1 security in computing module 1 introduction. what is security? “the quality or state of being...
TRANSCRIPT
1
Security in Computing
Module 1Introduction
What Is Security?
• “The quality or state of being secure—to be free from danger”
2
Security - Years back
• Physical security– Information was primarily on paper– Lock and key– Safe transmission
• Administrative security– Control access to materials– Personnel screening– Auditing
3
Why Do We Need Security?
• Increased reliance on Information technology with or with out the use of networks
• The use of IT has changed our lives drastically.
• We depend on E-mail, Internet banking, and several other governmental activities that use IT
4
Why Do We Need Security?
• Increased use of E-Commerce and the World wide web on the Internet as a vast repository of various kinds of information (immigration databases, flight tickets, stock markets etc.)
5
Why Do We Need Security?
• Protect sensitive resources– Prevent loss– Prevent damage
• In the context of information systems– Prevent unauthorized users from
reading information (loss)• Guarantee confidentiality
6
– Prevent unauthorized users from tampering with information (damage)• Guarantee integrity
• Computing Systems:– Hardware, software, storage media,
data & people
7
What is Computer Security?
• Wikipedia: Computer security is the effort to create a secure computing platform, designed so that agents (users or programs) cannot perform actions that they are not allowed to perform, but can perform the actions that they are allowed to.
• A computer is secure if you can depend on it and its software to behave as you expect.
8
• “Measures and tools to protect data and thwart hackers is called Computer Security”.
Network security or internet security- security measures needed to protect data during their transmission
9
Some differences between traditional security and
information security
• Information can be stolen - but you still have it
• Confidential information may be copied and sold - but the theft might not be detected
• The criminals may be on the other side of the world
10
What features should a computer security system
provide?
• Confidentiality– Concealment of information or resources– the protection of information from
unauthorized or accidental disclosure
• Integrity– Trustworthiness of data or resources– assures information is as entered and
intended; that the information has not been incorrectly modified, corrupted or destroyed.
11
What features should a computer security system
provide?
• Availability– Ability to use information or
resources.– assures that assets are available
when needed to support the organizational enterprise on a timely and reliable basis.
12
Security GoalsSecurity Goals
Integrity
Confidentiality
Availability
Secure
13
Attacks, Services and Attacks, Services and MechanismsMechanisms
• Security Attack: Any action that compromises the security of information.
• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms
14
Security Attacks
• Vulnerability• Threats• Attacks
15
Security AttacksSecurity Attacks
16
Security AttacksSecurity Attacks
• Interruption: This is an attack on availability– Destruction of hardware device– Malfunction of OS file manager– Physically breaking communication
line– Disrupting traffic
17
Interruption
18
Security Attacks (continued)
• Interception: This is an attack on confidentiality– Overhearing, eavesdropping over a
communication line
19
Security Attacks (continued)
Interception
20
Security Attacks (continued)
• Modification: This is an attack on integrity– Corrupting transmitted data or
tampering with it before it reaches its destination
21
Security Attacks (continued)
Modification
22
Security Attacks (continued)
• Fabrication: This is an attack on authenticity– Faking data as if it were created by a
legitimate and authentic party
23
Security Attacks (continued)
Fabrication
24
Passive and active attacks• Passive attacks
– No modification of content or fabrication– Eavesdropping to learn contents or other
information (transfer patterns, traffic flows etc.)
• Active attacks– Modification of content and/or participation in
communication to• Impersonate legitimate parties• Modify the content in transit• Launch denial of service attacks
25
26
Passive and active attacks• Passive attacks:eavesdropping on, or
monitoring of, transmissions to:– obtain message contents, or– monitor traffic flows
• Active attacks:modification of data stream to:– masquerade of one entity as some other– replay previous messages– modify messages in transit– denial of service
27
28
Passive Attacks and Active Attacks
Passive Attacks
29
Passive Attacks
30
31
Active Attacks
• Active attacks involve some sort of modification of the data stream or the creation of a false stream.
• Four sub-categories:– Masquerade– Replay– Modification of Messages– Denial of service
32
Masquerade
• An entity pretends to be another.• For the purpose of doing some
other form of attack.• Spoofing,impersonation.
