Lec 7, 8
Lec 7, 8
AN OVERVIEW OF COMPUTER
SECURITY
1. THE BASIC COMPONENTS
A. Confidentiality
Confidentiality is the concealment of information or resources. The need for keeping information secret arises from
the use of computers in sensitive fields such as government and industry.
For example, military and civilian institutions in the government often restrict access to information to those who
need that information.
B. Integrity
Integrity refers to the trustworthiness of data or resources, and it is usually phrased in terms of preventing improper or
unauthorized change. Integrity includes data integrity (the content of the information) and origin integrity (the source
of the data, often called authentication).
QUIZ
C. Availability
Availability refers to the ability to use the information or resource desired. Availability is
an important aspect of reliability as well as of system design because an unavailable
system is at least as bad as no system at all.
Attempts to block availability, called denial of service attacks, can be the most difficult
to detect, because the analyst must determine if the unusual access patterns are
attributable to deliberate manipulation of resources or of environment.
2- THREATS
A threat is a potential violation of security. The violation need not actually occur for
there to be a threat. The fact that the violation might occur means that those actions that
could cause it to occur must be guarded against (or prepared for). Those actions are
called attacks. Those who execute such actions, or cause them to be executed, are called
attackers.
Threats may be divided into four broad classes:
Disclosure, or unauthorized access to information ( EX:- Snooping)
Deception, or acceptance of false data
Disruption, or interruption or prevention of correct operation;
Usurpation, or unauthorized control of some part of a system
Vulnerability + Threat = Risk
2- THREATS
Snooping, the unauthorized interception of information, is a form of disclosure.
Modification or alteration, an unauthorized change of information, covers three classes of
threats
Spoofing, an impersonation of one entity by another, is a form of both deception and
usurpation
Repudiation of origin, a false denial that an entity sent (or created) something, is a form of
deception
Denial of receipt, , is a form of deception. a false denial that an entity received some
information or message
Delay, a temporary inhibition of a service, is a form of usurpation
Denial of service, a long-term inhibition of service, is a form of usurpation
3- POLICY AND MECHANISM
A goal of security
Given a security policy’s specification of “secure” and “nonsecure” actions, these security
mechanisms can prevent the attack, detect the attack, or recover from the attack.
Prevention means that an attack will fail
Detection is most useful when an attack cannot be prevented, but it can also indicate the
effectiveness of preventative measures. Detection mechanisms accept that an attack will
occur; the goal is to determine that an attack is under way, or has occurred, and report it.
Recovery has two forms. The first is to stop an attack and to assess and repair any damage
caused by that attack. As an example, if the attacker deletes a file, one recovery mechanism
would be to restore the file from backup tapes
4. ASSUMPTIONS AND TRUST
These two assumptions are fundamentally different. The first assumption asserts that
the policy is a correct description of what constitutes a “secure” system. (officer was
authorized to move the money but it is violate the security)
The second assumption says that the security policy can be enforced by security
mechanisms.
Let P be the set of all possible states. Let Q be the set of secure states (as specified by
the security policy). Let the security mechanisms restrict the system to some set of
states R (thus, R ⊆ P). Then we have the following definition.
Definition 1–3. A security mechanism is secure if R ⊆ Q; it is precise if R = Q; and it
is broad if there are states r such that r ∈ R and r ∉ Q.
4. ASSUMPTIONS AND TRUST
Any useful policy and mechanism must balance the benefits of the protection against
the cost of designing, implementing, and using the mechanism. The issues include
A. Cost-Benefit Analysis. If the data or resources cost less, or are of less value, than
their protection, adding security mechanisms and procedures is not cost-effective
because the data or resources can be reconstructed more cheaply than the protections
themselves. Unfortunately, this is rarely the case.
C. Risk Analysis
SECURITY POLICES
Consider the finite-state machine in the figure. It consists of four states and five transitions.
The security policy partitions the states into a set of authorized states A This system is not secure,
because regardless of which authorized state it starts in, it can enter an unauthorized state.
