INFORMATION SECURITY

1 Explain in detail about The OSI Security Architecture

2 Explain Security Attacks
3 Explain security services and security mechanisms
4 Explain Symmetric Cipher Model
5 Explain Caesar Cipher with Example
6 Explain Rail fence Technique with Example
 INFORMATION SECURITY

1 Explain in detail about The OSI Security Architecture

The OSI Security Architecture is internationally recognized and provides a standardized technique
for deploying security measures within an organization. It focuses on three major concepts:
security attacks, security mechanisms, and security services, which are critical in protecting data
and communication processes.
OSI (Open Systems Interconnection) security refers to a set of protocols, standards, and
techniques used to ensure the security of data and communications in a network environment
based on the OSI model. The International Organisation for Standardisation (ISO) established this
model to provide a conceptual framework for understanding how different networking protocols
interact within a layered architecture.
OSI Security Architecture

 THE OSI SECURITY ARCHITECTURE

The OSI security architecture focuses on security attacks, mechanisms, and services. These can
be defined briefly as

Security attack: A security attack means any action that puts the data or overall security of the
system at risk. An attack might be successful or unsuccessful. In case of a successful attack, the
attacker can complete his/her motive of breaking the security of the system in any way he/she wants
to. In case of an unsuccessful attack, the system remains secured and no harm to the security is
done. There are majorly 2 types of attacks: active attacks and passive attacks.

• Security mechanism: A process (or a device incorporating such a process) that is designed
to detect, prevent, or recover from a security attack. The mechanisms are divided into those
that are implemented in a specific protocol layer, such as TCP or an application-layer
 protocol..
• Security service: A processing or communication service that enhances the security of the data
processing systems and the information transfers of an organization. The services are intended to
counter security attacks, and they make use of one or more security mechanisms to provide the
service.

Confidentiality: This involves making sure that information is accessible only to those who are
authorized. A practical example is the use of encryption methods like the Advanced Encryption
Standard (AES) to encrypt data transmitted over a network. This encryption ensures that, even if
data is intercepted, it remains unintelligible to unauthorized entities.

Integrity: This objective focuses on maintaining the accuracy and consistency of data over its entire
lifecycle. A relevant example is the application of hash functions like SHA-256. This function
allows a system to verify the integrity of transmitted data by comparing the received data's hash
value to the expected hash value.

Availability: This ensures that information and resources are consistently available to authorized
users. Techniques employed to achieve this include implementing redundant network configurations
and strategies to mitigate Distributed Denial of Service (DDoS) attacks, thereby ensuring
continuous service availability.

2 Explain Security Attacks

. A passive attack attempts to learn or make use of information from the system but does not
affect system resources. An active attack attempts to alter system resources or affect their
operation.

Passive Attacks

Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal
of the opponent is to obtain information that is being transmitted. Two types of passive attacks
are the release of message contents and traffic analysis.
1) Release of message contents:
The release of message contents is easily understood .A telephone conversation, an electronic
mail message, and a transferred file may contain sensitive or confidential information.We would
like to prevent an opponent from learning the contents of these transmissions.
2) Traffic analysis:
A second type of passive attack, traffic analysis, is subtler .Suppose that we had a way of
masking the contents of messages or other information traffic so that opponents, even if they
captured the message, could not extract the information from the message. The common
technique for masking contents is encryption. If we had encryption protection in place, an
opponent might still be able to observe the pattern of these messages. The opponent could
determine the location and identity of communicating hosts and could observe the frequency and
length of messages being exchanged. This information might be useful in guessing the nature of
the communication that was taking place.
Passive attacks are very difficult to detect, because they do not involve any alteration of the data.

Active attack: An active attack attempts to alter system resources or affect their operation.
Active attacks involve some modification of the data stream or the creation of a false stream.
Active attacks can be subdivided into four categories:
 masquerade,
 replay,
 modification of messages, and
 Denial of service.

Masquerade:

A masquerade takes place when one entity pretends to be a different entity (Figure:). A
masquerade attack usually includes one of the other forms of active attack.
 For example, authentication sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling an authorized entity with few
privileges to obtain extra privileges by impersonating an entity that has those privileges.

Replay :

Replay involves the passive capture of a data unit and its subsequent retransmission to produce
an unauthorized effect.

Modification of messages:

Modification of messages simply means that some portion of a legitimate message is altered, or
that messages are delayed or reordered, to produce an unauthorized effect (Figure: c).
For example, a message meaning “Allow John Smith to read confidential file accounts” is
modified to mean “Allow Fred Brown to read confidential file accounts
Denial of service:

The denial of service prevents or inhibits the normal use or management of communications
facilities (Figure d). This attack may have a specific target;
For example, an entity may suppress all messages directed to a particular destination (e.g., the
security audit service).
Another form of service denial is the disruption of an entire network—either by disabling the
network or by overloading it with messages so as to degrade performance
3 Explain security services and security mechanisms
The classification of security services are as follows:
CONFIDENTIALITY: Ensures that the information in a computer system and transmitted
information are accessible only for reading by authorized parties. Confidentiality is the
protection of transmitted data from passive attacks. For example, when a TCP connection isset
up between two systems, this broad protection prevents the release of any user data transmitted
over the TCP connection.

