1

Objectives for Chapter 1

• Define computer security as well as basic computer
security terms
• Introduce the C-I-A Triad
• Introduce basic access control terminology
• Explain basic threats, vulnerabilities, and attacks
• Show how controls map to threats
• To introduce two techniques, cryptography and
steganography, to implement security mechanisms

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Computer Security Concept
What Is Computer Security?

• The protection of the assets of a computer

system
• Hardware
• Software
• Data

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 3

Computer Security Concept. Cont.

Assets

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 4

Computer Security Concept. Cont.

Values of Assets

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Computer Security Concept. Cont.
Critical Infrastructure Areas

… telecommunications, electrical power systems, gas

and oil, banking and finance, transportation, water
supply systems, government services and emergency
services.
[Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]
 Computer Security Concept. Cont.
C-I-A Triad
 Used as a guide by experts when they
develop policies and procedures for an
effective information security program.
Confidentiality (e.g., student grades)
Integrity (e.g., patient information)
Availability (e.g., The loss of the service
translates into a large financial loss )

Sometimes two other desirable

characteristics:
Authentication, Nonrepudiation

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Computer Security Concept. Cont.
Internet, Wireless Communication, IoT get all types of information systems
connected, It is urgent to secure them against virus, hacker, eavesdropping,
cheats …
• System Security ： computer system, mobile devices, IoT devices…
• Computer Security:
The protection afforded to an automated information system in order to attain the
applicable objectives of preserving the integrity, availability and confidentiality of
information system resources (includes hardware, software, firmware, information/data, and
telecommunications). (NIST95)
• Confidentiality:
• Data confidentiality: Assures that private or confidential information is not made available or disclosed to
unauthorized individuals.
• Privacy: Assures that individuals control or influence what information related to them may be collected and stored
and by whom and to whom that information may be disclosed.
• Integrity:
• Data integrity: Assures that information (both stored and in transmitted packets) and programs are changed only in
a specified and authorized manner.
• System integrity: Assures that a system performs its intended function in an unimpaired manner, free from
deliberate or inadvertent unauthorized manipulation of the system.
• Availability:
Assures that systems work promptly and service is not denied to authorized users.
Computer Security Concept. Cont.
Confidentiality: Preserving authorized
restrictions on information access
and disclosure, including means for
protecting personal privacy and proprietary
information. A loss of confidentiality is the
unauthorized disclosure of
information. Figure 1.1 Essential Network and Computer
Security Requirements
■ Integrity: Guarding against improper
information modification or destruction,
including ensuring information Authenticity: The property of being genuine and
nonrepudiation and authenticity. A loss being able to be verified and trusted; confidence
of integrity is the unauthorized modification in the validity of a transmission, a message, or
or destruction of information. message originator. This means verifying that
users are who they say they are and that each
■ Availability: Ensuring timely and reliable
input arriving at the system came from a trusted
access to and use of information. source.
A loss of availability is the disruption of ■ Accountability: The security goal that
access to or use of information or an generates the requirement for actions of an entity
information system. to be traced uniquely to that entity.
Computer Security Concept. Cont.
When is any System Secure?
Confidentiality: Who is authorized?
Integrity: Is data good?
Availability: Can one access data whenever needed?

Confidentiality Integrity
S

Availability
S = secure

[cf. Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]

Balancing CIA
Confidentiality Integrity
Biographical Payroll Health
Data
S Data Data

S = secure
Availability

Sensitive
Data

 Need to balance CIA

e.g., Disconnect computer from Internet to increase Packet
Switch
confidentiality
 availability suffers
 integrity suffers due to lost updates Bridge
File
e.g., Have extensive data checks by different Server

people/systems to increase integrity

 confidentiality suffers as more people see Gateway

 data availability suffers due to locks on data Other

Networks

under verification

[Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]

 11

Types of Attackers

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 12

Threats, Vulnerabilities and Controls

Threats: Something that can potentially cause

damage to information assets.

Vulnerabilities: A weakness in the organization,

computer system, or network that can be exploited
(broken) by threat.

Control: an action, device, procedure, or technique

that remove or reduce a vulnerabilities.
 13

Threats, Vulnerabilities and Controls. Cont.

