, where a
party communicates a secret message embedded in the digital
signal. In either case, as in visible watermarking, the objective is to
attach ownership or other descriptive information to the signal in a
way that is difficult to remove. It is also possible to use hidden
embedded information as a means of covert communication
between individuals.
0 One application of watermarking is in copyright protection systems,
which are intended to prevent or deter unauthorized copying of
digital media. In this use a copy device retrieves the watermark from
the signal before making a copy; the device makes a decision to
copy or not depending on the contents of the watermark. Another
application is in source tracing. A watermark is embedded into a
digital signal at each point of distribution. If a copy of the work is
found later, then the watermark can be retrieved from the copy and
12/04/23 03:54
13-123
Algorithms
0 Block Modes
- Electronic Code Block
- Cipher Block Chaining
0 Stream Modes
- Cipher Feed Back
- Output Feed Back
- Counter
12/04/23 03:54
13-124
Attacks
0 Brute Force
0 Birthday
0 Dictionary
0 Known Plaintext
0 Chosen Plaintext
0 Cipher text Only
0 Chosen Cipher text
12/04/23 03:54
13-125
Network Security
13-126
13-127
13-128
13-129
Network Forensic
13-130
13-131
Network Forensics Analysis Tools (NFAT):
Relationships between IDS, Firewalls and NFAT
0 IDS attempts to detect activity that violates an organization’s
security policy by implementing a set of rules describing
preconfigures patterns of interest
0 Firewall allows or disallows traffic to or from specific
networks, machine addresses and port numbers
0 NFAT synergizes with IDSs and Firewalls.
- Preserves long term record of network traffic
- Allows quick analysis of trouble spots identified by IDSs
and Firewalls
0 NFATs must do the following:
- Capture network traffic
- Analyze network traffic according to user needs
- Allow system users discover useful and interesting things
about the analyzed traffic
12/04/23 03:54
13-132
NFAT Tasks
0 Traffic Capture
- What is the policy?
- What is the traffic of interest?
- Intermal/Externasl?
- Collect packets: tcpdump
0 Traffic Analysis
- Sessionizing captured traffic (organize)
- Protocol Parsing and analysis
= Check for strings, use expert systems for analysis
0 Interacting with NFAT
- Appropriate user interfaces, reports, examine large
quantities of information and make it manageable
12/04/23 03:54
13-133
Honeynets/Honeypots
13-134
13-135
0 Retaining information
0 Planning the response
0 Training
0 Accelerating the investigation
0 Preventing anonymous activities
0 Protect the evidence
12/04/23 03:54
13-136
13-137
13-138
0 Raytheon’s SilentRunner
- Gives administrators help as they attempt to protect their
company’s assets
- Collector, Analyzer and Visualize Modules
0 Sandstorm Enterprise’s NetIntercept
- Hardware appliance focused on capturing network traffic
0 Niksun’s NetDetector
- Its an appliance like NetIntercept
- Has an alerting mechanism
- Integrates with Cicso IDS for a complete forensic analysis
12/04/23 03:54
13-139
13-140
13-141
13-142
13-143
Machine
Learning Classifier
Training data
Clean or Infected ?
12/04/23 03:54
13-144
13-145
Traffic Mining
0 To bridge the gap between what is written in the firewall policy rules
and what is being observed in the network is to analyze traffic and
log of the packets– traffic mining
= Network traffic trend may show that some rules are out-
dated or not used recently
Filtering
Firewall Firewall Mining Log File
Rule
Policy Rule Log File Using Frequency
Generalization
Identify Decaying
Edit
& Generic Rules
Firewall Rules Dominant Rules
12/04/23 03:54
13-146
13-147
13-148
13-149
13-150
13-151
13-152
Biometrics
0 Early Identication and Authentication (I&A) systems, were
based on passwords
0 Recently physical characteristics of a person are being used
for identification
- Fingerprinting
- Facial features
- Iris scans
- Voice recognition
- Facial expressions
0 Biometrics techniques will provide access not only to
computers but also to building and homes
0 Systems are vulnerable to attack e.g., Fake biometrics
12/04/23 03:54
13-153
13-154
13-155
OSI Model
13-156
OSI Model
0 The Physical Layer defines the electrical and physical specifications for
devices. In particular, it defines the relationship between a device and a
physical medium.
0 This includes the layout of pins, voltages, cable specifications, hubs,
repeaters, network adapters, host bus adapters (HBAs used in storage area
networks) and more.
0 The Data Link Layer provides the functional and procedural means to transfer
data between network entities and to detect and possibly correct errors that
may occur in the Physical Layer.
0 The Network Layer provides the functional and procedural means of
transferring variable length data sequences from a source to a destination via
one or more networks, while maintaining the quality of service requested by
the Transport Layer. The Network Layer performs network routing functions,
and might also perform fragmentation and reassembly, and report delivery
errors. Routers operate at this layer—sending data throughout the extended
network and making the Internet possible.
