Computer Security
Computer Security
Computer security Introduction changing them , removing them , intercepting the traffic
to them , or flooding them with traffic until they can no
Computer security is the process of preventing and longer function. Computers have been drenched with
detecting unauthorized use of your computer. Privacy is water , burned , frozen , gassed and electrocuted with
the process of protecting he’s or her own personal files power surges.
against any intrusion. Prevention measures help you to
stop unauthorized users (also known as “intruders”) from Software Vulnerability :- Software can be replaced ,
accessing any part of your computer system. Detection changed or destroyed maliciously , or it can be modified ,
helps you to determine whether or not someone attempted deleted or misplaced accidentally. Whether intentional or
to break in to your system , if they were successful and not , these attacks exploit the software’s vulnerabilities.
what they may have done.
Sometimes , the attacks are obvious , as when the
Data security is the practice of keeping data protected software no longer runs. More subtle are attacks in which
from corruption and unauthorized access. The focus the software has been altered but seems to run normally.
behind data security is to ensure privacy while protecting
personal or corporate data. Information Technology Data vulnerability :- A data attack is more widespread and
Security is the process of protecting computer networks , serious problem than either a hardware or a software
programs and data from unintended or unauthorized attack. A data items have greater public value than
access , change or destruction. hardware and software because more people know how to
use or interpret data.
Why do we care about computer security ? Our modern
ways of communication provide a lot of examples of Policies and mechanisms :- Policy is a statement of what
critical situations involving security issues. To illustrate , is, and what is not allowed by users of a system.
communication by phone , be email or by fax , getting Mechanisms is a method , tool or procedure for enforcing
connected to a bank via the internet and performing a security policy.
transactions , digital payment systems , e-voting systems ,
this all demands confidentiality and integrity of Security controls :- controls or counter measures that
exchanged information. attempt to prevent exploiting a computing system’s
vulnerabilities.
Types of threats :- The four types of attacks that are Attacks threaten Integrity :-
commonly referred to as the “4D’s” of security are
disclosure , deception , disruption , and usurpation. These Modification :- means that the attacker intercepts
categories are used to classify different types of attacks the message and change it.
based on their objectives and methods.
Masquerading or spoofing :- happens when the
1) Disclosure Attacks :- unauthorized access to attacker impersonates somebody else.
information (also called snooping or interception) : they
are aimed at stealing sensitive information or data. Replaying :- Replaying means the attacker obtain
a copy of a message sent by a user and later tries to reply
2) Deception Attacks(spoffing) :- acceptance of false it.
data , this attacks are aimed to misleading or tricking
users in to taking actions that benefit the attacker , Repudiation :- In computer security repudiation
examples of deception attacks includes phishing scams , refers to the act of denying responsibility or involvement
fake websites. in a particular action or transaction. Specifically ,
repudiation refers to an attack in which an individual
3) Disruption Attacks :- Interruption or prevention of denies having performed a particular action or transaction
correct operation (Modification , unauthorized change of that they actually did perform.
information ) :- this attacks are aimed at disrupting or
disabling the normal operations of a system or a network. For example :- In the context of online transactions ,
repudiations may occur when a user denies having
4) Usurpation attacks :- unauthorized control of some part authorized a particular purchase or transaction , even
of a system , these attacks are aimed at gaining though they actually did authorize it. This can occur if the
unauthorized access to a system network. Example :- transaction was not properly logged or recorded , or of
stealing login credentials. Example :- deny of service , it the user’s credentials were stolen or compromised.
is a process of blocking legitimate users from the system.
Repudiation attacks can have serious consequences ,
An attack is a security threat that involves an attempt to particularly in situations where financial transactions or
obtain , alter , destroy , remove , implant or reveal legal agreements are involved. To prevent repudiation
information without authorized access or permission. It attacks , systems often use techniques such as digital
happens for both individuals and organizations. The goal signatures , transaction logs , and audit trails to provide
of security confidentiality , integrity , availability , strong evidence of who performed a particular action or
authentication or non-repudiation can be threatened by transaction , and to prevent users from denying their
security attacks. involvement or responsibility.
The transmitted data is fully controlled by the intruder , Malware Attack :- Malware attack is a type of cyber
the attacker can modify , extend , delete or play any data , attack that involves the user of malicious software to gain
modify messages in transmit , Add , delete messages , unauthorized access or cause damage to a computer
denial of service. system or network. Malware is a broad term that refers to
any software designed to harm or exploit a computer
Categories of Active Attacks :- system.
