Chapter 1:

Introduction to Security

Prepared by: Dr. Sunil Kr. Arora @

1
AURO University, Surat.
 Contents
• Computer Security Concepts
• The OSI Security Architecture
• Security Attacks
– Passive Attacks
– Active Attacks
• Security Services
– Authentication,
– Access Control
– Data Confidentiality
– Data Integrity
– Nonrepudiation
– Availability Service
• Security Mechanisms
• Network Security Model
Prepared by: Dr. Sunil Kr. Arora@
2
AURO University, Surat.
COMPUTER SECURITY CONCEPTS
COMPUTER SECURITY DEFINITION:
– The protection afforded to an automated information system in order to
attain the applicable objectives of preserving the confidentiality, integrity,
and availability of information system resources(hardware, software,
firmware, information/data, and telecommunications).
This definition introduces 3 key objectives that are the heart of computer
security:

1) Confidentiality: made up of two things

• Data confidentiality: Assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
• Privacy: Assures that individuals control or influence what information
related to them may be collected and stored and by whom and to whom
that information may be disclosed. (for example – patient information)
– A loss of confidentiality is the unauthorized disclosure of information.

Prepared by: Dr. Sunil Kr. Arora@

3
AURO University, Surat.
 Continue…
2) Integrity:
• Data integrity: Assures that information and programs are
changed only in a specified and authorized manner.
• System integrity: Assures that a system performs its intended
function in an unimpaired/without damaging manner, free from
deliberate or not deliberate unauthorized manipulation of the
system.
– A loss of integrity is the unauthorized modification or destruction of
information. (for example – student grades)
3) Availability:
• Assures that systems work on time and service is not denied to
authorized users.
– A loss of availability is the disruption of access to or use of information
or an information system.
Prepared by: Dr. Sunil Kr. Arora @
4
AURO University, Surat.
 Continue…
• Apart from these three (CIA), some in the security field feel that additional
concepts are also required:
1) Authenticity:
• The property of being genuine and being able to be verified and trusted.
• This means verifying that users are who they say they are and that each
input arriving at the system came from a trusted source.
2) Accountability:
• In a simple word, it is responsibility.
• For example, systems must keep records of their activities to permit later
forensic analysis to trace security breaches or to aid in transaction
disputes.

Prepared by: Dr. Sunil Kr. Arora @

5
AURO University, Surat.
 Continue…
The Challenges of Computer Security
1) Not simple
– The major concerned aspects of a secure system are confidentiality,
authentication, nonrepudiation, or integrity which are quite difficult or
complex to maintain while the mechanisms used to meet the requirements,
and understanding them may involve rather subtle reasoning.
2) Must consider potential attacks
– In developing a particular security mechanism or algorithm, one must always
consider potential attacks on those security features. In many cases,
successful attacks are designed by looking at the problem in a completely
different way, therefore exploiting an unexpected weakness in the
mechanism.

Prepared by: Dr. Sunil Kr. Arora@

6
AURO University, Surat.
 Continue…
3) Procedures used counter-intuitive (common-sense expectation)
– The procedures used to provide particular services are often counterintuitive.
Typically, a security mechanism is complex, and it is not obvious from the
statement of a particular requirement that such elaborate measures are
needed. It is only when the various aspects of the threat are considered that
elaborate security mechanisms make sense.
4) Involve algorithms and secret info
– Security mechanisms typically involve more than a particular algorithm or
protocol. They also require that participants be in possession of some secret
information (e.g., an encryption key), which raises questions about the
creation, distribution, and protection of that secret information.
5) Must decide where to deploy mechanisms
– Having designed various security mechanisms, it is necessary to decide where
to use them. This is true both in terms of physical placement (e.g., at what
points in a network are certain security mechanisms needed) and in a logical
sense (In which layer).

