Information Security

Chapter 1- Introduction
 Introduction
• Information is an asset that has a value like any other asset.
• As an asset information needs to be secured from attacks.
• To be secured, information needs to be hidden from unauthorized access (confidentiality),
protected from unauthorized change (integrity), and available to an authorized entity when it
is needed (availability).
• Until a few decades ago, the information collected by an organization was stored on physical
files.
• The confidentiality of the file was achieved by restricting the access to a few authorized and
trusted people in the organization. In the same way, only a few authorized people were
allowed to change the contents of the files.
• Availability was achieved by designating at least one person who would have access to the
files at all times.
• The advent of computers and introduction of distributed systems has brought the major
challenge to security.
• Network/Internet security measures are needed to protect data during their transmission.
• With the advent of computers, information storage became electronic.
• Instead of being stored on physical media, it was stored in computers.
• The three security requirements however, did not change.
• The files stored in computers require confidentiality, integrity and availability.
• The implementation of these requirements, however, is different and more challenging.
• The major change that affected security is the introduction of distributed
systems and the use of networks and communications facilities for carrying
data between terminal user and computer and between computer and
computer.
• Network security measures are needed to protect data during their transmission.
• In fact, the term network security is somewhat misleading, because virtually all
business, government, and academic organizations interconnect their data processing
equipment with a collection of interconnected networks.
• Such a collection is often referred to as an internet, and the term internet security is
used.
Computing systems are the assets to attackers. Today computers are very powerful, work at unimaginable speed and at
very high accuracy. With computers we now have new concerns namely automated attacks, privacy breach, ease of
theft etc.
• Automating attacks
• Suppose that someone manages to create a machine that can produce counterfeit (forged) coins, would that not bother
authorities? It certainly would.
• However, producing so many coins on a mass scale may not be that much economical compared to the return on that investment!
How many such coins would the attacker be able to get into the market so rapidly? This is quite different with computers. They are
quite efficient and happy in doing routine, boring and repetitive tasks.
• Stealing a very low amount say half a dollar from a million bank accounts in a matter of few minutes. This would give the attacker
half a million dollars possibly without any major complaints!
• Privacy concerns
• Collecting information about people and later misusing it is turning out to be a huge problem
• The so called data mining applications gather process and tabulate all sorts of details about individuals. People can then illegally sell
this information.
• For example, companies like Experian (formerly TRW), TransUnion and Equifax maintain credit history of individuals in the USA.
• Similar trends are seen in the rest of the world. These companies have volumes of information about a majority of citizens of that
country. These companies can collect, collate, polish and format all sorts of information to whosoever is ready to pay for that data!
• Examples of information that can come out of this are: which store the person buys more from, which restaurant s/he eats in, where s/he goes for
vacations frequently and so on.
• Every company (Eg. Shop keepers, banks, airlines, insurers) is collecting and processing a mind boggling amount of information
about us, without we realizing when and how it is going to be used.
• Distance does not matter
In 1995, A russian hacker broke into Citibank‟s computers remotely, stealing $12 million. Although the attacker was
traced, it was very difficult to get him extradited for the court case.
 Goals of Information Security