Cracker (Black Hat) :- A hacker who gains unauthorized To protect against Trojans , it is important to use antivirus
access to computer system for personal gain. The intent is software and keep software and operating systems up to
usually to steal corporate data , violate privacy of rights , date with security patches. Additionally , it is essential to
transfer funds from bank account etc …. be cautious when downloading files or programs from
unknown sources and to avoid opening email attachments
Grey Hat (both ) :- A hacker is in between ethical and or clicking on links from unknown senders.
black hat hackers. She / he breaks in to computer system
without authority with a view to identify weakness and Spyware
reveal them to the system owner.
A software that literally spies on what you do on your
Malware Attack :- computer.
Examples are :- Viruses , Worms , Trojan horses , Spyware is a type of malicious software (malware) that is
Spywares , Login bombs designed to monitor a user’s computer activity and gather
sensitive information , often without the user’s knowledge
Computer Viruses :- A computer virus is a type of or consent. Spyware can track key strokes , capture
malicious software (malware) that is designed to replicate screenshots , record web browsing history , and steal
itself and spread from one computer to another , often personal information such as login credentials and credit
without the user’s knowledge or consent. Computer card numbers.
viruses are typically spread through email attachments ,
file downloads , infected websites and other types of Cookies :- Any data that the cookie saves can be retrieved
malware. To protect against computer viruses , it is by any website , so your entire internet browsing history
essential to use reliable antivirus software and keep can be tracked.
software and operating systems up to date with security
patches. Key Loggers :- Record all of your key strokes , the most
common use of a key logger is to capture usernames and
Worms :- A worm is a type of malicious software passwords.
(malware) that is designed to spread across a network or
the internet , often without the user’s knowledge or A key logger , also known as keystroke or keystroke
consent. Unlike viruses worms do not need to attach recorder , Is a type of software or hardware device that is
themselves to a host file or program to spread. Instead , designed to record every keystroke made on a computer
they can self – replicated and spread independently by or mobile device. This includes every letter , number and
exploiting vulnerabilities in computer networks and symbol typed on a keyboard , as well as mouse clicks and
software. other input methods.
The main difference between worms and viruses in the Hardware key logger are physical devices that can be
way they spread. Viruses require a host file or a program attached to keyboard or USB port to record keystrokes
to attach themselves to spread , while worms can spread while software key loggers are programs that run in the
independently. background of a computer or mobile device and record
key strokes.
It often creates a denial of service.
Spyware is different from viruses , worms , and Trojan
Trojan Horses :- horses in that it does not usually cause damage to a
computer system. Instead it is focuses on gathering
A trojan horse or Trojan , is a type of malware that is information from the user. While viruses , worms , and
disguised as a legitimate file or program , but once Trojan horses can cause damage to a computer system ,
installed on a computer , it can perform malicious actions. spyware is designed to operate in the background and
Trojan can be designed to steal sensitive information , remain undetected for as long as possible.
create back doors for hackers to gain access to a computer
or network or cause damage to a computer system.
Trojans are different from viruses and worms in several Legal uses of spyware
ways , unlike viruses , Trojans do not self replicated or Positive sides of spyware
infect other files or programs instead they rely on users to
creator can ensure that the logic bomb remains
Employers may use spyware as a means of dormant until the desired trigger event occurs ,
monitoring employee use of company technology making it more difficult for security measures to
detect and prevent its execution.
Parents may use this type of software on their However , identifying the specific condition can also be a
computer to monitor the activities their children key factor in detecting and preventing the logic bomb. By
on the internet to protect their children from understanding the potential trigger events for a logic
bomb , security professionals can implement monitoring
online predators.
and alerting systems to identify and respond to any
unusual or suspicious behavior that may indicate the
Adware presence of a logic bomb.
Adware is a type of software that displays tips to avoid virus and spyware attacks ?
unwanted advertisements on a user’s computer or
mobile device. Adware is often bundled with 1. Keep your operating system and software
other software and installed without the user’s up to date: Make sure that your
knowledge or consent. The ads displayed by computer's operating system and all
adware can take various forms , such as pop- installed software are up to date with the
ups , banners and sponsored search results. latest security patches and updates.
Adware is different from viruses , worms and 2. Be cautious when downloading files or
spyware in that it does not usually cause harm to software: Only download files and
a computer or steal sensitive information. Instead software from reputable sources, and
, it is designed to generate revenue for its
avoid clicking on links or downloading
creators by displaying ads and collecting user
attachments from unknown senders.
data , such as web browsing history and search
queries. 3. Be cautious when opening email
attachments: Don't open email attachments
Logic Bomb
from unknown or suspicious senders, as
Software that lays dormant until some condition they may contain viruses or other
is met ; that condition is usually a data and time malware.