Prepared by:Dr. Sunil Kr. Arora @ AURO University, Surat. 7

 Continue…
6) Battle of wits between attacker / admin
– Attacker needs only to find a single weakness of the system, while the
designer must find and eliminate all weaknesses to achieve perfect security.
7) Not perceived of benefit until fails
– There is a natural tendency on the part of users and system managers to
perceive little benefit from security investment until a security failure occurs.
8) Requires regular monitoring
– Security requires regular, even constant, monitoring, and this is difficult in
today’s short-term, overloaded environment.
9) Too often an after-thought
– Security is still too often an afterthought to be incorporated into a system
after the design is complete rather than being an integral part of the design
process.
10) Regarded as impediment to using system
– Many users and even security administrators view strong security as a barrier
to efficient and user-friendly operation of an information system or use of
information. Prepared by: Dr. Sunil Kr. Arora @ AURO
8
University, Surat.
 THE OSI SECURITY ARCHITECTURE
• OSI stands for Open Systems Interconnection.
• ITU-T Recommendation X.800, Security Architecture for OSI, defines a systematic
way to
– Defining the requirements for security
– Characterizing the approaches to satisfying those requirements
• ITU-T stands for International Telecommunication Union Telecommunication and is
a standardization agency sponsored by United Nations
• The OSI security architecture focuses on security attacks, mechanisms, and services.
• Security attack:
– Any action that compromises the security of information owned by an
organization.
• Security mechanism:
– A process (or a device incorporating such a process) that is designed to detect,
prevent, or recover from a security attack.

Prepared by: Dr. Sunil Kr. Arora @

9
AURO University, Surat.
 Continue…
• Security service:
– A processing or communication service that enhances the security of the data
processing systems and the information transfers of an organization.
– The services are intended to counter/defeat security attacks, and they make
use of one or more security mechanisms to provide the service.

Prepared by: Dr. Sunil Kr. Arora @

10
AURO University, Surat.
 SECURITY ATTACKS
• The security attacks are classified into two categories:
1) Passive attack:
2) Active attack:
• Passive attack:
– Aims to learn or make use of information from the system but does not affect
system resources
– It is in the nature of eavesdropping on, or monitoring of, transmissions.
– The goal of the opponent is to obtain information that is being transmitted.
– Two types of passive attacks
1) Release of message contents
2) Traffic analysis
– Passive attacks are very difficult to detect, because they do not involve any
alteration of the data.
– It can be prevented by means of encryption.

Prepared by: Dr. Sunil Kr. Arora @

11
AURO University, Surat.
 Continue…
• An opponent read the contents of the transmissions like telephonic conversation,
an e-mail message, and a transferred file on internet which may contain sensitive
or confidential information.

Prepared by: Dr. Sunil Kr. Arora @ AURO University, Surat. 12

 Continue…
• Traffic analysis involves observation of the pattern of these messages such as the
frequency and length of messages being exchanged.
• It may also involve activity like determining the location and identity of
communicating hosts.

Prepared by: Dr. Sunil Kr. Arora @

13
AURO University, Surat.
 Continue…
• Active attack:
– Attempts to alter system resources or affect their operation.
– Active attacks involve some modification of the data stream or the creation of
a false stream.
– Active attack can be subdivided into four categories:
1) Masquerade
2) Replay
3) Modification of messages
4) Denial of service
• Active attacks present the opposite characteristics of passive attacks.
• Passive attacks are difficult to detect, on the other hand, it is quite difficult to
prevent active attacks absolutely because of wide variety of vulnerabilities found
in hardware/software, and network.

Prepared by: Dr. Sunil Kr. Arora @

14
AURO University, Surat.
 Continue…
• A masquerade takes place when one entity pretends to be a different entity
(impersonate)
• A masquerade attack is an attack that uses a fake identity, such as a network
identity, to gain unauthorized access to personal computer information through
legitimate/legal access identification.

