Information security

CAP194

CHAPTER-1
COMPUTER SECURITY CONCEPTS

INTRODUCTION
We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although you may not consider your communications "top secret," you probably do not want strangers reading your email, using your computer to attack other systems, sending forged email from your computer, or examining personal information stored on your computer (such as financial statements)

 Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as "intruders") from accessing any part of your computer system. Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done.

Network and Internet security

measures to protect data during their transmission. (communication channel) Consists of measures to deter, prevent, detect and correct security violations that involves the transmission of information.

 Eg: User A transmits a file to user B.The file contains sensitive information (e.g., payroll records) that is to be protected from disclosure. User C, who is not authorized to read the file, is able to monitor the transmission and capture a copy of the file during its transmission

Aim of course
our focus is on Internet Security which consists of measures to deter, prevent, detect, and correct security violations that involve the transmission & storage of information

Computer security
The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources.

Three key objectives of security

Also called CIA traids. Confidentiality Integrity Availability

 Confidentiality (disclosure of information)

Data confidentiality Privacy

Integrity (modification of information)

Data integrity System integrity

Availability Accountability Authenticity

OSI Security Architecture

defines a systematic way of defining and providing security requirements for us it provides a useful, if abstract, overview of concepts we will study.

Aspects of Security
consider 3 aspects of information security:
security attack security mechanism security service

Security Attack
any action that compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on informationbased systems often threat & attack used to mean same thing have a wide range of attacks can focus of generic types of attacks
passive active

Active Attack
Modification of data Types
Masquerade (pretending to be someone else) Replay (retransmission of messages) Modification of messages( modification of messages) Denial of service (suppress all messages )

Masquerade

Replay

Modification of messages

Denial of service

Passive Attacks
No alteration of data Difficult to detect as there is no modification of data. Types
Release of message contents (reading the contents) Traffic analysis (data pattern)

For prevention , need to use encryption.

Security services
A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.

Services
Authentication Access of control Data confidentiality Data integrity Non repudiation: means to ensure that a transferred message
has been sent and received by the parties claiming to have sent and received the message. Non-repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.

 Authentication
Peer entity authentication Data origin authentication

Access Control Data Confidentiality

Connection confidentiality Connectionless confidentiality Selective field Confidentiality Traffic Flow Confidentiality

 Data Integrity
Connection integrity with recovery Connection integrity without recovery Selective field connection integrity Connectionless integrity Selective field connectionless integrity

Non-repudiation
Non repudiation,origin Non repudiation, destination

Security Mechanisms
A process that is designed to detect, prevent or recover from security attack. Types:
Specific security mechanisms Pervasive security mechanisms

Specific Security Mechanism

Encipherment Digital Signature Access control Data integrity Authentication exchange Traffic padding Routing control Notarization

Pervasive security mechanism

Trusted functionality (certain criteria/policies) Security label (trademarks/brands) Event detection Security Audit trail Security Recovery

 It is important to note the distinction between a security service, i.e. what is provided for a system, and a security mechanism, i.e. the means by which a service is provided. Hence confidentiality is a service, whereas encryption is a mechanism which can be used to provide confidentiality. In fact encryption can be used to provide other services, and data confidentiality can also be provided by means other than encryption (e.g. by physical protection of data).