33
Replay
• First passive capture of data and then its retransmission to produce an unauthorized effect.
34
Modification of Messages
• Some portion of a legitimate message is altered or messages are delayed or reordered to produce an unauthorized effect.
35
Denial of Service - DOS
• Prevents the normal use or management of communication facilities.
• Such attacks have become very common on the Internet especially against web servers.
• On the Internet remotely located hackers can crash the TCP/IP software by exploiting known vulnerabilities in various implementations.
• One has to constantly look out for software updates and security patches to protect against these attacks.
Active Attacks
36
Active Attacks
37
Problems
• Passive attacks– Difficult to detect– Protection approach - prevention
• Active attacks– Easy to detect but difficult to prevent– Recovery
38
Network Security
Computer networks are widely used to connect computers at distant locations.
Raises additional security problems:o Data in transmission must be
protected.o Network connectivity exposes each
computer to more vulnerabilities.
39
Model for Network Security
• Two components:– Security related transformation
• Encryption• Additional codes
– Secret information • Encryption key
• May need a trusted third part to assist
40
41
Model for Network Security
• Basic tasks in designing security service:– Design an algorithm that opponent
cannot defeat– Generate the secret information to be
used with the algorithm– Develop methods for distributing secret
information– Specify a protocol to be used
42
Computer Criminals• Amateurs: regular users, who exploit the
vulnerabilities of the computer system– Motivation: easy access to vulnerable
resources• Crackers: attempt to access computing
facilities for which they do not have the authorization– Motivation: enjoy challenge, curiosity
• Career criminals: professionals who understand the computer system and its vulnerabilities– Motivation: personal gain (e.g., financial)
43
44
• Hackers• Crackers
Malicious Software
45
46
Virus Virus lifecycle:1. Dormant phase: the virus is idle. (not
all viruses have this stage)2. Propagation phase: the virus places
an identical copy of itself into other programs of into certain system areas.
3. Triggering phase: the virus is activated to perform the function for which it was created.
4. Execution phase: the function is performed. The function may be harmless or damaging.
Functional structure of Virus
47
VIRUS
Anti-detection routine
Search Copy
48
How Viruses Append
Originalprogram
Virus code
Originalprogram
Virus code
Virus appended to program
+ =
49
How Viruses Append
Originalprogram
Virus code
Originalprogram
Virus code Part a
Virus surrounding a program
+ =
Virus code Part b
50
How Viruses Append
Originalprogram
Virus code
Originalprogram
Virus-1
Virus integrated into program
+ =
Virus-2
Virus-3Virus-4
Home for Viruses
• High risk virus properties: – Hard to detect– Hard to destroy– Spread infection widely– Can re-infect– Easy to create – Machine & OS independent
• Earlier – repeated execution of code so that virus could multiply
51
Home for Viruses
• One-Time execution– E-mail attachment
• Boot Sector viruses• Memory –Resident viruses• Application programs
– Macro
• Libraries
52
Types of viruses
• Parasitic virus: Most common form. Attaches itself to a file and replicates when the infected program is executed.(File virus-executable files)
• Memory resident virus: Lodged in main memory as part of a resident system program. Virus may infect every program that executes.
53
Types of viruses• Boot Sector Viruses:
– Infects the boot record and spreads when system is booted.
– Gains control of machine before the virus detection tools.
– Very hard to notice– Carrier files: AUTOEXEC.BAT,
CONFIG.SYS,IO.SYS
• Multipartite Viruses: infects both(files & boot sector)
54
Types of viruses
• Stealth virus: a form of virus explicitly designed to hide from detection by antivirus software.
• Polymorphic virus: a virus that mutates with every infection, making detection by the “signature” of the virus difficult.
55
Example
• Code red worm signature
56
Types of viruses
• Macro viruses: infect macro-enabled documents, especially the Microsoft Office suite of applications -Word and Excel. When opened, an infected document executes a macro automatically or the user does so accidentally. Then infects other documents on the disk.
