Introduction Security concepts OSI security architecture o Security attacks, o Security Services o Security Mechanisms Models for network (access) security Network security terminologie
28/08/2017 Lecturer: Nguyễn Thị Thanh Vân – FIT - HCMUTE Introduction Security concepts OSI security architecture o Security attacks, o Security Services o Security Mechanisms Models for network (access) security Network security terminologies 28/08/2017 28/08/2017 Changes in information security physical media Storage devices data transmission on network 27/08/2017 Security Physical Security Technological Security Application Security OS Security Network Security Mr Gopal Sakarkar 28/08/2017 Computer Security: The protection an information system in order to attain the applicable objectives of preserving of information system resources: (CIA Triad) o Integrity: Prevents unauthorized modification of S&I o Availability: Prevents disruption of service and productivity o Confidentiality: Prevents unauthorized disclosure of systems and information (includes hardware, software, firmware, information/ data, and telecommunications) Availability 27/08/2017 Confidentiality Data confidentiality: not made available or disclosed to unauthorized individuals o Privacy: all individual information may be collected and stored and by whom and to whom that information may be disclosed o Integrity o o Data integrity: are changed only in a specified and authorized manner System integrity: System performs its intended function in an undamaged manner, avoid to unauthorized handling of the system Availability o Assures that systems work promptly and service is not denied to authorized users 27/08/2017 28/08/2017 27/08/2017 Authentication o Verifying that users are who they say they are and that each input arriving at the system came from a trusted source Accountability (nonrepudiation) o The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity 27/08/2017 28/08/2017 28/08/2017 Threat o A potential for violation of security, it exists and could breach security and cause harm That is, a threat is a possible danger that might exploit a vulnerability Attack o An assault (attack) on system security that derives from an intelligent threat; that is, an intelligent act evade security services and violate the security policy of a system Vulnerability o A way by which loss can happen 27/08/2017 10 28/08/2017 ITU-T3 Recommendation X.800, Security Architecture for OSI The OSI security architecture: defines a systematic approach is useful to managers in organizing the task of providing security Security attack Security mechanism Security service 27/08/2017 11 Security attack: o Any action that compromises the security of information owned by an organization Security mechanism: o A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack Security service: o A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization The services are intended to counter (cope) security attacks, and they make use of one or more security mechanisms to provide the service 27/08/2017 12 28/08/2017 A means of classifying security attacks, used both in RFC 4949 o A passive attack attempts to learn or make use of information from the system but does not affect system resources o An active attack attempts to alter system resources or affect their operation 27/08/2017 13 Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions The goal of the opponent is to obtain information that is being transmitted (namespace, IP range, employee, phone numbers…) Passive attacks are very difficult to detect, because they not involve any alteration of the data Passive Attack Release of Message Contents (Interception) 27/08/2017 Traffic Analysis 14 28/08/2017 an opponent learns the contents of information in transmissions Hi, I am Bob Hi, I am Bob Hi, I am Bob related goals? 27/08/2017 15 determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged Meet me at Cinemax Meet me at Cinemax Phhw ph dw flqhpda 27/08/2017 related goals? 16 28/08/2017 Involve some modification of the data stream or the creation of a false stream Difficult to prevent because of the wide variety of potential physical, software, and network vulnerabilities Goal is to detect attacks and to recover from any disruption or delays caused by them Active Attack Replay Modification Denial of Service (Interuption) Masquerade (Fabrication) 27/08/2017 17 • Takes place when one entity pretends to be a different entity • Usually includes one of the other forms of active attack related goals? 27/08/2017 18 28/08/2017 • Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect Transfer Rs.1000 to Darth Transfer Rs.1000 to Darth Transfer Rs.1000 to Darth related goals? 