Information security involves protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. It encompasses a range of strategies and practices, including encryption, access control, and network security, aimed at ensuring the confidentiality, integrity, and availability of information. This field is crucial in today's digital age to safeguard sensitive data and systems from cyber threats and attacks.
2. Introduction
• Fundamental concept
– CIA
– AAA
– Threats and attacks
– Security principles
• Access control models
– Access Control Matrices
– Access Control Lists
– Capabilities
– Role based access control
• Cryptographic concepts
– Encryption
– Digital signatures
– Simple attacks on cryptosystems
– Cryptographic has functions
– Digital Certificates
2
3. Defining Security
• The security of a system, application, or protocol is
always relative to
– A set of desired properties
– An adversary with specific capabilities
• For example, standard file access permissions in Linux
and Windows are not effective against an adversary
who can boot from a CD
3
4. A sound security model
• Define security properties
• Anticipate the types of attacks
• The design should be usable and simple
– If security measure are difficult to understand
then it will lead to failure of adoption
• Implementation (H/w or S/w) should be
tested for programming errors
• When deployed, it should be monitor.
• Patches must be applied when available
4
6. Confidentiality
• Confidentiality is the avoidance of the
unauthorized disclosure of information.
– confidentiality involves the protection of data,
– providing access for those who are allowed to see
it while disallowing others from learning anything
about its content.
6
7. Tools for Confidentiality
• Encryption: the transformation of information using a secret,
called an encryption key, so that the transformed information
can only be read using another secret, called the decryption
key (which may, in some cases, be the same as the encryption
key).
7
8. Tools for Confidentiality
• Access control: rules and policies that limit
access to confidential information to those
people and/or systems with a “need to know.”
– This may be determined by identity, such as a
person’s name or a computer’s serial number, or
by a role that a person has, such as being a
manager or a computer security specialist.
8
9. Cont.
Access control
prevention of the unauthorized use of a
resource, that is this service controls
- who can have access to a resource
- under what condition access can occur
- and what those accessing are allowed to
do
9
10. Tools for Confidentiality
• Authentication: the determination of the identity or
role that someone has. This determination can be done
in a number of different ways, but it is usually based on
a combination of
– something the person has (like a smart card or a radio key
storing secret keys),
– something the person knows (like a password),
– something the person is (like a human with a fingerprint).
10
Something you have
radio token with
secret keys
Something you know
password=ucIb()w1V
mother=Jones
pet=Caesar
Something you are
human with fingers
and eyes
11. Tools for Confidentiality
• Authorization: the determination if a person or system is
allowed access to resources, based on an access control
policy.
– Such authorizations should prevent an attacker from tricking the
system into letting him have access to protected resources.
• Physical security: the establishment of physical barriers to
limit access to protected computational resources. It
includes
– locks on cabinets and doors,
– placement of computers in windowless rooms,
– use of sound dampening materials,
– construction of buildings or rooms with walls incorporating
copper meshes (called Faraday cages) so that electromagnetic
signals cannot enter or exit the enclosure.
11
12. Cont.
• Browser verify that website we are connecting to is
indeed(Really) who it says it is.
– Authentication
• Website might be checking our browser and can we access
that page according to ACP
– Authentication and access control
• Browser may ask the website for encryption key to
encrypt credit card no.
– Encryption
• Finally our credit card no. reaches at server :
– Physical security, access policy, authorization and
authentication to safe credit card no
12
13. [Physical security]
• One can determine the letters by
– Listening to the recording of key stokes
• Possible to reconstruct the image of computer
screen
– By monitoring its electromagnetic radiations
– From video of blank wall the screen was shining
on
• Physical security is IS concept and should not
be taken for granted
13
14. Integrity
• Integrity: the property that information has not be
altered in an unauthorized way.
• Tools
– Backups: the periodic archiving of data.
– Checksums:
• the computation of a function that maps the contents of a file to a
numerical value.
• A checksum function depends on the entire contents of a file and
is designed in a way that even a small change to the input file is
highly likely to result in a different output value.
– Data correcting codes:
• methods for storing data in such a way that small changes can be
easily detected and automatically corrected.
• Apply to small data such as byte or word
• Metadata of the data also need to be protected
14
15. Availability
• Availability: the property that information is
accessible and modifiable in a timely fashion
by those authorized to do so.
• Tools:
– Physical protections: infrastructure meant to keep
information available even in the event of physical
challenges.
– Computational redundancies: computers and
storage devices that serve as fallbacks in the case
of failures.
15
17. Assurance
• Assurance refers to how trust is provided and managed
in computer systems.
• Trust management depends on:
– Policies, which specify behavioral expectations that people
or systems have for themselves and others.
• E.g., the designers of an online music system may specify policies
that describe how users can access and copy songs.
– Permissions, which describe the behaviors that are
allowed by the agents that interact with a person or
system.
• For instance, an online music store may provide permissions for
limited access and copying to people who have purchased certain
songs.
– Protections, which describe mechanisms put in place to
enforce permissions and polices.
• We could imagine that an online music store would build in
protections to prevent people from unauthorized access and
copying of its songs. 17
18. Example: Internet Browser
• “Locks the lock” indicate that comm. is secure
• Perform no of services on behalf of user
– Encrypting the session
– Authenticate the website
18
19. Authenticity
• Authenticity is the ability to determine that
statements, policies, and permissions issued by
persons or systems are genuine.
