Computer Security Concepts

• Definition of Computer Security by NIST

• Protection afforded to an automated information system in order to

preserve the integrity, availability and confidentiality of information
system resources.

• Three key objectives considered as the heart of the computer security

are as follows :

• Confidentiality (Data Confidentiality, privacy)

• Integrity (Data and System Integrity) and
• Availability (Referred as CIA triad)

• NIST Standard FIPS 199 (Standards for Security Categorization of

Federal Information and Information Systems).

• Authenticity and Accountability.

 Confidentiality

Security
Triads
Integrity Availability
• Levels of impact on organization and individual
• Low
• Moderate and
• High
•
Low Moderate High
1. Cause a degradation in 1. Cause a significant 1. Cause a severe degradation
mission capability to degradation in mission in loss of mission capability.
an extent. capability to an extent. 2. Result in major damage to
2. Result in minor 2. Result in significant organizational assets.
damage to damage to organizational 3. Result in major financial
organizational assets assets. loss.
3. Result in minor 3. Result in significant 4. Result in severe (or)
financial loss financial loss. catastrophic harm to
4. Result in minor harm 4. Result in significant harm individuals involving loss of
to individuals. to individuals that does life.
not involve loss of life
(or) serious life-
threatening injuries.
• Confidentiality (Student Grade Information)
• US, Family Educational Rights and Privacy Act (FERPA)
• Low confidential, Moderately Confidential and Highly Confidential

• Integrity
• Hospital (Patient’s Allergy Stored in a Database)
• Anonymous Online Poll.

• Availability
• Online Telephone Directory Lookup Application (Low Availability
Requirement)
• There are two ways to access the information such as,
• Hard Copy
• Operator
 RFC 4949 Internet Security Glossary
• Threat
• A threat is a possible danger that might exploit a vulnerability.

• Attack
• An assault on system security that derives from an intelligent threat.

• Security Attacks
• Passive Attacks
• Active Attacks

• Passive Attacks
• Attempts to learn or make use of information from the system but
does not affect system resources.

• Active Attacks
• Attempts to alter system resources (or) affect their operation.
• Passive Attacks
• It’s a kind of eaves dropping on.
• Monitoring of transmissions.

• Types of Passive Attacks

• Release of message contents.
• Traffic Analysis.

• Active Attacks
• Involves some modification of the data stream or the creation of false
alarm.

• Active Attacks are subdivided into four categories :

• Masquerade Attack,
• Replay Attack,
• Modification of Messages,
• Denial of Service.
 Security Services
• X.800 defines a security service as a service that is provided by a protocol
layer of communicating open systems.

• RFC 4949 clearly defines that :

• A processing (or) communication service that is provided by the

system to give a specific kind of protection to system resources.

• X.800 divides security services into five categories and 14 specific

services listed in Table 1.2.
 Security Services
• X.800 defines a security service as a service that is provided by a protocol
layer of communicating open systems.

• RFC 4949 clearly defines that :

• A processing (or) communication service that is provided by the

system to give a specific kind of protection to system resources.

• X.800 divides security services into five categories and 14 specific

services listed in Table 1.2.
Security Mechanisms
• Refer Table 1.4 for the existence of relationship between security services
and their related security mechanisms.
•
 Fundamental Security Design Principles

• The National Centers of Academic Excellence in Information

Assurance/Cyber Defense, jointly sponsored by the U.S. National
Security Agency and U.S Department of Homeland Security list the
following as fundamental security design principles.

• Economy of Mechanism • Isolation

• Fail – Safe Defaults • Encapsulation
• Complete Mediation • Modularity
• Open design • Layering
• Separation of Privilege • Least Astonishment
• Least Privilege
• Psychological Acceptability
 Economy of Mechanism
• Design of security measures in both hardware and software.

Small Design Huge Design

• Easier to test and verify thoroughly. • In huge design, attackers can have
many more opportunities for an
adversary to discover subtle
• Simple mechanisms tend to have weakness.
fewer exploitable flaws and requires
less maintenance.
• The more likely the mechanism, the
• Configuration management issues are more likely it is to posses exploitable
simplified, updating (or) replacing a flaws.
simple mechanism becomes a less
intensive process.
 Fail – Safe Defaults

• A design (or) implementation mistake in a mechanism gives explicit

permission.

