Unit 1: Security Fundamentals

1.1 COMPUTER SECURITY CONCEPTS

Definition and Importance:

 Computer security means safeguarding computing systems and the data they handle
from unauthorized access, misuse, or damage. It plays a vital role in ensuring trust,
confidentiality, and availability in today’s interconnected digital world.

CIA Triad (Core Objectives):

 Confidentiality: Prevents unauthorized disclosure of information. Achieved through

encryption, strict access controls, and policies that protect sensitive data from
exposure.
 Integrity: Ensures that data remains consistent and unaltered during storage or
transmission. Digital signatures, hashing algorithms, and version controls help
maintain data integrity.
 Availability: Guarantees that systems and data are available to authorized users
whenever needed. Achieved using backup solutions, fault tolerance, and protections
against DoS attacks.

Supporting Principles:

 Authenticity: Ensures that data or communication comes from a verified and trusted
source. Achieved using credentials, digital certificates, and secure channels.
 Accountability: Tracks system activities and user behavior to identify who accessed
what and when. Important for auditing and forensic investigations.

Security Challenges:

 Security implementations often reduce usability, making users reluctant to adopt

them.
 Threats evolve constantly, requiring frequent updates and proactive monitoring.
 Lack of awareness, insider threats, poor design practices, and improper configuration
weaken security.
1.2 OSI SECURITY ARCHITECTURE

Purpose of OSI Security Architecture:

 It provides a formal framework (from ITU-T X.800) to understand, apply, and

evaluate security within the OSI model.

Key Elements:

 Security Attacks: Actions that compromise system security. Can be passive

(observing) or active (tampering).
 Security Services: Services such as confidentiality, authentication, and integrity that
safeguard data.
 Security Mechanisms: Techniques like encryption, digital signatures, and
authentication protocols that implement security services.

Significance:

 Helps in understanding how and where security should be applied across network
layers. Encourages standardized design and integration of security features in
protocols.

1.3 SECURITY ATTACKS

1. Passive Attacks:

 The attacker monitors or eavesdrops on communications without modifying the data.

These are difficult to detect.
 Examples:
o Release of Message Contents: Unauthorized reading of data.
o Traffic Analysis: Inferring information by analyzing communication patterns.

2. Active Attacks:

 These attacks involve modifications or disruptions. They are often detectable but
more damaging.
 Examples:
o Masquerade: Pretending to be someone else.
 o Replay: Resending old data transmissions.
o Message Modification: Altering content during transmission.
o DoS (Denial of Service): Disrupts access to services or resources.

1.4 SECURITY SERVICES

Definition:

 Security services protect network resources by supporting confidentiality, integrity,

and authentication. These services are standardized under X.800.

Types of Security Services:

1. Authentication: Verifies the identity of users or message origin to prevent

impersonation.
2. Access Control: Ensures only authorized users can access specific resources.
3. Data Confidentiality: Prevents unauthorized disclosure of data using encryption.
4. Data Integrity: Protects data from unauthorized modification.
5. Non-repudiation: Prevents either party from denying an action or communication,
providing proof.
6. Availability: Ensures that data and services are always accessible to legitimate users.

1.5 SECURITY MECHANISMS

Purpose and Use:

 These are technical tools or procedures that implement and enforce security services.

Specific Security Mechanisms:

 Encipherment: Converts data into unreadable form to maintain confidentiality.

 Digital Signatures: Ensures integrity and origin authentication.
 Access Controls: Limit system access to authorized users based on policies.
 Authentication Exchanges: Protocols for verifying identities during communication.
 Data Integrity Checks: Use of hash functions and MACs to verify data hasn’t been
altered.
 Traffic Padding: Hides real data flow patterns to prevent traffic analysis.
  Routing Control: Guides data through secure paths.
 Notarization: Uses a trusted third party to validate transactions or documents.

Pervasive Security Mechanisms:

 Trusted Functionality: Ensures the system behaves as intended.

 Security Labels: Classify and mark data based on sensitivity.
 Event Detection: Identifies potential threats through behavior monitoring.
 Audit Trails: Keep logs of user actions for investigation.
 Security Recovery: Assists in restoring the system to a secure state after an incident.

