97
CRYPTOGRAPHY CRYPTOGRAPHY AND AND NETWORK SECURITY NETWORK SECURITY UNIT - I UNIT - I
CRYPTOGRAPHY AND NETWORK SECURITY
UNIT - I
Computer SecurityIt is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
Key Security Concepts
Levels of ImpactLevels of security defines 3 levels of impact from a security breachLowModerateHigh
Low ImpactThe loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might Cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; Result in minor damage to organizational assets; Result in minor financial loss; or Result in minor harm to individuals.
Moderate ImpactThe loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might Cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; Result in significant damage to organizational assets; Result in significant financial loss; or Result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries.
High ImpactThe loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might Cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; Result in major damage to organizational assets; Result in major financial loss; or Result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.
Security RequirementsConfidentiality student gradesIntegrity patient informationAvailability authentication serviceAuthenticity admission ticketNon-repudiation stock sell order
Aspects of Securityconsider 3 aspects of information security:Security attackSecurity mechanism (control)Security serviceTermsThreat a potential for violation of securityVulnerability a way by which loss can happenAttack an assault on system security, a deliberate attempt to evade security services
Passive Attack - Interception
Passive Attack: Traffic AnalysisObserve traffic pattern
Active Attack: InterruptionBlock delivery of message
Active Attack: FabricationFabricate message
Active Attack: Replay
Active Attack: ModificationModify message
Handling AttacksPassive attacks focus on PreventionEasy to stopHard to detectActive attacks focus on Detection and RecoveryHard to stopEasy to detect
Security ServiceEnhance security of data processing systems and information transfers of an organizationIntended to counter security attacksUsing one or more security mechanisms Often replicates functions normally associated with physical documentswhich, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
Security ServicesX.800:a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers
RFC 2828:a processing or communication service provided by a system to give a specific kind of protection to system resources
Security Services (X.800)Authentication - assurance that communicating entity is the one claimedhave both peer-entity & data origin authenticationAccess Control - prevention of the unauthorized use of a resourceData Confidentiality protection of data from unauthorized disclosureData Integrity - assurance that data received is as sent by an authorized entityNon-Repudiation - protection against denial by one of the parties in a communicationAvailability resource accessible/usable
Security Mechanismfeature designed to detect, prevent, or recover from a security attackno single mechanism that will support all services requiredhowever one particular element underlies many of the security mechanisms in use:cryptographic techniques
Security Mechanisms (X.800)specific security mechanisms:Encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarizationpervasive security mechanisms:Trusted functionality, security labels, event detection, security audit trails, security recovery
Model for Network Security
Model for Network Securityusing this model requires us to: design a suitable algorithm for the security transformation generate the secret information (keys) used by the algorithm develop methods to distribute and share the secret information specify a protocol enabling the principals to use the transformation and secret information for a security service
Model for Network Access Security
Model for Network Access Securityusing this model requires us to: select appropriate gatekeeper functions to identify users implement security controls to ensure only authorised users access designated information or resources note that model does not include: monitoring of system for successful penetration monitoring of authorized users for misuseaudit logging for forensic uses, etc.
DOS (DENIAL-OF-SERVICE) ATTACK
DDOS (DISTRIBUTED DENIAL-OF-SERVICE) ATTACK
SESSION HIJACKINGIt means stealing of the session-id and using it to impersonate and access data
It is a passive attack and is difficult to detect
Client(Browser)
Server
SessionData
1: Request Connection
2: Create Session
3: Session Id
4: Subsequent Requests(Session id passed)
5: Validate Session
6: Retrieve Session Data
7: Successful response
Attack MethodsGuessing Session Idshorter length, predictableSession Fixingpredictable, session created before authenticatedSecurity Vulnerabilities in Hopstrusting private networks, vulnerabilites in web servers, etcSession Sniffing (typical on non SSL sessions)same subnet as client or serverMan in the Middle Attack (SSL)ARP Poisoning, DNS SpoofingCross Site Scripting (XSS)User trusting source, application vulnerability
Session Sniffing
Client(Browser)
Server
SessionData
1: Request Connection
2: Create Session
3: Session Id
4: Subsequent Requests(Session id passed)
5: Validate Session
6: Retrieve Session Data
7: Successful response
Hacker
sniff
Request(session-id)
SuccessfulResponse
Defence MethodsEducating the usersPaying attention to https vs. non-httpsProperly signing outNot clicking on links but copying and pasting them.Using high entropy in session id generation (see Tomcat e.g.)Higher the entropy more difficult to predictTiming out sessionsreduce window of vulnerabilityUsing SSL for all communicationsdifficult to sniffForcing Re-authentication or step-up authenticationlimit damage if session is hijackedRe-generating session-idsreduce window of vulnerabilityUsing Context data for validating session-ids.make it difficult to use a hijacked idInput validationprevent XSS and other vulnerabilities
SPOOFINGSpoofing attack is an attack in which one person masquerades as another by falsifying data and gain the legitimate advantage. It may by IP spoofing or man-in-middle attack.Types:Protocol SpoofingDNS SpoofingMAC Spoofing
PROTOCOL SPOOFING
DNS SPOOFING
MAC SPOOFING
SOFTWARE VULNERABILITIESBUFFER OVERFLOWHEAP OVERFLOWFORMAT STRING VULNERABILITIES
BUFFER OVERFLOWA process in memory: - text (Program code; marked read-only, so any attempts to write to it will result in segmentation fault) - data segment (Global and static variables) - stack (Dynamic variables)
The process is blocked and is rescheduled to run again with a larger memory space if the user attack exhausts available memory.
