Slides by H. Johnson & S. Malladi- Modified by SJF-S'06

1

Computer and Information Security

Chapter 1Introduction

Overview• Security Goals• The need for security• OSI Security Architecture• Attacks, services and mechanisms• Security attacks• Security services• Methods of Defense• A model for Internetwork Security• Internet standards and RFCs

Security GoalsSecurity Goals

Integrity

Confidentiality

Avalaibility

Security Goals

• Confidentiality– Concealment of information or

resources

• Integrity– Trustworthiness of data or resources

• Availability– Ability to use information or resources

Confidentiality

• Need for keeping information secret arises from use of computers in sensitive fields such as government and industry

• Access mechanisms, such as cryptography, support confidentiality– Example: encrypting income tax return

Integrity• Often requires preventing unauthorized

changes• Includes data integrity (content) and origin

integrity ( source of data also called authentication)

• Include prevention mechanisms and detection mechanisms– Example: Newspaper prints info leaked from

White House and gives wrong source

• Includes both correctness and trustworthiness

Availability

• Is an aspect of reliability and system design

• Attempts to block availability, called denial of service attacks are difficult to detect– Example: bank with two servers –one

is blocked, the other provides false information

The Need for Security

• Computer Security - the collection of tools designed – to protect data and – to thwart hackers

• Network security or internet security- security measures needed to protect data during their transmission

Security• Motivation: Why do we need security?

• Increased reliance on Information technology with or with out the use of networks

• The use of IT has changed our lives drastically.

• We depend on E-mail, Internet banking, and several other governmental activities that use IT

• Increased use of E-Commerce and the World wide web on the Internet as a vast repository of various kinds of information (immigration databases, flight tickets, stock markets etc.)

Security Concerns• Damage to any IT-based system or activity can

result in severe disruption of services and losses • Systems connected by networks are more prone

to attacks and also suffer more as a result of the attacks than stand-alone systems (Reasons?)

• Concerns such as the following are common– How do I know the party I am talking on the network is

really the one I want to talk?– How can I be assured that no one else is listening and

learning the data that I send over a network– Can I ever stay relaxed that no hacker can enter my

network and play havoc?

Concerns continued…• Is the web site I am downloading

information from a legitimate one, or a fake?

• How do I ensure that the person I just did a financial transaction denies having done it tomorrow or at a later time?

• I want to buy some thing online, but I don’t want to let them charge my credit card before they deliver the product to me

That is why…

• ..we need security– To safeguard the confidentiality, integrity,

authenticity and availability of data transmitted over insecure networks

– Internet is not the only insecure network in this world

– Many internal networks in organizations are prone to insider attacks

– In fact, insider attacks are greater both in terms of likelihood of happening and damage caused

(V.Shmatikov)https://

However, in reality• Security is often over looked (not one of the top criteria)• Availability, efficiency and performance tend to be the

ones• Buggy implementations• Systems too complex in nature and rich in features can

be filled with security holes• Incorporation of security into networks, not growing with

the rapidly growing number and size of networks• Attacking is becoming so common and easy – there are

books clearly explaining how to launch them• Security and attacks are a perpetual cat-and-mouse

play. The only way to avoid attacks is to keep up-to-date with latest trends and stay ahead of malicious netizens

The Good News...

• There a lot of techniques for defense• Educating people on security solves

many problems• About threats and on the existence of

security mechanisms, qualified personnel, usability and economics

• We will study a lot of network defenses– Certainly not all

OSI Security Architecture

• ITU-T Recommendation X.800 Security Architecture for OSI

• International Telecommunications Union (ITU) is a United Nations sponsored agency that develops standards relating to telecommunications and to Open system Interconnection (OSI)

OSI Network Stack and Attacks (V. Shmatikov)

application

presentation

session

transport

network

data link

physical

IP

TCP

email,Web,NFS

RPC

802.11

Sendmail, FTP, NFS bugs, chosen-protocol andversion-rollback attacks

SYN flooding, RIP attacks,sequence number prediction

IP smurfing and otheraddress spoofing attacks

RPC worms, portmapper exploits

WEP attacks

Only as secure as the single weakest layer…

7 Layer Model

Layer Functions7 Application How application uses network

6 Presentation

How to represent & display data

5 Session How to establish communication

4 Transport How to provide reliable delivery (error checking, sequencing, etc.)

3 Network How addresses are assigned and packets are forwarded

2 Data Link How to organize data into frames & transmit

1 Physical How to transmit “bits”

Attacks, Services and Attacks, Services and MechanismsMechanisms

• Security Attack: Any action that compromises the security of information.

• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.

• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms

Security AttacksSecurity Attacks

Security AttacksSecurity Attacks

• Interruption: This is an attack on availability– Disrupting traffic– Physically breaking communication

line• Interception: This is an attack on

confidentiality– Overhearing, eavesdropping over a

communication line

Security Attacks (continued)

• Modification: This is an attack on integrity– Corrupting transmitted data or

tampering with it before it reaches its destination

• Fabrication: This is an attack on authenticity– Faking data as if it were created by a

legitimate and authentic party

Threats and Attacks

• Threat - a potential for violation of security or a possible danger that might exploit a vulnerability

• Attack - an assault on system security- an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system.

Threats

• Disclosure – unauthorized access to information

• Deception – acceptance of false data

• Disruption- interruption or prevention of correct operation

• Usurpation- unauthorized control of some part of a system

Examples of Threats

• Snooping intercepting information (“passive” wiretapping)

• Modification or alteration of information by “active” wiretapping

• Masquerading or spoofing• Repudiation of origin• Delay or denial of service

Safeguards and Vulnerabilities

• A Safeguard is a countermeasure to protect against a threat

• A weakness in a safeguard is called a vulnerability

Passive and active attacks• Passive attacks

– No modification of content or fabrication– Eavesdropping to learn contents or other

information (transfer patterns, traffic flows etc.)

• Active attacks– Modification of content and/or participation in

communication to• Impersonate legitimate parties• Modify the content in transit• Launch denial of service attacks

Passive Attacks

Passive Attacks

Active Attacks

Active Attacks

Two types of threats

• Information access threats– Intercept or modify data on behalf of users

who should not have access to that data.– E.g. corruption of data by injecting

malicious code

• Service threats– Exploit service flaws in computers to inhibit

use by legitimate uses.– E.g. disabling authentication

Fundamental threats [McGibney04]

• Information leakage– Disclosure to unauthorized parties– Prince Charles mobile phone calls, 1993

• Integrity violation– Corruption of data or loss of data– Coca-Cola website defaced with slogans, 1997

• Denial of service– Unavailability of system/service/network– Yahoo!, 2000, 1Gbps

• Illegitimate use– Morris Internet worm spread to 5% of machines on

the Internet, 1988

Services and Mechanisms

• A security policy is a statement of what is and what is not allowed.

• A security service is a measure to address a threat – E.g. authenticate individuals to prevent

unauthorized access

• A security mechanism is a means to provide a service – E.g. encryption, cryptographic protocols

Security Services• A security service is a service

provided by the protocol layer of a communicating system (X.800)

• 5 Categories– Authentication– Access Control– Data confidentiality– Data Integrity– Nonrepudiation (and Availability)

Security ServicesSecurity Services• Authentication (who created or sent the data)

• Access control (prevent misuse of resources)

• Confidentiality (privacy)

• Integrity (has not been altered)

• Non-repudiation (the order is final)

• Availability (permanence, non-erasure)

– Denial of Service Attacks

– Virus that deletes files

Security Services Examples

• Authentication– Ensuring the proper identification of entities and origins of

data before communication• Access control

– Preventing unauthorized access to system resources• Data confidentiality

– Preventing disclosure to unauthorized parties• Data integrity

– Preventing corruption of data• Non-repudiation

– Collecting proof to prevent denial of participation in transaction or communication

• Availability– Protection against denial-of-service

Security Mechanisms Examples

• Two types– Specific mechanisms existing to provide

certain security services• E.g. encryption used for authentication

– Pervasive mechanisms which are general mechanisms incorporated into the system and not specific to a service

• E.g. security audit trail

Model for Network Security

• Basic tasks– Design an algorithm that opponent

cannot defeat– Generate the secret information to be

used with the algorithm– Develop methods for distributing secret

information– Specify a protocol to be used

• May need a trusted third part to assist

Methods of DefenseMethods of Defense

• Encryption• Software Controls

– (access limitations in a data base, in operating system protect each user from other users)

• Hardware Controls – (smartcard)

• Policies – (frequent changes of passwords)

• Physical Controls

Internet standards and Internet standards and RFCsRFCs

• The Internet society– Internet Architecture Board (IAB)– Internet Engineering Task Force (IETF)– Internet Engineering Steering Group

(IESG)

Internet RFC Publication ProcessInternet RFC Publication Process

Recommended ReadingRecommended Reading• Pfleeger, C. Security in Computing. Prentice Hall,

1997.• Mel, H.X. Baker, D. Cryptography Decrypted.

Addison Wesley, 2001.• Rita Summers, Secure Computing: Threats and

Safe Guards, McGrawHill.• Peter Ryan and Steve Schneider, Modeling and

analysis of security protocols, Addison Wesley.• V. Shmatikov, Network security and privacy,

University of Texas, Austin, TX.• Jimmy McGibney, IT Security 2004/2005, WIT.