, when the condition is met , the software does
4. Use strong passwords: Use complex
some malicious act such as deleting files ,
altering system configuration or perhaps releasing passwords and two-factor authentication
a virus. to protect your accounts from
unauthorized access.
A specific condition is a requirement for a logic
bomb to be created , as It determines when the 5. Be cautious when using public Wi-Fi:
malicious code will be activated. The condition Avoid using public Wi-Fi for sensitive
can be based on various factors , such as a activities such as online banking or
particular date or time , the occurrence of a shopping, as these networks may be
specific event or a certain user action. unsecured and vulnerable to attack.
For example , a logic bomb might be 6. Use a virtual private network (VPN): Use
programmed to activate when a specific employee a VPN when using public Wi-Fi or
is terminated or when a particular file is accessing sensitive information online to
accessed. This specific condition is included in add an extra layer of security.
the logic bomb’s code and will cause it to
execute the harmful action once the condition is 7. Back up your data regularly: Back up
met. important files and data regularly to
protect against data loss in the event of a
The specific condition is often chosen by the
virus or spyware attack.
creator of the logic bomb to maximize its
potential impact and to make It difficult to
detect. By selecting a unique condition , the
8. Use ad-blocking software: Use ad-blocking CHAPTER THREE
software or browser extensions to
Cryptography is the practice of securing information by
minimize the risk of unwanted ads, which transforming it in to unreadable format using
may contain spyware or other types of mathematical algorithms and methods. It involves
malware. techniques for confidentiality , integrity , and
authentication of data , ensuring that only authorized
9. Be vigilant and skeptical: Always be individuals can access and use of the information.
skeptical of emails, websites, and other
The primary goal of cryptography is to protect sensitive
online content that seems too good to be information from being intercepted , read or modified by
true, and be cautious of unsolicited offers unauthorized individuals. This is accomplished by
encoding the information using a key , which is a set of
or requests for information.
instructions used to transform the data in to a secure
format. The key is kept secret and only those who have
the key can decode the information back to its original
IDENTITY THEFT form.
SUBSTITUTION CIPHER TECHNIQUES ARE :- Encryption :- Suppose we want to encrypt the plain text
message “HELLO WORLD” using Caesar’s cipher with a
➔ Caesar’s Cipher shift of 3. The first step is to assign each letter a
➔ Playfair cipher numerical value based on its position in the alphabet.
➔ Monoalphabetic cipher
➔ Polyalphabetic cipher A= 0 , B = 1 , C = 2 , D = 3 , E = 4 , F = 5 , G = 6 , H = 7
➔ One time pad and Hill cipher , I = 8 , J = 9 , K = 10 , L = 11 , M = 12 , N = 13 , O = 14 ,
P = 15 , Q = 16 , R = 17 , S = 18 , T = 19 , U = 20 , V =
21 , W = 22 , X = 23 , Y = 24 , Z = 25
CAESAR’S CIPHER
Using this mapping , we can then apply the caesar cipher
Caesar’s cipher is a simple substitution cipher that Is encryption function to each letter in the plain text
name after Julius Caesar , who is said to have used it to message.
encrypt his private messages. In Caesar’s cipher , each
letter in the plain text is replaced by a letter some fixed Cipher text = (plain text + shift) mod 26
number of positions down the alphabet. For example , if
the shift is 3 , then A would be replaced by D , B would For example :- to encrypt the letter “H” with a shift of 3 ,
become E and so on. The key for this cipher is the number we would calculate
of positions to shift each letter. Cipher text = (7 + 3) mod 26 = 10
Here is an example of how Caesar’s cipher works with a Therefore , “H” is encrypted to “K” using Caesar’s cipher
shift of 3 :- with a shift of 3 , repeating this process for each letter in
the plain text message gives us the cipher text.
Plain text :- HELLO WORLD
Ciphertext :- KHOOR ZRUOG Plain text :- HELLO WORLD
NUMERICAL :- 7 4 11 11 14 22 14 17 11 3 5) The cipher text is “KHOR”
SHIFT :- 3 3 3 3 3 3 3 3 3 3
CIPHER TEXT :- K H O O R Z R U O G By performing the shift modulo 26 , we ensure
that the resulting cipher text only contains letters
Therefore , the encrypted message is “KHOO RZUOG”
from the alphabet , and that the letters maintain
DECRYPTION their relative positions in the alphabet , this
makes it more difficult for an attacker to decrypt
To decrypt the message , we use the reverse operation. We the message without knowing the key.
subtract the shift value from each letter in the cipher text
message :- When taking the modulus of a number , we find
the remainder when the number is divided by the
Plain text = (Cipher text – shift ) mod 26
modulus. In the case of 10 mod 26 , we are
For example , to decrypt the letter “K” with a shift of 3 , finding the remainder when 10 is divided by 26 ,
we would calculate in this case , 10 is less than 26 , so the
remainder when 10 is divided by 26 is simply 10.
plain text = (10 – 3) mod26 = 7 Therefore , 10 mod 26 is equal to 10.