27/08/2017 • Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect Transfer Rs.10,000 to Darth Transfer Rs.1,000 to Darth 27/08/2017 19 Transfer to Darth related goals? Rs.10,000 20 10 28/08/2017 Something the individual knows Something the individual process Password PIN, Answer Smart card Physical key Token Something the individual is (Static biometrics) fingerprint retina, Face iris Something the individual does (Dynam ic biom etric) 27/08/2017 Voice, Handwriting Typing rhythm 29 GOTPass: users employ “images and a one-time numerical code” in order to secure password o using patterns and images instead of letters and numbers o the generated digits random code 27/08/2017 30 15 28/08/2017 Guessing the password for a given user allows impersonation Impersonating a real login program Keylogging to steal a password • • • • Four basic techniques are in use: User education Computer-generated passwords Reactive password checking Complex password policy Do not store passwords, but store something that is derived from them o Use a one-way hash function and store the result o The password file is readable only for root/admin 27/08/2017 31 16 28/08/2017 If we not have a trusted path between a user and the system, what problem may occur Check the correct answer(s): User is not able to log into the system User may provide the password to a malicious program In the past, hashed passwords were stored in a publicly readable file /etc/passwd Why were shadow password files added instead of making/etc/passwd file readable only to privileged users? Shadow files are more efficient to access There is other public information in /etc/passwd file that various utilities need The hash function used for computing hashed password values should meet the following requirements Check the correct answer(s): Provide more efficient storage of password related information Produce different hashed values for distinct passwords Its inverse should be very hard to compute How many unique four digits PINs are possible? Check the correct answer: 1,000 100,000 10,000 1,000,000 17 28/08/2017 Prevents either sender or receiver from denying a transmitted message Nonrepudiation, Origin Proof that the message was sent by the specified party Nonrepudiation, Destination Proof that the message was received by the specified party 27/08/2017 35 27/08/2017 36 18 28/08/2017 To make these assurances, the content must be digitally signed by the content creator, Using a signature that satisfies the following criteria: o The digital signature is valid o The certificate associated with the digital signature is current (not expired) o The signing person or organization, known as the publisher, is trusted o The certificate associated with the digital signature is issued to the signing publisher by a reputable certificate authority (CA) 27/08/2017 OSI 37 The ability to limit and control the access to host systems and applications via communications links o each entity trying to gain access must first be identified, or authenticated 27/08/2017 38 19 28/08/2017 ACL is used by many OS to determine whether users are authorized to conduct different actions o the mandatory access control (MAC): computer system o the discretionary access control (DAC): users o the role-based access control (RBAC): MAC (in special) The Bell-LaPadula Model: certain level of access 27/08/2017 39 MAC DAC BRAC 27/08/2017 40 20 28/08/2017 BRAC Model: the system decides exactly which users are allowed to access which resources—but the system does this in a special way 27/08/2017 41 - RBAC3 includes RBAC0 plus the added functionality of both RBAC1 and RBAC2 - An RBAC0 system contains the four types of entities (the minimum functionality for an RBAC system): • User: An individuals • Role: A named job function • Permission: mode of access • S ession: : A mapping between a user and an activated subset of the set of roles to which the user is assigned 21 28/08/2017 The mechanisms are divided into those that are implemented in a specific protocol layer, o TCP o Application Feature designed to detect, prevent, or recover from a security attack No single mechanism that will support all services required However, one particular element underlies many of the security mechanisms in use: o cryptographic techniques 27/08/2017 43 algorithms to transform data E(M,K) assure the integrity of a data prove the data source ensure the identity of an entity The insertion of bits into gaps in data stream to prevent traffic analysis Enable selection/ change of particular secure routes for data Use a trusted third party to assure certain properties of a data exchange 27/08/2017 enforce access rights to resources 44 22 28/08/2017 General Trusted Functionality The insertion of bits into gaps in data stream to prevent traffic analysis Security Label The marking the security attributes of a resource Event Detection Detection of security-relevant events Security Audit Trail an independent review and examination of system records and activities Security Recovery Deals with requests from mechanisms -> takes recovery actions 27/08/2017 45 27/08/2017 46 23 28/08/2017 SECURITY MECHANISM ENCIPHERMENT DATA CONFIDENTIALITY DATA INTEGRITY