• Tends to fail by allowing access.

• Most file access systems and virtually all protected services on

client/server systems use fail-safe defaults.
 Complete Mediation
• Complete mediation means that every access must be checked against the
access control mechanisms.

• Systems should on rely on access control mechanisms retrieved from

cache.

• Once a user has opened a file, no check is made to see if permission

change.

• To implement complete mediation, system must check the access control

allocated for files (or) records.
 Open Design
• The design of the security mechanism should be open rather than
secret.

• Although, encryption keys are secret, encryption algorithms are

open for public scrutiny.

• Those algorithms can be reviewed by many experts, and so users

have high confidence in them.
 Separation of Privilege
• Multi – User Authentication
• Multiple Techniques
• Password (or) a smart card to authorize the user.

Least Privilege
• Role-based access control.

– Student
– Staff
– Vice – Chancellor
– Director
 Least Common Mechanism

• Design should minimize the functions shared by different users,

providing mutual security.

• This principle helps,

• to reduce the number of unintended communication paths

• to reduce the amount of hardware and software used

 Psychological Acceptability

• Security mechanisms should not interfere unduly with the work of

users.

• If security mechanism hinder the usability (or) accessibility of

resources, then user may opt to turn off those mechanisms
 Isolation
• Public access systems should be isolated from critical resources
to prevent disclosure (or) tampering.

• If sensitivity (or) criticality of the information is high,

organizations may want to limit the number of systems on which the
data is stored and isolates either physically (or) logically.

• Physical isolation may include ensuring that no physical connection

exists between the public systems and critical systems.

• Logic isolation is implemented to secure systems for protecting

critical resources.

Encapsulation
• Specific form of isolation based on object oriented functionality.
• Modularity

• Layering (or) Defense in Depth.

• Least Astonishment
 Attack Surfaces and Attack Trees
• Attack Surface

• Reachable and Exploitable Vulnerabilities in a system.

• Examples

• Open Ports
• Services available inside the firewall
• Interfaces, SQL and Web forms
• Code that processes incoming data, email, XML documents
• An employee with access to sensitive information
• Attack surfaces can be categorized as follows :

• Network Attack Surface

• This category refers to vulnerabilities over an enterprise network, wide area
network, or the Internet.

• Included in this category are network protocol vulnerabilities, used for DoS
attacks, Disruption of Communication Links and various forms of intruder attacks.

• Software Attack Surface

• Refers to vulnerabilities in application, utility (or) operating system code

• Eg : Web server software

• Human Attack Surface

• Refers to vulnerabilities created by outsiders (or) personnel
• Social Engineering
• Human error
• Trusted insiders
 Attack Trees
• Branching, hierarchical data structure that represents a set of potential
techniques for exploiting security vulnerabilities.
• Security Incident (Goal of the Attack) = Represented as the root node.
Security
Incident
(Root Node)

SN1 SN2 SN3

SN4 SN5
• Leaf node initiates an attack.

• Each node other than leaf node is either represented by an AND node and
OR node.
 A Model for Network Security
• Techniques for providing security have two components namely :
• A security-related transformation on the information to be sent.
• Some secret information shared by the two principles that is unknown
to the opponent.
•
 Four Basic Tasks in Designing a Security Service

• Design an algorithm for performing the security related transformation.

• Generate the secret information to be used with the algorithm.

• Develop methods for the distribution and sharing of the secret

information.

• Specify a protocol to be used by the two principles that makes use of the
security algorithm and the secret information to achieve a particular
security service.
• Programs can present two kinds of threats :
• Information access threats : Intercept (or) modify data on behalf of
users who should not have access to that data.
• Service threats : Exploit service flaws in computers to inhibit use by
legitimate users.
•
 Standards
• National Institute of Standards and Technology (NIST)

• Internet Society (ISOC)

• International Telecommunication Union (ITU – T)

• International Organization for Standardization (ISO)

 NIST
• U.S. federal agency that deals with measurement science, standards and
technology related to U.S. government use and to the promotion of U.S. private-
sector innovation.