Example :- Solved by lord peter Wismsey in One factor is the limited number of elements in
Dorthy Sayers’s have his Carcase. In this case , the 5*5 matrix used for the cipher. Since there
the keyword is monarchy , the matrix is are only 25 elements in the matrix , it is not
constructed by filling the letter of the keyword possible to include all 26 letters of the alphabet
from left to right and from top to bottom. without duplicating one of the letters. So in order
to include all 26 letters , I and j are combined
in to a single element.
M O N A R
Examples Of Play Fair
The Hill Cipher is a substitution technique used in In a poly alphabetic cipher , each letter of the
computer security that employs linear algebra concept to plain text is still replaced with a corresponding
perform encryption and decryption. The Hill Cipher letter in the cipher text , but the substitution
works by breaking the plain text in to blocks of n letters
alphabet changes based on the position of the
and performing matrix multiplication on each block. The
matrix used for multiplication is called key matrix and is letter in the plain text and the key being used for
typically a square matrix of size n*n. The key matrix must encryption. This means the same plain text letter
be chosen carefully to ensure that it is invertible , which can be encrypted to different cipher text letters
allows for decryption (D = K-1C mod26). depending on the position in the message and the
specific substitution alphabet used.
To encrypt a message using the Hill Cipher , the
following steps are typically taken ….
Vigenere Cipher
1) Choose a key matrix of size n * n
2) Divide the plain text in to blocks of n letters
3) Convert each block of the plain text in to a column In the vigenere cipher , a popular poly alphabetic
vector of size n*1 cipher , a key word is used to generate a series
4) Multiply each column vector by the key matrix to of substitution alphabets , with each letter of
obtain the corresponding encrypted vector. the key word representing a shift in the
5) Convert each encrypted vector back in to a block of substitution alphabets , with each letter of the
cipher text. key word representing a shift in the substitution
To decrypt a message that has been encrypted using the alphabet , this means the same plain text letter
Hill Cipher , the following steps are typically taken : may be encrypted to different cipher text letters
depending on its position in the message and the
1) Determine the inverse of the key matrix specific shift being used.
By using multiple substitution alphabets in this In addition , the key is to be used to encrypt and
way , the poly alphabetic cipher makes frequency decrypt a single message and then discarded (key
analysis attacks much more difficult , as the never reused).
frequency of each letter in the cipher text will
not match the frequency of that letter in the Gives the best security in the history of the
plain text. This makes it much more difficult for cryptography , this is due to the randomness and
an attacker to determine the original plain text the key never reused nature of the algorithm.
from the cipher text with out knowing the Each new message requires a new key of the
specific substitution alphabets being used. same length as the new message (unbroken in
nature.)
Encryption process
The fundamental difficulties of one time pad
Ei = (Pi + Ki ) mod 26 algorithm
Step 1 :- Write all the character of plain text • Ciphertext: 00010000 00001010 00011100
message row by row in a rectangle of a pre- 00000111 00000011
defined size
Finally, we convert the binary ciphertext back to
Step 2 :- Read the message in a columnar manner ASCII characters, which results in the encrypted
, that is column by column message: "\n".
K+=111100001100110010101010111101010101011
00110011110001111
A B A XOR B
0 0 0
0 1 1
1 0 1
1 1 0
SUBSTITUTION
After all eight S-boxes have been applied to the So in this typical example the first and the last
input, the resulting 32-bit block is then passed two bits (01) means 1 , which is row 1 and the
through a permutation function, known as the P- middle bits 1101 :- means 13 , which is the 13 th
box, to provide the output of the F-function. The column in our look up table.
P-box rearranges the bits in the 32-bit block
according to a fixed permutation.
Look up in the table the number in the i-th row The permutation table specifies which bit of the
and j-th column. It is a number in the range 0 to 32-bit input block goes to which position in the
15 and is uniquely represented by a 4 bit block. output block. For example, the 16th bit of the
That block is the output S1(B) of S1 for the input input block goes to the first position of the
B. For example, for input block B = 011011 the output block, the 7th bit of the input block goes
first bit is "0" and the last bit "1" giving 01 as to the second position of the output block, and
the row. This is row 1. The middle four bits are so on.
