Course Outline

• Computer Security
– Module 1: Cryptography
• Security Goals, Attacks, Meachaisms
• Cryptography Schemes,
– Traditional symmetric key
» Ciphers, substitution, transposition, stream and block,
– Modern symmetric key-modern
» Block ciphers, DES and AES, MD5
– Asymmetric key cryptography
» RSA, Elgamel, Rabin,
• Digital Signature
• Key Management and Distribution
– Module 2: will be introduced ……

The used source : Cryptography and Network Security by Behrouz A. Forouzan, Int. Ed. 2008

1
 Lecture 1

• Basic Concepts of Computer Security:

– What is computer security?
– Security Goals.
– Security Terminologies.
– Security Threats.
– Security Requirements.
– Security Services.

2
 What is computer security?

• Computer security is about computing in the presence of an adversary.

• Wherever there is an adversary, there is a computer security problem. We
have to know how the system is going to be attacked, if we want to defend
it properly.
• Adversaries are exist. The Code Red worm infected a quarter of a million
computers in less than a week, and contained a time-bomb set to try to
take down the White House web server on a specific date. One company
estimated that viruses cost businesses over $50 billion .
• Therefore, we'd better learn to predict in advance what attackers might
do to us, so that we can eliminate all the security holes before the
system is deployed.
• We have to practice thinking like an attacker, so that we will know in
advance how secure the system is.

3
 Security Goals

• The security goals are the goals we want to be met even when
an adversary is trying to violate them. Security goals are
highly application-dependent.
• After we have a set of security goals, the next step is to
perform a threat assessment, which asks several questions.
• What kind of threats might we face?
• What kind of capabilities might we expect adversaries to
have?
• The result is a threat model: a characterization of the threats
the system must deal with.

4
 Evaluating the Security

Evaluating the security of a system involves three steps:

• Identify the security goals. What are we trying to protect?
• Perform a threat assessment. What threats does the system
need to protect against?
• Do a security analysis. Can we envision any feasible attack
that would violate the security goals?

5
 Terminologies
• An attack is an attempt to breach system security. Not all
attacks are successful.
• A threat is a scenario with the potential to cause harm to a
system. An attack usually refers to a specific stratagem,
whereas threat refers to a broader class of ways that things
could go wrong.
• Vulnerability (hole) is an aspect of the system that permits
someone to mount a successful attack.
• A security goal is a goal that is supposed to be achieved by
the system; if it fails, the system will be considered
insecure.
• A threat assessment is an attempt to assess the set of all
possible threats.
• A threat model is a characterization of the possible
threats, usually produced during a threat assessment.
6
 Security Threats

• Physical threats - weather, natural disaster, bombs, power

failures, etc.
• Human threats - stealing, trickery, spying, sabotage,...
• Software threats - viruses, Trojan horses, logic bombs, denial
of service.

7
 What are we afraid of?
• Losing the ability to use the system.
• Losing important data or files
• Losing face/reputation
• Losing money
• Spreading private information about people.

8
 Information Security Methodology

• Computer Security - generic name for the collection of tools

designed to protect data and to thwart hackers.
• Network Security - measures to protect data during their
transmission.
• Internet Security - measures to protect data during their
transmission over a collection of interconnected networks.

9
Information Security Methodology

10
 Risk analysis and dependency

• We need to:
– Identify what we are trying to protect.
– Evaluate the main sources of risk and where trust is
placed.
– Work out possible counter-measures to attacks.

11
 Computer Security

• Asset
o Hardware
o Software
o Information
• Goal
o Privacy (Confidentiality)
o Integrity (Accuracy)
o Availability

12
 Security Requirements

• Within any application-to-application communication, there

are some specific security requirements, including:
– Authentication: The process of proving one's identity.
– Privacy/Confidentiality: Ensuring that no one can read the
message except the intended receiver.
– Integrity: Assuring the received message has not been
altered in any way from the original.
– Non-repudiation: A mechanism to prove that the sender
really sent this message.

13
 Security Services

• Authentication - Assurance that the communicating entity is

the one claimed.
• Access Control - Prevention of the unauthorized use of a
resource.
• Data Confidentiality - Protection of data from unauthorized
disclosure.
• Data Integrity - Assurance that data received is as sent by an
authorized entity.
• Non-Repudiation - Protection against denial by one of the
parties in a communication.

14
Security Attacks

15
 Security Attacks

• Snooping: Unauthorized interception of data – use the data

for own benefit.
• Traffic Analysis: Monitoring encipherment data and
send/receive Ex: unwanted mail
• Modification: The attacker modifies the information for own
benefit. Ex: Bank transaction.
• Masquerading (Hidden): They pretend they are the bank.

16
 Security Attacks

• Replaying: the hacker gets the copy of information and used

it for the other time.
• Repudiation: hacker creates the denied message for
sender/receiver in business.
• Denial of Service: The hacker create bogus request to make
problem to the server.

17
 Security Attacks

• Passive Attack, the attacker's goal is just to obtain

information. This means that the attack does not modify data
or harm the system. The system continues with its normal
operation.
• Active Attack may change the data or harm the system.
Attacks that threaten the integrity and availability are active
attacks. Active attacks are normally easier to detect than to
prevent.

18
 Types of Threats

 Interception: an unauthorized subject has gained access to

an object, such as stealing data, overhearing others
communication, etc.
 Interruption: services or data become unavailable,
unusable, destroyed, and so on, such as lost of file, denial
of service, etc.
 Modification: unauthorized changing of data or tempering
with services, such as alteration of data, modification of
messages, etc.
 Fabrication: additional data or activities are generated that
would normally no exist, such as adding a password to a
system, replaying previously send messages, etc.
 Methods of Attack

 Eavesdropping: obtaining copies of messages without

authority
 Masquerading: sending/receiving messages using other’s
identifier
 Tempering: stealing messages and altering their contents
 Replaying: storing messages and sending them later.
 Infiltrating: accessing system in order to run programs
that implement the attack (virus, worm, Trojan horse)
 Unknown yet: new attacking methods may appear later
 Security Mechanisms
• Security Mechanism: Feature designed to detect, prevent, or
recover from a security attack. No single mechanism that will
support all services required. However one particular element
underlies many of the security mechanisms in use: Cryptographic
Techniques
 Encryption: transforming data into something an attacker cannot
understand, i.e., providing a means to implement confidentiality, as
well as allowing user to check whether data have been modified.
 Authentication: verifying the claimed identity of a subject, such as
user name, password, etc.
 Authorization: checking whether the subject has the right to
perform the action requested.
 Auditing: tracing which subjects accessed what, when, and which
way. In general, auditing does not provide protection, but can be a
tool for analysis of problems.