Slides by H. Johnson & S. Malladi- Modified by SJF-S '06

1

Computer and Information

Security

Overview

•

Security Goals

•

The need for security

•

OSI Security Architecture

•

Attacks, services and mechanisms

•

Security attacks

•

Security services

•

Methods of Defense

Security Goals

Security Goals

Integrity

Confidentiali ty

Security Goals

• Confidentiality

–

Concealment of information or

resources

• Integrity

–

Trustworthiness of data or resources

• Availability

Confidentiality

•

Need for keeping information secret

arises from use of computers in

sensitive fields such as government

and industry

•

Access mechanisms, such as

Integrity

•

Often requires preventing unauthorized

changes

•

Includes data integrity (content) and origin

integrity ( source of data also called

authentication)

•

Include prevention mechanisms and detection

mechanisms

– Example: Newspaper prints info leaked from White House and gives wrong source

Availability

•

Is an aspect of reliability and

system design

•

Attempts to block availability,

called

denial of service attacks

are

difficult to detect

The Need for Security

•

Computer Security

- the

collection of tools designed

–

to protect data and

–

to thwart hackers

•

Network security or internet

security-

security measures

Security

• Motivation: Why do we need security?

• Increased reliance on Information technology with or with out the use of networks

• The use of IT has changed our lives drastically.

• We depend on E-mail, Internet banking, and several other governmental activities that use IT

• Increased use of E-Commerce and the World wide web on the Internet as a vast repository of various kinds of

Security Concerns

• Damage to any IT-based system or activity can result in severe disruption of services and losses • Systems connected by networks are more prone

to attacks and also suffer more as a result of the attacks than stand-alone systems (Reasons?)

• _{Concerns such as the following are common}

– How do I know the party I am talking on the network is

really the one I want to talk?

– How can I be assured that no one else is listening and learning the data that I send over a network

Concerns continued…

•

Is the web site I am downloading

information from a legitimate one, or a

fake?

•

How do I ensure that the person I just did a

financial transaction denies having done it

tomorrow or at a later time?

•

I want to buy some thing online, but I don’t

want to let them charge my credit card

That is why…

•

..we need security

– To safeguard the confidentiality, integrity,

authenticity and availability of data transmitted over insecure networks

– Internet is not the only insecure network in this world

– Many internal networks in organizations are prone to insider attacks

(V.Shmatikov)

However, in reality

• Security is often over looked (not one of the top criteria)

• Availability, efficiency and performance tend to be the ones

• Buggy implementations

• Systems too complex in nature and rich in features can be filled with security holes

• Incorporation of security into networks, not growing with the rapidly growing number and size of networks

• Attacking is becoming so common and easy – there are books clearly explaining how to launch them

• Security and attacks are a perpetual cat-and-mouse

The Good News...

•

There a lot of techniques for defense

•

Educating people on security solves

many problems

•

About threats and on the existence of

security mechanisms, qualified

personnel, usability and economics

•

We will study a lot of network

defenses

OSI Security

Architecture

•

ITU-T Recommendation X.800

Security Architecture for OSI

•

International Telecommunications

Union (ITU) is a United Nations

sponsored agency that develops

standards relating to

OSI Network Stack and Attacks

(V. Shmatikov)

application presentation session transport network data link physical IP TCP email,Web,N FS RPC 802.11

Sendmail, FTP, NFS bugs, chosen-protocol and

version-rollback attacks

SYN flooding, RIP attacks, sequence number prediction IP smurfing and other

address spoofing attacks

RPC worms, portmapper exploits

WEP attacks

7 Layer Model

Layer

Functions

7 Application How application uses network 6 Presentatio

n How to represent & display data 5 Session How to establish communication

4 Transport How to provide reliable delivery (error checking, sequencing, etc.)

3 Network How addresses are assigned and packets are forwarded

2 Data Link How to organize data into frames & transmit

Attacks, Services and

Attacks, Services and

Mechanisms

Mechanisms

•

Security Attack:

Any action that

compromises the security of information.

•

Security Mechanism:

A mechanism

that is designed to detect, prevent, or

recover from a security attack.

