Anda di halaman 1dari 63

1

Computer and Data Security -


Introduction
2
What is Computer Security?
The protection afforded to an automated
information system in order to attain the
applicable objectives of preserving the
integrity, availability and confidentiality of
information system resources (includes
hardware, software, firmware, information/data,
and telecommunications) is called Computer
Security.
3
What is Computer Security?
For some Computer Security is controlling access to
hardware, software and data of a computerized system.
A large measure of computer security is simply keeping the
computer system's information secure.
In broader terms, computer security can be thought of as
the protection of the computer and its resources against
accidental or intentional disclosure of confidential data,
unlawful modification of data or programs, the destruction
of data, software or hardware.
Computer security also includes the denial of use of ones
computer facilities for criminal activities including
computer related fraud and blackmail.
Finally, computer security involves the elimination of
weaknesses or vulnerabilities that might be exploited to
cause loss or harm.
4
The Need for Computer
Security
Why the need for Computer Security?
The value of computer assets and services
What is the new IT environment?
Networks and distributed applications/services
Electronic Commerce (E-commerce, E-business)
5
The Value of Computer
Assets and Services
Most companies use electronic information extensively
to support their daily business processes.
Data is stored on customers, products, contracts,
financial results, accounting etc.
If this electronic information were to become available
to competitors or to become corrupted, false or
disappear, what would happen? What would the
consequences be? Could the business still function?
6
Network Security Issues
The network is the computer
Proliferation of networks has increased security risks
much more.
Sharing of resources increases complexity of system.
Unknown perimeter (linked networks), unknown path.
Many points of attack.
Computer security has to find answers to network
security problems.
Hence today the field is called Computer and Network
Security.
7
Is there a Security Problem in
Computing?
Computer fraud in the U.S. alone exceeds $3 billion
each year.
Less than 1% of all computer fraud cases are detected
over 90% of all computer crime goes unreported.
Although no one is sure how much is lost to EFT
crime annually, the consensus is that the losses run in
the billions of dollars. Yet few in the financial
community are paying any heed.
Average computer bank theft amounts to $1.5 million.
8
Computer Crimes ...
Over 25% of all Fortune 500 corporations have been
victimized by computer crime with an average loss of
$2-10 million.
Total estimated losses due to computer crime range
from $300 million to $500 billion per year.
Computer-related crime has been escalating at a
dramatic rate.
Computer crimes continue to grow and plague
companies.
Computer crime is almost inevitable in any
organization unless adequate protections are put in
place.
9
Data From Real World
The following figures are included (source:
Datapro Research) as example, to give an idea
what is going on in the real world.
Common Causes of damage: Human Error 52%, Dishonest
people 10%, Technical Sabotage 10%, Fire 15%, Water 10%
and Terrorism 3%.
Who causes damage? Current employees 81%, Outsiders
13%, Former employees 6%.
Types of computer crime: Money theft 44%, Damage of
software 16%, Theft of information 16%, Alteration of data
12%, Theft of services 10%, Trespass 2%.
10
Computer Viruses
53% of BYTE readers have suffered losses of
data that cost an average of $14,000 per
occurrence.
There are over 3000 viruses with new ones
developed daily.
A survey of over 600 companies and
government agencies in the U.S. and Canada
shows that 63% found at least one virus on their
PCs last year.
11
Natural Disasters Another
Dimension
Millions of dollars of damage resulted from the 1989
San Francisco earthquake.
The fire at Subang International Airport knocked out
the computers controlling the flight display system. A
post office near the Computer Room was also affected
by the soot which decommissioned the post office
counter terminals. According to the caretaker, the
computers were not burnt but crashed because soot
entered the hard disks.
Fire, Earthquakes, Floods, Electrical hazards, etc.
How to prevent?
12
Negligence - The Human
Factor
Over 85% of the destruction of valuable
computer data involves inadvertent acts.
How to prevent?
Proper user training
Idiot proofing
13
Computer Security
Requirements
Secrecy
Integrity
Availability
Authenticity
Non-repudiation
Access control
14
Secrecy (Confidentiality)
Secrecy requires that the information in a
computer system only be accessible for reading
by authorized parties.
This type of access includes:
Printing
Displaying
Other forms of disclosure, including simply
revealing the existing of an object
15
Integrity
Integrity requires that the computer system
asset can be modified only by authorized
parties.
Modification includes:
Writing
Changing
Changing status
Deleting and
Creating
16
More About Integrity
I ntegrity: In lay usage, information has integrity when it is timely,
accurate, complete, and consistent. However, computers are
unable to provide or protect all of these qualities. Therefore, in
the computer security field, integrity is often discussed more
narrowly as having two data integrity and system integrity.
Data integrity is a requirement that information and programs are
changed only in a specified and authorized manner.
System integrity is a requirement that a system performs its
intended function in an unimpaired manner, free from deliberate
or inadvertent unauthorized manipulation of the system.
The definition of integrity has been, and continues to be, the
subject of much debate among computer security experts.
17
Availability
Availability requires that computer system
assets are available to authorized parties.
Availability is a requirement intended to assure
that systems work promptly and service is not
denied to authorized users.
18
Security of Data
Data
Confidentiality
Data
Integrity
Data
Availability
Secure Data
Data
19
Authenticity
Authenticity means that parties in a information
services can ascertain the identity of parties
trying to access information services.
Also means that the origin of the message is
certain.
Therefore two types:
Principal Authentication
Message Authentication
20
Non-repudiation
Originator of communications cant deny it
later.
Without non-repudiation you could place an
order for 1 million dollars of equipment online
and then simply deny it later.
Or you could send an email inviting a friend to
the dinner and then disclaim it later.
Non-repudiation associates the identity of the
originator with the transaction in a non-deniable
way.
21
Access Control
Unauthorized users are kept out of the system.
Unauthorized users are kept out of places on the
system/disk.
Typically makes use of Directories or Access
Control Lists (ACLs) or Access Control Matrix
Objects: Resources that need to be protected
Subjects: Entities that need access to resources
Rights: Permissions
Each entry is a triple <subject, object, rights>
22
Access Control Matrix
OBJECT 1 OBJECT 2 OBJECT 3 OBJECT 4
SUBJECT 1 ORW ORW R X
SUBJECT 2 R RW R R
SUBJECT 3 X X ORW ORW
SUBJECT 4 R R R RW
SUBJECT N X R R X
23
Multiple Access Controls
24
Security Requirements are
often Combined
For example:
User authentication
used for access
authorization
control purposes in
confidentiality.
Non-repudiation is
combined with
authentication.
Confidentiality
Availability Integrity
25
Type of Attacks/Threats in
Computer Systems
A threat is a danger which could affect the
security (confidentiality, integrity, availability)
of assets, leading to a potential loss or damage.
Interruption
Interception
Modification
Fabrication
26
Type of Attacks in
Computer Systems
27
Normal Flow of Information
28
Interruption
An asset of the system is destroyed or becomes
unavailable or unusable. This is an attack on
the availability.
Examples include destruction of a piece of
hardware, such as a hard disk, the cutting of a
communication link, or the disabling of the file
management system.
DOS - Denial of Service Attacks have become
very well known.