Lower memory addressesHigher memory addresses
Stack BasicsA stack is contiguous block of memory containing data.Stack pointer (SP) a register that points to the top of the stack.The bottom of the stack is at fixed address.Its size is dynamically adjusted by kernel at run time.CPU implements instructions to PUSH onto and POP off the stack.
Stack BasicsA stack consists of logical stack frames that are pushed when calling a function and popped when returning. Frame pointer (FP) points to a fixed location within a frame.When a function is called, the return address, stack frame pointer and the variables are pushed on the stack (in that order).
So the return address has a higher address as the buffer.
When we overflow the buffer, the return address will be overwritten. High memory addressesLower memory addresses
void function(){ return;}
void main(){..Function();..}
Another Example Code void function(int a, int b, int c) { char buffer1[5]; char buffer2[10]; }
void main(){ function(1,2,3); }
Stack layout for the example codebottom of top of memory memory
buffer2 buffer1 sfp ret a b c
General Form of Security Attack Achieves Two Goals:
1. Inject the attack code, which is typically a small sequence of instructions that spawns a shell, into a running process.
2. Change the execution path of the running process to execute the attack code.
Overflowing stack buffers can achieve both goals simultaneously.
How can we place arbitrary instruction into its address space?-place the code that you are trying to execute in the buffer we are overflowing, and overwrite the return address so it points back into the buffer.
bottom of top of memorymemory
DDDDDDDEEEEEEEEEEEE EEEE FFFF FFFF FFFF FFFF 89ABCDEF0123456789AB CDEF 0123 4567 89AB CDEF buffer sfp ret a b c
(i) Before the attack(ii) after injecting the attack code
(iii) executing the attack code
HEAP OVERFLOWA heap overflow is a type of buffer overflow that occurs in the heap data area.
Format String VulnerabilitiesThe Format functionsFunctionalityused to convert simple C datatypes to a string representationallow to specify the format of the representationprocess the resulting string (output to stderr, stdout, syslog, ...)
The Format Functions(Cont.)How the format function worksthe format string controls the behaviour of the functionit specifies the type of parameters that should be printedparameters are saved on the stack (pushed)saved either directly (by value), or indirectly (by reference) The calling functionhas to know how many parameters it pushes to the stack, since it has to do the stack correction, when the format function returns
The Format Functions(Cont)Some format parameters
The Format Funtions(Cont)The stack and its role at format stringsprintf ("Number %d has no address, number %d has:%08x\n, i, a, &a);
Format String VulnerabilitiesVulnerable TypeViewing Process MemoryExploitation
Vulnerable TypeType 1:char tmpbuf[512];snprintf (tmpbuf, sizeof (tmpbuf), "foo: %s", user);tmpbuf[sizeof (tmpbuf) - 1] = \0;syslog (LOG_NOTICE, tmpbuf);Type 2:int Error (char *fmt, ...);int someotherfunc (char *user){Error (user);}
Vulnerable Type(Solution)Type 1:pscan or TESOgcc toolsType 2:Manual check if format funtion or not.
Viewing Process Memoryprintf(AAA0_%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x);AAA0_08048560.4000d360.40027154.30414141.3830255f.30252e78.252e7838.2e783830
ExploitationPrimarily concept: to change return address (Instrument Pointer).Exploit methodSimilar to common buffer overflowsThrough pure format strings
SQL INJECTIONSQL Injection is a technique that can be used to attack on data driven applications. It will occurs when developers fails to validate user input before using it to query a relational database. This is mostly known as an attack for websites but can be used to attack any type of SQL database.
