Chapter 1: COMPUTER AND NETWORK SECURITY CONCEPTS
1) State the concepts of "Availability" in this topic. [1] 2) State the requirements of "Availability". 3) State the definition of a loss of security in "Availability".
1) Availability: Assures that systems work PROMPTLY and service is not denied to authorized users. [authorized users are not denied of service.] 2) Ensuring TIMELY and RELIABLE ACCESS to and use of information. 3) A loss of availability is the DISRUPTION of access to or use of information or an information system. [System always hang or 404 error]
1) State the concepts of the term "Confidentiality" in this topic. [2]. 2) State the requirements of "Confidentiality". 3) State the definition of a loss of security in "Confidentiality".
1) Data confidentiality: Assures that private or confidential information is NOT MADE AVAILABLE or disclosed to UNAUTHORIZED INDIVIDUALS. Privacy: Assures that INDIVIDUAL CONTROLS or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Eg. Last seen on Telegram. Permission to use camera/mic/storage in mobile phones. 2) Preserving AUTHORIZED RESTRICTIONS on information access and disclosure, including means for protecting personal privacy and proprietary information. 3) A loss of confidentiality is the unauthorized disclosure of information.
1) State the concepts of "Integrity" in this topic. [2] 2) State the requirements of "Integrity". 3) State the definition of a loss of security in "Integrity".
1) Data integrity: Assures that information (both stored and in transmitted packets) and programs are changed ONLY IN A SPECIFIED and AUTHORIZED MANNER. [only by sender and receiver] System integrity: Assures that a system performs its intended function in an UNIMPAIRED MANNER, free from deliberate or inadvertent unauthorized manipulation of the system. [cannot change the sequence or remove any of the sequence of execution] 2) GUARDING against improper information MODIFICATION or DESTRUCTION, including ensuring information nonrepudiation and authenticity. 3) A loss of integrity is the unauthorized modification or destruction of information.
What are the 5 categories of Security Services?
1. Authentication (assures that the communicating entity is what it claims to be) 2. Access control (prevents unauthorised use of a resource) 3. Data Confidentiality (protection of data from unauthorized disclosure) 4. Data Integrity (assures that the data received are exactly as sent by the authorized entity) 5. Nonrepudiation (provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication)
What are the 4 specific services of Data confidentiality?
1. Connection Confidentiality: The protection of all user data on a connection. 2. Connectionless Confidentiality: The protection of all user data in a single data block. 3. Selective-Field Confidentiality: The confidentiality of selected fields within the user data on a connection or in a single data block. 4. Traffic-Flow Confidentiality: The protection of the information in traffic flows from analysis.
What are the 5 specific services of Data Integrity?
1. Connection Integrity with Recovery: Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. 2. Connection Integrity without Recovery: As above, but provides only detection without recovery. 3. Selective-Field Connection Integrity: Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. 4. Connectionless Integrity: Provides for the integrity of a single connectionless data block and may take the form of detection of data modification. Additionally, a limited form of replay detection may be provided. 5. Selective-Field Connectionless Integrity: Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified.
What are the 8 SPECIFIC SECURITY MECHANISMS that can be incorporated into the appropriate protocol layer in order to provide some of the OSI security services?
1. Encipherment The use of mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys. 2. Digital Signature Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the recipient). 3. Access Control A variety of mechanisms that enforce access rights to resources. 4. Data Integrity A variety of mechanisms used to assure the integrity of a data unit or stream of data units. 5. Authentication Exchange A mechanism intended to ensure the identity of an entity by means of information exchange. 6. Traffic Padding The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. 7. Routing Control Enables selection of particular physically secure routes for certain data and allows routing changes, especially when a breach of security is suspected. 8. Notarization The use of a trusted third party to assure certain properties of a data exchange.
What are the 2 specific services of Nonrepudiation?
1. Nonrepudiation, Origin Proof that the message was sent by the specified party. 2. Nonrepudiation, Destination Proof that the message was received by the specified party.
Challenges of Computer Security - part 1
1. Security is not as simple. 2. In developing a particular security mechanism or algorithm, one must always consider potential attacks on those security features. 3. Because of point 2, the procedures used to provide particular services are often counterintuitive. > (don't understand this point) Typically, a security mechanism is complex, and it is not obvious from the statement of a particular requirement that such elaborate measures are needed. It is only when the various aspects of the threat are considered that elaborate security mechanisms make sense. 4. Having designed various security mechanisms, it is necessary to decide where to use them. This is true both in terms of physical placement (e.g., at what points in a network are certain security mechanisms needed) and in a logical sense (e.g., at what layer or layers of an architecture such as TCP/IP [Transmission Control Protocol/Internet Protocol] should mechanisms be placed).
What are the 5 PERVASIVE SECURITY MECHANISMS that are not specific to any particular OSI security service or protocol layer?
1. Trusted Functionality That which is perceived to be correct with respect to some criteria (e.g., as established by a security policy). 2. Security Label The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource. 3. Event Detection Detection of security-relevant events. 4. Security Audit Trail Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities. 5. Security Recovery Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions.