• Computer security is defined as the protection afforded to an automated

information system in order to attain the applicable objectives of preserving
the integrity, availability, and confidentiality of information system resources
(includes hardware, software, firmware, information/ data, and
telecommunications).
• This definition introduces three key Goals/objectives that are at the heart of
information security.
• These are Confidentiality, Integrity and Availability, often referred as CIA triad
• Confidentiality: This term covers two related concepts:
• Confidentiality: Assures that private or confidential information is not made available or disclosed to
unauthorized individuals
• Privacy: Assures that individuals control or influence what information related to them may be collected
and stored and by whom and to whom that information may be disclosed.
• Example: Grade information should only be available to students, their parents, and employees that
require the information to do their job
• Integrity: Information needs to be changed constantly. In a bank, when a customer deposits
or withdraws money, the balance of their account needs to be changed. Integrity means that
changes should be done only by authorized users and through authorized mechanisms.
• This term covers two related concepts:
• Data integrity: Assures that information and programs are changed only in a specified and authorized
manner.
• System integrity: Assures that a system performs its intended function in an unimpaired manner, free
from deliberate or inadvertent unauthorized manipulation of the system.
• Example: Several aspects of integrity are illustrated by the example of a hospital patient’s allergy
information stored in a database. The doctor should be able to trust that the information is correct and
current. Now suppose that an employee (e.g., a nurse) who is authorized to view and update this
information deliberately falsifies the data to cause harm to the hospital.
• Availability: Assures that systems work promptly and service is not denied to
authorized users.
• E.g. A search for a website resulting unavailability
• These three concepts form what is often referred to as the CIA triad.
• Authenticity: The property of being genuine and being able to be verified
and trusted; confidence in the validity of a transmission, a message, or
message originator. This means verifying that users are who they say they are
and that each input arriving at the system came from a trusted source.
• Accountability: Because truly secure systems are not yet an achievable goal,
we must be able to trace a security breach to a responsible party. Systems
must keep records of their activities to permit later forensic analysis to trace
security breaches or to aid in transaction disputes.
 OSI SECURITY ARCHITECTURE
• The OSI security architecture focuses on security attacks, mechanisms, and
services. These can be defined briefly as follows:
Security attack
• Security attack is any action that compromises the security of information
owned by an organization.
Security mechanism
• A process (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.
Security service
• A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization. The
services are intended to counter security attacks, and they make use of one
or more security mechanisms to provide the service.
…
Threat
• Threat is a potential for violation of security, which exists when there
is a circumstance, capability, action, or event that could breach
security and cause harm. That is, a threat is a possible danger that
might exploit vulnerability.
Attack
• Attack is an assault on system security that derives from an intelligent
threat; that is, an intelligent act that is a deliberate attempt
(especially in the sense of a method or technique) to evade security
services and violate the security policy of a system.
Taxonomy of attacks
• Attacks threatening confidentiality
• In general, two types of attack threaten the confidentiality of information: snooping and traffic
analysis.
• Snooping refers to unauthorized access to or interception of data.
• Traffic analysis refers other types of information collected by an intruder by monitoring online traffic.
• Attacks threatening integrity
• The integrity of data can be threatened by several kinds of attack:
• Modification
• A modification attack is an attempt to modify information that the attacker is not authorized to modify.
• Masquerading
• A masquerade takes place when one entity pretends to be a different entity.
• Replaying
• Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
• Repudiation
• In a repudiation attack, false information may be given or a real event or transaction may be denied.
• Attacks threatening availability
• Denial of service (DoS) attacks may slow down or totally interrupt the service of a system.
• Make the system so busy that it collapses, or they might
• intercept messages sent in one direction and make the sending system believe that one of the parties involved in the
communication or message has lost the message and that it should be resent.
 TYPES OF ATTACKS
• Attacks are classified as passive and active.
• A passive attack is an attempt to learn or make use of information from the
system without affecting system resources; whereas an active attack is an
attempt to alter system resources or affect their operation.
Passive Attacks
• Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions.
• The goal of the opponent is to obtain information that is being transmitted.
Two types of passive attacks are release of message contents and traffic
analysis.
• The release of message contents is easily understood. A telephone
conversation, an electronic mail message, and a transferred file may contain
sensitive or confidential information. We would like to prevent an opponent
from learning the contents of these transmissions.
• A second type of passive attack, traffic analysis, is subtler. Suppose that we
had a way of masking the contents of messages or other information traffic so
that opponents, even if they captured the message, could not extract the
information from the message. The common technique for masking contents
is encryption. If we had encryption protection in place, an opponent might still
be able to observe the pattern of these messages.
Active Attacks
• Active attacks involve some modification of the data stream or the creation of
a false stream and can be subdivided into four categories: masquerade, replay,
modification of messages, and denial of service.
• Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.
• A masquerade takes place when one entity pretends to be a different entity.
For example, authentication sequences can be captured and replayed after a
valid authentication sequence has taken place, thus enabling an authorized
entity with few privileges to obtain extra privileges by impersonating an entity
that has those privileges.
• Modification of messages simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce an
unauthorized effect. For example, a message meaning "Allow John Smith to
read confidential file accounts" is modified to mean "Allow Fred Brown to
read confidential file accounts.“
• The denial of service prevents or inhibits the normal use or management of
communications facilities. This attack may have a specific target; for example,
an entity may suppress all messages directed to a particular destination (e.g.,
the security audit service). Another form of service denial is the disruption of
an entire network, either by disabling the network or by overloading it with
messages so as to degrade performance.
 SECURITY MECHANISM
• Security Mechanism is a mechanism that is designed to detect,
prevent, or recover from a security attack.
• The following are lists of the security mechanisms defined in and ISO
7498-2.
• The mechanisms are divided into:
• Those that are implemented in a specific protocol layer, such as TCP or an
application layer protocol, and
• Those that are not specific to any particular protocol layer or security.
 SPECIFIC SECURITY MECHANISMS

