Data Privacy and Security

DSE 2224

Dr. Savitha G
Dr. Girisha S
Mr. Ashutosh H B
Data Privacy
• Data privacy generally means the ability of a person to determine
for themselves when, how, and to what extent personal
information about them is shared with or communicated to
others.

• This personal information can be one's name, location, contact

information, or online or real-world behavior.

• Privacy is considered a fundamental human right, and data

protection laws exist to guard that right.
Data Security
• In the digital world, security generally refers to the unauthorized
access of data, often involving protection against hackers or cyber
criminals.

• Privacy is your personal information and how you allow it to be

accessed and viewed
• In contrast, security is the protection of this data and information
Data Security
• Security is the act of keeping your private information and data secure,
and ensuring it is not accessed by any unauthorized sources.
• Cybersecurity can involve a number of tools and methods, including
these:

➢Firewalls
➢Network limitations

➢Security software
➢User authentication
➢Internal security measures
Security vs. privacy
• The main difference between privacy and security is that privacy
involves how your data is used and controlled, while security protects
this data.

• Security can exist without privacy, but the reverse is not true.

• Computer security and privacy are both equally important for managing
personal and sensitive information and data.

• Personal privacy has often been considered a luxury not available to

everyone, while security has long been deemed essential
Example
• If
you are using a Google Gmail account, your password
would be a data security method, while the way Google
uses your data to administer your account would be data
privacy.

• Data security is a prerequisite for data privacy.

Syllabus
Introduction to Data Privacy, types of privacy attacks, Data
linking and profiling, access control models, role based access
control, privacy policies, their specifications, privacy policy
languages, privacy in different domains-medical, financial, etc.
Mathematical model for comparing real-world data sharing
practices, computing privacy and risk measurements.
Demographics and Uniqueness. Protection Models-Null-map, k-
map, Wrong map. Survey of Techniques-Protection models (null-
map, k-map, wrong map), Disclosure control, Inferring entity
identities, entry specific databases. Computation systems for
protecting delimited Data-Min Gen, Datafly, Mu-Argus, k-Similar.
Syllabus
Introduction to Security: The OSI Security Architecture, Security Attacks, Services and
Mechanisms, Model for Network Security, Number theory, Cryptographic Hash
Functions, Digital Signatures, System Security, Symmetric Encryption and Message
Confidentiality, Substitution ciphers, Stream ciphers , Public-key cryptography and
Message Authentication, Key Distribution and Authentication, Transport Layer Security,
Wireless Network Security, E-mail Security, IP Security, Security Management Systems,
Need for IT Security, Intrusion Prevention and Detection Systems, Cyber Security.

Security metrics: Design, Data sources, Analysis of security metrics data, Measuring
security cost and value, Different context for security process management.

Acquisition and Duplication: Sterilizing Evidence Media, Acquiring Forensics Images,

Acquiring Live Volatile Data, Data Analysis, Metadata Extraction, and File System
Analysis.
References
• Ronald Leenes , Rosamunde van Brakel , Serge Gutwirth , De Hert, Paul, Data
Protection and Privacy: The Age of Intelligent Machines (Computers, Privacy
and Data Protection), Hart Publishing (December 28, 2017)
• B. Raghunathan, The Complete Book of Data Anonymization: From Planning
to Implementation, Auerbach Pub, 2016.
• L. Sweeney, Computational Disclosure Control: A Primer on Data Privacy
Protection, MIT Computer Science, 2017
• William Stallings, Cryptography and Network Security: Principles and
Practice, 7th Edition, Pearson Education, 2017.
• William Stallings, Network Security Essentials: Applications and Standards, 6th
Edition, Pearson Education, 2014.
• Atul Kahate, Cryptography and Network Security, 3rd Edition, Tata McGraw-
Hill Publishing Company Limited, 2013.
• Lance Hayden, IT Security Metrics, Tata McGraw Hill, 2016.
Introduction to Computer Security
• The field of network and Internet security consists of measures to
✓ prevent,
✓Detect,
✓ and correct security violations that involve the transmission of information

• Network and internet security: Depends on Cryptographic algorithms

• Computer Security: The protection afforded to an automated information system to

attain the applicable objectives of preserving the Confidentiality, Integrity,
Availability (CIA) of information system resources
Introduction to Computer Security
• Confidentiality: This term covers two
related concepts:

➢Data confidentiality: Assures that private or

confidential information is not made available or
disclosed to unauthorized individuals

➢Privacy: Assures that individuals control or

influence what information related to them may be
collected and stored and by whom and to whom that
information may be disclosed
Introduction to Computer Security
• Integrity: This term covers two related concepts:

➢Data integrity: Assures that information (both stored

and in transmitted packets) and programs are changed
only in a specified and authorized manner.

