Sessions 1, 2, 3

Introduction
Course Handout
Security Attacks
Security Services
Security Mechanisms
A Model for Network Security
From the book “The Art of War”
by Sun Tzu , a great learning is:

Rely
not on the likelihood of the enemy's not coming, but
on our own readiness to receive him; not on the
chance of his not attacking, but on the fact that we
have made our position undefeatable.
 “There is nothing impossible to him who will
try.”
Alexander the Great

 “Impossible is a word to be found only in the

dictionary of fools.”
Napoleon Bonaparte
 Information/Computer Security

 The protection provided to an Information

system to preserve the integrity, availability
and confidentiality of the resources like
hardware, software, firmware, data, and
communications.
Key Security Concepts

Authentication
Non-repudiation
 Levels of Impact

 We can define 3 levels of impact from a security

attack
 Low - The loss is minor

 Moderate - The loss is serious

 High - The loss severe or catastrophic

 Three Aspects of Security

 The three aspects of information security are

 security attack

 security mechanism (control)

 security service

 Some terms
 threat – a potential for violation of security
 vulnerability – a way by which loss can happen
 attack – an attempt to avoid security services
 Types of Attacks
 Passive Attacks
(a) Release of message content
(b) Traffic Analysis
 Active Attacks
(a) Masquerade
(b) Replay
(c ) Modification of message
(d) Denial of Service
 Passive Attack
(a) Release of message Contents
 Passive Attack
(b) Traffic Analysis

Observe pattern of
Message from
Bob to Alice
 Active Attack
(a) Masquerade
Active Attack
(b) Replay
 Active Attack
(c) Modification of message

Modify message
 Active Attack
(d) Denial of Service
 Handling Attacks

 Passive attacks – focus on Prevention

• Easy to stop
• Hard to detect
 Active attacks – focus on Detection and
Recovery
• Hard to stop
• Easy to detect
 “Plant the seed of desire in your mind and it forms a
nucleus with power to attract to itself everything needed
for its fulfillment.”
Robbert Collier

 “The will to win, the desire to succeed, the urge to

reach your full potential... these are the keys that will
unlock the door to personal excellence.”
Confucious

 “Success is not final, failure is not fatal: it is the courage

to continue that counts.”
Winston Churchill
 Security Services
 Authentication - assurance that communicating
entity is the one claimed
 have both peer-entity & data origin authentication
 Access Control - prevention of the unauthorized
use of a resource
 Data Confidentiality –protection of data from
unauthorized disclosure
 Data Integrity - assurance that data received is
as sent by an authorized entity
 Non-Repudiation - protection against denial by
one of the parties in a communication
 Availability – resource accessible/usable
 Security Mechanism

 Encipherment
 Digital Signature
 Access Control
 Data Integrity
 Authentication Exchange
 Traffic Pading
 Routing Control
 Notarization
Model for Network Security
 Model for Network Security

 using this model requires us to:

1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys) used
by the algorithm
3. develop methods to distribute and share the
secret information (key)
4. specify a protocol enabling the sender and
receiver to use the transformation and key for
a security service
Model for Network Access Security
 Model for Network Access Security
 using this model requires us to:
1. select appropriate gatekeeper functions to
identify users
2. implement security controls to ensure only
authorised users access designated
information or resources
 note that model does not include:
1. monitoring of system for successful penetration
2. monitoring of authorized users for misuse
3. audit logging for forensic uses, etc.