Security Fundamentals

Lecture-1

Department of CSE, IUT

 What is Computer Security
Computer security is about preventing undesired behavior that could harm systems or data. While most developers focus on achieving correct and
desired behaviors (such as running a functional website or software), security ensures that adversaries—whether internal or external—cannot
circumvent protective measures. In essence, security is the state of being protected against dangers, threats, or losses caused by unwanted actions

• Most developers and operators are concerned with correctness: achieving desired
behavior. (What should DO?)
• A working banking web site, word processor, blog,…

•Security is concerned with preventing undesired behavior. (What should Not Do?)
•Consider an employee/opponent/hacker/adversary who is actively and
maliciously trying to circumvent any protective measures you put in place

What is security?
A condition of being protected against undesired behavior (danger or loss)

2
Kinds of undesired behavior

• Stealing information: confidentiality

• Corporate secrets (products plan, source code,..)
• Personal information (credit card numbers, SSNs)

• Modifying information or functionality: integrity

• Installing unwanted software (spyware, botnet client,…)
• Destroying records (accounts, logs, plans,..)

• Denying access: availability

• Unable to purchase products
• Unable to access banking information

3
 Kinds of undesired behavior

To be secured, information needs to be:

Hidden from unauthorized access
(Confidentiality)
Protected from unauthorized change (Integrity)
and
Available to an authorized entity when it is
needed (Availability)

4
A definition of computer security
Computer security is the protection given to an automated system to ensure its integrity, availability, and
confidentiality. This includes safeguarding hardware, software, data, and communication systems from
unauthorized access or harm.

• Computer security:
The protection afforded to an automated information system

in order to attain the applicable objectives of

preserving the integrity, availability and confidentiality

of information system resources

(includes hardware, software, firmware, information/data, and
telecommunications)

NIST 1995 6
Key Security Goals / Requirements :: CIA Triad

1. Confidentiality means that only authorized people or system can access

the data or resource
2. Integrity refers to the trustworthiness of data or resources
1. Data integrity
2. Origin integrity
3. Availability means that people has the ability to use the information or
resource desired

7
 Key Security Goals / Requirements :: CIA Triad
• Confidentiality:
o Concealing sensitive information
o Applies to storage of information
o Applies to the transmission of the information

• Integrity
o Data or information is intact
o Changes can only be made by authorized entities
o Unwanted changes violates integrity, for e.g. malicious attacks, interruption in system
(power surge)

• Availability
o Information needs to be available to authorized entities
o Information needs to be constantly changed, which means it must be accessible to
authorized entities.
o Imagine what would happen to a bank if the customers could not access their
accounts for transactions.

8
Key Security Goals / Requirements :: CIA Triad

Confidentiality means that only authorized people or system can access the data
or resource.

• Confidentiality
• Data confidentiality: Assures that confidential information is not disclosed to
unauthorized individuals

• Privacy: Assures that individual control or influence what information may be

collected and stored

9
Implementation Concept :: Confidentiality

• Confidentiality:

1. Encryption

2. Steganography

3. Authentication and Identity Management

4. Access Control Mechanisms

5. Transport Layer Security (TLS)
6. Virtual Private Network (VPN)
10
7. Legal and Regulatory Compliance
Key Security Goals / Requirements :: CIA Triad

Integrity
• Integrity refers to the trustworthiness of data or resources.
1. Data integrity means that data can only be modified by authorized
people or system in authorized ways

2. Origin integrity (also called source authentication) means that the

source of the data is trustworthy.

• Message authentication (= data integrity + origin integrity) means messages

received are exactly as sent (i.e. no modification, insertion, deletion, or
replay), and the ID of the sender is valid.
Note: timing information (timestamp) is also considered as part of the
message.

11
 Implementation Concept:: Data Integrity
Data integrity

• Hashing

• Checksums and Parity Bits

• Blockchain and Distributed Ledger Technologies

12
Implementation Concept:: Origin Integrity

• Authenticity: the property of being genuine and being able to be

verified and trusted; confident in the validity of a transmission, or a
message, or its originator

13
Implementation Concept:: Origin Integrity

• Authenticity: the property of being genuine and being able to be

verified and trusted; confident in the validity of a transmission, or a
message, or its originator

Digital Signature

14
Implementation Concept:: Origin Integrity

• Non-repudiation: preventing denial of actions

15
Other concepts to a complete security picture

• Accountability: generates the requirement for actions of an entity to be

traced uniquely so that individual to support nonrepudiation, deference,
fault isolation, etc

16
Three key objectives (the CIA triad)

• Availability
• Availability means that people has the ability to use the
information or resource desired.