"1101". This is the binary equivalent of decimal The output of the permutation P is the final output of the
13, so the column is column number 13. In row function f. It is a 32-bit block that is XORed with the left
1, column 13 appears 5. This determines the half of the input block to produce the right half of the
output; 5 is binary 0101, so that the output is output block.
0101. Hence S1(011011) = 0101. XORING WITH THE LEFT HALF
After applying the S-boxes to the input block, we Output block = L XOR f
get 8 blocks of 4 bits each. These blocks are then This process is repeated for each round of the
concatenated to form a single 32-bit block. The DES algorithm until the final round, where the
permutation P is then applied to this 32-bit left and right halves of the block are swapped
block. and combined to produce the final output.
The permutation P rearranges the bits in the 32-
bit block according to the following table:
Asymmetric Key Encryption
The resulting 64-bit block in binary format is Asymmetric key cryptography solves this problem
then converted to hexadecimal format to obtain by using two mathematically related keys , a
the ciphertext. In this example, the ciphertext is public key and a private key. The public key can
85E813540F0AB405. This is the encrypted form of be shared widely , while the private key is
secret. This allows for secure communication
the original message M = 0123456789ABCDEF.
between two parties without the need for a
secure key exchange.
This ensures data confidentiality. Data integrity is The RSA algorithm involves two keys , a public
also ensured because for data to be modified by key and a private key. The public key can be
an attacker it requires the attacker to have B’s freely distributed to any one who wants to send
the recipient private key. Data confidentiality and encrypted message to the owner of the private
integrity in public key encryption is also key. The private key , on the other hand , must
guaranteed. be kept secret and is only known to the owner.
Public key encryption , also known as asymmetric
key encryption , is used for a variety of reasons. To better understand RSA , let first understand
what is public-key encryption algorithm.
1) Secure Key Exchange :- Public key encryption
allows for secure key exchange without the need Public key encryption algorithm :- Public key
for a secure channel. Each user has a public key encryption algorithm is also called Asymmetric
that can be freely distributed , allowing others to algorithm. Asymmetric algorithms are those
encrypt messages that can only be decrypted by algorithms in which sender and receiver use
the owner of the private key. different keys for encryption and decryption. Each
sender is assigned a pair of keys :- Public Key
2) Digital Signature :- Public key encryption can and a private key.
be used to create digital signature that verify the
authenticity and integrity of messages and The public key is used for encryption and the
documents. The sender uses their private key to private key is used for decryption. Decryption can
generate a digital signature , and the recipient not be done using a public key. The two keys are
can verify the signature using the sender’s public linked , but the private key can not be derived
key. This provides a secure method for from the public key. The public key is well
authentication and non-repudiation , meaning known , but the private key is secret and it is
that the sender of a message can not deny having known only to the user who owns the key. It
sent it. means that everybody can send a message to the
user using user’s public key but only the user can
3) Secure communication :- Public key encryption decrypt the message using his private key.
can be used for secure communication between
two parties , as each user has their own public
and private key. This eliminates the need for a
shared key , which can be compromised if
intercepted by a third party.
C = Pe mod n
What is Euler Totient ? It counts the number of = 65 mod 133
numbers between 1 and n that have no common = 7776 mod 133
factors with n except 1. For example , if n = = 62 //
10 , then the number less than or equal to 10
C) Decryption Process :- This works very much like
that are relatively prime to 10 are 1 , 3 7 , and
encryption , but involves a larger exponential which is
9 , therefore , φ(10) = 4. In cryptography , broken down in to several steps.
Euler’s totient function is often used in RSA
algorithm to generate public and private keys. P = Cd mod n
The function is used to determine the number of = 62 65 mod 133
possible values that can be used for the public = 62 * 62 64 mod 133
and private keys , which is related to the security = 62 * (62 2)32 mod 133
of the encryption. = 62 * ( 3844 ) 32 mod 133
= 6 //
4) Choose a small number , e co prime to Φ
Example :- In an RSA cryptosystem , a particular A uses
E is co prime to Φ , means that the largest two prime numbers , 13 and 17 , to generate the public
and private keys. If the public of A is 35 then the private
number that can exactly divide both e and Φ key of A is …………… ?
(Their greatest common divisor or gcd ) is 1.
