Introduction to Network

Security
Mr. A. Moonga
MSc. Computer Science, MBA, BSc. Computer Science, CCNA Instructor,
CASE
Outline
 What is network security
 Information security requirements
 Network Security Violations Examples
 OSI Security Architecture
What is Network Security?
Network security is a term used to describe or represent measures
needed to protect data during their transmission.
The term internet security is also interchangeably used because
virtually all business, government, and academic organizations
interconnect their data processing using the internet.
Information Security
Why protect information? It is an asset
The requirements of information security within an organization have
undergone two major changes in the last several decades. Before the
widespread use of data processing equipment, the security of
information felt to be valuable to an organization was provided primarily
by physical and administrative means. An example of the former is the
use of rugged filing cabinets with a combination lock for storing
sensitive documents. An example of the latter is personnel screening
procedures used during the hiring process.
Information Security contd..
With the introduction of the computer, the need for automated tools for
protecting files and other information stored on the computer became
evident. This is especially the case for a shared system, such as a time-
sharing system, and the need is even more acute for systems that can be
accessed over a public telephone network, data network, or the
Internet. The generic name for the collection of tools designed to
protect data and to thwart hackers is computer security.
Network Security Violations Examples
1. User A transmits a file to user B. The file contains sensitive information (e.g., payroll
records) that is to be protected from disclosure. User C, who is not authorized to read
the file, is able to monitor the transmission and capture a copy of the file during its
transmission.
2. A network manager, D, transmits a message to a computer, E, under its
management. The message instructs computer E to update an authorization file to
include the identities of a number of new users who are to be given access to that
computer. User F intercepts the message, alters its contents to add or delete entries,
and then forwards the message to E, which accepts the message as coming from
manager D and updates its authorization file accordingly. Rather than intercept a
message, user F constructs its own message with the desired entries and transmits
that message to E as if it had come from manager D. Computer E accepts the message
as coming from manager D and updates its authorization file accordingly.
Network Security Violations Examples contd..
3. An employee is fired without warning. The personnel manager sends a message to a
server system to invalidate the employee’s account. When the invalidation is
accomplished, the server is to post a notice to the employee’s file as confirmation of
the action. The employee is able to intercept the message and delay it long enough to
make a final access to the server to retrieve sensitive information. The message is then
forwarded, the action taken, and the confirmation posted. The employee’s action may
go unnoticed for some considerable time.
4. A message is sent from a customer to a stockbroker with instructions for various
transactions. Subsequently, the investments lose value and the customer denies
sending the message.
 OSI Security Architecture
To assess effectively the security needs of an organization and to evaluate and
choose various security products and policies, the manager responsible for computer
and network security needs some systematic way of defining the requirements
for security and characterizing the approaches to satisfying those requirements. This
is difficult enough in a centralized data processing environment; with the use of
local and wide area networks, the problems are compounded.
OSI Security Architecture Cont..
The Security Architecture for OSI, defines such a systematic approach (ITU-T4
Recommendation). The OSI security architecture is useful to managers as a way of
organizing the task of providing security.
Furthermore, because this architecture was developed as an international standard,
computer and communications vendors have developed security features for their
products and services that relate to this structured definition of services and
mechanisms.
Threat
A potential for violation of security, which exists when there is a circumstance,
capability, action, or event that could breach security and cause harm. That is, a threat
is a possible danger that might exploit a vulnerability.
Attack
An assault on system security that derives from an intelligent threat. That is, an
intelligent act that is a deliberate attempt (especially in the sense of a method or
technique) to evade security services and violate the security policy of a system.
OSI Security Architecture Cont..
The OSI security architecture focuses on security attacks, mechanisms, and services.
These can be defined briefly as follows:
 Security attack: Any action that compromises the security of information owned by
an organization.
 Security mechanism: A process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security attack.
 Security service: A processing or communication service that enhances the security
of the data processing systems and the information transfers of an organization.
The services are intended to counter security attacks, and they make use of one or
more security mechanisms to provide the service.
SECURITY ATTACKS
A useful means of classifying security attacks is in terms of passive attacks and active
attacks. A passive attack attempts to learn or make use of information from the system
but does not affect system resources. An active attack attempts to alter system
resources or affect their operation.

Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.
The goal of the opponent is to obtain information that is being transmitted. Two types
of passive attacks are the release of message contents and traffic analysis.
a) Release of Message Contents

A telephone conversation, an electronic mail message, and a transferred file may contain
sensitive or confidential information. We would like to prevent an opponent from
learning the contents of these transmissions.
b) Traffic Analysis

Traffic analysis attack is more sophisticated.