12/04/23 03:54
13-157
OSI Model
0 The Transport Layer provides transparent transfer of data
between end users, providing reliable data transfer services
to the upper layers. The Transport Layer controls the
reliability of a given link through flow control,
segmentation/desegmentation, and error control.
0 Some protocols are state and connection oriented. This
means that the Transport Layer can keep track of the
segments and retransmit those that fail.
0 Although not developed under the OSI Reference Model and
not strictly conforming to the OSI definition of the Transport
Layer, typical examples of Layer 4 are the Transmission
Control Protocol (TCP) and User Datagram Protocol (UDP).
12/04/23 03:54
13-158
OSI Model
0 The Session Layer controls the dialogues (connections)
between computers. It establishes, manages and terminates
the connections between the local and remote application. It
provides for full-duplex, half-duplex, or simplex operation,
and establishes checkpointing, adjournment, termination, and
restart procedures.
0 Presentation layer provides independence from differences in
data representation (e.g., encryption) by translating from
application to network format, and vice versa.
0 The presentation layer works to transform data into the form
that the application layer can accept. This layer formats and
encrypts data to be sent across a network, providing freedom
from compatibility problems. It is sometimes called the
syntax layer.
12/04/23 03:54
13-159
Application Layer
0 APPC, Advanced Program-to-Program Communication
0 DNS, Domain Name System (Service) Protocol
0 FTAM, File Transfer Access and Management
0 FTP, File Transfer Protocol
0 Gopher, Gopher protocol
0 HL7, Health Level Seven
0 HTTP, Hypertext Transfer Protocol
0 IMAP, IMAP4, Internet Message Access Protocol
0 IRCP, Internet Relay Chat Protocol
0 LDAP, Lightweight Directory Access Protocol
0 LPD, Line Printer Daemon Protocol
0 MIME (S-MIME), Multipurpose Internet Mail Extensions and
Secure MIME
12/04/23 03:54
13-160
Application Layer
0 NFS, Network File System
0 NIS, Network Information Service
0 NTP, Network Time Protocol
0 POP, POP3, Post Office Protocol (version 3)
0 SIP, Session Initiation Protocol
0 SMTP, Simple Mail Transfer Protocol
0 SNMP, Simple Network Management Protocol
0 SSH, Secure Shell
0 TELNET, Terminal Emulation Protocol of TCP/IP
0 VTP, Virtual Terminal Protocol
0 X.400, Message Handling Service Protocol
0 X.500, Directory Access Protocol (DAP)
12/04/23 03:54
13-161
0 Token Bus
0 Token Ring
0 X.25
0 Routing protocols
0 IEEE 802 Standards
12/04/23 03:54
13-162
TCP/IP
0 In the TCP/IP model of the Internet, protocols are not as rigidly
designed into strict layers as the OSI model. [
0 TCP/IP does recognize four broad layers of functionality which are
derived from the operating scope of their contained protocols,
namely the scope of the software application, the end-to-end
transport connection, the internetworking range, and lastly the
scope of the direct links to other nodes on the local network.
0 The Internet Application Layer includes the OSI Application Layer,
Presentation Layer, and most of the Session Layer. Its end-to-end
Transport Layer includes the graceful close function of the OSI
Session Layer as well as the OSI Transport Layer. The
internetworking layer is a subset of the OSI Network Layer (see
above), while the Link Layer includes the OSI Data Link and Physical
Layers, as well as parts of OSI's Network Layer.
12/04/23 03:54
13-163
IPV4
0 Internet Protocol version 4 (IPv4) is the fourth revision in the
development of the Internet Protocol (IP) and it is the first version of
the protocol to be widely deployed. Together with IPv6, it is at the
core of standards-based internetworking methods of the Internet.
IPv4 is still by far the most widely deployed Internet Layer protocol.
0 IPv4 is a connectionless protocol for use on packet-switched Link
Layer networks (e.g., Ethernet). It operates on a best effort delivery
model, in that it does not guarantee delivery, nor does it assure
proper sequencing, or avoid duplicate delivery. These aspects,
including data integrity, are addressed by an upper layer transport
protocol (e.g., Transmission Control Protocol).
12/04/23 03:54
13-164
IPSEC
0 Internet Protocol Security (IPsec) is a protocol suite for securing
Internet Protocol (IP) communications by authenticating and
encrypting each IP packet of a data stream. IPsec also includes
protocols for establishing mutual authentication between agents at
the beginning of the session and negotiation of cryptographic keys
to be used during the session. IPsec can be used to protect data
flows between a pair of hosts (e.g. computer users or servers),
between a pair of security gateways (e.g. routers or firewalls), or
between a security gateway and a host
0 IPsec is a dual mode, end-to-end, security scheme operating at the
Internet Layer of the Internet Protocol Suite or OSI model Layer 3.