• Primary tool:
– Nonrepudiation, which is the property that authentic
statements issued by some person or system cannot be
denied
– Digital signatures
• These are cryptographic to authenticate a document
• If doc is modified then become invalid
• Requirement : must have electronic
way to identify people
19
20. Anonymity
• Anonymity: the property that certain records or
transactions not to be attributable to any
individual.
• Tools:
– Aggregation:
• the combining of data from many individuals so that
disclosed sums or averages cannot be tied to any individual.
– Mixing:
• the intertwining of transactions, information, or
communications in a way that cannot be traced to any
individual.
– Proxies:
• trusted agents that are willing to engage in actions for an
individual in a way that cannot be traced back to that
person. 20
21. Aspects of Security
• Security attack
Any action that compromises the security of
information owned by an organization.
• Security mechanism
A process that is designed to detect, prevent or
recover from a security attack.
• Security service
Services that enhances the security of the data
processing systems and the information transfers
of an organization.
These services are intended to counter security
attacks, and they make use of one or more
security mechanisms to provide the service.
21
22. Threat and attack
• A threat is a possible potential danger that
might exploit a vulnerability.
– Exploit is a sequence of commands that take
advantage of a vulnerability in order to cause
damage
– Vulnerability is applied to a weakness in a system
which allows an attacker to violate the integrity of
that system
• An attack is an unlawful attempt on a system
security that drives from an intelligent threat.
22
23. Security Attacks
• Any action that compromises the security of
information owned by an organization
• Information security is about how to prevent attacks,
or failing that, to detect attacks on information-
based systems
• have a wide range of attacks
• Classification according to X.800
– Passive attack
– Active attack
23
26. Threats and Attacks
• Eavesdropping: the interception(Capture) of
information intended for someone else during
its transmission over a communication channel.
26
Bob
Alice
Eve
27. Threats and Attacks
• Alteration: unauthorized modification of
information.
– Example: the man-in-the-middle attack, where a
network stream is intercepted, modified, and
retransmitted.
27
encrypt decrypt
ciphertext C
shared
secret
key
plaintext M plaintext M′
shared
secret
key
Communication
channel
Sender Recipient
Attacker
(intercepting)
ciphertext C′
28. Threats and Attacks
• Denial-of-service: the interruption or
degradation of a data service or information
access.
– Example: email spam, to the degree that it is meant
to simply fill up a mail queue and slow down an
email server.
28
Alice
29. Threats and Attacks
• Masquerading: the fabrication of information
that is purported(suppose) to be from someone
who is not actually the author.
29
“From: Alice”
(really is from Eve)
30. Threats and Attacks
• Repudiation: the denial of a commitment or
data receipt.
– This involves an attempt to back out of a contract or
a protocol that requires the different parties to
provide receipts acknowledging that data has been
received.
30
31. Threats and Attacks
• Correlation and traceback: the integration of
multiple data sources and information flows to
determine the source of a particular data
stream or piece of information.
31
Bob
32. Security Mechanisms
• Specific security mechanisms:
– Encipherment:
use of mathematical algorithm to transform data
into a form that is not understandable
– Digital signatures :
use of cryptographic transformation on a data unit
that allows a recipient of the data unit to prove that
source and integrity of data unit
– Access controls:
mechanisms that enforce access rights to resources
– Data integrity:
32
33. Cont.
– Authentication exchange
mechanism used to ensure the integrity of an
entity by mean of information exchange
– Traffic padding
insertion of bits in a data stream to frustrate
traffic analysis attempt
– Routing control
enable selection of physically secure route for
data transmission
– Notarization
use of trusted third party to ensure certain
properties of data exchange
33
34. Examples of Security Violations
• A transmit a file (containing sensitive information) to
B. C, who is not authorized to read the file, is able
monitor the transmission
• Administrator D sends a message to computer E for
updating an authorization file. F intercept the
message, alters its content to add or delete entries,
and then forwards the message to E. E accept the
message and update the authorization file
• Rather than intercept, F constructs its own message
and send it to E
34
35. Cont.
• An employee X is fired. X is able to intercept
the message that is send to invalidate the
employee account. X is able to delay the
message long enough to access the sensitive
information from the server. X then forward
the message and the action taken. This delay
may go unnoticed
• A message is send from a customer to a
stockbroker. Afterwards, investment loose
value and customer denies the sending
message.
35
Notes de l'éditeur
The OSI security architecture focuses on security attacks,mechanisms,and services.
A threat is a possible potential danger that might exploit a vulnerability.
Is a sequence of commands that take advantage of a vulnerability in order to cause
vulnerability is applied to a weakness in a system which allows an attacker to violate the integrity of that system.
Passive attacks attempt to learn or make use of information from the system but does not affect system resources.
By eavesdropping on, or monitoring of, transmissions to:
+ obtain message contents or
+ monitor traffic flows ( … opponent could determine the frequency and length of messages being exchange this kind of information maybe helpful in determining the nature of communication that was taking place)
Are difficult to detect because they do not involve any alteration of the data.
Active attacks attempt to alter system resources or affect their operation.
By modification of data stream to:
+ masquerade of one entity as some other
+ replay previous messages (as shown above in Stallings Figure 1.4b)
+ modify messages in transit
+ denial of service
Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical,software,and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.