• Despite its national scope, NIST Federal Information Processing Standards (FIPS)
and Special Publications (SP) have a world wide impact.

Internet Society (ISOC)

• ISOC is a professional membership society with world – wide
organizational and individual membership.

• It also includes Internet Architecture Board (IAB) and Internet

Engineering Task Force (IETF).

• These organizations develop Internet Standards and related

specifications, all are published as Requests for Comments (RFC).
 ITU – T
• International Telecommunication Union (ITU) is an international
organization within the United Nation System,

• in which government and private sector coordinate global telecom

networks and services
• ITU – T standards are represented as Recommendations.
ISO
• The International Organization for Standardization (ISO) is a world –
wide federation of national standards bodies from more than 140 countries.

• ISO is a non-governmental organization that promotes the development

of standardization and related activities.

• ISO’s work results in international agreements that are published as

International Standards.
Classical Encryption Techniques
 Classical Encryption Techniques
• Symmetric Cipher Model (or) Symmetric Encryption
• Referred as conventional encryption (or) single key encryption.
• Technical Terms :
• Plain text : Original Message
• Cipher text : Coded Message
• Enciphering (or) Encryption :
• The process of converting from plaintext to cipher text.
• Deciphering (or) Decryption :
• Restoring the plain text from cipher text.
• Schemes used for encryption constitute the area of study known as
Cryptography also known as cryptographic system (or) cipher.
• Cryptanalysis :
• Techniques used for deciphering a message without any
knowledge of the enciphering details.
• Cryptology :
• The areas of cryptography and cryptanalysis together are called
cryptology.
 Symmetric Cipher Model
• Symmetric encryption scheme (or) cipher model :
• This model has 5 key ingredients :
• Plain text :
• Original intelligible message (or) data that was fed into the algorithm
as input.
• Encryption Algorithm :
• The encryption algorithm performs various substitution and
transformations on the plaintext.
• Secret Key :
• The key is also input to the encryption algorithm.
• The key should be independent of plain text and algorithm.
• Cipher Text :
• Scrambled message produced as output.
• Decryption Algorithm :
• The algorithm takes cipher text and key and produces the original
plain text.
 Symmetric Cryptosystem Explained
• Plain text : X

• Encryption Process : (X, K)

• Y = E(X, K)

• Decryption Process : (Y, K)

• X = D(Y, K)

• Cryptography :

• Cryptographic systems are characterized along three independent dimensions

:

• Type of operations used for transforming plaintext into cipher text.

• The number of keys used (Symmetric (or) Single key (or) conventional
encryption) , Different key (or) two-key (or) public-key encryption.

• The way in which the plain text is processed. (Block cipher (or) Stream
Cipher).
 Cryptanalysis and Brute Force Attack
• Cryptanalysis
• This type of attack exploits the characteristics of the algorithm to
attempt to deduce a specific plaintext or to deduce the key being used.
• Brute Force Attack
• The attacker tries every possible key on a piece of cipher text until an
intelligible translation into plaintext is obtained.
 Substitution Techniques
• It is the one in which the letters of plaintext are replaced by other letters
(or) by numbers (or) by symbols.
• Caesar Cipher :
• The earliest known use of a substitution cipher was introduced by
Julius Caesar.
• Involves replacing each letter of the alphabet with the letter standing
three places further down the alphabet.
• (eg) : C = E(3,P) = (P+3) mod 26, P = D(3,C) = (C-3) mod
26(Formula)
•
• 3 important characteristics enabled us to use a brute force
attack : (Drawback of Caesar Cipher)
• The encryption and decryption algorithms are known.
• There are only 25 keys to try.
• The language of the plain text is known and easily recognizable.
• Key space is very low as there exists only 26 numbers of keys to
reveal the plain text using brute force method.
• Monoalphabetic Ciphers
• Key space is larger where it has 26! (or) 4 x 10^26 possible keys.
• Difficult to attempt brute force attacks.
• Possibility - 1 : (In case of original receiver)
• Sender should reveal the key to the receiver in the process of
decryption.
• Possibility – 2 : (In case of an attacker)
• Attacker should try with the most common english words by using
frequency of letters used.