17
 Table 1.3
Computer and Network Assets, with Examples of Threats
Availability Confidentiality Integrity
Equipment is stolen or
An unencrypted CD-
Hardware disabled, thus denying
ROM or DVD is stolen.
service.
A working program is
modified, either to
Programs are deleted, An unauthorized copy cause it to fail during
Software
denying access to users. of software is made. execution or to cause it
to do some unintended
task.
An unauthorized read
of data is performed. Existing files are
Files are deleted,
Data An analysis of modified or new files
denying access to users.
statistical data reveals are fabricated.
underlying data.
Messages are destroyed Messages are modified,
Communication or deleted. Messages are read. The delayed, reordered, or
Lines and Communication lines traffic pattern of duplicated. False
Networks or networks are messages is observed. messages are
rendered unavailable. fabricated. 18
Levels of Impact

19
Examples of security requirements:
Confidentiality
• Student grade information is an asset whose confidentiality is
considered to be very high

• The US FERPA Act: grades should only be available to students, their parents, and
their employers (when required for the job)

• Student enrollment information: may have moderate confidentiality rating;

less damage if enclosed

• Directory information: low confidentiality rating; often available publicly

20
Examples of security requirements:
Integrity
• A hospital patient’s allergy information (high integrity data): a doctor
should be able to trust that the info is correct and current
• If a nurse deliberately falsifies the data, the database should be restored to a
trusted basis and the falsified information traced back to the person who did it

• An online newsgroup registration data: moderate level of integrity

• An example of low integrity requirement: anonymous online poll (inaccuracy is well

understood)

21
Examples of security requirements:
Availability
• A system that provides authentication: high availability requirement
• If customers cannot access resources, the loss of services could result in financial
loss

• A public website for a university: a moderate availably requirement; not critical but
causes embarrassment

• An online telephone directory lookup: a low availability requirement because

unavailability is mostly annoyance (there are alternative sources)

22
Challenges Of Computer Security
 Computer security is not simple
 One must consider potential (unexpected) attacks
 attackers only need to find a single weakness, the developer needs to
find all weaknesses
 Procedures used are often counter-intuitive

Must decide where to deploy mechanisms

multiple algorithms or protocols may be involved
A battle of wits between attacker / admin
It is not perceived on benefit until fails

Requires constant monitoring

is often an afterthought to be incorporated into a system after the design
is complete

23
Security: Terminology

• Asset –(System Resource) – anything that has value to an

individual, an organization or a government

Examples:

Hardware

Software

Data

Communication facilities and

networks

24
Security: Terminology

• Asset –(System Resource) – anything that has value to an

individual, an organization or a government

Examples:
• digital document
• database
• password
• encryption key
• …….
• ….

25
Security: Terminology

• Asset –(System Resource) – anything that has value to an

individual, an organization or a government

Examples:

26
Security: Terminology

• Access - a subject or object’s ability to use, manipulate,

modify, or affect another subject or object.

• Threat Agent (Adversary) - An entity that attacks, or is a threat

to, a system.
Examples:
• malicious hackers
• insiders (including system administrators and developers)
• terrorists
• nation states

27
 Security: Terminology
• Malicious contents
• applications, documents, files, data or other resources that have
malicious features or capabilities embedded, disguised or hidden
in them
• Drive-by downloads

 Viruses
 Worms
 Ransomware
 Trojan horses
 Backdoors
 Bots, botnets
 Threats at both client and server levels

28
Security: Terminology
• Vulnerability – weakness of an asset or control that can be exploited by a
threat
• Flaw or weakness in a system's design, implementation, or operation and
management that could be exploited to violate the system's security policy.

Flaw: a defect in design

Bug: a defect in implementation

• System resource Vulnerabilities may

• Corrupted (loss of integrity)
• Leaky (loss of confidentiality)
• Unavailable or very slow (loss of availability) 29
Security: Terminology
• Threat – : potential cause of an unwanted incident, which may result in
harm to a system, individual or organization

If you tell someone "I am going to kill you," this is an example of a threat.

• Threats
• Capable of exploiting vulnerabilities
• Represent potential security harm to an asset
• Malicious contents are threat for cyber systems

30
Security: Terminology

• Exposure - a single instance of being open to damage.

• Exploit - to take advantage of weaknesses or vulnerability in a system.
• Attack - an act that is an intentional or unintentional attempt to cause
damage or compromise to the information and/or the systems that
support it.

• Attacks are threats carried out and may be

 Passive – attempt to learn or make use of information from the system that
does not affect system resources
 Active – attempt to alter system resources or affect their operation

 Insider – initiated by an entity inside the security perimeter

 Outsider – initiated from outside the perimeter 31
Security: Terminology

•Risk - An expectation of loss expressed as the probability that a

particular threat will exploit a particular vulnerability with a particular
harmful result.

