Security
Lecture 11, May 14, 2003
Mr. Greg Vogl
Data Communications and Networks
Uganda Martyrs University
May 14, 2003 Data Communications and Networks: Lecture 11: Security
2
Sources
Networks 1999, Ch. 9 and Appendix A Computers in Your Future modules 10B, C Burgess Section 8 Solomon Parts 12, 13 Ritchie Ch. 14
May 14, 2003 Data Communications and Networks: Lecture 11: Security
3
Overview
Problems and causes– Threats, attackers, responsible people
Prevention and recovery– Physical security, software security, viruses– Data security, long-term storage and retrieval– Disaster recovery– Human security– Authentication and passwords – Encryption
May 14, 2003 Data Communications and Networks: Lecture 11: Security
4
Threats, damages and costs
Natural disaster (e.g. flood, fire, lightning) Deliberate sabotage/vandalism (e.g. viruses) Damaged or stolen hardware Damaged/deleted/leaked data/information Net downtime/overload; use of staff time Lost privacy, confidentiality; public safety Reputation/appearance of no security/safety
May 14, 2003 Data Communications and Networks: Lecture 11: Security
5
Categories of threats
Unauthorised disclosure– Viewing information with no rights to see
Unauthorised updates– Making changes with no rights to change
Denial of service– Interference with legitimate user access
May 14, 2003 Data Communications and Networks: Lecture 11: Security
6
Attackers and their motives
Hobbyists: crackers, virus authors, thieves– Challenge, ego, financial gain
Employees: terminated, disgruntled, corrupt– Financial gain, organisational harm/revenge
Corporate spies: competitors– Market competition
Information terrorists– Harm state governments
May 14, 2003 Data Communications and Networks: Lecture 11: Security
7
Types of attacks
Cracking programs: try passwords Eavesdropping: watching users,
wiretapping Spoofing: pretending to be a client or server
May 14, 2003 Data Communications and Networks: Lecture 11: Security
8
Who is responsible for security?
Managers – Design general policies
System designers– Create mechanisms to enforce specific policies
System administrators– Design and enforce specific policies
Users– Adhere to general and specific policies
May 14, 2003 Data Communications and Networks: Lecture 11: Security
9
Physical security
Equipment protection, protective equipment– Door locks, burglar bars, armed guards– Dust, AC, surge protector, UPS, standby power– Alarms: temperature, burglar
Physically separate equipment, data– secure and non-secure
Investment appropriate to nature of business
May 14, 2003 Data Communications and Networks: Lecture 11: Security
10
Software security
File and directory access control (rwx) Network services can be security loopholes
– E.g. finger, sendmail, remote login, dial-up– Use tools to log & audit use of existing services– Disable or turn off all unused network services
Use firewall software e.g. ZoneAlarm Use loophole detection tools e.g. SATAN
May 14, 2003 Data Communications and Networks: Lecture 11: Security
11
Secure software design principles
Public design– No secret algorithms; weaknesses revealed
Default = no access – Minimum privileges; add only when needed
Timely checks– Security of passwords “wear out” over time
Simple, uniform mechanisms Appropriate levels of security
May 14, 2003 Data Communications and Networks: Lecture 11: Security
12
Viruses
Malicious self-replicating program – infects programs with copies of itself– spread by running programs
Types: boot sector, program, macro– variations: worm, Trojan horse, time bomb
Locations: memory/files, programs/data Transmission methods
– Floppies, installing software, downloads, email
May 14, 2003 Data Communications and Networks: Lecture 11: Security
13
Virus prevention and recovery
Install anti-virus software on all computers– Schedule automatic virus scans– Keep active auto-protect features enabled– Keep virus software and definitions updated– Repair, quarantine or delete infected files
Educate users about viruses– Causes, prevention, removal– Specific, current, serious threats
May 14, 2003 Data Communications and Networks: Lecture 11: Security
14
Data security
Backups and archiving Antivirus software Encryption of sensitive information Disposal of obsolete, sensitive information
– Erase (possibly reformat) disks– Shred paper documents
May 14, 2003 Data Communications and Networks: Lecture 11: Security
15
Long-term storage and retrieval
Daily backups (and possibly mirroring) Document info removal/purge procedures Test equipment & procedures for
restoration Keep storage media physically secure
– Store backup copies at remote locations
May 14, 2003 Data Communications and Networks: Lecture 11: Security
16
Disaster recovery preparation
Create a disaster recovery plan– Discuss, document, communicate, test
List and categorise possible disasters– Minor, major, catastrophic
Prepare for these disasters– Minimum: backup, inventory, net docs– Spares, maintenance contracts, recovery site– Research user needs/tolerances
May 14, 2003 Data Communications and Networks: Lecture 11: Security
17
Human security
Educate users, receptionists, “gatekeepers” Encourage securing passwords, accounts Be careful when giving out information
– “Helpful” employees may leak important info– Know who has rights to what info– Be aware of threats and ask questions first– Background checks, ID cards/badges
May 14, 2003 Data Communications and Networks: Lecture 11: Security
18
Authentication
Permit access to authorised users– Username/password combination is valid
Deny access to unauthorised users– Display error message “invalid login”
Regulate/authorise user actions after login – E.g. read/write/execute access to files/folders
May 14, 2003 Data Communications and Networks: Lecture 11: Security
19
Access terminology
Objects (what to access)– Hardware, software (files, databases, processes)
Principals (users, owners of objects)– People, groups, projects, roles (admin)
Rights (permissions to use operations)– Read, write, update, delete, execute, etc.