PHISHINGPhishing is an act of attempting to acquire information such as username, password and credit cart details by acting as a legitimate entity in an electronic communication. Phishing technique was described in 1987.
BASICS OF CRYPTOGRAPHY
Deciphering or decryption: recovering plaintext from ciphertext
Decryption algorithm: performs decryptionTwo inputs: ciphertext and secret key
Secret key: same key used for encryption and decryptionAlso referred to as a symmetric key
Cipher or cryptographic system : a scheme for encryption and decryption
Cryptography: science of studying ciphers
Cryptanalysis: science of studying attacks against cryptographic systems
Cryptology: cryptography + cryptanalysis
*
CiphersSymmetric cipher: same key used for encryption and decryptionBlock cipher: encrypts a block of plaintext at a time (typically 64 or 128 bits)Stream cipher: encrypts data one bit or one byte at a time
Asymmetric cipher: different keys used for encryption and decryption
*
Symmetric Encryptionor conventional / secret-key / single-keysender and recipient share a common keyall classical encryption algorithms are symmetricThe only type of ciphers prior to the invention of asymmetric-key ciphers in 1970sby far most widely used*
SYMMETRIC CIPHER MODEL
Requirementstwo requirements for secure use of symmetric encryption:a strong encryption algorithma secret key known only to sender / receiverY = EK(X)X = DK(Y)assume encryption algorithm is knownimplies a secure channel to distribute key
Cryptographycan characterize by:type of encryption operations usedsubstitution / transposition / productnumber of keys usedsingle-key or private / two-key or publicway in which plaintext is processedblock / stream
Classical Substitution Cipherswhere letters of plaintext are replaced by other letters or by numbers or symbolsor if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns
Caesar Cipherearliest known substitution cipherby Julius Caesar first attested use in military affairsreplaces each letter by 3rd letter onexample:meet me after the toga partyPHHW PH DIWHU WKH WRJD SDUWB
Caesar Ciphercan define transformation as:a b c d e f g h i j k l m n o p q r s t u v w x y zD E F G H I J K L M N O P Q R S T U V W X Y Z A B Cmathematically give each letter a numbera b c d e f g h i j k l m0 1 2 3 4 5 6 7 8 9 10 11 12n o p q r s t u v w x y Z13 14 15 16 17 18 19 20 21 22 23 24 25then have Caesar cipher as:C = E(p) = (p + k) mod (26)p = D(C) = (C k) mod (26)
Cryptanalysis of Caesar Cipher only have 26 possible ciphers A maps to A,B,..Z could simply try each in turn a brute force search given ciphertext, just try all shifts of lettersdo need to recognize when have plaintexteg. break ciphertext "GCUA VQ DTGCM"
Monoalphabetic Cipherrather than just shifting the alphabet could shuffle (jumble) the letters arbitrarily each plaintext letter maps to a different random ciphertext letter hence key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZNPlaintext: ifwewishtoreplacelettersCiphertext: WIRFRWAJUHYFTSDVFSFUUFYA
Monoalphabetic Cipher Securitynow have a total of 26! = 4 x 1026 keys with so many keys, might think is secure but would be !!!WRONG!!! problem is language characteristics
Language Redundancy and Cryptanalysishuman languages are redundant eg "th lrd s m shphrd shll nt wnt" letters are not equally commonly used in English e is by far the most common letter then T,R,N,I,O,A,S other letters are fairly rare cf. Z,J,K,Q,X have tables of single, double & triple letter frequencies
English Letter Frequencies
Use in Cryptanalysiskey concept - monoalphabetic substitution ciphers do not change relative letter frequencies discovered by Arabian scientists in 9th centurycalculate letter frequencies for ciphertextcompare counts/plots against known values if Caesar cipher look for common peaks/troughs peaks at: A-E-I triple, NO pair, RST tripletroughs at: JK, X-Zfor monoalphabetic must identify each lettertables of common double/triple letters help
Playfair Ciphernot even the large number of keys in a monoalphabetic cipher provides security one approach to improving security was to encrypt multiple letters the Playfair Cipher is an example invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
Playfair Key Matrixa 5X5 matrix of letters based on a keyword fill in letters of keyword (sans duplicates) fill rest of matrix with other letterseg. using the keyword MONARCHYMONARCHYBDEFGIKLPQSTUVWXZ
Encrypting and Decryptingplaintext encrypted two letters at a time: if a pair is a repeated letter, insert a filler like 'X', eg. "balloon" encrypts as "ba lx lo on" if both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. ar" encrypts as "RM" if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. mu" encrypts to "CM" otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. hs" encrypts to "BP", and ea" to "IM" or "JM" (as desired)
Security of the Playfair Ciphersecurity much improved over monoalphabeticsince have 26 x 26 = 676 digrams would need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic) and correspondingly more ciphertext was widely used for many years (eg. US & British military in WW1) it can be broken, given a few hundred letters since still has much of plaintext structure