Euclud’s algorithm is used to find the gcd of two Step 1 :- In the first step , select two large prime
numbers , but the details are omitted. numbers , p and q.
step 2 :- Multiply these numbers to find n = p * Step 4 :- To determine the public key , we use the
q , where n is called the modulus for encryption following formulat to calcuate the d such that :-
and decryption. First we calculate :-
calculate d* e = (1 + k. φ (n)) [let k =0, 1, 2, 3]
n = p * q
put k = 0 ==> e = (1 + 0 * 20) / 7 == > 1 / 7 [No]
n = 3 * 13 put k = 1 ==> e = (1 + 1 * 20) / 7 == > 21 / 7 , e = 3 //
n = 39 //
The public key is <e , n> = (3 , 33) , hence , public key ,
step 3 :- If n = p * q , then the public key is <e I.e e = 3 //
, n>. A plain text message m is encrypted using
public key <e , n>. Thus the public key is <e ,
n> = (3 , 39). To find cipher text from the plain
text following formula is used to get cipher text
C.
C = me mod n
C = 53 mod 39
C = 125 mod 39
C = 8 //
p = 3
q = 11
Key management is the process of securely IPSec provides the capability to secure
exchanging keys between communicating parties. communications across a LAN , across private
Ipsec uses a protocol called Internet Key and public WANS and across the internet.
Exchange (IKE) to exchange keys. IKE provides a
secure way for two parties to establish a shared IPsec (Internet Protocol Security) is a set of
secret key over an insecure network. protocols and standards that provide security for
Internet Protocol (IP) communication by
encrypting and authenticating IP packets.
IPsec provides the capability to secure this message comes from an authorized router,
communications across a LAN, across private and preventing unauthorized devices from establishing
public WANs, and across the Internet. unauthorized neighbor relationships and
potentially disrupting the network.
IPsec is often used for secure branch office
connectivity over the Internet, providing a secure When a router sends a redirect message to
virtual private network (VPN) over a public WAN. another device, it is directing the device to send
This allows branch offices to connect securely to its traffic to a different router. IPsec ensures that
the main office over the Internet, without the this message comes from the correct router and
need for expensive dedicated lines or leased prevents unauthorized devices from sending
circuits. fraudulent redirect messages that could redirect
traffic to unauthorized destinations.
IPsec can also be used for secure remote access
over the Internet, enabling users to securely Finally, IPsec provides authentication and
connect to a network from a remote location. integrity protection for routing updates, ensuring
that they are not forged or tampered with. This
In addition, IPsec can be used for establishing
prevents attackers from disrupting the routing of
intranet connectivity with partners. This enables
traffic by sending fraudulent routing updates.
organizations to securely communicate with other
organizations, ensuring authentication and Security Gateway
confidentiality, and providing a key exchange
When we send a message over the internet, it
mechanism to prevent unauthorized access.
passes through many different computers before it
IPsec also enhances electronic commerce security reaches its final destination. Sometimes, there are
by providing an additional layer of security to special computers called security gateways that
Web and electronic commerce applications that help protect our message from being seen or
have built-in security protocols. changed by other people.
IPsec can be used to encrypt and authenticate IP A security gateway is like a gatekeeper that
packets, ensuring that data transmitted over the checks to make sure that our message is safe and
Internet is secure and cannot be intercepted or secure as it passes through. It has special tools
tampered with. called IPsec mechanisms that help keep our
message private and protected.
In addition to its role in providing security for
end users and protecting premises systems and An IPsec mechanism is like a secret code that
networks, IPsec also plays a role in routing. encrypts our message so that no one can read it
Specifically, it provides authentication and except for the person we're sending it to. It also
integrity protection for routing messages to makes sure that our message hasn't been changed
ensure that they are not forged or tampered with. or tampered with during its journey.
When a new router advertises its presence on a A security gateway can be a router or gateway,
network, it sends a router advertisement message which are special kinds of computers that help
to notify other devices on the network. IPsec connect different networks together. When a
ensures that this message comes from an message passes through a security gateway, the
authorized router, preventing unauthorized gateway checks to make sure that the message is
devices from claiming to be a router and safe and secure before allowing it to continue on
potentially disrupting the network. its journey.
During the SSL Handshake Protocol, there are a • HTTPS: This is a SEAP for HTTP
few different actions that happen. First, the (Hypertext Transfer Protocol). It adds
server and the client authenticate each other. extra security features to HTTP, such as
This means that they check to make sure that encryption and authentication, to help
they're both who they say they are. This helps protect our information when we browse
protect us from bad guys who might try to websites or submit forms online.
pretend to be someone else and steal our
• SMTPS: This is a SEAP for SMTP (Simple
information.
