Information Security - Chapter 1
Information Security - Chapter 1
Chapter 1
KEU, Computer Science Faculty
IT Department
2 Course Policy
Lectures
Tuesday 10:00 AM Methodology
Project 10 % Lecture ( Presentation)
Home-Works 10 % Home work
Class Activity 10 % Presentation
Exams
Project / Seminar
Midterm 20 %
Final 50 %
3 References
1. Thomas, Justin Peltier, John Blackley
Information Security Fundamentals, Copyright 2005 by CRC Press,
LLC. All Rights Reserved.
2. William Stallings, Cryptography and Network Security, fourth Edition
principles and practices.
3. Fundamentals of Computer Security, Springer
4. Matt Bishop, Introduction to Computer Security,
5. Cisco Certified Security Professional, Security + Syo-2014
6. William Stallings, Network Security Essentials, Applications and
Standards, Fourth Edition, 2011
4 Course Topics
Chapter 1: Chapter 2:
Computer Security Encryption
The Three key objectives of Symmetric Encryption
Security
Asymmetric encryption
Level of Impact
Basic terminology
Examples of security requirement
Cryptography
Computer Security challenges
Cryptanalysis
OSI security architecture
Brute Force Search
Aspects of security
Caesar Cipher
Types of Attacks
Manoalphabbatic cipher
Language Redundancy and
Cryptanalysis
5 Course Topics
Chapter 3:
Symmetric Block Cipher Algorithms
DES, Double DESS, 3DES, AES Cipher, Rijndaal
6 Course Topics
Chapter 4:
Public Key Cryptography Chapter 5:
and RSA
IP Security
Private-Key Cryptography
Benefits of IPSec
Public-Key Cryptography
IP Security Architecture
Symmetric vs Public-Key
Transport and Tunnel Modes
Public-Key Requirements
RSA
7 Course Topics
Chapter 7:
Chapter 6:
Transport-Level Security Firewall
Web Security
Firewall Limitations
SSL (Secure Socket Layer)
Firewalls – Packet Filters
SSL Architecture
SSL Handshake Protocol Attacks on Packet Filters
TLS (Transport Layer Security)
Firewalls – Stateful Packet Filters
HTTPS
Secure Shell (SSH) Firewalls – StateLess
Low
Moderate
High
Examples of Security
Requirements
1. Not simple
2. must consider potential attacks
3. procedures used counter-intuitive غیرقابل درک
4. involve algorithms and secret info
5. must decide where to deploy mechanisms
6. Battle of wits رزم عقلیbetween attacker / admin
7. not supposed on benefit until fails
8. requires regular monitoring
9. too often an after-thought
10. regarded as impediment to using system
OSI Security Architecture
Passive Attack
25
Passive Attacks
27 Passive Attacks(2)
A passive attack attempts to learn or make use of information from
the system but does not affect system resources.
Passive attacks are in the nature of eavesdropping on, or monitoring
of transmissions. The goal of the opponent is to obtain information
that is being transmitted. Two types of passive attacks are:
release of message contents
traffic analysis - monitor traffic flow to determine location and identity of
communicating hosts and could observe the frequency and length of
messages being exchanged
These attacks are difficult to detect because they do not involve any
alteration of the data.
Active Attacks
Some modification of the data
stream or and can be
subdivided into four categories:
masquerade, replay,
modification of messages, and
denial of service
29 Active Attacks(2)
Active attacks involve some modification of the data stream or the creation
of a false stream and can be subdivided into four categories: masquerade,
replay, modification of messages, and denial of service:
masquerade of one entity as some other
replay previous messages (as shown above in Stallings Figure)
modify/alter (part of) messages in transit to produce an unauthorized effect
denial of service - prevents or inhibits the normal use or management of
communications facilities
Active attacks present the opposite characteristics of passive attacks.
Whereas passive attacks are difficult to detect, measures are available to
prevent their success. On the other hand, it is quite difficult to prevent active
attacks absolutely, because of the wide variety of potential physical,
software, and network vulnerabilities. Instead, the goal is to detect active
attacks and to recover from any disruption or delays caused by them.
تشخیص حمله فعال آسان و جلوگیری آن سخت است
Security Service
Enhance security of data processing systems and
information transfers of an organization
intended to counter security attacks
using one or more security mechanisms
often replicates functions normally associated with physical
documents
which, for example, have signatures, dates; need
protection from disclosure, tampering, or destruction;
be notarized or witnessed; be recorded or licensed
Security Services
X.800:
“a service provided by a protocol layer of communicating open systems,
which ensures adequate security of the systems or of data transfers”
RFC 2828:
“a processing or communication service provided by a system to give a
specific kind of protection to system resources”
Security Services (X.800)
Security Mechanism ?
Model for Network Security