CHAPTER VI

SYSTEM AND NETWORK SECURITY

 Computer Security Concepts

 The protection afforded to an automated information system in order

to attain the applicable objectives of preserving the integrity,
availability, and confidentiality of information system resources
(includes hardware, software, firmware, information/data, and
telecommunications).
 Categories it in to three parts.
1. Confidentiality: This term covers two related concepts:
 Data confidentiality: Assures that private or confidential information is not
made available or disclosed to unauthorized individuals.
 Privacy: Assures that individuals control or influence what information
related to them may be collected and stored and by whom and to whom that
information may be disclosed.

2. Integrity: This term covers two related concepts:

 Data integrity: Assures that information and programs are changed only in a
specified and authorized manner.
 System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system.

3. Availability: Assures that systems work promptly and service is not denied to
 THE OSI SECURITY ARCHITECTURE

The OSI security architecture focuses on security attacks,

mechanisms, and services. These can be defined briefly as
 Security attack: Any action that compromises the security
of information owned by an organization.
 Security mechanism: A process (or a device incorporating
such a process) that is designed to detect, prevent, or
recover from a security attack.
 Security service: A processing or communication service
that enhances the security of the data processing systems
and the information transfers of an organization. The
services are intended to counter security attacks, and they
make use of one or more security mechanisms to provide
the service.
 SECURITY ATTACKS

A useful means of classifying security attacks is in terms of

passive attacks and active attacks..
Passive Attacks
 A passive attack attempts to learn or make use of information
from the system but does not affect system resources
 Passive attacks are in the nature of eavesdropping on, or
monitoring of, transmissions. The goal of the opponent is to
obtain information that is being transmitted. Two types of
passive attacks are the release of message contents and traffic
analysis.
Active Attacks
 Active attacks involve some modification of the data stream or
the creation of a false stream and can be subdivided into four
categories: masquerade, replay, modification of messages, and
 SECURITY SERVICES

Divides these services into five categories

 Authentication

 Access Control

 Data Confidentiality.

 Data Integrity

 Nonrepudiation : Provides protection against denial by one of the entities

involved in a communication of having participated in all or part of the
communication.
 Nonrepudiation, Origin

 Proof that the message was sent by the specified party.

 Nonrepudiation, Destination
 Security Mechanisms

 Encipherment
– The use of mathematical algorithms to transform data into a form
that is not readily intelligible.
 Digital Signature
– Data appended to or a cryptographic transformation of a data unit
that allows a recipient of the data unit to prove the source and
integrity of the data unit a protect against forgery (e.g., by the
recipient).
 Access Control
– A variety of mechanisms that enforce access rights to resources.
 Data Integrity
 Authentication Exchange
– A mechanism intended to ensure the identity of an entity by means
of information exchange.
 Encryption Techniques

 Symmetric encryption is a form of cryptosystem in which

encryption and decryption are performed using the same key. It
is also known as conventional encryption.
 Symmetric encryption transforms plaintext into cipher text using
a secret key and an encryption algorithm. Using the same key
and a decryption algorithm, the plaintext is recovered from the
cipher text.
 The two types of attack on an encryption algorithm are
cryptanalysis, based on properties of the encryption algorithm,
and brute-force, which involves trying all possible keys.
 Cont…

A symmetric encryption scheme has five ingredients :

 Plaintext
 Encryption algorithm
 Secret key
 Cipher text
 Decryption algorithm
 A MODEL FOR NETWORK And SYSTEM SECURITY

There are four basic tasks in designing a particular security service:

1. Design an algorithm for performing the security-related
transformation.
– The algorithm should be such that an opponent cannot defeat its
purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret
information.
4. Specify a protocol to be used by the two principals that makes use of
the security algorithm and the secret information to achieve a
particular security service.
 NETWORK And SYSTEM INTRUSIONS

What Is an Intrusion?
A network intrusion is an unauthorized penetration of a computer in your
enterprise or an address in your assigned domain. An intrusion can be
passive (in which penetration is gained stealthily and without detection)
or active (in which changes to network resources are affected).
Hacker vs. Cracker
 Hacker - Within the subculture of computer hobbyists and software
enthusiasts, the term “Hacker” usually refers to a particular kind of
programmer.
– Someone who programs creatively
– Someone who programs for pure enjoyment (most programmers
who work on Linux are hackers in this case)
 Cracker - Is someone who breaks into computers, often to do
something malicious such as steal credit card information.
 Prevent Network And System Intrusions
 Backup and Recovery
 Controlling User Access
– Authentication,
– Authorization
– Accounting
 Closing Ports
 Firewall
 Antivirus and Antispyware Tools