32
Security: Terminology
• Countermeasure - An action, device, procedure, or technique that
reduces a threat, a vulnerability, or an attack by eliminating or
preventing it, by minimizing the harm it can cause, or by discovering
and reporting it so that corrective action can be taken

• used to deal with security attacks

1. prevent
2. detect
3. recover
• may result in new vulnerabilities
• will have residual vulnerability
• goal is to minimize risk given constraints

• Security Policy - A set of rules and practices that specify how a system
or org provides security services to protect sensitive and critical system
resources. 33
Security Concepts and Relationships

To ensure Security,
We must eliminate Bugs and design Flows
and/or make them Harder to Exploit.

34
Security Concepts and Relationships

35
Security Concepts and Relationships

36
 Most Common Security Threats

 Types of hackers:
Attack Consequences

• Unauthorized Disclosure
• exposure, interception, inference, intrusion

• Deception
masquerade, falsification, repudiation

• Disruption
incapacitation, corruption, obstruction

• Usurpation
misappropriation, misuse
38
 Security Attack:: Classification Based on
Effects on the System
Passive Attack
• Attempts to learn or make use of
information from the system but
does not affect system resources
• Eavesdropping on, or monitoring
of, transmissions
• Goal of attacker is to obtain
information that is being
transmitted
• Two types:
• Release of message contents
• Traffic analysis
• are hard to detect so aim to prevent
Active Attack
• Attempts to alter system resources
or affect their operation
• Involve some modification of the
data stream or the creation of a
false stream
• Four categories:
• Replay
• Masquerade
• Modification of messages
• Denial of service
• hard to prevent so aim to detect
39
 Security Attack:: Classification Based on
Effects on the System
Passive Attack Active Attack
• In a passive attack, the attacker’s goal is
just to obtain information • An active attack may change the data
or harm the system
• This means that the attack does not
• Attacks that threaten the integrity and
modify data or harm the system.
availability are active attacks
However, the attack may harm the sender
or the receiver of the message • Active attacks are normally easier to
detect than to prevent, because an
• Attacks that threaten confidentiality: attacker can launch them in a variety
snooping and traffic analysis are passive of ways
attacks

• The revealing of the information may

harm the sender or receiver of the
message, but the system is not affected

40
Security Attack:: Classification Based on
Security Goals
• Security Attacks can also be categorized in another two ways.
• Based on Security Goals

Network

41
Security Attacks:: Threatening Confidentiality
 Snooping or Eavesdropping:
 Threat against confidentiality
 Unauthorized access to or interception of data.

 For example, a file transferred through the Internet may contain confidential
information. An unauthorized entity may intercept the transmission and use the
contents for his/her own benefit.

42
Security Attacks:: Threatening Confidentiality
 Traffic analysis:
 Threat against confidentiality
 Attackers can obtain some other type of information by monitoring online
traffic.

 For example, an attacker can find the electronic address (such as the e-mail address)
of the sender or the receiver. They can collect pairs of requests and responses to
help them guess the nature of transaction.

43
Security Attacks:: Threatening Integrity
 Modification of Message:
 Threat against Integrity
 After intercepting or accessing information, the attacker modifies the
information to make it beneficial to themselves.

 For example, a customer sends a message to a bank to do some

transaction. The attacker intercepts the message and changes the type of
transaction to benefit themselves. Note that sometimes the attacker simply
deletes or delays the message to harm the system or to benefit from it.
44
Security Attacks:: Threatening Integrity
 Replay:
 Threat against Integrity
 The attacker obtains a copy of a message sent by a user and later tries
to replay it.

For example, a person sends a request to his/her bank to ask for payment for a
job he/she has done. The attacker intercepts the message and sends it again to
receive another payment from the bank.
45
Security Attacks:: Threatening Integrity

• Masquerade or Spoofing :
• Threat against Integrity
• happens when the attacker impersonates somebody else.

 For example, an attacker might steal the bank card and PIN of a bank
customer and pretend that he/she is that customer. An attacker may also
pretend to be the bank and steal customer information. 46
Security Attacks:: Threatening Integrity
• Repudiation:
• Threat against Integrity
• This attack is caused either by the sender or receiver. The sender of the message
might later deny that he/she has sent the message; the receiver of the
message might later deny that he/she has received the message.

An example of denial by the sender would be a bank customer asking his/her bank to send some money to
a third party but later denying he/she has made such a request.
An example of denial by the receiver could occur when a person buys a product from a manufacturer and
pays for it electronically, but the manufacturer later denies having received the payment and asks to be paid.

47
 Security Attacks:: Threatening Availability

• Denial of service (DoS):

• Threat against Availability
• It may slow down or totally interrupt
the service of a system.

 The attacker can use several strategies to achieve this.