Polyalphabetic Ciphersanother approach to improving security is to use multiple cipher alphabets called polyalphabetic substitution ciphers makes cryptanalysis harder with more alphabets to guess and flatter frequency distribution use a key to select which alphabet is used for each letter of the message use each alphabet in turn repeat from start after end of key is reached
Vigenre Ciphersimplest polyalphabetic substitution cipher is the Vigenre Cipher effectively multiple caesar ciphers key is multiple letters long K = k1 k2 ... kd ith letter specifies ith alphabet to use use each alphabet in turn repeat from start after d letters in messagedecryption simply works in reverse
Examplewrite the plaintext out write the keyword repeated above ituse each key letter as a caesar cipher key encrypt the corresponding plaintext lettereg using keyword deceptivekey: deceptivedeceptivedeceptiveplaintext: wearediscoveredsaveyourselfciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Security of Vigenre Ciphershave multiple ciphertext letters for each plaintext letterhence letter frequencies are obscuredbut not totally loststart with letter frequenciessee if look monoalphabetic or notif not, then need to determine number of alphabets, since then can attach each
One-Time Padif a truly random key as long as the message is used, the cipher will be secure called a One-Time padis unbreakable since ciphertext bears no statistical relationship to the plaintextsince for any plaintext & any ciphertext there exists a key mapping one to othercan only use the key once thoughhave problem of safe distribution of key
Transposition Ciphersnow consider classical transposition or permutation ciphers these hide the message by rearranging the letter order without altering the actual letters usedcan recognise these since have the same frequency distribution as the original text
Rail Fence cipherwrite message letters out diagonally over a number of rows then read off cipher row by roweg. write message out as:m e m a t r h t g p r y e t e f e t e o a a tgiving ciphertextMEMATRHTGPRYETEFETEOAAT
Row Transposition Ciphersa more complex schemewrite letters of message out in rows over a specified number of columnsthen reorder the columns according to some key before reading off the rowsKey: 3 4 2 1 5 6 7Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y zCiphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Rotor Machinesbefore modern ciphers, rotor machines were most common product cipherwere widely used in WW2German Enigma, Allied Hagelin, Japanese Purpleimplemented a very complex, varying substitution cipherused a series of cylinders, each giving one substitution, which rotated and changed after each letter was encryptedwith 3 cylinders have 263=17576 alphabets
Steganographyan alternative to encryptionhides existence of messageusing only a subset of letters/words in a longer message marked in some wayusing invisible inkhiding in LSB in graphic image or sound filehas drawbackshigh overhead to hide relatively few info bits
Other Cipher PropertiesConfusionDiffusion
Fall, 2005CPSC499 Information Security ManagementConfusion and Diffusioncipher needs to completely obscure statistical properties of original messagea one-time pad does thismore practically Shannon suggested combining elements to obtain:diffusion dissipates statistical structure of plaintext over bulk of ciphertextconfusion makes relationship between ciphertext and key as complex as possible
CPSC499 Information Security Management
Block and Stream Ciphersblock ciphers process messages into blocks, each of which is then en/decrypted like a substitution on very big characters64-bits or more stream ciphers process messages a bit or byte at a time when en/decryptingmany current ciphers are block ciphershence are focus of course
Block CiphersOperates on a single chunk (block) of plaintextFor example, 64 bits for DESSame key is reused for each block (can use short keys)Result should look like a random permutationAs if plaintext bits were randomly shuffledOnly computational guarantee of secrecyNot impossible to break, just very expensiveIf there is no efficient algorithm (unproven assumption!), then can only break by brute-force, try-every-possible-key searchTime/cost of breaking the cipher exceeds the value and/or useful lifetime of protected information
Permutation12341234CODE becomes DCEOFor N-bit input, N! possible permutationsIdea: split plaintext into blocks, for each block use secret key to pick a permutation, rinse and repeatWithout the key, permutation should look random
Block Cipher OperationBlock of plaintextSSSSSSSSSSSSKeyAdd some secret key bitsto provide confusionEach S-box permutes its input bits in a random-looking way to provide diffusion (spread plaintext bits throughout ciphertext)Procedure must be reversible (for decryption)
Block Cipher Principlesneeded since must be able to decrypt ciphertext to recover messages efficientlyblock ciphers look like an extremely large substitution instead create from smaller building blocks using idea of a product cipher
*Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, briefly reviewing the text outline from Ch 0, and then presenting the content from Chapter 1 Introduction.
