1 / 30

Computer Systems and Security --- New era of secure communications ... manage software, manage a network of computers or teams of IT professionals ...

Kelvin_Ajay
Download Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    Slide 1: Computer Systems and Security

    --- New era of secure communications --- Lecture 1 Last lecture we saw the data encryption standard. However this require that the secret keys need to be exchanged between the parties and a number of pairs of such keys has to be maintained by each user (How many are they if you communicate with n different people and there are m such people in the population and assume n <m). We want to look at another method which avoids knowing that many no of keysLast lecture we saw the data encryption standard. However this require that the secret keys need to be exchanged between the parties and a number of pairs of such keys has to be maintained by each user (How many are they if you communicate with n different people and there are m such people in the population and assume n <m). We want to look at another method which avoids knowing that many no of keys

    Slide 2:Schedule

    1. Computer Systems and Security 2. Introduction to Information and Network Security 3. Introduction to Cryptography 4. Cryptosystems, Hash Functions and Digital Signatures 5. Security at the IP Layer 6. Security at the Transport Layer: SSL and TLS 7. Information and Network Security: Authentication 8. Introduction to Firewalls 9. Electronic Mail, Web Security and Malicious code 10. Introduction to Wireless Security 11. Security of Large Computer Systems 12. Informal Test First let us look at the idea before formalise the method itself. Public key may consists of 2 parts (usually 2 numbers – a binary string)First let us look at the idea before formalise the method itself. Public key may consists of 2 parts (usually 2 numbers – a binary string)

    Slide 3:Computer Security and Industries

    Business partners (customers, competitors, suppliers, etc.) Hackers, investigator, reporters etc. Government and private intelligence communities Internal threats (dishonest employees, software failures etc.)

    Slide 4:Vulnerabilities

    The three broad computing system resources are hardware interruption (denial of service), interception (theft) software interruption (deletion), interception, modification data interruption (loss), interception, modification and fabrication

    Slide 5:Security facts – believe it or not!

    Bank robbery through computers Industrial espionage on corporate information Loss of individual privacy (files, emails, chats, video conferencing, ...) Information vandalism (destroy backup, delete files, vandalise web pages, …) Computer viruses (more can be found in “comp.risks” and other websites) The receiver uses his private key to decrypt the message. The trick is how the message encrypted by a key can be decrypted with another key (in other words what property these keys should satisfy so that the encryption and decryption can be done!The receiver uses his private key to decrypt the message. The trick is how the message encrypted by a key can be decrypted with another key (in other words what property these keys should satisfy so that the encryption and decryption can be done!

    Slide 6:Computer Security – e.g

    Attacks can be INTERNAL and EXTERNAL. INTERNAL: altering data; stealing source code; damaging computer systems; revealing confidential information; intentionally writing bad code for later use; etc. EXTERNAL Send malicious programs; Scanning your network for vulnerabilities and attack it; Sending viruses (for Windows and Unix)- annoying, destructive; Etc.

    Slide 7:Is Computer Threat Real?

    1997 survey of 61 large companies that had firewalls – (site had > 1000 pc’s & Internet servers) 44% reported probes by outsiders 23% IP spoofing (used to break in hosts on the Internet) 10% email bombs 8% denial of service attacks 8% sendmail probes 89% reported that the firewall responded adequately Internet sources

    Slide 8:Computer Threat

    Computer Security Institute/FBI Survey 35% annual increases in data sabotage incidents from 1997 to 1999 25 % annual increases in financial fraud penetrated on-line Abuse of network access increased over 20% resulting losses of $8 billions Security breaches caused US$15 billions losses in 2000 Internet sources

    Slide 9:Other Surveys

    Poll of 1,400 companies with > 100 employees About 90% are confident with their firm’s network security But 50% failed to report break-ins 58% increased in spending on security 1997-2001,fortune firms lost US$45 billions; high-tech firms most vulnerable Internet sources

    Slide 10:Why Study Network Security?

    IT professionals will either design, build, manage software, manage a network of computers or teams of IT professionals Need to know possible security threads and solutions Security Experts are very well paid Computer Security is becoming one of the most important things that governments and industries need to spend money for Management staff need to know possible computer security threads to their companies Ordinary users are interested in knowing how to protect their computers and their works

    Slide 11:Security Forms

    Borrowed from Stalling 2001

    Slide 12:Reactions to Security Threads

    Find methods for defence by active research in security & privacy (numerous conferences each year) Enforce new laws Provide education and training Set up collaborations between governments, industries & academia Employ computer security specialists The major difference between secret key decryption and public key encryption is described in this slide.The major difference between secret key decryption and public key encryption is described in this slide.