 She/he might send so many bogus requests to a server that the server crashes
because of the heavy load.
 The attacker might intercept and delete a server’s response to a client, making the
client to believe that the server is not responding.
 The attacker may also intercept requests from the clients, causing the clients to
send requests many times and overload the system 48
Security Attack:: Classification Based on
Effects on the System

49
Attack, Mechanism and Service

• Security Attacks: any action that compromises the security of information

• Security Mechanism: a mechanism that is designed to detect, prevent or

recover from a security attack

• Security Service: a service that enhances the security of data processing

systems and information transfers. A security service makes use of one
or more security mechanisms.

50
Security Mechanisms
• Encipherment (Encryption)
• Access control
• Routing control
• Authentication exchange

• Integrity protection
• Checksums
• Hash Functions
• Message Authentication Codes (MACs)
• Blockchain and Distributed Ledger Technologies
• Digital signature
• Notarization
• Traffic padding
• Etc. 51
Security Mechanisms
• ITU-T (X.800) also recommends some security mechanisms to provide the
security services defined in the previous section.

 Encipherment:
It refers to hiding or covering data, and can provide
confidentiality. Today two techniques are used for encipherment,
• Cryptography
• Steganography

52
Security Mechanisms
 Data Integrity:
 This mechanism appends to the data a short check value that
has been created by a specific process from the data itself.

 The receiver receives the data and the checkvalue. He creates

a new checkvalue from the received data and compares the
newly created checkvalue with the one received.

 If the two checkvalues are the same, the integrity of data has
been preserved.

53
Security Mechanisms
 Digital Signature:
 A digital signature is a means by which the sender can electronically sign the data
and the receiver can electronically verify the signature.
 The sender uses a private key to sign the data and the receiver uses the public key of
the sender to verify that indeed the data is sent by that sender.

54
Security Mechanisms
 Authentication Exchange:
 In authentication exchange, two entities exchange some messages to prove
their identity to each other.
 For example, one entity can prove that she knows a secret that only she is
supposed to know.

55
Security Mechanisms
 Traffic Padding:
 This means inserting some bogus data into the data traffic to thwart the
adversary’s attempt to use the traffic analysis.

56
Security Mechanisms
 Routing Control:
 It means selecting and continuously changing different available routes
between the sender and the receiver to prevent the attacker from
eavesdropping on a particular route.

57
Security Mechanisms
 Notarization:
 This means selecting a third trusted party to control the communication
between two entities.
 This can be done, for example, to prevent repudiation.

58
Security Mechanisms
 Access Control:
 Access control uses methods to prove that a user has access right to the
data or resources owned by a system.
 Examples of proofs are passwords and PINs.

59
Security Services

The International Telecommunication Union-Telecommunication

Standardization Sector (ITU-T) (X.800) has defined five services related to the
security goals and attacks we defined in the previous sections.

60
Security Services

 Data Confidentiality:
 It is designed to protect data from disclosure attack.
 The service as defined by X.800 is very broad and encompasses
confidentiality of the whole message or part of a message and also protection
against traffic analysis.
 That is, it is designed to prevent snooping and traffic analysis attack.

61
Security Services

 Data Integrity:
 It is designed to protect data from modification, insertion, deletion, and
replaying by an adversary.
 It may protect the whole message or part of the message.
 Anti-change
 Anti-replay

62
Security Services

 Authentication:
 This service provides the authentication of the party at the other end of the
line.
 In connection-oriented communication, it provides authentication of the
sender or receiver during the connection establishment (peer entity
authentication).
 In connectionless communication, it authenticates the source of the data (data
origin authentication).
 Peer entity
 Data origin 63
Security Services

 Nonrepudiation:
 This service protects against repudiation by either the sender or the receiver
of the data.
 In nonrepudiation with proof of the origin, the receiver of the data can later
prove the identity of the sender if denied.
 In nonrepudiation with proof of delivery, the sender of data can later prove that
data were delivered to the intended recipient.
 Proof of origin
 Proof of delivery
64
Security Services

 Access Control:
 It provides protection against unauthorized access to data.
 The term access in this definition is very broad and can involve reading,
writing, modifying, executing programs, and so on.

65
Security Services and Mechanisms

66
Relation between Services and Mechanisms

67
References

 Chapter -1 : Computer Security: Principles and Practice- by Lawrie Brown and

William Stallings
 Chapter -1 : Cryptography and Network Security- by Behrouz A. Forouzan
 Chapter -1 : Cryptography and Network Security: Principles and Practice- by William
Stallings

 Lecture by Dr. Shareeful Islam on workshop titled “Hands on Training on

Fundamental Web and Application Security Issues for NREN Professionals” organized
by Institute of Information Technology (IIT) University of Dhaka.

68