1

Cyber Security

2
 Outline
• Background
• Attacks, services and mechanisms
• Security attacks
• Security services
• Methods of Defense
• A model for Internetwork Security
• Internet standards and RFCs
3
 Background
• Information Security requirements have
changed in recent times
– Traditionally provided by physical and
administrative mechanisms
– Many daily activities have been shifted from
physical world to cyber space
• Use of computers
– Protect files and other stored information
• Use of networks and communications links
– Protect data during transmission
• The focus of many funding agencies in
US
– DOD, NSF, DHS, etc.
– ONR: game theory for cyber security 4
 Definitions
• Computer Security
– Generic name for the collection of
tools designed to protect data and to
thwart hackers
• Network Security
– Measures to protect data during their
transmission
• Internet Security (our focus!)
– Measures to protect data during their
transmission over a collection of
interconnected networks
5
Security Trends

6
 OSI Security
Architecture
• ITU-T X.800 “Security Architecture for
OSI”
– A systematic way of defining and
providing security requirements
– Provides a useful, if abstract, overview of
concepts we will study

ITU-T: International Telecommunication Union

Telecommunication Standardization Sector
OSI: Open Systems Interconnection
7
 3 Aspects of Info
Security
• Security Attack
– Any action that compromises the security of
information.
• Security Mechanism
– A mechanism that is designed to detect,
prevent, or recover from a security attack.
• Security Service
– A service that enhances the security of data
processing systems and information transfers.
• Makes use of one or more security mechanisms.

8
 Security Attacks
• Threat & attack
– Often used equivalently
• There are a wide range of attacks
– Two generic types of attacks
• Passive

• Active

9
10
 Threat Consequences
• Unauthorized disclosure: threat to confidentiality
 Exposure (release data), interception, inference, intrusion
• Deception: threat to integrity
 Masquerade, falsification (alter data), repudiation
• Disruption: threat to integrity and availability
 Incapacitation (destruction), corruption (backdoor logic),
obstruction (infer with communication, overload a line)
• Usurpation: threat to integrity
 Misappropriation (theft of service), misuse (hacker gaining
unauthorized access)

11
Threat Consequences
(Tabular Form)

12
Security Attack
Classification

13
 Security Attacks
• Interruption: This is an attack on
availability
• Interception: This is an attack on
confidentiality
• Modification: This is an attack on
integrity
• Fabrication: This is an attack on
authenticity
14
3 Primary Security
Goals

Fundamental security objectives for both data and

information/computing services
15
16
 Security Services
X.800
– A service provided by a protocol layer of communicating open systems,
which ensures adequate security of the systems or of data transfers
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files

17
 Security Mechanism
• Features designed to detect, prevent, or
recover from a security attack
• No single mechanism that will support all
services required
• One particular element underlies many of
the security mechanisms in use:
– Cryptographic techniques
– Hence we will focus on this topic first

18
 Security Mechanisms
(X.800)
• Specific security mechanisms:
– Encipherment, digital signatures, access controls,
data integrity, authentication exchange, traffic
padding, routing control, notarization
• Pervasive security mechanisms:
– Trusted functionality, security labels, event
detection, security audit trails, security recovery

19
Model for Network
Security

20
 Model for Network
Security
Using this model requires us to:
1. design a suitable algorithm for the security
transformation (message de/encryption)
2. generate the secret information (keys) used by
the algorithm
3. develop methods to distribute and share the
secret information (keys)
4. specify a protocol enabling the principals to
use the transformation and secret information
for a security service (e.g. ssh)
21
Model for Network Access
Security

22
 Model for Network Access
Security
Using this model requires us to implement:
1. Authentication
 select appropriate gatekeeper functions to identify
users
2. Authorization
 implement security controls to ensure only
authorized users access designated information or
resources
Trusted computer systems may be useful
to help implement this model
23
 Methods of Defense
• Encryption
• Software Controls
– Limit access in a database or in operating
systems
– Protect each user from other users
• Hardware Controls
– Smartcard (ICC, used for digital signature and
secure identification)
• Policies
– Frequent changes of passwords
– Recent study shows controversial arguments
• Physical Controls
24
 Internet standards and
RFCs
• Three organizations in the Internet
society
– Internet Architecture Board (IAB)
• Defining overall Internet architecture
• Providing guidance to IETF
– Internet Engineering Task Force (IETF)
• Actual development of protocols and standards
– Internet Engineering Steering Group (IESG)
• Technical management of IETF activities and
Internet standards process

25