29
Interruption
30
Interception
Information disclosure/information leakage
An unauthorized party gains access to an asset.
This is an attack on confidentiality.
The unauthorized party could be a person, a
program, or a computer.
Examples include:
wiretapping to capture data in a network
the illicit copying of files or programs
31
Interception
32
Modification
Modification is integrity violation.
An unauthorized party not only gains access to
but tampers with an asset.
This is an attack on the integrity.
Examples include changing values in a data
file, altering a program so that it performs
differently, and modifying the content of a
message being transmitted in a network.
33
Modification
34
Fabrication
An unauthorized party inserts counterfeit
objects into the system. This is an attack on the
authenticity.
Examples include the insertion of spurious
messages in a network or the addition of
records to a file.
35
Fabrication
36
Classification of Attacks
Computer Security attacks can be classified into
two broad categories:
Passive Attacks can only observe communications
or data.
Active Attacks can actively modify
communications or data. Often difficult to perform,
but very powerful. Examples include
Mail forgery/modification
TCP/IP spoofing/session hijacking
37
Passive Attacks and Active
Attacks
38
Passive
Attacks and
Active Attacks
39
Passive Attacks
Eavesdropping on or monitoring of
transmission.
The goal of the opponent is to obtain
information that is being transmitted.
Two types:
Release-of-message contents
Traffic Analysis
40
Release-of-message
Contents
Opponent finds out the contents or the actual
messages being transmitted.
How to protect?
Encryption
Steganography
41
Traffic Analysis
More subtle than release-of-message contents.
Messages may be kept secret by masking or
encryption but
The opponent figures out information being
carried by the messages based on the frequency
and timings of the message.
How to protect?
Data/Message Padding
Filler Sequences
42
Passive Attacks Problems
Difficult to detect because there is no
modification of data.
Protection approach should be based on
prevention rather than detection.
43
Active Attacks
Active attacks involve some sort of
modification of the data stream or the creation
of a false stream.
Four sub-categories:
Masquerade
Replay
Modification of Messages
Denial of service
44
Masquerade
An entity pretends to be another.
For the purpose of doing some other form of
attack.
Example a system claims its IP address to be
what it is not, IP spoofing.
How to protect?
Principal/Entity Authentication
45
Replay
First passive capture of data and then its
retransmission to produce an unauthorized
effect.
Could be disastrous in case of critical messages
such as authentication sequences, even if the
password were encrypted.
How to protect?
Time stamps
Sequence Numbers
46
Modification of Messages
Some portion of a legitimate message is altered
or messages are delayed or reordered to
produce an unauthorized effect.
How to protect?
Message Authentication Codes
Chaining
47
Denial of Service - DOS
Prevents the normal use or management of
communication facilities.
Such attacks have become very common on the
Internet especially against web servers.
On the Internet remotely located hackers can
crash the TCP/IP software by exploiting known
vulnerabilities in various implementations.
One has to constantly look out for software
updates and security patches to protect against
these attacks.
48
Problems with Active
Attacks
Easy to detect but difficult to prevent.
Efforts are directed to quickly recover from
disruption or delays.
Good thing is that detection will have a
deterrent effect.
49
How Threats Affect
Computer Systems
HARDWARE
SOFTWARE
DATA
Interception
(Theft)
Interruption
(Denial of Service)
Interception
(Eavesdropping)
Interruption
(Loss)
Interception
(Theft)
Interruption
(Deletion)
Modification
(Malicious Code)
Fabrication Modification
50
A Model for Network
Security
51
Security Protocols
A protocol is a series of steps, involving two or more
parties, designed to accomplish a task.
Every one involved in a protocol must know the protocol
and all of the steps to follow in advance.
Everyone involved in the protocols must agree to follow it.
The protocol must be unambiguous; each step must be well
defined and there must be no chance of misunderstanding.
The protocol must be complete; there must be a specified
action for every possible situation.
It should not be possible to do more or learn more than what
is specified in the protocol.
52
The Actors in Security
Protocols
Alice First participant in all the protocols
Bob Second participant in all the protocols
Carol Participant in three- and four-party protocols
Dave Participant in four-party protocols
Eve Eavesdropper
Mallory Malicious active intruder
Trent Trusted arbitrator
Victor Verifier
Peggy Prover
Walter Warden; hell be guarding Alice and Bob in
some protocols
53
Security
Protocol Types
Arbitrated Protocols
Adjudicated Protocols
Self Enforcing
Protocols
Example Protocols
Key Exchange
Protocols
Authentication
Protocols
Time stamping Service
Digital Cash
Bob
Trent
Alice
(a) Arbitrated Protocol
Bob Trent
Alice
(b) Adjudicated Protocol
Evidence Evidence
(After the fact)
Bob Alice
(c) Self-enforcing Protocol
54
Security
Protocol
Layers
The further
down you go,
the more
transparent it is