*The NIST Computer Security Handbook [NIST95] defines the term computer security as shown on this slide. This definition introduces three key objectives that are at the heart of computer security as we see on the next slide.These three concepts form what is often referred to as the CIA triad (Figure 1.1). The three concepts embody the fundamental security objectives for both data and for information and computing services. FIPS PUB 199 provides a useful characterization of these three objectives in terms of requirements and the definition of a loss of security in each category: Confidentiality (covers both data confidentiality and privacy): preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information. Integrity (covers both data and system integrity): Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information. Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system.Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are: Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
*We can define three levels of impact on organizations or individuals should there be a breach of security (i.e., a loss of confidentiality, integrity, or availability). These levels are defined in FIPS PUB 199: Low: The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (ii) result in minor damage to organizational assets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals. Moderate: The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (ii) result in significant damage to organizational assets; (iii) result in significant financial loss; or (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries. High: The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (ii) result in major damage to organizational assets; (iii) result in major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.*We can define three levels of impact on organizations or individuals should there be a breach of security (i.e., a loss of confidentiality, integrity, or availability). These levels are defined in FIPS PUB 199: Low: The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (ii) result in minor damage to organizational assets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals. Moderate: The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (ii) result in significant damage to organizational assets; (iii) result in significant financial loss; or (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries. High: The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (ii) result in major damage to organizational assets; (iii) result in major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.*We can define three levels of impact on organizations or individuals should there be a breach of security (i.e., a loss of confidentiality, integrity, or availability). These levels are defined in FIPS PUB 199: Low: The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (ii) result in minor damage to organizational assets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals. Moderate: The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (ii) result in significant damage to organizational assets; (iii) result in significant financial loss; or (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries. High: The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (ii) result in major damage to organizational assets; (iii) result in major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.*We can define three levels of impact on organizations or individuals should there be a breach of security (i.e., a loss of confidentiality, integrity, or availability). These levels are defined in FIPS PUB 199: Low: The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (ii) result in minor damage to organizational assets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals. Moderate: The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (ii) result in significant damage to organizational assets; (iii) result in significant financial loss; or (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries. High: The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (ii) result in major damage to organizational assets; (iii) result in major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.*We now provide some examples of applications that illustrate the requirements just enumerated. Confidentiality - Student grade information is an asset whose confidentiality is considered to be highly important by students. Grade information should only be available to students, their parents, and employees that require the information to do their job. Student enrollment information may have a moderate confidentiality rating. While still coveredby FERPA, this information is seen by more people on a daily basis, is less likely to be targeted than grade information, and results in less damage if disclosed. Directory information, such as lists of students or faculty or departmental lists, may be assigned a low confidentiality rating or indeed no rating. This information is typically freely available to the public and published on a school's Web site. Integrity Consider a hospital patient's allergy information stored in a database. The doctor should be able to trust that the information is correct and current. Now suppose that an employee (e.g., a nurse) who is authorized to view and update this information deliberately falsifies the data to cause harm to the hospital. The database needs to be restored to a trusted basis quickly, and it should be possible to trace the error back to the person responsible. Patient allergy information is an example of an asset with a high requirement for integrity. Inaccurate information could result in serious harm or death to a patient and expose the hospital to massive liability. Availability - The more critical a component or service, the higher is the level of availability required. Consider a system that provides authentication services for critical systems, applications, and devices. An interruption of service results in the inability for customers to access computing resources and staff to access the resources they need to perform critical tasks. The loss of the service translates into a large financial loss in lost employee productivity and potential customer loss.**The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as follows: Security attack: Any action that compromises the security of information owned by an organization. Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. In the literature, the terms threat and attack are commonly used to mean more or less the same thing. Table 1.1 provides definitions taken from RFC 2828, Internet Security Glossary.Threat - A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.Attack - An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.*A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms of passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect system resources.Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are:+ release of message contents - as shown above in Stallings Figure 1.2a here+ traffic analysis - monitor traffic flow to determine location and identity of communicating hosts and could observe the frequency and length of messages being exchangedThese attacks are difficult to detect because they do not involve any alteration of the data.