Mail Transfer Protocol). It adds extra
Next, the server and the client negotiate on security features to SMTP, such as
encryption, MAC (Message Authentication Code) encryption and authentication, to help
algorithm, and cryptographic keys. This means protect our emails when we send them
that they agree on how they're going to protect over the internet.
our information with a secret code that only they
• DNSSEC: This is a SEAP for DNS (Domain
know. This helps make sure that our information
Name System). It adds extra security
stays safe and private as it travels over the
features to DNS, such as digital signatures
internet.
and validation, to help protect our DNS
Finally, the SSL Handshake Protocol is used queries and responses from being
before any application data is transmitted. This intercepted or modified by bad actors.
means that the SSL Handshake Protocol happens
before any of our personal information, like our
passwords or credit card numbers, are sent over SECURITY ELECTRONIC TRANSACTION
the internet. This helps make sure that our (SET)
information stays protected right from the very
beginning of our interaction with the website. Security in E-commerece (Electronic Payment)
Security Enhanced Application Protocols When we buy things online, we need a way to
pay for them. This is where electronic payment
When we use the internet to send and receive systems come in.
information, we want to make sure that our
information stays safe and private. That's why we Electronic payment systems are like special
use different security protocols to protect our computer programs that allow us to pay for
information. things online. When we use an electronic
payment system, there are usually three main
One type of security protocol is called a Security- players involved: the customer (that's us), the
Enhanced Application Protocol (SEAP). SEAPs are merchant (that's the online store we're buying
special protocols that are designed to enhance the from), and often banks (that help process the
security of different application layer protocols. payment).
They add extra security features to these
protocols to help protect our information when There are different types of electronic payment
we use them. systems that we can use to pay for things online.
These include:
There are several examples of SEAPs that are
commonly used on the internet: • Cash: Some electronic payment systems
allow us to pay for things online using
cash. For example, we might be able to There are several security requirements that must
use a service like Western Union to send be in place in order to ensure safe electronic
cash to the merchant, who will then send payments. These are:
us the product.
1. Authentication: This means verifying the
• Check: Some electronic payment systems identity of the person making the
allow us to pay for things online using a payment. In cash-based systems, this
check. For example, we might be able to might involve using an ATM card and PIN
use a service like PayPal to send a check to authenticate the user. In credit card-
to the merchant, who will then send us based systems, this might involve
the product. verifying the user's identity with their
credit card number and billing address.
• Credit card: One of the most common
electronic payment systems is the use of 2. Encryption: This means protecting the
credit cards. When we use a credit card payment information by using encryption
to pay for something online, we enter our algorithms to scramble the data so that it
credit card information into a secure form can only be read by authorized parties.
on the merchant's website. The merchant Encryption helps to prevent eavesdropping
then sends the credit card information to and other forms of data theft.
a bank, which checks to make sure we
3. Integrity: This means making sure that the
have enough money in our account to pay
payment information has not been
for the purchase. If everything checks out,
tampered with or altered in any way.
the bank sends the money to the
Integrity checks are typically done using
merchant, who then sends us the product.
digital signatures or other cryptographic
techniques.
One of the key features of SET is that it is an 4. Acquirer: The acquirer is the financial
open encryption and security specification. This institution that verifies that a card
means that the entire protocol is published and account is active and that the proposed
available for anyone to see and analyze. This purchase does not exceed the credit limit.
makes it easier for security experts to review the The acquirer is connected with the
protocol and identify any potential vulnerabilities merchant.
or weaknesses.
5. Payment gateway: The payment gateway
SET FEATURE AND BUSINESS REQUIREMENT is operated by the acquirer or a
designated third party. The payment
• Provide confidentiality of payment and gateway processes merchant payment
ordering information
messages in order to facilitate the parts in one message. The first part is the
transaction. purchase order, which is for the
merchant. The second part is the card
6. Certificate Authority (CA): The certificate
information, which is for the merchant's
authority is a trusted entity that issues
bank only. The message is sent securely
X.509v3 public key certificates for
to the merchant.
cardholders, merchants, and payment
gateways. The success of SET depends on 2. Merchant forwards card information to its
the CA, as these certificates are used to bank: The merchant separates the card
establish trust between the different information from the purchase order and
participants in the transaction. forwards it to its bank. The purchase
order is kept by the merchant.