Traffic-Flow Confidentiality

The protection of the information that might be derived from observation of traffic flows.
AUTHENTICATION: The authentication service is concerned with assuring that a
communicationis Authentic. The assurance that the communicating entity is the one that it
claims to be.
Ensures that the origin of a message or electronic document is correctly identified, with an
assurance that the identity is not false.

Peer Entity Authentication

Used in association with a logical connection to provide confidence in the identity of the entities
connected.

Data-Origin Authentication

In a connectionless transfer, provides assurance that the source of received data is as claimed.
INTEGRITY: Ensures that only authorized parties are able to modify computer system assets and
transmitted information. Modification includes writing, changing status, deleting, creating
and delaying or replaying of transmitted messages.
NON REPUDIATION: Requires that neither the sender nor the receiver of a message be able
to deny the transmission. when a message is sent, the receiver can prove that the alleged sender
in fact sent the message. Similarly, when a message is received, the sender can prove that the
alleged receiver in fact received the message.

ACCESS CONTROL: Requires that access to information resources may be controlled by the
target system . access control is the ability to limit and control the access to host systems and
applications via communications links. To achieve this, each entity trying to gain access must
 first be identified, or authenticated
AVAILABILITY: Requires that computer system assets be available to authorized parties
whenneeded

SECURITY MECHANISMS

One of the most specific security mechanisms in use is cryptographic techniques.

Encryption or encryption-like transformations of information are the most common means of
providing security. Some of the mechanisms are
1 ENCIPHERMENT
2 DIGITAL SIGNATURE
3 ACCESS CONTROL
ENCIPHERMENT: It refers to the process of applying mathematical algorithms for converting
data into a form that is not intelligible. This depends on algorithm used and encryption keys.
DIGITAL SIGNATURE: The appended data or a cryptographic transformation applied to any
dataunit allowing to prove the source and integrity of the data unit and protect against forgery.
ACCESS CONTROL: A variety of techniques used for enforcing access permissions to the
systemresources.
DATA INTEGRITY: A variety of mechanisms used to assure the integrity of a data unit
orstream of data units.
AUTHENTICATION EXCHANGE: A mechanism intended to ensure the identity of an entity
bymeans of information exchange.

TRAFFIC PADDING: The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
ROUTING CONTROL: Enables selection of particular physically secure routes for certain data
andallows routing changes once a breach of security is suspected.
NOTARIZATION: The use of a trusted third party to assure certain properties of a data exchange

4 Explain Symmetric Cipher Model

Symmetric encryption is a form of cryptosystem in which encryption and decryption are
performed using the same key. It is also known as conventional encryption. Symmetric encryption,
also referred to as conventional encryption or single-key encryption.

A symmetric encryption scheme has five ingredients

• Plaintext: This is the original intelligible message or data that is fed into the algorithm as
input.
• Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
• Secret key: The secret key is also input to the encryption algorithm.The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different output
depending on the specific key being used at the time.The exact substitutions and transformations
performed by the algorithm
depend on the key.
• Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and
the secret key. For a given message, two different keys will produce two different cipher texts.
•Decryption algorithm: This is essentially the encryption algorithm run inreverse. It takes the
ciphertext and the secret key and produces the original plaintext.

There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to be

suchthat an opponent who knows the algorithm and has access to one or more cipher texts
would be unable to decipher the cipher text or figure out the key.
2.Sender and receiver must have obtained copies of the secret key in a secure fashion and
must keep the key secure.
 Let us take a closer look at the essential elements of a symmetric encryption
scheme, using below Figure. A source produces a message in plaintext, . The elements of are
letters in some finite alphabet. Traditionally, the alphabet usually consisted of the 26 capital
letters. Nowadays,the binary alphabet {0, 1} is typically used. For encryption, a key of the form
is generated. If the key is generated at the message source, then it must also be provided to the
destination by means of some secure channel. Alternatively, a third party could generate the key
and securely deliver it toboth source and destination
 With the message and the encryption key as input, the encryption algorithm
forms the ciphertext .We can write this as This notation indicates that is produced by
using encryption algorithm E as a function of the plaintext , with the specific function
determined by the value ofthe key .
The intended receiver, in possession of the key, is able to invert the transformation:
X=D(K,Y)

5 Explain Caesar Cipher with Example

Caesar cipher (or) shift cipher
The earliest known use of a substitution cipher and the simplest was by Julius Caesar.
TheCaesar cipher involves replacing each letter of the alphabet with the letter standing 3
placesfurther downthe alphabet.
Example-1:
plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB
Note that the alphabet is wrapped around, so that letter following „z‟ is „a‟.
Then the algorithm can be expressed as follows. For each plaintext letter ,
substituteThe cipher text letter
C = E(3, p) = (p + 3) mod 26
A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26
Where K takes on a value in the range 1 to 25.The decryption algorithm is simply

p = D(k, C) = (C - k) mod 26

Example-2:

12
  Plain text is deepshika and key is 5
 Cipher text=(3+5)mod26=8
 (4+5)mod 26=9 continue the process
 Ciphertext is ijjuxmopf

6 Explain Rail fence Technique with Example

 Rail-Fence Technique : This technique is a type of Transposition technique and does

is write the plain text as a sequence of diagonals and changing the order according to
each row(zigzag pattern).

13