    Slide 13:How Secure Should It Be?

    How should you spend the money on securing your system? University computer systems - %? Free Servers - %? Bank computer systems - %? Computer systems of department of defence - %?

    Slide 14:Risk Analysis

    Before carrying out security policy, we need to evaluate the cost of implementing security measures as opposed to losing the data and information. Should you maximise security and minimise services? How can you provide maximum services with minimum risk? Which security path should you take? Hire experts? Purchase the best software? Wait-and-see?

    Slide 15:Security and Cost Analysis

    cost security 100%

    Slide 16:Principles of Security

    Principle of easiest penetration an intruder will use any means of penetration Principles of timeliness items only need to be protected until they lose their value Principles of effectiveness controls must work, and they should be efficient, easy to use, and appropriate.

    Slide 17:Attacks

    There are two possible approaches to crack at the cypertext to get the original message.There are two possible approaches to crack at the cypertext to get the original message.

    Slide 18:Attacks – Passive Types

    Passive (interception) – eavesdropping on, monitoring of, transmissions. The goal is to obtain information that is being transmitted. Types here are: release of message contents and traffic analysis. The only restriction is that the message has to be less than n. Probably we can break the message into chunks so that the above requirement is met.The only restriction is that the message has to be less than n. Probably we can break the message into chunks so that the above requirement is met.

    Slide 19:Attacks – Active Types

    Involve modification of the data stream or creation of a false stream. It can be subdivided into – masquerade, replay, modification of messages, and denial of service. Let us see how the attacker can driven awayLet us see how the attacker can driven away

    Slide 20:Security Attacks - Taxonomy

    Interruption – attack on availability Interception – attack on confidentiality Modification – attack on integrity Fabrication – attack on authenticity Properties that are compromised

    Slide 21:Interruption

    Causes denial of services. Information resources (hardware, software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction. E.g: cutting a communication line, disabling a file management system (e.g unmount a NFS file system), etc.

    Slide 22:Interception

    Also known as un-authorised access. Difficult to trace as no traces of intrusion might be left. e.g: illegal eavesdropping or wiretapping or sniffing, illegal copying.

    Slide 23:Modification

    Also known as tampering a resource. Resources can be data, programs, hardware devices, etc. E.g: intercept a message, change and send it E.g: intercept a mobile application, change and send it

    Slide 24:Fabrication

    also known as counterfeiting (of objects such as data, programs, devices, etc). Allows to by pass the authenticity checks. e.g: insertion of spurious messages in a network, adding a record to a file, counterfeit bank notes, fake cheques,… impersonation/masquerading E.g: To pretend some authorised entity to gain access to data, services etc.

    Slide 25:Security Attacks - Taxonomy

    Slide 26:Decide what/where to control

    What should be the focus of the controls? For example: should protection mechanisms focus on data or operations on that data or on the users who use the data? Since there are layers of technology, where controls should apply? Applications, services, operating systems, kernel, hardware.

    Slide 27:Study Effectiveness of Controls

    Merely having controls does no good unless they are used properly. The factors that affect the effectiveness are Awareness of protection Likelihood of users Overlapping controls Periodic review

    Slide 28:Methods of Defence

    Physical controls Lock, guards, backup of data and software, thick walls, … Hardware & firmware controls Apply security devices, smart cards, firmware passwords… Software controls Set up firewalls, install software to enforce authentication, etc... Skip this slideSkip this slide

    Slide 29:Methods of Defence (e.g)

    Prevention: Using cryptographic techniques to encrypt information Using software tools to find possible security problems and fix them before any attack occurs (e.g, Scanning programs – STAN, ISS) Using secure communications or firewalls to prevent certain attacks Etc. Detection: Use hardware & software tools and security expertise to detect both attempts to violate and successful security violations Recovery: Using Backup recovery, software (COPS, Tiger, etc) to automatically check the systems and recover

    Slide 30:Methods of Defence (con’t)

    Regularly check your systems for security holes Study new software carefully before install or update your systems Carry out and review company security polices and procedures Educating users

More Related