Module 1- Introduction

Module Detailed Contents Hrs

No.

01 1 Introduction : 03
Introduction to Information Security,
principles, services and attacks,
functional requirements of security,
current trends in security

Self learning topics:

Need for security, Security
approaches
 Introduction
“The art of war teaches us not on the
likelihood of the enemy’s not coming, but on
our own readiness to receive him; not on the
chance of his not attacking, but rather on the
fact that we have made our position
unassailable.”
-The Art of War, Sun Tzu
 Network Security

 Network security and information security

are often used interchangeably
 Network security is generally taken as
providing protection at the boundaries of an
organization
 authenticating any user, most likely a username
and a password
 An intrusion prevention system (IPS) helps detect
and prevent such malware.
Information Security
 Background
 Information Security requirements have
changed in recent times
 Traditionally provided by physical and
administrative mechanisms
 Computer use requires automated tools to
protect files and other stored information
 Use of networks and communications links
requires measures to protect data during
transmission
 Definitions
 Computer Security - generic name for the
collection of tools designed to protect data and to
thwart hackers

 Network Security - measures to protect data

during their transmission

 Internet Security - measures to protect data

during their transmission over a collection of
interconnected networks
C.I.A
 C.I.A
 Confidentiality, Integrity and Availability
 Information Systems are decomposed in
three main portions, hardware, software and
communications
 with the purpose to identify and apply
information security industry standards, as
mechanisms of protection and prevention, at
three levels or layers:
 Physical, personal and organizational
 Aspects of Security

 Consider 3 aspects of information

security:
 Security Attack
 Security Service
 Security Mechanism
Attacks, Services and Mechanisms

 Security Attacks
 Action compromises the information security
 Could be passive or active attacks

 Security Services
 Actions that can prevent, detect such attacks.
 Such as authentication, identification, encryption,
signature, secret sharing and so on.

 Security mechanism
 The ways to provide such services
 Detect, prevent and recover from a security attack
 Security Attack
 Any action that compromises the security of
information owned by an organization
 Information security is about how to prevent
attacks, or failing that, to detect attacks on
information-based systems
 often threat & attack used to mean same thing
 have a wide range of attacks
 can focus of generic types of attacks
 passive
 active
 General View Attack
 Criminal Attack: Fraud, Scam, Destruction,
Identity Theft, Intellectual Property Theft,
Brand Theft
 Publicity Attack
 Legal Attack
 Accidental Attack
 Technical View
 Theoretical Approach :
 Interception -> Context of confidentiality
 Fabrication -> Context of Authentication
 Modification -> Context of Integrity
 Interruption -> Context of Availability
 Attacks
 Passive attacks
 Interception
 Release of message contents
 Traffic analysis
 Active attacks
 Interruption, modification, fabrication
 Masquerade
 Replay
 Modification
 Denial of service
 Passive Attacks

“Interception causes
loss of message
Confidentiality”

c ep tion
Inter
Active Attacks

Interruption
Modification
Fabrication
Information Transferring
Attack: Interruption

Cut wire lines,

Jam wireless signals,
Drop packets,
Attack: Interception

Wiring, eavesdrop
Attack: Modification

Replaced info
intercept
Attack: Fabrication
Ali: this is …

Also called impersonation

Ali: this is …
Attacks, Services and Mechanisms
 Security Attacks
 Action compromises the information security
 Could be passive or active attacks

 Security Services
 Actions that can prevent, detect such attacks.
 Such as authentication, identification, encryption, signature,
secret sharing and so on.

 Security mechanism
 The ways to provide such services
 Detect, prevent and recover from a security attack
 Important Services of Security
 Confidentiality, also known as secrecy:
 only an authorized recipient should be able to extract
the contents of the message from its encrypted form.
Otherwise, it should not be possible to obtain any
significant information about the message contents.
 Integrity:
 the recipient should be able to determine if the
message has been altered during transmission.
 Important Services of security
 Authentication:
 the recipient should be able to identify the sender, and
verify that the purported sender actually did send the
message.
 Non-repudiation:
 the sender should not be able to deny sending the
message.
 Access Control:
 prevention of the unauthorized use of a resource
 Availability: Use authentication and encryption
 Security Services
 X.800:
“a service provided by a protocol layer of communicating
open systems, which ensures adequate security of the
systems or of data transfers”

 RFC 2828:
“a processing or communication service provided by a
system to give a specific kind of protection to system
resources”
 Security Mechanism
 Feature designed to detect, prevent, or
recover from a security attack
 No single mechanism that will support all
services required
 However one particular element underlies
many of the security mechanisms in use:
 cryptographic techniques
 Security Mechanisms (X.800)
 specific security mechanisms:
 encipherment, digital signatures, access controls,
data integrity, authentication exchange, traffic
padding, routing control, notarization

 pervasive security mechanisms:

 trusted functionality, security labels, event
detection, security audit trails, security recovery
 Impacts On Security Loss
 Cause effect on degradation in mission
capability to perform organizational primary
operations
 Damage on organizational assets
 Financial loss
 Harm to individuals.
Levels Of Impacts On Security
Loss
Model for Network Security
 Network Security Model
Trusted Third Party

Principal Principal
(sender) (receiver)

Security Security
transformation transformation

attacker
Model for Network Security
 using this model requires us to:
1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys) used by
the algorithm
3. develop methods to distribute and share the
secret information
4. specify a protocol enabling the principals to use
the transformation and secret information for a
security service
Model for Network Access
Security
Model for Network Access
Security
 using this model requires us to:
1. select appropriate gatekeeper functions
to identify users
2. implement security controls to ensure
only authorised users access designated
information or resources
 trusted computer systems may be
useful to help implement this model
Good Enough Security

“Everything should be as secure

as necessary, but not securer”
References
 Atul Kahate, Cryptography and Network
Security,McGraw Hill
 Kaufman, c.,Perlman,R.,and Speciner,M.,.Network
Security,Private Communication in a public world,2 nd
ed.,Prentice Hall PTR.,2002
 Stallings,W.,. Cryptography and Network
Security:Principles and Practice,3rd ed., Prentice Hall
PTR.,2003.
 Stallings,W.,. Network Security
Essentials:Applications and standards,Prentice Hall
2000.