Relationship among threats, controls, and vulnerabilities:
• A threat is blocked by control of a vulnerability.
• To devise controls, we must know as much about threats as possible.

The fact that the violation

might occur means that
the actions that might
cause it should be
guarder against.
The water is the threat,
the crack the
vulnerability, and the
finger the control (for
now).

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 Attack
• = exploitation of one or more vulnerabilities by a threat; tries to defeat
controls
• Attack may be:
• Successful
• resulting in a breach of security, a system penetration, etc.
• Unsuccessful
• when controls block a threat trying to exploit a vulnerability
[Pfleeger & Pfleeger]
• Examples
• Fig. 1-1 (p.6)
• New Orleans disaster (Hurricane Katrina):
What were city vulnerabilities, threats, and controls
 15

Types of Harm

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 Kinds of Threats
• Kinds of threats:
• Interception
• an unauthorized party (human or not) gains access to an asset
• Interruption
• an asset becomes lost, unavailable, or unusable
• Modification
• an unauthorized party changes the state of an asset
• Fabrication
• an unauthorized party counterfeits an asset
[Pfleeger & Pfleeger]
 1.17

Taxonomy of attacks with relation to security goals

 Attacks Threatening Confidentiality 1.18

Snooping refers to unauthorized access to or interception of

data.

Traffic analysis refers to obtaining some other type of

information by monitoring online traffic.
 Example of Snooping:
Wardriving / Warwalking, Warchalking,

• Wardriving/warwalking -- driving/walking around with a wireless-

enabled notebook looking for unsecured wireless LANs

• Warchalking -- using chalk markings to show the presence and

vulnerabilities of wireless networks nearby
• E.g., a circled "W” -- indicates a WLAN protected by Wired
Equivalent Privacy (WEP) encryption

[Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]

Example of Snooping:
Tapping Wireless
http://www.oreillynet.com/cs/weblog/view/wlg/448

[Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]

[Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]
 Attacks Threatening Integrity 1.22

Modification means that the attacker intercepts the message

and changes it.

Masquerading or spoofing happens when the attacker

impersonates somebody else.

Replaying means the attacker obtains a copy

of a message sent by a user and later tries to replay it.

Repudiation means that sender of the message might later

deny that she has sent the message; the receiver of the
message might later deny that he has received the message.
 Example of System Alteration:
Skimming from ABC.com

A legitimate transaction, so it seems... Stealing credit card data.

Making counterfeit „blank” credit card (with a Magetizing the magnetic strip to complete producing
blank magnetic strip). a counterfeit card.
[Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]
 Attacks Threatening Availability 1.24

Denial of service (DoS) is a very common attack. It may

slow down or totally interrupt the service of a system.

A sever class of this attack is the Distributed Denial of

service (DDoS) attack. In this class very large number
(thousands or even millions) of attacking machines are
coordinated and synchronized to attack a victim system
simultaneously.
1.2 The OSI Security Architecture
• ITU-T X.800 Security Architecture for OSI
■ Security attack: Any action that compromises the security of information
owned by an organization.
■ Security mechanism: A process (or a device incorporating such a process)
that is designed to detect, prevent, or recover from a security attack.
■ Security service: A processing or communication service that enhances the
security of the data processing systems and the information transfers of an
organization. The services are intended to counter security attacks, and they
make use of one or more security mechanisms to provide the service.
1.3 Security Attacks
• Passive attacks
• eavesdropping on, or monitoring of, transmissions.
• The goal of the opponent is to obtain information that is being transmitted.
Two types of passive attacks are the release of message contents and traffic
analysis.
• Active attacks
• some modification of the data stream or the creation of a false stream
• four categories: masquerade, replay, modification of messages, and denial of
service.
Passive Versus Active Attacks
1.27

Table 1.1 Categorization of passive and active attacks

Passive Attack--release of contents
Passive Attack—traffic analysis
Active Attack—Masquerade
Active Attack—Replay
Active Attack—Modification of messages
Active Attack—Denial of Service
Summary of attacks
• Interruption: against availability
• Interception: against confidentiality
• Modification: against integrity
• Fabrication: against authenticity
 1.35

SERVICES AND MECHANISMS

ITU-T provides some security services and some
mechanisms to implement those services. Security
services and mechanisms are closely related because a
mechanism or combination of mechanisms are used to
provide a service..