•

Security Service:

A service that

enhances the security of data processing

systems and information transfers. A

Security Attacks

Security Attacks

Security Attacks

•

Interruption:

This is an attack on

availability

–

Disrupting traffic

–

Physically breaking communication line

•

Interception:

This is an attack on

confidentiality

–

Overhearing, eavesdropping over a

Security Attacks

(continued)

•

Modification:

This is an attack on

integrity

–

Corrupting transmitted data or

tampering with it before it reaches its

destination

•

Fabrication:

This is an attack on

authenticity

–

Faking data as if it were created by a

Threats and Attacks

•

Threat

- a potential for violation of

security or a possible danger that

might exploit a vulnerability

•

Attack

- an assault on system

security- an intelligent act that is a

deliberate attempt to evade

Threats

• Disclosure

– unauthorized access to

information

• Deception

– acceptance of false data

• Disruption

- interruption or

prevention of correct operation

Examples of Threats

•

Snooping intercepting information

(“passive” wiretapping)

•

Modification or alteration of

information by “active” wiretapping

•

Masquerading or spoofing

•

Repudiation of origin

Safeguards and

Vulnerabilities

•

A

Safeguard

is a countermeasure to

protect against a threat

•

A weakness in a safeguard is called a

Passive and active attacks

•

Passive attacks

– No modification of content or fabrication

– Eavesdropping to learn contents or other information (transfer patterns, traffic flows etc.)

•

Active attacks

– Modification of content and/or participation in communication to

• Impersonate legitimate parties • Modify the content in transit

Two types of threats

• Information access threats

– Intercept or modify data on behalf of users who should not have access to that data.

– E.g. corruption of data by injecting malicious code

• Service threats

– Exploit service flaws in computers to inhibit use by legitimate uses.

Fundamental threats

[McGibney04]

• Information leakage

– Disclosure to unauthorized parties

– Prince Charles mobile phone calls, 1993

• Integrity violation

– Corruption of data or loss of data

– Coca-Cola website defaced with slogans, 1997

• Denial of service

– Unavailability of system/service/network

– Yahoo!, 2000, 1Gbps

• _{Illegitimate use}

Services and Mechanisms

•

A

security

policy

is a statement of

what is and what is not allowed.

•

A

security

service

is a measure to

address a threat

– E.g. authenticate individuals to prevent unauthorized access

•

A

security

mechanism

is a means to

provide a service

Security Services

•

A security service is a service

provided by the protocol layer of a

communicating system (X.800)

•

5 Categories

–

Authentication

–

Access Control

–

Data confidentiality

–

Data Integrity

Security Services

Security Services

• Authentication (who created or sent the data) • Access control (prevent misuse of resources) • Confidentiality (privacy)

• Integrity (has not been altered)

• Non-repudiation (the order is final)

• Availability (permanence, non-erasure) – Denial of Service Attacks

Security Services

Examples

• Authentication

– Ensuring the proper identification of entities and origins of data before communication

• Access control

– Preventing unauthorized access to system resources

• Data confidentiality

– Preventing disclosure to unauthorized parties

• Data integrity

– Preventing corruption of data

• Non-repudiation

– Collecting proof to prevent denial of participation in transaction or communication

• Availability

Security Mechanisms

Examples

•

Two types

– Specific mechanisms existing to provide certain security services

• E.g. encryption used for authentication

– Pervasive mechanisms which are general mechanisms incorporated into the system and not specific to a service

Model for Network

Security

•

Basic tasks

–

Design an algorithm that opponent cannot

defeat

–

Generate the secret information to be

used with the algorithm

–

Develop methods for distributing secret

information

–

Specify a protocol to be used

Methods of Defense

Methods of Defense

• Encryption

• Software Controls

– (access limitations in a data base, in operating system protect each user from other users)

• Hardware Controls

– (smartcard)

• Policies

– (frequent changes of passwords)

Internet standards and

Internet standards and

RFCs

RFCs

•

The Internet society

–

Internet Architecture Board (IAB)

–

Internet Engineering Task Force (IETF)

Internet RFC Publication Process

Recommended Reading

Recommended Reading

• Pfleeger, C. Security in Computing. Prentice Hall, 1997.

• Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001

.

• Rita Summers, Secure Computing: Threats and Safe Guards, McGrawHill.

• Peter Ryan and Steve Schneider, Modeling and analysis of security protocols, Addison Wesley.

• V. Shmatikov, Network security and privacy, University of Texas, Austin, TX.