➢System integrity: Assures that a system performs its

intended function in an unimpaired manner, free from
deliberate or inadvertent unauthorized manipulation of
the system.

• Availability: Assures that systems work promptly

and service is not denied to authorized users.
Introduction to Computer Security
• These three concepts form what is often referred to as the
CIA triad.

• The three concepts embody the fundamental security

objectives for both data and for information and computing
services.
 Introduction to Computer Security
• Some in the security field feel that additional concepts are needed to present a
complete picture

• Authenticity: The property of being genuine and being able to be verified and
trusted; confidence in the validity of a transmission, a message, or message
originator.
• This means verifying that users are who they say they are and that each input
arriving at the system came from a trusted source.

• Accountability: The security goal that generates the requirement for actions of
an entity to be traced uniquely to that entity.
• This supports nonrepudiation, deterrence, fault isolation, intrusion detection
and prevention, and after action recovery and legal action
The OSI Security Architecture
• Necessity of Open Systems Interconnection(OSI)

➢To assess effectively the security needs of an organization

➢To evaluate and choose various security products and policies

• The manager responsible for security needs some systematic way of defining
the requirements for security and characterizing the approaches to satisfying
above requirements
• The OSI security architecture is useful to managers as a way of organizing
the task of providing security
• The OSI security architecture focuses on security attacks, mechanisms, and
services.
The OSI Security Architecture
The OSI Security Architecture
• Security attack: Any action that compromises the security of
information owned by an organization.

• Security mechanism: A process (or a device incorporating such a

process) that is designed to detect, prevent, or recover from a
security attack.

• Security service: A processing or communication service that

enhances the security of the data processing systems and the
information transfers of an organization.
Security Attacks
•A useful means of classifying security
attacks

➢Passive attacks: A passive attack attempts to

learn or make use of information from the
system but does not affect system resources.

➢Active attacks: An active attack attempts to

alter system resources or affect their operation
Security Attacks: Passive attacks
• Passive attacks are in the nature of eavesdropping on, or
monitoring of, transmissions

• The goal of the opponent is to obtain information that is being

transmitted.

• Two types of passive attacks are the release of message contents

and traffic analysis
 Security Attacks: Passive attacks
• Release of message contents:

➢A telephone conversation, an electronic mail message, and a transferred file may

contain sensitive or confidential information.

➢We would like to prevent an opponent from learning the contents of these

transmissions.
Security Attacks: Passive attacks
• Traffic analysis:

➢Suppose the message to be transmitted is masked, so that the opponent

could not extract the information from the message.

➢Common technique of masking is Encryption.

➢The opponent could determine the location and identity of

communicating hosts and could observe the frequency and length of
messages being exchanged.

➢This information might be useful in guessing the nature of the

communication that was taking place.
Passive Attack: Traffic Analysis

Observe traffic pattern

 Security Attacks: Passive attacks

• Passive attacks are very difficult to detect, because they do not

involve any alteration of the data
• Typically, the message traffic is sent and received in an apparently
normal fashion, and neither the sender nor receiver is aware that a
third party has read the messages or observed the traffic pattern
• However, it is feasible to prevent the success of these attacks,
usually by means of encryption.
• Thus, the emphasis in dealing with passive attacks is on
prevention rather than detection
Security Attacks: Active attacks
• Active attacks involve some modification of the data stream or
the creation of a false stream

• Subdivided into four categories:

➢Masquerade
➢Replay
➢Modification of messages
➢Denial of service.
Security Attacks: Active attacks
• Masquerade:
➢Takes place when one entity pretends to be a different entity.
➢For example, authentication sequences can be captured and replayed after a
valid authentication sequence has taken place, thus enabling an authorized
entity with few privileges to obtain extra privileges by impersonating an
entity that has those privileges.
Security Attacks: Active attacks
• Replay:

➢Involves the passive capture of a data unit and its subsequent retransmission
to produce an unauthorized effect.
 Security Attacks: Active attacks
• Modification:

➢ Some portion of a legitimate message is altered, or that messages are delayed or

reordered, to produce an unauthorized effect.

➢ For example, a message meaning “Allow John Smith to read confidential file accounts” is
modified to mean “Allow Fred Brown to read confidential file accounts.”
Security Attacks: Active attacks
• The denial of service:

➢Prevents or inhibits the normal use or management of communications facilities

➢This attack may have a specific target; for example, an entity may suppress all

messages directed to a particular destination.