Prepared by: Dr. Sunil Kr. Arora @

15
AURO University, Surat.
 Continue…
• Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.

Prepared by: Dr. Sunil Kr. Arora @

16
AURO University, Surat.
 Continue…
• Modification of messages simply means that some portion of a legitimate message
is altered, or that messages are delayed or reordered, to produce an unauthorized
effect.
• For example, a message meaning “Allow John Smith to read confidential file
accounts” is modified to mean “Allow Fred Brown to read confidential file
accounts.”

Prepared by: Dr. Sunil Kr. Arora @ AURO University, Surat. 17

 Continue…
• The denial of service prevents or inhibits the normal use or management of
communications facilities.
• This attack may have a specific target; for example, an entity may suppress all
messages directed to a particular destination (e.g., the security audit service).
• Another form of service denial is the disruption of an entire network, either by
disabling the network or by overloading it with messages so as to degrade
performance

Prepared by: Dr. Sunil Kr. Arora @ AURO University, Surat. 18

 SECURITY SERVICES
• X.800:
– X.800 is security architecture for Open Systems Interconnection
– Security service is a service, provided by a layer of communicating open
systems, which ensures adequate security of the systems or of data transfers
• RFC 2828:
– It is a processing or communication service that is provided by a system to give
a specific kind of protection to system resources.
• X.800 Recommendation divides security services into 5 categories:
– Authentication
– Access control
– Data confidentiality
– Data integrity
– Nonrepudiation
– Availability service

Prepared by: Dr. Sunil Kr. Arora @

19
AURO University, Surat.
 Continue…
• Authentication:
– The authentication service is concerned with assuring that a communication is
authentic.
– The recipient of the message should be sure that the message came from the
source that it claims to be.
– All communicating parties should be sure that the connection is not interfered
with by unauthorized party.
– Two specific authentication services are defined in X.800:
1) Peer entity authentication:
– Provides for the validation of the identity of a peer entity in an
association.
– Peer entity authentication is provided for use at the establishment of,
or at times during the data transfer phase of, a connection.
– It attempts to provide confidence that an entity is not performing
either a masquerade or an unauthorized replay of a previous
connection. Prepared by: Dr. Sunil Kr. Arora @ AURO
20
University, Surat.
 Continue…
– For example, consider a person, using online banking service. Both the user
and the bank should be assured in identities of each other
2) Data origin authentication:
– Provides for the validation of the source of a data unit.
– It does not provide protection against the duplication or modification
of data units.
• Access Control:
– This service controls
• who can have access to a resource;
• under what conditions access can occur;
• what those accessing are allowing to do.
– In other words, it is prevention of the unauthorized use of a resource.
– For example, in online banking a user may be allowed to see his balance, but
not allowed to make any transactions for some of his accounts

Prepared by: Dr. Sunil Kr. Arora @

21
AURO University, Surat.
 Continue…
• Data Confidentiality:
– protection of data (and/or transmitted data) from unauthorized disclosure
(from passive attacks).
– Connection confidentiality (eg. TCP – connection-oriented)
– Connectionless confidentiality (eg. IP or UDP connectionless)
– Selective field confidentiality (eg. some sensitive fields of database)
– Traffic-Flow Confidentiality:
• protection of traffic flow from analysis i.e. observing the source and
destination, frequency, length, or other characteristics of the traffic on a
communications facility.
• Data Integrity:
– Assurance that data received is as sent by an authorized entity and with no
duplication, insertion, modification, reordering, or replays.
– Provides protection from active attacks

Prepared by: Dr. Sunil Kr. Arora @

22
AURO University, Surat.
 Continue…
• Non-Repudiation:
– Protection against denial by one of the entities involved in a communication
i.e. prevents either sender or receiver from denying a transmitted message.
– Nonrepudiation can be related to
• Origin/Sender: proof that the message was sent by the suspected sender
only
• Destination/receiver: proof that the message was received by the
suspected receiver only
• Availability:
– Protects a system to ensure its availability i.e. a system or a system resource
being accessible and usable upon demand by an authorized user
– Particularly, it addresses denial-of-service attacks
– It depends on proper management and control of system resources and thus
depends on access control service and other security services.