• Email virus
57
Other Malicious Programs• Virus - A hidden, self-replicating section of computer software,
usually malicious logic, that propagates by infecting (i.e., inserting a copy of itself into and becoming part of) another program. A virus cannot run by itself; it requires that its host program be run to make the virus active.
• Worm - A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.
• Trojan horse - A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
58
Other Malicious Programs• Logic bomb - Malicious [program] logic that activates when
specified conditions are met. Usually intended to cause denial of service or otherwise damage system resources.
• Time bomb – is a logic bomb whose trigger is a time or date.
• Trapdoor or backdoor - A hidden computer flaw known to an intruder, or a hidden computer mechanism (usually software) installed by an intruder, who can activate the trap door to gain access to the computer without being blocked by security services or mechanisms.
• Zombie – A program that secretly takes over another Internet attached computer and then uses that computer to launch attacks. Difficult to trace zombie’s creator. Used for DoS attacks
• Rabbit59
Services and Mechanisms
• A security policy is a statement of what is and what is not allowed.
• A security service is a measure to address a threat – E.g. authenticate individuals to prevent
unauthorized access
• A security mechanism is a means to provide a service – E.g. encryption, cryptographic protocols
60
Security Services• A security service is a service
provided by the protocol layer of a communicating system (X.800)
• 5 Categories– Authentication– Access Control– Data Confidentiality– Data Integrity– Nonrepudiation – (Availability)
61
Security Services
• Security services (X.800) falls under five categories:
• Authentication:The assurance that the communicating entity is the one that it claims to be– Peer Entity Authentication– Data-Origin Authentication
62
Security Services• Access Control : The prevention of
unauthorized use of a resource - Who can access, Under what conditions, What they are allowed to do
• Data Confidentiality :The protection of data from unauthorized disclosure– Connection Confidentiality– Connectionless Confidentiality– Selective-Field Confidentiality– Traffic-flow Confidentiality
63
Security Services
• Data Integrity: The assurance that data received are exactly as sent by an authorized entity (i.e. contain no modification, insertion, deletion, or replay)– Connection Integrity with Recovery– Connection Integrity without Recovery– Selective-Field Connection Integrity– Connectionless Integrity– Selective-Field Connectionless Integrity
64
Security Services
• NonRepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication– NonRepudiation, origin– NonRepudiation, destination
65
Security Services Examples
• Authentication– Ensuring the proper identification of entities and origins of
data before communication• Access control
– Preventing unauthorized access to system resources• Data confidentiality
– Preventing disclosure to unauthorized parties• Data integrity
– Preventing corruption of data• Non-repudiation
– Collecting proof to prevent denial of participation in transaction or communication
• Availability– Protection against denial-of-service
66
Security Mechanisms• Security Mechanisms :A mechanism
that is designed to detect, prevent or recover from a security attack.
• Two types– Specific mechanisms existing to provide
certain security services• E.g. encryption used for authentication
– Pervasive mechanisms which are general mechanisms incorporated into the system and not specific to a service
• E.g. security audit trail
67
Specific Security Mechanisms
• 1. Specific Security Mechanisms• May be incorporated into the appropriate protocol layer
in order to provide some of the OSI security services
– Encipherment– Digital Signature– Access Control– Data Integrity– Authentication Exchange– Traffic Padding– Routing Control– Notarization
68
Pervasive Security Mechanisms
• Pervasive Security Mechanisms
Mechanisms those are not specific to any particular OSI security service or protocol layer.
• Trusted Functionality– That which is perceived to be true by some criteria
• Security Label– The marking of (bound to) a resource that names or
designates the security attributes of the resource
69
Pervasive Security Mechanisms
• Event Detection– Intrusion detection– Detection of specific hacks (detector hardware)– Too many log in attempts
• Security Audit Trail– Logging of all system events
• Security Recovery– Recovery based on requests from security
mechanisms and/or event handling.
70
Methods of DefenseMethods of Defense
• Encryption• Software Controls
– (access limitations in a data base, in operating system protect each user from other users)
• Hardware Controls – (smartcard)
• Policies – (frequent changes of passwords)
• Physical Controls71