Suppose that we had a way of masking the contents of messages or other information traffic so that
opponents, even if they captured the message, could not extract the information from the message. The
common technique for masking contents is encryption. If we had encryption protection in place, an
opponent still might be able to observe the pattern of these messages. The opponent could determine
the location and identity of communicating hosts and could observe the frequency and length of
messages being exchanged. This information might be useful in guessing the nature of the
communication that was taking place.
Traffic Analysis Cont..
Passive attacks are very difficult to detect, because they do not involve
any alteration of the data. Typically, the message traffic is sent and
received in an apparently normal fashion, and neither the sender nor
the receiver is aware that a third party has read the messages or
observed the traffic pattern. However, it is feasible to prevent the
success of these attacks, usually by means of encryption. Thus, the
emphasis in dealing with passive attacks is on prevention rather than
detection.
Active Attacks
Active attacks involve some modification of the data stream or the
creation of a false stream and can be subdivided into four categories:
masquerade, replay, modification of messages, and denial of service.
A masquerade takes place when one entity pretends to be a different
entity. A masquerade attack usually includes one of the other forms of
active attack. For example, authentication sequences can be captured
and replayed after a valid authentication sequence has taken place, thus
enabling an authorized entity with few privileges to obtain extra
privileges by impersonating an entity that has those privileges.
Masquerade Attack
Replay Attack
Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect
 Modification of Messages Attack
Modification of messages simply means that some portion of a legitimate message is
altered, or that messages are delayed or reordered, to produce an unauthorized effect.
For example, a message meaning “Allow John Smith to read confidential file accounts”
is modified to mean “Allow Fred Brown to read confidential file accounts.”
Denial of Service Attack
The denial of service prevents or inhibits the normal use or management of
communications facilities. This attack may have a specific target; for example, an entity
may suppress all messages directed to a particular destination (e.g., the security audit
service). Another form of service denial is the disruption of an entire network—either
by disabling the network or by overloading it with messages so as to degrade
performance.
SECURITY SERVICES
A security service is a service that is provided by a protocol layer of communicating open
systems and that ensures adequate security of the systems or of data transfers. It can
also be defined as a processing or communication service that is provided by a system to
give a specific kind of protection to system resources; security services implement
security policies and are implemented by security mechanisms.
The security services are divided into five categories and fourteen specific services as
outlined in the table on the next slide.
Security Services Categories
Authentication
The authentication service is concerned with assuring that a communication is
authentic. In the case of a single message, such as a warning or alarm signal, the
function of the authentication service is to assure the recipient that the message is
from the source that it claims to be from. In the case of an ongoing interaction, such as
the connection of a terminal to a host, two aspects are involved. First, at the time of
connection initiation, the service assures that the two entities are authentic (that is, that
each is the entity that it claims to be). Second, the service must assure that the
connection is not interfered with in such a way that a third party can masquerade as one
of the two legitimate parties for the purposes of unauthorized transmission or reception.
Two specific authentication services are defined are:
• Peer entity authentication: Provides for the corroboration of the identity of a peer
entity in an association. Two entities are considered peers if they implement the same
protocol in different systems (e.g., two TCP modules in two communicating systems).
Peer entity authentication is provided for use at the establishment of or during the data
transfer phase of a connection. It attempts to provide confidence that an entity is not
performing either a masquerade or an unauthorized replay of a previous connection.
Authentication Cont..
• Data origin authentication: Provides for the confirmation of the
source of a data unit. It does not provide protection against the
duplication or modification of data units. This type of service supports
applications like electronic mail, where there are no prior interactions
between the communicating entities.
Access Control
In the context of network security, access control is the ability to limit
and control the access to host systems and applications via
communications links. To achieve this, each entity trying to gain access
must first be identified, or authenticated, so that access rights can be
tailored to the individual.
Data Confidentiality
Confidentiality is the protection of transmitted data from passive attacks. With respect
to the content of a data transmission, several levels of protection can be identified.
The broadest service protects all user data transmitted between two users over a
period of time. For example, when a TCP connection is set up between two systems,
this broad protection prevents the release of any user data transmitted over the TCP
connection. Narrower forms of this service can also be defined, including the
protection of a single message or even specific fields within a message. These
refinements are less useful than the broad approach and may even be more complex
and expensive to implement.

The other aspect of confidentiality is the protection of traffic flow from analysis. This
requires that an attacker not be able to observe the source and destination, frequency,
length, or other characteristics of the traffic on a communications facility.
Data Integrity
As with confidentiality, integrity can apply to a stream of messages, a single message,
or selected fields within a message. Again, the most useful and straightforward
approach is total stream protection.
A connection-oriented integrity service deals with a stream of messages and assures
that messages are received as sent with no duplication, insertion, modification,
reordering, or replays. The destruction of data is also covered under this service. Thus,
the connection-oriented integrity service addresses both message stream modification
and denial of service. On the other hand, a connectionless integrity service deals with
individual messages without regard to any larger context and generally provides
protection against message modification only.
We can make a distinction between service with and without recovery. Because the
integrity service relates to active attacks, we are concerned with detection rather than
prevention. If a violation of integrity is detected, then the service may simply report
this violation, and some other portion of software or human intervention is required
to recover from the violation. Alternatively, there are mechanisms available to recover
from the loss of integrity of data, as we will review subsequently. The incorporation of
automated recovery mechanisms is typically the more attractive alternative.
Nonrepudiation
Nonrepudiation prevents either sender or receiver from denying a
transmitted message. Thus, when a message is sent, the receiver can
prove that the alleged sender in fact sent the message. Similarly, when a
message is received, the sender can prove that the alleged receiver in
fact received the message.
Availability Service
Availability is defined as a property of a system or a system resource being accessible
and usable upon demand by an authorized system entity, according to performance
specifications for the system (i.e., a system is available if it provides services according
to the system design whenever users request them). A variety of attacks can result in
the loss of or reduction in availability. Some of these attacks are amenable to
automated countermeasures, such as authentication and encryption, whereas others
require some sort of physical action to prevent or recover from loss of availability of
elements of a distributed system.
Availability is treated as a property to be associated with various security services.
However, it makes sense to call out specifically an availability service. An availability
service is one that protects a system to ensure its availability. This service addresses
the security concerns raised by denial-of-service attacks. It depends on proper
management and control of system resources and thus depends on access control
service and other security services.
SECURITY MECHANISMS
The mechanisms are divided into those that are implemented in a specific protocol
layer, such as TCP or an application layer protocol, and those that are not specific to
any particular protocol layer or security service. Encipherment can be distinguished
between reversible encipherment mechanisms and irreversible encipherment
mechanisms. A reversible encipherment mechanism is simply an encryption algorithm
that allows data to be encrypted and subsequently decrypted. Irreversible
encipherment mechanisms include hash algorithms and message authentication
codes, which are used in digital signature and message authentication applications.
Relationship between security services and security mechanisms.
End!