Domains (set of rights; location of objects)
May 14, 2003 Data Communications and Networks: Lecture 11: Security
20
Access matrix
Objects
Principals/ domains
File x Disk y
JoeUser Rights:
Read
Rights:
Read
Administrators Rights:
Read, write, execute
Rights:
Read, write
May 14, 2003 Data Communications and Networks: Lecture 11: Security
21
Secure passwords
Not crackable (blank, short, words, names) Not guessable (phone, birthdate, username) Not written down
– Except admin passwords kept physically secure
Use numbers, symbols, mix case Memorable (so no need to write down)
May 14, 2003 Data Communications and Networks: Lecture 11: Security
22
Account security
Require users to change password regularly Log password attempts, limit no. of failures Run crack programs to find poor passwords Audit account status and usage regularly Delete or disable accounts when people go Archive and safeguard old account data
May 14, 2003 Data Communications and Networks: Lecture 11: Security
23
Encryption
The sender encrypts (encodes) a message– Substitute unreadable data, apparently nonsense
Only some receivers can decrypt/decode it– Translate coded data into readable data
Coding and decoding require using keys– Encoding/decoding algorithms plus secret text
Encryption only useful if the key is secure– Anyone who intercepts the key can decrypt
May 14, 2003 Data Communications and Networks: Lecture 11: Security
24
Password file
User-readable file, but passwords encrypted– /etc/passwd in older UNIX; now /etc/shadow
Data Encryption Standard (DES)– One-way algorithm: key + password code– Encrypt password attempt, compare with code– If two codes match, login is valid, else not– System holds key; passwords never revealed
Powerful computers can crack passwords– A 56 bit key is unsafe; 128 bits is reasonable
May 14, 2003 Data Communications and Networks: Lecture 11: Security
25
Public Key Encryption (PKE)
Receiver announces his/her public key Sender encrypts a message with public key Receiver decrypts using his/her private keyNo danger of private key being interceptedEnables criminals to communicate secretly
– Governments need access to combat crime– Key escrow/recovery allows access to some
May 14, 2003 Data Communications and Networks: Lecture 11: Security
26
RSA public key encryption
Choose two large prime numbers p and q Choose e relatively prime to (p-1)(q-1)
– They have no common divisors Calculate d such that ed = 1 mod (p-1)(q-1) Calculate n = pq Public key is (n, e); private key is d p and q must be kept secret Long computation to decrypt by factoring n
May 14, 2003 Data Communications and Networks: Lecture 11: Security
27
Encryption in Windows
Many programs can password protect files– E.g. Word, Excel, Access, WinZip
Windows NTFS can encrypt files, folders– Right-click, Properties, General, Advanced
E-mail and web pages can be encrypted– Passwords, messages, attachments
Microsoft Point to Point Encryption– Point to Point Tunneling Protocol for PPP
May 14, 2003 Data Communications and Networks: Lecture 11: Security
28
Some other uses of encryption
Authentication, confidentiality, integrity, non-repudiation
Pretty Good Privacy– High security free 128-bit RSA PKE algorithm
Secure Sockets Layer– Secure electronic financial Web transactions
Secure HTTP (HTTPS) and .shtml files– Digital IDs, signatures, certificates