*A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms of passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect system resources.Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are:+ release of message contents - as shown above in Stallings Figure 1.2a here+ traffic analysis - monitor traffic flow to determine location and identity of communicating hosts and could observe the frequency and length of messages being exchangedThese attacks are difficult to detect because they do not involve any alteration of the data.
*A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms of passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect system resources.Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are:+ release of message contents - as shown above in Stallings Figure 1.2a here+ traffic analysis - monitor traffic flow to determine location and identity of communicating hosts and could observe the frequency and length of messages being exchangedThese attacks are difficult to detect because they do not involve any alteration of the data.
*A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms of passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect system resources.Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are:+ release of message contents - as shown above in Stallings Figure 1.2a here+ traffic analysis - monitor traffic flow to determine location and identity of communicating hosts and could observe the frequency and length of messages being exchangedThese attacks are difficult to detect because they do not involve any alteration of the data.
*Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service: masquerade of one entity as some other replay previous messages (as shown above in Stallings Figure 1.3b) modify/alter (part of) messages in transit to produce an unauthorized effect denial of service - prevents or inhibits the normal use or management of communications facilitiesActive attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical, software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.
*Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service: masquerade of one entity as some other replay previous messages (as shown above in Stallings Figure 1.3b) modify/alter (part of) messages in transit to produce an unauthorized effect denial of service - prevents or inhibits the normal use or management of communications facilitiesActive attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical, software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.
*Consider the role of a security service, and what may be required. Note both similarities and differences with traditional paper documents, which for example: have signatures & dates; need protection from disclosure, tampering, or destruction; may be notarized or witnessed; may be recorded or licensed
*Consider the role of a security service, and what may be required. Note both similarities and differences with traditional paper documents, which for example: have signatures & dates; need protection from disclosure, tampering, or destruction; may be notarized or witnessed; may be recorded or licensed
*State here a couple of definitions of security services from relevant standards. X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Perhaps a clearer definition is found in RFC 2828, which provides the following definition: a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms.
*This list is taken from Stallings Table 1.2 which provides details of the 5 Security Service categories and the 14 specific services given in X.800.This list includes the various "classic" security services which are traditionally discussed. Note there is a degree of ambiguity as to the meaning of these terms, and overlap in their use. The broad service categories are:authentication is concerned with assuring that a communication is authentic. Two specific authentication services are defined in X.800: Peer entity authentication: provides corroboration of the identity of a peer entity in an association; and Data origin authentication: provides corroboration of the source of a data unit.access control is the ability to limit and control the access to host systems and applications via communications links.confidentiality is the protection of transmitted data from passive attacks, and the protection of traffic flow from analysis.integrity assures that messages are received as sent, with no duplication, insertion, modification, reordering, replay, or loss.availability is the property of a system / resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system.*Now introduce Security Mechanism which are the specific means of implementing one or more security services. Note these mechanisms span a wide range of technical components, but one aspect seen in many is the use of cryptographic techniques.*Some examples of mechanisms from X.800. Note that the specific security mechanisms are protocol layer specific, whilst the pervasive security mechanisms are not. We will meet some of these mechanisms in much greater detail later.See Stallings Table 1.3 for details of these mechanisms in X.800, and Table 1.4 for the relationship between services and mechanisms.*In considering the place of encryption, its useful to use the following two models from Stallings section 1.6.The first, illustrated in Figure 1.4, models information being transferred from one party to another over an insecure communications channel, in the presence of possible opponents. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. They can use an appropriate security transform (encryption algorithm), with suitable keys, possibly negotiated using the presence of a trusted third party. Parts One through Four of this book concentrates on the types of security mechanisms and services that fit into the model shown here.*This general model shows that there are four basic tasks in designing a particular security service, as listed.*The second, illustrated in Figure 1.5, model is concerned with controlled access to information or resources on a computer system, in the presence of possible opponents. Here appropriate controls are needed on the access to and within the system, to provide suitable security.The security mechanisms needed to cope with unwanted access fall into two broad categories (as shown in this figure). The first category might be termed a gatekeeper function. It includes password-based login procedures that are designed to deny access to all but authorized users and screening logic that is designed to detect and reject worms, viruses, and other similar attacks. Once either an unwanted user or unwanted software gains access, the second line of defense consists of a variety of internal controls that monitor activity and analyze stored information in an attempt to detect the presence of unwanted intruders. These issues are explored in Part Four.*Detail here the tasks needed to use this model.