Challenges of Computer Security - part 2
5. Security mechanisms typically involve more than a particular algorithm or protocol. 6. Computer and network security is essentially a battle of wits between a perpetrator who tries to find holes and the designer or administrator who tries to close them. 7. There is a natural tendency on the part of users and system managers to perceive little benefit from security investment until a security failure occurs. 8. Security requires regular, even constant, monitoring. 9. Security is still too often an afterthought to be incorporated into a system after the design is complete rather than being an integral part of the design process. 10. Many users and even security administrators view strong security as an impediment to efficient and user-friendly operation of an information system or use of information. [They often view strong security as sth that will reduce the efficiency and user-friendliness of the info system.]
What is Masquerade?
A masquerade takes place when one entity PRETENDS to be a different entity. [PATH 2] Extra: A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
What is passive attack?
A passive attack attempts to learn or make use of information from the system BUT DOES NOT AFFECT system resources. This is VERY DIFFICULT TO DETECT as they do not involve any alteration of the data. Sender and receiver are not aware of the presence of third party reading their messages. These attacks are in the nature of EAVESDROPPING ON, or MONITORING OF, transmissions. 2 types of passive attacks: RELEASE OF MESSAGE CONTENTS and TRAFFIC ANALYSIS.
What is a Threat?
A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a POSSIBLE DANGER THAT MIGHT EXPLOIT A VULNERABILITY.
What is Security Mechanism?
A process that is designed to detect, prevent, or recover from a security attack.
What is Security Service?
A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. [ME: It enhances the security of data processing systems and information transfers of an organization. They are intended to counter security attacks using more than one security mechanisms.] [PROF: Anti-viruses provide security services to check to security attacks through their own sets of security mechanisms]
What is CIA triad?
Confidentiality, Integrity, Availability
What is Accountability?
Accountability: The security goal that GENERATES THE REQUIREMENT FOR ACTIONS OF AN ENTITY TO BE TRACED UNIQUELY TO THAT ENTITY. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. Because truly secure systems are not yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes.
What is active attack?
An active attack attempts to ALTER system resources or affect their operation. It involves some modification of the data stream or the creation of a false stream. subcategories: > masquerade > replay, > modification of messages > denial of service. PATH 1: Sender to ^HACKER. PATH 2: HACKER to Receiver PATH 3: Sender to Receiver (Normal)
What is an attack?
An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [Execution of a threat becomes an attack.] Attacks can be classified into PASSIVE and ACTIVE attacks.
What is an Attack Surface? And what are their different types?
An attack surface consists of the reachable and exploitable vulnerabilities in a system. ■ Network attack surface: - vulnerabilities over an enterprise network, wide-area network, or the Internet. - Included in this category are network protocol vulnerabilities, such as those used for a denial-of-service attack, disruption of communications links, and various forms of intruder attacks. ■ Software attack surface: This refers to vulnerabilities in application, utility, or operating system code. [Web server software.] ■ Human attack surface: vulnerabilities created by personnel or outsiders, such as social engineering, human error, and trusted insiders.
What is an Attack Tree?
An attack tree is a branching, hierarchical data structure that represents a set of potential techniques for exploiting security vulnerabilities
What is a Security Attack?
Any action that compromises the security of information owned by an organization.
What is Authenticity?
Authenticity: THE PROPERTY OF BEING GENUINE AND BEING ABLE TO BE VERIFIED AND TRUSTED; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source. [able to verify the true and genuine identity of the user]
What are the requirements for an Essential Network and Computer Security?
CIA and Authenticity and Accountability.
According to NIST Computer Security Handbook [NIST95], define the term "Computer Security".
Computer Security is a given protection for (automated) information system (IS) in order to attain applicable objectives of preserving the CIA of IS resources. Computer Security is the PROTECTION afforded to an automated information system in order to attain the applicable objectives of preserving the INTEGRITY, AVAILABILITY, and CONFIDENTIALITY of information systems resources (includes hardware, software, firmware, information/data, and telecommunications).
What is Modification of Messages?
It simply means that some portion of a legitimate message is ALTERED, or that messages are DELAYED or REORDERED, to produce an UNAUTHORIZED EFFECT. [PATH 1 & 2]
What is OSI Security Architecture?
It is a systematic approach to develop security features for their products/services. It focuses on SECURITY ATTACKS, SECURITY MECHANISMS, and SECURITY SERVICES.
What is traffic analysis?
It is the observation of the patterns of encrypted message contents. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of the messages being exchanged.
What is asymmetric encryption?
It is used to CONCEAL small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.
What is Symmetric encryption?
It is used to CONCEAL the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords. Both sender and receiver uses the same key for encrypting and decrypting the message.
What is Data Integrity Algorithm?
It is used to PROTECT blocks of data ( messages) from ALTERATION.
What is Authentication service?
Mainly, it assures that the communicating entity is what it claims to be. 1. Peer Entity Authentication: Provides for the corroboration of the identity of a peer entity in an association. 2. Data-Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed.
What is Security Service according to RFC 4949? (used more often)
RFC4949 defines security service as: a processing or communication service that is provided by a system to give a specific kind of protection to system resources
What is Replay?