These different participants work together to
facilitate secure electronic transactions. The 3. Merchant's bank checks with issuer for
cardholder wants to purchase goods or services payment authorization: The merchant's
from the merchant, and the issuer and acquirer bank checks with the issuer (the financial
help to verify that the transaction is legitimate institution that issued the customer's
and within the cardholder's credit limit. The credit card) to verify that the card is
payment gateway processes the transaction, and valid and has sufficient funds for the
the certificate authority issues the necessary purchase.
certificates to establish trust between the different
4. Issuer sends authorization to merchant's
participants.
bank: If the issuer approves the
ASCII to EBCDIC translation problems can also 3. Clear-Signed Data: This function signs the
occur when using SMTP, as the protocol does not message but does not encrypt it. This
support non-ASCII character sets. allows the recipient to verify the signature
and ensure the message has not been
Lines longer than a certain length (72 to 254 tampered with.
characters)
4. Signed and Enveloped Data: This function
To address some of these limitations, combines the previous two functions,
Multipurpose Internet Mail Extension (MIME) was signing the message digest and then
encrypting both the content of the
message and the signed digest.
Types of Firewalls
Packet filtering gateways maintain no state from ✔ keep logs of requests and accesses,
one packer to the next. They simply look at each
✔ and cache results to save bandwidth.
packet’s IP address and port and compare them
to the configured policies. In practice, the most commonly used type of
application proxy is a web proxy, which
Stateful Inspection Firewall, also known as
companies often use to monitor and filter their
dynamic packet filtering, is a type of firewall that
employees' Internet use.
goes beyond the basic packet filtering approach
used by traditional packet filtering firewalls.
Circuit Level Gateway
Instead of just examining each packet
individually, stateful inspection firewalls maintain A circuit-level gateway, also known as a circuit-
a record, or state table, of the TCP connections level proxy or stateful protocol analysis firewall,
passing through them. This allows the firewall to operates at the session layer (Layer 5) of the OSI
model. It establishes a circuit, or virtual
recognize whether a particular packet belongs to
connection, between two networks or hosts, and
an existing connection or not.
inspects the session setup messages that pass
Stateful inspection firewalls can then apply more between them to determine whether to allow or
deny access.
advanced filters to the traffic, such as filtering
based on the state of the connection (e.g.,
A circuit-level gateway works by establishing a
established, new, or closed) or inspecting virtual circuit, which acts as a tunnel between
application-layer data in the packet payload. two networks. This allows the networks to
communicate as if they were directly connected environments where information must be
to each other. protected at all costs.
A circuit-level gateway, also known as a "proxy The main function of a guard firewall is to
gateway," works at the session layer (Layer 5) of restrict access between two networks, typically an
the OSI model, allowing one network to act as unsecured network and a secured network. The
an extension of another. It establishes a virtual firewall operates at the OSI Layer 2, also known
circuit between the client and server, which
as the data link layer, and can filter incoming
means that it sets up and manages the connection
and outgoing traffic based on predetermined
between them, ensuring that the communication
is secure and private. When a circuit-level security policies.
gateway receives a request from a client, it
Guard firewalls use a combination of hardware
authenticates the request and opens a connection
and software-based technologies to provide a high
to the server on behalf of the client. It then
mediates the communication between the two level of security. They can monitor all traffic
parties, passing between the two networks and filter out
unauthorized or malicious traffic. In addition,
A circuit-level gateway is like a secret door guard firewalls can also detect and prevent any
between two secret clubs. It helps one club to attempts to bypass or tamper with the firewall.
become a part of another club. It works by
creating a special path between the two clubs Guards are a type of firewall that implements a
that only they can use. This special path is like a set of programmable rules to protect a network
secret tunnel that only the members of both clubs or system. These rules are designed to limit
can use to communicate with each other. One
access to or from specific resources based on
way people use this secret path is to create
predefined criteria. Guards can be configured to
something called a VPN, which helps them use
the Internet more safely and privately. monitor user activity, network traffic, or system
processes, and take appropriate actions when
A circuit-level gateway is a type of firewall that necessary to prevent unauthorized access or
allows two separate computer networks to damage to the system.
communicate with each other securely by creating
One of the key features of guards is their
a virtual "circuit" between them. It operates at
flexibility in terms of the rules they can
the session layer of the network stack, which is
implement. For example, guards can be
responsible for managing the connections between
configured to limit the number of email messages
applications on different machines.
a user can receive or to restrict a user's web
For example, if a company has a private network bandwidth. They can also be programmed to
for its employees and wants to allow remote filter documents containing specific keywords or
workers to securely access that network over the phrases like for example , Filtering documents
internet, they could use a circuit-level gateway to containing specific keywords, such as "Secret," is
establish a secure "tunnel" between the two a way to prevent sensitive or confidential
networks. This tunnel encrypts all data that is information from being leaked or transmitted
transmitted between the two networks, protecting outside of a secure network. , and to pass
it from eavesdropping or tampering. downloaded files through a virus scanner to
prevent malware infections.