computer and network security rabie a. ramadan. organization of the course (cont.) 2 textbooks...
TRANSCRIPT
Computer and Network Security
Rabie A. Ramadan
Organization of the Course (Cont.)
2
Textbooks
• William Stallings, “Cryptography and Network
Security,” Fourth Edition
• Behrouz A. Forouzan, “Cryptography and Network
Security,” 2008 Edition
• Charles P. Pfleeger and Shari L. Pfleeger,
“Security in Computing,” third addition
Course Contents
3
Introduction to Cryptography Authentication Functions Symmetric Key-Exchange Protocols Asymmetric Key-Distribution and Cryptography Network Layer Security Transport Layer Security Introduction to wireless network security
Exams
4
Do not worry about the exam as long as :
• You are attending
• Done with your project
• Done with your presentation
• Assignments are delivered
Projects or Term Papers
5
• There will be a term project
• Only 2 persons per project
• You can select your own project after my approval
• Project report must follow IEEE format
• Deadline of the projects proposal is two weeks from today
• Suggested Projects and Term Papers
Table of Contents
6
Introduction Security Goals Attacks Services and Mechanisms Security mechanisms Techniques
Introduction
7
The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.
—The Art of War, Sun Tzu
Introduction
8
In old days , to be secure,• Information maintained physically on a secure place
• Few authorized persons have access to it (confidentiality)
• Protected from unauthorized change (integrity)
• Available to authorized entity when is needed (availability)
Nowadays, • Information are stored on computers
• Confidentiality are achieved few authorized persons can access the files.
• Integrity is achieved few are allowed to make change
• Availability is achieved at least one person has access to the files all the time
Introduction
9
Achieving Confidentiality , Integrity, availability is a challenge:
• Distributed information
• Could be captured while it is transmitted
• Could be altered
• Could be blocked
Security Goals
10
Confidentiality• Ensures that computer-related assets are accessed only by
authorized parties.
• Sometimes called secrecy or privacy.
Integrity• Assets can be modified only by authorized parties or only in
authorized ways.
Availability • assets are accessible to authorized parties at appropriate times.
• The opposite is denial of service.
Security Goals
11
Strong protection is based on Goals relations
Goals are Applied to
12
Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers
Network Security - measures to protect data during their transmission
Internet Security - measures to protect data during their transmission over a collection of interconnected networks
Our Aim of this Part
13
Our main concern is: • Network and Internet Security
• Protecting the information while it is transmitted
Will touch the computer security• Presentations
• Assignments
• Projects
Threats , vulnerability, and Attacks
14
Crossing the water to the right is a Threat to the man.
• Ex. (Computer) software failures
Crossing the water through the wall crack is a Vulnerability.
• Ex. (Computer) Open ports
Somebody or another system destroyed the wall is an Attack
• Ex. (Computer) sending an overwhelming set of messages to another system to block it.
Attacks
15
Passive Attacks • Attempts to learn or make use of information from the system
but does not affect system resources.
• Eavesdropping or monitoring of transmissions
Active Attacks • Attempts to alter system resources or affect their operation.
Passive Attacks
16
Release of message contents / snooping
Passive Attacks (Cont.)
17
Traffic Analysis/ spoofing
Passive Attacks are hard to be detected
Active Attacks
18
Masquerade• One entity pretends to be a different entity
Active Attacks (Cont.)
19
Replay Attack • Passive capture of a data unit and its subsequent retransmission
to produce an unauthorized effect.
Active Attacks (Cont.)
20
Modification Attack • Some portion of a legitimate message is altered, or that messages
are reordered, to produce an unauthorized effect
Active Attacks (Cont.)
21
Denial of Service• Prevents or inhibits the normal use or management of
communications facilities
Group Activities
22
Which of the following attacks is a threat to which of the security goals?
Attacks Security Goals Modification Confidentiality
Masquerading Integrity
Traffic Analysis Availability
Denial of service
Replaying
Snooping
Answer
23
Security Attacks
Snooping
Traffic Analysis
Modification
Masquerading
Replaying
Denial of Service
Confidentiality Integrity Availability