➢Another form of service denial is the disruption of an entire network, either by

disabling the network or by overloading it with messages so as to degrade

performance.
Security Attacks: Active attacks
• It is quite difficult to prevent active attacks absolutely because of
the wide variety of potential physical, software, and network
vulnerabilities.
• Instead, the goal is to detect active attacks and to recover from any
disruption or delays caused by them.
Security Services
• It is a service that is provided by a protocol layer of communicating open systems and
that ensures adequate security of the systems or of data transfers

1. Authentication

2. Access Control

3. Data Confidentiality

4. Data Integrity

5. Nonrepudiation

6. Availability of service
Security Services
1. Authentication:
➢The authentication service is concerned with assuring that a communication
is authentic.
➢The function of the authentication service is to assure the recipient that the
message is from the source that it claims to be from.

 It involves two aspects:

➢First, at the time of connection initiation, the service assures that the two
entities are authentic, that is, that each is the entity that it claims to be.
➢The service must assure that the connection is not interfered with in such a
way that a third party can masquerade as one of the two legitimate parties
for the purposes of unauthorized transmission or reception.
Security Services
• Two specific authentication services are defined:
Peer entity authentication:
➢Provides for the evidence of the identity of a peer entity in an
association.
➢Two entities are considered peers if they implement same
protocol in different systems.
➢Peer entity authentication is provided for use at the
establishment of, or at times during the data transfer phase of, a
connection.
➢It attempts to provide confidence that an entity is not performing
either a masquerade or an unauthorized replay of a previous
connection.
Security Services
• Data origin authentication:
➢Provides for the evidence of the source of a data unit

➢It does not provide protection against the duplication or modification of data units

➢Example: Applications like electronic mail

2. Access control:
➢Access control is the ability to limit and control the access to host systems and
applications via communications links.
➢To achieve this, each entity trying to gain access must first be identified, or
authenticated, so that access rights can be tailored to the individual
Security Services
3. Confidentiality:

➢It is the protection of transmitted data from passive attacks

➢With respect to the content of a data transmission, several levels of protection

can be identified

➢Broadest service protects all user data transmitted between two users
over a period of time

➢Narrower forms of this service can also be defined, including the

protection of a single message or even specific fields within a message
Security Services
4. Data integrity:
➢Integrity can apply to a stream of messages, a single message, or selected fields within
a message

➢A connection-oriented integrity service:

❖One that deals with a stream of messages, assures that messages are received as
sent with no duplication, insertion, modification, reordering, or replays.
❖The destruction of data is also covered under this service
❖Connection-oriented integrity service addresses both message stream
modification and denial of service

➢A connectionless integrity service:

➢One that deals with individual messages without regard to any larger context
Security Services
5. Nonrepudiation:

➢Nonrepudiation prevents either sender or receiver from denying a transmitted

message.

➢Thus, when a message is sent, the receiver can prove that the alleged sender
in fact sent the message. Similarly, when a message is received, the sender
can prove that the alleged receiver in fact received the message.

6. Availability of Service:
➢Availability to be the property of a system or a system resource being
accessible and usable upon demand by an authorized system entity, according
to performance specifications for the system.
Security Mechanism
• The mechanisms are divided into those that are implemented in a specific protocol layer,
such as TCP or an application-layer protocol, and those that are not specific to any
particular protocol layer or security service.

• Encipherment: The use of mathematical algorithms to transform data into a form that is
not readily intelligible.

• Digital Signature: Data appended to, or a cryptographic transformation of, a data unit
that allows a recipient of the data unit to prove the source and integrity of the data unit
and protect against forgery.
Security Mechanism
• Access Control: A variety of mechanisms that enforce access rights to resources

• Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or
stream of data units.

• Authentication Exchange: A mechanism intended to ensure the identity of an entity by

means of information exchange.

• Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic
analysis attempts.

• Routing Control: Enables selection of particular physically secure routes for certain
data and allows routing changes, especially when a breach of security is suspected.

• Notarization: The use of a trusted third party to assure certain properties of a data
exchange.
Security Mechanism
• Trusted Functionality: That which is perceived to be correct with respect to some
criteria

• Event Detection: Detection of security-relevant events.

• Security Audit Trail: Data collected and potentially used to facilitate a security audit

• Security Recovery: Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.
A Model for Network Security
A Model for Network Security
• using this model requires us to:

➢Design a suitable algorithm for the security transformation

➢Generate the secret information (keys) used by the algorithm

➢Develop methods to distribute and share the secret information

➢Specify a protocol enabling the principals to use the transformation

and secret information for a security service
A Model for Network Security
A Model for Network Security
• Using this model requires us to:

➢Select appropriate gatekeeper functions to identify users

➢Implement security controls to ensure only authorised users access designated

information or resources

• Note that model does not include:

➢Monitoring of authorized users for misuse audit logging for forensic uses, etc.
END