• SPECIFIC SECURITY MECHANISMS May be incorporated into the appropriate

protocol layer in order to provide some of the OSI security services.
• Encipherment - The use of mathematical algorithms to transform data into a form that is not
readily intelligible. The transformation and subsequent recovery of the data depend on an
algorithm and zero or more encryption keys.
• Example: A message like “HELLO” will be encrypted as “0805121215,” and this value will be transmitted over
the network to the recipient(s)
• Digital Signature - Data appended to, or a cryptographic transformation of, a data unit that
allows a recipient of the data unit to prove the source and integrity of the data unit and
protect against forgery.
• Using a mathematical algorithm, digital signing will generate two keys: a public key and a private
key.
• When a signer digitally signs a document, a cryptographic hash is generated for the document.
• That cryptographic hash is then encrypted using the sender's private key and then appended to the
document and sent to the recipients along with the sender's public key.
• The recipient can decrypt the encrypted hash with the sender's public key certificate. A
cryptographic hash is again generated on the recipient's end.
• Both cryptographic hashes are compared to check its authenticity. If they match, the document
hasn't been tampered with and is considered valid.
 Confidential
memo
Cryptographic Confidential
Sender
algorithm memo

- Private and Public keys are mathematically related

Confidential
memo

Cryptographic
Hash algorithm
Receiver algorithm
• Access Control - A variety of mechanisms that enforce access rights to resources.
• Access control regulates who or what can view or use resources, by verifying various login
credentials, which can include usernames and passwords, PINs, biometric scans, and
security tokens.
• Authentication Exchange - A mechanism intended to ensure the identity of an
entity by means of information exchange.
• Traffic Padding - The insertion of bits into gaps in a data stream to frustrate traffic
analysis attempts.
• Routing Control - Enables selection of particular physically secure routes for
certain data and allows routing changes, especially when a breach of security is
suspected.
• Notarization - The use of a trusted third party to assure certain properties of a
data exchange.
• When notarization occurs, a notary public certifies the authenticity of any signature
appended to a document.
• It acts as mediator between sender and receiver so that if any chance of conflict is reduced.
This mediator keeps record of requests made by sender to receiver for later denied.
 PERVASIVE SECURITY
MECHANISMS
• Mechanisms that are not specific to any particular OSI security service or protocol layer.
Trusted Functionality
• That which is perceived to be correct with respect to some criteria (e.g., as established by a security
policy).
Security Label
• The marking bound to a resource (which may be a data unit) that names or designates the security
attributes of that resource.
Event Detection
• Detection of security-relevant events.
Security Audit Trail
• Data collected and potentially used to facilitate a security audit, which is an independent review and
examination of system records and activities.
Security Recovery
• Deals with requests from mechanisms, such as event handling and management functions, and takes
recovery actions.
• A processing or communication service that is provided by a system to give a
specific kind of protection to system resources; security services implement
security policies and are implemented by security mechanisms.
1. The advent of computers and introduction of distributed systems has brought
the less challenge to security. (True/False)
2. Measures needed to protect data during their transmission are called ____.
3. The case of stealing a very low amount say half a dollar from a million bank
accounts in a matter of few minutes without any major complaints is enabled
by__________________________
a. Automating attacks b. Privacy concerns c. Distance does not matter d. None
4. The Goal of Information security that assures that private information is not
made available or disclosed to unauthorized individuals is:
a. Confidentiality b. Integrity c. Availability d. Accountability
5. A process (or a device incorporating such a process) that is designed to detect,
prevent, or recover from a security attack is called_____________________.
6. One of the following is an attack threatening confidentiality.
a. Snooping b. Repudiation c. Masquerading d. Replaying
7. One of the following is an passive attack.
b. Snooping b. Repudiation c. Masquerading d. Replaying
8. _________ is data appended to, or a cryptographic transformation of, a data unit
that allows a recipient of the data unit to prove the source and integrity of the data
unit and protect against forgery.
a. Digital Signature b. Encipherment c. Traffic Padding d. Notarization