Topics discussed in this section:

1.3.1 Security Services
1.3.2 Security Mechanism
1.3.3 Relation between Services and Mechanisms
 SERVICES AND MECHANISMS. Cont.
Definition: Security Services
• In the X.800 Standard:
“a service provided by a protocol layer of communicating open
systems, which ensures adequate security of the systems or of
data transfers”

• In the Internet document RFC 2828:

“a processing or communication service provided by a system to
give a specific kind of protection to system resources”
SERVICES AND MECHANISMS. Cont.
 Security Services (X.800)
• Authentication - assurance that communicating
entity is the one claimed
• peer-entity authentication
• data origin authentication
• Access Control - prevention of the unauthorized use
of a resource
• Data Confidentiality –protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is as
sent by an authorized entity
• Non-Repudiation - protection against denial by one
of the parties in a communication
• Availability – resource accessible/usable
 1.38

SERVICES AND MECHANISMS. Cont.

Security Services
 1.39

SERVICES AND MECHANISMS. Cont.

SERVICES AND MECHANISMS. Cont.

Relationship Between Security Services and

Mechanisms
 1.41

SERVICES AND MECHANISMS. Cont.

 TECHNIQUES

Mechanisms discussed in the previous sections are only

theoretical recipes to implement security. The actual
implementation of security goals needs some
techniques. Two techniques are prevalent today:
cryptography and steganography.

Topics discussed in this section:

1.4.1 Cryptography
1.4.2 Steganography
 1.42

Cryptography
Cryptography, a word with Greek origins, means “secret
writing.” However, we use the term to refer to the science and
art of transforming messages to make them secure and
immune to attacks.
Classical Cryptography & Modern Cryptography
• Cryptography is “the art of writing or solving codes.” -
Concise Oxford English Dictionary
• focusing solely on the codes used for centuries to enable secret
communication.
• By military organizations and governments.
• Modern Cryptography :
• mathematical techniques for securing digital information, systems,
and distributed computations against adversarial attacks.

cryptography as a science and a

• Since 1970s,

mathematical discipline.
• Provable security
• In everywhere, central topic of computer security
 1.44

Steganography
The word steganography, with origin in Greek, means
“covered writing,” in contrast with cryptography, which
means “secret writing.”

Example: covering data with text

 1.45

Steganography Examples
Example 1: using dictionary
{Every word is uniquely coded by a bit combination.
Shorter bit patterns are given to frequently used words}

Example 2: covering data under color image

{Data bits are stored in the least significant bit of every byte in a
colored image file}
1.7 A MODEL FOR
NETWORK SECURITY
■ A security-related transformation on the information to be sent.
■ Some secret information shared by the two principals and, it is hoped , unknown to
the opponent.
Four Tasks in Designing a particular security service
• 1. Design an algorithm for performing the security-related
transformation. The Algorithm should be such that an opponent
cannot defeat its purpose.
• 2. Generate the secret information to be used with the
algorithm.
• 3. Develop methods for the distribution and sharing of the
secret information.
• 4. Specify a protocol to be used by the two principals that
makes use of the security algorithm and the secret information
to achieve a particular security service.
Review Questions and Problems
• 1.1 What is the OSI security architecture?
• 1.2 List and briefly define the three key objectives of computer security.
• 1.3 List and briefly define categories of passive and active security attacks.
• 1.4 List and briefly define categories of security services.
• 1.5 List and briefly define categories of security mechanisms.
• 1.6 List and briefly define the fundamental security design principles.

• 1.7 Draw a matrix similar to Table 1.4 that shows the relationship between security
services and attacks.
• 1.8 Consider a financial report publishing system used to produce reports for various
organizations.
• a. Give an example of a type of publication in which confidentiality of the stored
• data is the most important requirement.
• b. Give an example of a type of publication in which data integrity is the most important
• requirement.
• c. Give an example in which system availability is the most important requirement.
Summary
• topic roadmap & standards organizations
• security concepts:
• confidentiality, integrity, availability
• X.800 security architecture
• security attacks, services, mechanisms
• models for network (access) security