Some other Internet security systems in widespread use, such as
Secure Sockets Layer (SSL), Transport Layer Security (TLS) and
Secure Shell (SSH), operate in the upper layers of these models.
Hence, IPsec can be used for protecting any application traffic
across the Internet.
12/04/23 03:54
13-165
TLS/SSL
0 Transport Layer Security (TLS) and its predecessor, Secure
Socket Layer (SSL), are cryptographic protocols that provide
security for communications over networks such as the
Internet. TLS and SSL encrypt the segments of network
connections at the Application Layer to ensure secure end-to-
end transit at the Transport Layer.
0 Several versions of the protocols are in widespread use in
applications like web browsing, electronic mail, Internet
faxing, instant messaging and voice-over-IP (VoIP).
0 The TLS protocol allows client/server applications to
communicate across a network in a way designed to prevent
eavesdropping and tampering. TLS provides endpoint
authentication and communications confidentiality over the
Internet using cryptography. TLS provides RSA security.
12/04/23 03:54
13-166
TLS/SSL
0 In typical end-user/browser usage, TLS authentication is
unilateral: only the server is authenticated (the client knows
the server's identity), but not vice versa (the client remains
unauthenticated or anonymous).
0 TLS also supports the more secure bilateral connection mode
(typically used in enterprise applications), in which both ends
of the "conversation" can be assured with whom they are
communicating (provided they diligently scrutinize the
identity information in the other party's certificate). This is
known as mutual authentication, or 2SSL. Mutual
authentication requires that the TLS client-side also hold a
certificate (which is not usually the case in the
end-user/browser scenario).
12/04/23 03:54
13-167
DMZ
0 DMZ, or demilitarized zone is a physical or logical
subnetwork that contains and exposes an organization's
external services to a larger untrusted network, usually the
Internet.
0 The term is normally referred to as a DMZ by IT professionals.
It is sometimes referred to as a Perimeter Network.
0 The purpose of a DMZ is to add an additional layer of security
to an organization's Local Area Network (LAN); an external
attacker only has access to equipment in the DMZ, rather than
any other part of the network.
12/04/23 03:54
13-168
DMZ
0 In a network, the hosts most vulnerable to attack are those
that provide services to users outside of the local area
network, such as e-mail, web and DNS servers.
0 Because of the increased potential of these hosts being
compromised, they are placed into their own sub-network in
order to protect the rest of the network if an intruder were to
succeed. Hosts in the DMZ have limited connectivity to
specific hosts in the internal network, though communication
with other hosts in the DMZ and to the external network is
allowed.
0 This allows hosts in the DMZ to provide services to both the
internal and external network, while an intervening firewall
controls the traffic between the DMZ servers and the internal
network clients.
12/04/23 03:54
13-169
WAP
13-170
WAP
12/04/23 03:54
13-171
Instant Messaging
0 Instant messaging (IM) is a form of real-time direct text-based
communication between two or more people using personal
computers or other devices, along with shared software
clients. The user's text is conveyed over a network, such as
the Internet. More advanced instant messaging software
clients also allow enhanced modes of communication, such
as live voice or video calling.
0 IM falls under the umbrella term online chat, as it is a real-
time text-based networked communication system, but is
distinct in that it is based on clients that facilitate
connections between specified known users ("Contact List"),
whereas online 'chat' also includes web-based applications
that allow communication between (often anonymous) users
in a multi-user environment
12/04/23 03:54
13-172
VPN
0 A virtual private network (VPN) is a network that uses a public
telecommunication infrastructure, such as the Internet, to
provide remote offices or individual users with secure access
to their organization's network. It aims to avoid an expensive
system of owned or leased lines that can only be used by one
organization. The goal of a VPN is to provide the organization
with the same, secure capabilities, but at a much lower cost.
0 It encapsulates data transfers between two or more
networked devices not on the same private network so as to
keep the transferred data private from other devices on one
or more intervening local or wide area networks. There are
many different classifications, implementations, and uses for
VPNs.
12/04/23 03:54
13-173
Next Steps
0 Cloud computing security (sometimes referred to simply as
"cloud security") is an evolving sub-domain of computer
security, network security, and, more broadly, information
security. It refers to a broad set of policies, technologies, and
controls deployed to protect data, applications, and the
associated infrastructure of cloud computing.
0 Secuity issues fall into two broad categories: Security issues
faced by cloud providers (organizations providing Software-,
Platform-, or Infrastructure-as-a-Service via the cloud) and
security issues faced by their customers. In most cases, the
provider must ensure that their infrastructure is secure and
that their clients’ data and applications are protected while
the customer must ensure that the provider has taken the
proper security measures to protect their information.