The further up
you go, the
easier it is to
deploy
Application
Presentation
Session
Transport
Network
Datalink
Physical
Application
Presentation
Session
Transport
Network
Datalink
Physical
Email - S/MIME
SSL
IPSec
PPP - ECP
PHYSICAL NETWORK
Encrypting
NIC
Encrypting
NIC
55
Security Services Provided
by Security Protocols
Access control: Protects against unauthorized
use.
Authentication: Provides assurance of
someone's identity.
Confidentiality: Protects against disclosure to
unauthorized identities.
Integrity: Protects from unauthorized data
alteration.
Non-repudiation: Protects against originator of
communications later denying it.
56
Security Mechanisms
Three basic building blocks are used:
Encryption is used to provide confidentiality, can
provide authentication and integrity protection.
Digital signatures are used to provide
authentication, integrity protection, and non-
repudiation.
Checksums/hash algorithms are used to provide
integrity protection, can provide authentication.
One or more security mechanisms are
combined to provide a security
service/protocol.
57
Services, Mechanisms,
Algorithms
A typical security protocol provides one or
more security services (authentication, secrecy,
integrity, etc.)
Services are built from mechanisms.
Mechanisms are implemented using algorithms.
SSL
Signatures Encryption Hashing
DSA RSA RSA DES SHA1 MD5
Services
(Security Protocols)
Mechanisms
Algorithms
58
Security Protocols (Services)

Standards-based Security Protocols

Proprietary Security Protocols

SSL

IPSec

PrivateWire

Big Brother

Mechanisms

Encryption

Signature

Hashing

Key Exchange

Algorithms

Symmetric

Asymmetric

Asymmetric

Symmetric

MD-5
SHA-1

Diffie-Hellman

DES
AES

RSA
ECC

DSA
RSA

DESMAC

Services, Mechanisms,
Algorithms
59
Encryption and Security
Encryption is a key enabling technology to
implement computer security.
But Encryption is to security like bricks are to
buildings.
In the next module we will study encryption in
detail.
60
Network Access Security
Model
Firewalls and Security
Gateways are based on this
model
61
Computer security is based
on eight major elements:
1. Computer security should support the mission of the
organization.
2. Computer security is an integral element of sound
management.
3. Computer security should be cost-effective.
4. Computer security responsibilities and accountability should
be made explicit.
5. System owners have computer security responsibilities
outside their own organizations.
6. Computer security requires a comprehensive and integrated
approach.
7. Computer security should be periodically reassessed.
8. Computer security is constrained by societal factors.
62
Usability and Security


Security
Convenience
/ Usability
0
Determine
where on this
line your
organization
needs lie
63
Typical Security Solutions
and Technologies
Physical security
Encryption
Access control
Automatic call back
Node authentication
Differentiated access
rights
Antivirus software
Public Key
Infrastructure
Firewalls
User authentication
Passwords and
passphrases
Challenge-response
systems
Token or smart cards
Exchange of secret
protocol
Personal characteristics -
Biometrics