DIGITAL SIGNATURE DATA INTEGRITY AUTHENTICATION EXCHANGE AUTHENTICATION TRAFFIC PADDING ROUTING CONTROL NONREPUDIATION NOTARIZATION 27/08/2017 27/08/2017 ACCESS CONTROL ACCESS CONTROL 47 48 24 28/08/2017 A security-related transformation: o encryption of the message: opponent is unreadable, o addition of a code: verify the identity of the sender Some secret information: o shared by the two principals and, opponent is unknown o ex, encryption key used in conjunction with the transformation A trusted third party: o achieve secure transmission ex, distributing the secret information to the two principals while keeping it from any opponent o adjudicate disputes (disagreements) between the two principals concerning the authenticity of a message transmission 27/08/2017 49 Using this model requires us to: o design a suitable algorithm for the security transformation o generate the secret information (keys) used by the algorithm o develop methods to distribute and share the secret information o specify a protocol enabling the principals to use the transformation and secret information for a security service 27/08/2017 50 25 28/08/2017 Protect an information system from unwanted access o Hacker: with no harmful intent, simply gets satisfaction from breaking and entering a computer system o The intruder can be a displeased employee who wishes to damage or a criminal who seeks to exploit computer assets for financial gain 27/08/2017 51 Using this model requires us to: o Select appropriate gatekeeper functions to identify users o Implement security controls to ensure only authorized users access designated information or resources Note that model does not include: o monitoring of system for successful penetration o monitoring of authorized users for misuse o audit logging for forensic uses, etc 27/08/2017 52 26 28/08/2017 Attack - an act that is an intentional or unintentional attempt to cause damage or compromise to the information and/or the systems that support it Threats - a category of objects, persons, or other entities that represents a potential danger to an asset Threat Agent -a specific instance or component of a more general threat Vulnerability- weaknesses or faults in a system or protection mechanism that expose information to attack or damage Hacking - Good: to use computers or systems for enjoyment; Bad: to illegally gain access to a computer or system Risk - the probability that threat will exploit a vulnerability with a harmful result Subject - an active entity that interacts with an information system and causes information to move through the system for a specific end purpose Object - a passive entity in the information system that receives or contains information 53 Access - a subject or object’s ability to use, manipulate, modify, or affect another subject or object Asset - the organizational resource that is being protected Control, Safeguard or Countermeasure- security mechanisms, policies or procedures that can successfully counter attacks, reduce risk, resolve vulnerabilities, and otherwise improve the security within an organization Exploit – to take advantage of weaknesses or vulnerability in a system Exposure - a single instance of being open to damage Security Blueprint - the plan for the implementation of new security measures in the organization Security Model - a collection of specific security rules that represents the implementation of a security policy Security Posture or Security Profile- a general label for the combination of all policy, procedures, technology, and programs that make up the total security effort currently in place 54 27 28/08/2017 28/08/2017 55 Security concepts • Confidentiality, • Integrity, • Availability o Authentication o Nonrepudiation (Accountability) X.800 security architecture o Security attacks, o services, o mechanisms Models for network (access) security 27/08/2017 56 28 28/08/2017 Draw a matrix similar to Table 1.4 that shows the relationship between security services and attacks Draw a matrix similar to Table 1.4 that shows the relationship between security mechanisms and attacks 27/08/2017 57 William Stallings-Network Security Essentials_ Applications and Standards, 4th Edition-Prentice Hall 2011 Cryptography and Network Security, Principles and Practice, William Stallings, Prentice Hall, Sixth Edition, 2014 27/08/2017 58 29 ... between security mechanisms and attacks 27/08/2 017 57 William Stallings -Network Security Essentials_ Applications and Standards, 4th Edition-Prentice Hall 2 011 Cryptography and Network Security, ...28/08/2 017 Changes in information security physical media Storage devices data transmission on network 27/08/2 017 Security Physical Security Technological Security Application Security OS Security. .. 27/08/2 017 Passive attacks • Prevention • Hard to detect • Easy to stop Active attacks • Detection and Recovery • Easy to detect • Hard to stop 27/08/2 017 21 22 11 28/08/2 017 27/08/2 017 27/08/2 017