Prepared by: Dr. Sunil Kr. Arora @

23
AURO University, Surat.
 Security Mechanisms
• The security mechanisms is defined in X.800.
• The mechanisms are divided into those that are implemented in a specific protocol
layer, such as TCP or an application-layer protocol, and those that are not specific
to any particular protocol layer or security service as follows:
1) Specific Security Mechanisms
2) Pervasive Security Mechanisms
1) Specific Security Mechanisms
• Encipherment:
– The use of mathematical algorithms to transform data into a form that is not
readily understandable i.e. create the cipher text by encrypting the message.
• Digital Signature:
– It is a process of appending some data to prove the source and integrity of the
data to protect against forgery.
• Access Control:
– A variety of mechanisms that enforce access rights to resources.
Prepared by: Dr. Sunil Kr. Arora@
24
AURO University, Surat.
 Continue…
• Data Integrity:
– A variety of mechanisms used to assure the integrity of a data unit or stream
of data units.
• Authentication Exchange
– A mechanism intended to ensure the identity of an entity by means of
information exchange.
• Traffic Padding
– The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
• Routing Control
– Enables selection of particular physically secure routes for certain data and
allows routing changes, especially when a breach of security is suspected.
• Notarization
– The use of a trusted third party to assure certain properties of a data
exchange.
Prepared by: Dr. Sunil Kr. Arora @
25
AURO University, Surat.
 Continue…
2) Pervasive Security Mechanisms:
– Mechanisms that are not specific to any particular OSI security service or
protocol layer
• Trusted Functionality:
– That which is supposed to be correct with respect to some criteria (e.g., as
established by a security policy).
• Security Label
– The marking bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource.
• Event Detection
– Detection of security-relevant events.
• Security Audit Trail
– Data collected and potentially used to facilitate a security audit, which is an
independent review and examination of system records and activities.
• Security Recovery
– Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.
26
Prepared by: Dr. Sunil Kr. Arora @ AURO University, Surat.
A MODEL FOR NETWORK SECURITY

Network Security Model

Prepared by: Dr. Sunil Kr. Arora@
27
AURO University, Surat.
 Continue…
• A message is to be transferred from one party to another across some sort of
Internet service.
• The two parties, who are the principals in this transaction, must cooperate for the
exchange to take place.
• A logical information channel is established by defining a route through the
Internet from source to destination and by the cooperative use of communication
protocols (e.g., TCP/IP) by the two principals.
• Security aspects come into play when it is necessary or desirable to protect the
information transmission from an opponent who may present a threat to
confidentiality, authenticity, and so on.
• All the techniques for providing security have two components:
1) A security-related transformation on the information to be sent. Examples
include the encryption of the message, which scrambles (mix up/mess up) the
message so that it is unreadable by the opponent, and the addition of a code
based on the contents of the message, which can be used to verify the
identity of the sender.
Prepared by: Dr. Sunil Kr. Arora @
28
AURO University, Surat.
 Continue…
2) Some secret information shared by the two principals and, it is hoped,
unknown to the opponent. An example is an encryption key used in
conjunction with the transformation to scramble (by encryption) the
message before transmission and unscramble it on reception.
• A trusted third party may be needed to achieve secure transmission. For example,
a third party may be responsible for distributing the secret information to the two
principals while keeping it from any opponent.
• This general model shows that there are four basic tasks in designing a particular
security service:
1) Design an algorithm for performing the security-related transformation. The
algorithm should be such that an opponent cannot defeat its purpose.
2) Generate the secret information to be used with the algorithm.
3) Develop methods for the distribution and sharing of the secret information.
4) Specify a protocol to be used by the two principals that makes use of the
security algorithm and the secret information to achieve a particular security
service.
Prepared by: Dr. Sunil Kr. Arora @
29
AURO University, Surat.
 Continue…

Network Access Security Model

Prepared by: Dr. Sunil Kr. Arora @
30
AURO University, Surat.