However, if the edge from s1 to s3 were not present, the system would be secure, because it could
not enter an unauthorized state from an authorized state.= { s1, s2 } and a set of unauthorized
states UA = { s3, s4 }.
QUIZ
1- Definition 2–5. Let X be a set of entities and let I be some information or a resource. Then I has the property of
integrity with respect to X if all members of X trust I.
Definition 2–6. Let X be a set of entities and let I be a resource. Then I has the property of availability with respect
to X if all members of X can access I.
2.2 TYPES OF SECURITY POLICIES
The law allows a court ()محكمهto access driving records without the
owners’ permission. This is type of access control is -------------
1- mandatory access control (MAC)
2- discretionary access control (DAC),
3-identity-based access control (IBAC)
QUIZ
Classify each of the following as an example of a mandatory, discretionary, or
originator controlled policy, or a combination thereof. Justify your answers.
1. The file access control mechanisms of the UNIX operating system discretionary
access control
Ans: Since users can assign and modify permissions that they possess, access
control is discretionary.
2. A system in which no memorandum can be distributed without the author's
consent .
Ans: originator access control This would be originator access control. This is
because if I am the author of the memorandum I am the one who can say my
information can be distributed, no one else can.
EXERCISES
A cryptosystem is a 5-tuple (E, D, M, K, C), where M is the set of plaintexts, K the set of keys, C is the
set of ciphertexts, E: M × K → C is the set of enciphering functions, and D: C × K → M is the set of
deciphering functions.
D = { Dk | k ∈ K and for all c ∈ C, Dk(c) = (26 + c – k) mod 26 }
C=M
Cryptography – cryptography means hidden writing, the practice of using encryption to conceal text
Cryptanalysis – cryptanalyst studies encryption and encrypted message, with the goal of finding
the hidden meaning of the messages
Cryptology – includes both cryptography and cryptanalysis
CRYPTOSYSTEMS TYPES
Classical cryptosystems (also called single-key or symmetric cryptosystems) are cryptosystems that use the same
key for encryption (encipherment) and decryption (decipherment).
Public Key Cryptography (Asymmetric cryptosystems)
SYMMETRIC AND
ASYMMETRIC
There are two basic types of
classical ciphers:
transposition ciphers and
substitution ciphers.
TRANSPOSITION CIPHER
Here Key = 2. For encryption we write the message diagonally in zigzag form in a
matrix having total rows = key and total columns = message length. Then read the
matrix row wise horizontally to get encrypted message.
QUIZ
H L O O L
E L W R D
Key=2
Plaintext : HELLOWORLD
Ciphertext: HLOOLELWRD
TMSUVSYHMANEIXAATIRTX
NEW
C P E S U T
O U R E R y
M T -- c I
C U -- U y
O P T R s C R T
M E E I
S y
T D
U
TRANSPOSITION DECIPHER
Table 3.1 Frequency of characters in English
A substitution
cipher changes
characters in the
plaintext to produce
the ciphertext.
THE CAESAR CIPHER
EXAMPLE: The Caesar cipher is the widely known cipher in which letters are
shifted. For example, if the key is 3, the letter A becomes D, B becomes E, and so
forth, ending with Z becoming C. So the word “HELLO” is enciphered as “KHOOR.”
Informally, this cipher is a cryptosystem with:
M = { all sequences of Roman letters }
K = { i | i an integer such that 0 ≤ i ≤ 25 }
E = { Ek | k ∈ K and for all m ∈ M, Ek(m) = (m + k) mod 26 }
Representing each letter by its position in the alphabet (with A in position 0),
“HELLO” is 7 4 11 11 14; if k = 3, the ciphertext is 10 7 14 14 17, or “KHOOR.”
THE CAESAR CIPHER
M=computer C=eqorwvgt
Key=3
PlaintextA=1, B=2, C=3, D=4, E=5, F=6, G=7, H=8, I=9, J=10, K=11, L=12,
M=13, N=14, O=15, P=16, Q=17, R=18, S=19, T=20, U=21, V=22, W=23, X Y Z
Ciphertext D E F G H I J K L M N O P Q R S T U V W X Y Z A B C