Replay involves the PASSIVE CAPTURE of a data unit and its SUBSEQUENT RETRANSMISSION to produce an UNAUTHORIZED EFFECT. [ALL 3 PATHS]
What is Denial of Service?
The denial of service prevents or INHIBITS the normal use or management of communications facilities. [PATH 3] DDOS: Distributed Denial of Service > disrupting the entire network either by disabling the network or by overloading it with messages to degrade its performance.
Breach of Security - Low Impact
The loss could be expected to have a LIMITED ADVERSE EFFECT on organizational operations, organizational assets, or individuals. Examples: The loss of CI/A: (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (ii) result in MINOR damage to organizational assets; (iii) result in MINOR financial loss; or (iv) result in MINOR harm to individuals.
Breach of Security - Moderate Impact
The loss could be expected to have a SERIOUS adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might: (i) cause a SIGNIFICANT degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; [Obvious effects] (ii) result in SIGNIFICANT damage to organizational assets; (iii) result in SIGNIFICANT financial loss; or (iv) result in SIGNIFICANT harm to individuals that do not involve loss of life or serious, life-threatening injuries.
Breach of Security - High Impact
The loss could be expected to have a SEVERE or CATASTROPHIC adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might: (i) cause a SEVERE degradation in or loss of mission capability to an extent and duration that the organization is NOT ABLE TO perform one or more of its primary functions; (ii) result in MAJOR damage to organizational assets; (iii) result in MAJOR financial loss; or (iv) result in SEVERE or CATASTROPHIC harm to individuals involving loss of life or serious, life-threatening injuries.
What is Authentication protocols?
These are schemes based on the use of cryptographic algorithms designed to authenticate the identity of entities.
What is Security Service according to X.800?
X.800 defines a security service as: a service that is provided by a PROTOCOL LAYER OF COMMUNICATING OPEN SYSTEMS and that ensures adequate security of the systems or of data transfers.
What are the fundamental security design principles? [1-6]
■ 1. Economy of mechanism - embodied in both hardware and software should be as simple and small as possible. - relatively simple, small design is easier to test and verify thoroughly. But with a complex design, there are many more opportunities for an adversary to discover subtle weaknesses to exploit that may be difficult to spot ahead of time. ■ 2. Fail-safe defaults means access decisions should be based on permission rather than exclusion. ■ 3. Complete mediation - means that every access must be checked against the access control mechanism. Systems should not rely on access decisions retrieved from a cache. - To fully implement complete mediation, every time a user reads a field or record in a file, or a data item in a database, the system must exercise access control. This resource-intensive approach is rarely used. ■ 4. Open design - open rather than secret. - For example, although encryption keys must be secret, encryption algorithms should be open to public scrutiny. - The algorithms can then be reviewed by many experts, and users can therefore have high confidence in them. This is the philosophy behind the National Institute of Standards and Technology (NIST) program of standardizing encryption and hash algorithms. ■ 5. Separation of privilege - as a practice in which multiple privilege attributes are required to achieve access to a restricted resource. - A good example of this is multifactor user authentication, which requires the use of multiple techniques, such as a password and a smart card, to authorize a user ■ 6. Least privilege - means that every process and every user of the system should operate using the least set of privileges necessary to perform the task. - A good example of the use of this principle is role-based access control. The system security policy can identify and define the various roles of users or processes. Each role is assigned only those permissions needed to perform its functions.
What are the fundamental security design principles? [7-13]
■ 7. Least common mechanism - The design should minimize the functions shared by different users, providing mutual security. - This principle helps reduce the number of unintended communication paths and reduces the amount of hardware and software on which all users depend, thus making it easier to verify if there are any undesirable security implications. ■ 8. Psychological acceptability - security mechanisms should not interfere unduly with the work of users, while at the same time meeting the needs of those who authorize access. ■ 9. Isolation - First, public access systems should be isolated from critical resources (data, processes, etc.) to prevent disclosure or tampering. - Second, the processes and files of individual users should be isolated from one another except where it is explicitly desired. - And finally, security mechanisms should be isolated in the sense of preventing access to those mechanisms. ■ 10. Encapsulation Encapsulation can be viewed as a specific form of isolation based on objectoriented functionality. Protection is provided by encapsulating a collection of procedures and data objects in a domain of its own so that the internal structure of a data object is accessible only to the procedures of the protected subsystem, and the procedures may be called only at designated domain entry points. ■ 11. Modularity - refers both to the development of security functions as separate, protected modules and to the use of a modular architecture for mechanism design and implementation. ■ 12. Layering - the use of multiple, overlapping protection approaches addressing the people, technology, and operational aspects of information systems. - By using multiple, overlapping protection approaches, the failure or circumvention of any individual protection approach will not leave the system unprotected. ■ 13. Least astonishment - means that a program or user interface should always respond in the way that is least likely to astonish the user. - For example, the mechanism for authorization should be transparent enough to a user that the user has a good intuitive understanding of how the security goals map to the provided security mechanism.
What are some cryptographic algorithms and protocols?
■ Symmetric encryption ■ Asymmetric encryption ■ Data integrity algorithms ■ Authentication protocols
