Information Security

UNIT – I – Computer Security

• What is Information Security

– Information Security is the protection of
information assets from damage or harm
• What are the assets to be protected?
– Example: data files, software, IT equipment and
infrastructure
• Covers both intentional and accidental
events
– Threat agents can be humans or acts of nature
– People can cause harm by accident or by intent
2
W h y d o w e need
Information
Security ?
3
 CIA TRIAD
It is a model designed to
guide policies for
information security within an
organization.

 Confi dentialit
y
 Integrity
 Availability

4
• The traditional definition of information security is to
ensure the three CIA security services/goals for data
and systems:
 Security Goals
– Confidentiality
• To secure information from unauthorized access.
• Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.

– Integrity
• information is protected from unauthorized change.
• To make ensure that data is accurate and no unauthorized
modifications are done. The loss of integrity is considered as the
unauthorized modification or destruction of the information.
Disrupting a message in transit can have serious consequences.

– Availability
• information available to authorized entity when it is needed.
• Assures that systems work promptly and service is not
denied to authorized users. 5
6
Security Goals

7
8
 Security attack
1. Security attack: Any action that compromises the
security of information owned by an organization.

Security attack classified as :

1. A p a s s i v e att a c k attempts to learn or

make use of information from the system but does
not affect system resources.

2. A n a c ti v e att a c k : attempts to alter

system resources or affect their operation

9
Taxonomy of Attacks with respect to Security Goals

10
Attacks Threatening Confidentiality
(a) Snooping (‫)تطفل تجسس‬
• Refers to unauthorized access to data.
• To prevent snooping, the data can be encrypted.

11
Attacks Threatening Confidentiality
(b) Traffic Analysis
• obtain some of information by monitoring online
traffic.

12
Attacks Threatening Integrity
– Modification
• After intercepting or accessing information, the
attacker modifies the information to make it
beneficial to herself.

13
Attacks Threatening Integrity
– Masquerading, or spoofing
• happens when the attacker impersonates
somebody else.

14
Attacks Threatening Integrity
– Replaying
• the attacker obtains a copy of a message sent by a
user and later tries to replay it.

15
Attacks Threatening Integrity
– Repudiation
• The sender / receiver of the message might later
deny that he has sent / received the message; or

16
Attacks Threatening Availability
– Denial of service (DoS)
• is a very common
attack. It may slow
down or totally interrupt
the service of a system.

– Distributed DoS
(DDoS)
• the incoming traffic
flooding the victim
originates from many
different sources.
17
Layers of Security

18
 Security Services
 Authentication
 Access Control
 Data
Confidentiality
 Data Integrity
 Nonrepudiation
 Availability

1
9
 Tools for Confidentiality
Encryption: the transformation of information using a secret,
called an encryption key, so that the transformed information
can only be read using another secret, called the decryption
key (which may, in some cases, be the same as the encryption
key).

20
 Tools for Confidentiality
Access control: rules and policies that limit
access to confidential information to those people
and/or systems with a “need to know.”
– This need to know may be determined by
identity, such as a person’s name or a computer’s
serial number, or by a role that a person has,
such as being a manager or a computer security
specialist.

21
 Tools for Confidentiality
• Authentication: the determination of the identity
or role that someone has. This determination can
be done in a number of different ways like a
smart card or a radio key fob storing secret keys,
a password, a fingerprint).

22
 Tools for Confidentiality
• Authorization: the determination if a person or system is
• allowed access to resources, based on an access control
• policy.
• – Such authorizations should prevent an attacker from tricking the
• system into letting him have access to protected resources.
• • Physical security: the establishment of physical barriers to
• limit access to protected computational resources.
• – Such barriers include locks on cabinets and doors, the placement of
computers in windowless rooms, the use of sound
dampening materials, and even the construction of buildings or
rooms with walls incorporating copper meshes (called Faraday
cages) so that electromagnetic signals cannot enter or exit the
enclosure.
23
 Tools for Integrity
• Tools:
• – Backups: the periodic archiving of data.
• – Checksums: the computation of a function that maps the
• contents of a file to a numerical value. A checksum
• function depends on the entire contents of a file and is
• designed in a way that even a small change to the input
• file (such as flipping a single bit) is highly likely to result in
• a different output value.
• – Data correcting codes: methods for storing data in such a
• way that small changes can be easily detected and
• automatically corrected.
24
Security Mechanisms

25
 Model of Network Security

26