1.6 MODEL FOR NETWORK SECURITY

Communication Security Model:

 Describes how two parties communicate securely over an insecure channel. Uses
cryptographic algorithms and shared secret keys to protect messages.
 A third party may assist with key distribution (e.g., key distribution center).

Key Components:

 Sender encrypts plaintext using an encryption algorithm and key.

 Receiver decrypts using the same (symmetric) or related (asymmetric) key.
 Security objectives: Confidentiality, Authentication, Integrity.

Access Security Model:

 Focuses on protecting systems from unauthorized access.

 Gatekeeper Function: Controls access at entry point (e.g., login).
 Internal Controls: Monitor ongoing activity (e.g., IDS, logging).
1.7 SYMMETRIC CIPHER MODEL

Definition:

 Uses the same key for both encryption and decryption.

Main Components:

 Plaintext: Original data.

 Encryption Algorithm: Transforms plaintext into ciphertext.
 Secret Key: Shared between sender and receiver.
 Ciphertext: Encrypted data.
 Decryption Algorithm: Converts ciphertext back to plaintext using the key.

Security Assumptions:

 Security depends on keeping the key secret. If the key is compromised, both
encryption and decryption are broken.

Formula:

 Encryption: C = E(K, P)
 Decryption: P = D(K, C)

Use Cases:

 Common in banking systems, secure messaging, and VPNs where speed and
efficiency are important.
1.8 CLASSICAL ENCRYPTION TECHNIQUES

Substitution Techniques:

 Replace characters or groups with others. Focused on obscuring meaning by replacing

elements of plaintext.
o Caesar Cipher: Shifts each letter by a fixed number. Very simple; easily
broken.
o Monoalphabetic Cipher: Maps each letter to a different letter; vulnerable to
frequency analysis.
o Playfair Cipher: Encrypts digraphs (letter pairs) using a 5x5 matrix; provides
more complexity.
o Hill Cipher: Uses matrix multiplication and modular arithmetic to encrypt
blocks of letters.
o Polyalphabetic Cipher (Vigenère): Uses a repeating keyword to shift
characters; more resistant to attacks.
o One-Time Pad: Uses a random key of the same length as the plaintext.
Unbreakable if key is used only once and kept secret.

Transposition Techniques:

 Rearranges characters of plaintext without changing them.

o Rail Fence Cipher: Writes characters diagonally over several lines and reads
them row-wise.
o Columnar Transposition: Arranges plaintext in a matrix row-wise, then
reads column-wise based on a keyword order.
o Double Transposition: Applies transposition twice with different keys for
higher security.

1.9 ROTOR MACHINES

Definition and Function:

 Electro-mechanical devices used in early cryptography to perform complex

substitution ciphers automatically.

Working Principle:

 Each key press sends an electrical signal through a series of rotating wheels or rotors,
each performing substitutions. Rotors change position with each keystroke, creating
dynamic substitutions.

Example - Enigma Machine:

 Used by German military in WWII. Had multiple rotors and plugboard for added
complexity.
  Each day's settings determined encryption logic; difficult to break without knowing
configuration.

Importance:

 Represented a major step in mechanical encryption but became obsolete with modern
digital algorithms.

1.10 STEGANOGRAPHY

Definition:

 The art of hiding messages within other seemingly innocent media to conceal the
existence of the message itself.
 Unlike encryption (which hides content), steganography hides the presence of
communication.

Methods:

 Text Steganography: Using whitespace, character positions, or font variations.

 Image Steganography: Embedding messages in image files by altering pixel values
slightly (e.g., LSB technique).
 Audio/Video Steganography: Embeds messages in audio or video files with
imperceptible changes.
 Physical Methods: Invisible ink, pin punctures, or watermarking in documents.

Advantages:

 Avoids suspicion as there's no apparent secret message.

 Can be used alongside encryption for double-layered security.

Disadvantages:

 Easily destroyed if the file is compressed or altered.

 Typically limited in data size.
 Requires complex tools for robust implementation.