Best PPT On Security Attacks Services Mechanism
Best PPT On Security Attacks Services Mechanism
Best PPT On Security Attacks Services Mechanism
A V Ramana
Henric Johnson
Outline
Information security Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork Security Internet standards and RFCs
Network Security/ A V Ramana 2
Information Security
Protection of data. Has gone two major changes: 1. Computer Security: oTimesharing systems: multiple users share the H/W and S/W resources on a computer. o Remote login is allowed over phone lines. Measures and tools to protect data and thwart hackers is called Computer Security.
Network Security/ A V Ramana 3
Information Security
2. Network Security: Computer networks are widely used to connect computers at distant locations. Raises additional security problems: o Data in transmission must be protected. o Network connectivity exposes each computer to more vulnerabilities.
Network Security/ A V Ramana 4
Security Attacks
Security Attacks
Interruption: An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability. Examples: Destroying some H/W (disk or wire). Disabling file system. Swamping a computer with jobs or communication link with packets.
Network Security/ A V Ramana 7
Security Attacks
Interception: An unauthorized party gains access to an asset. O This is an attack on confidentiality. Examples: >Wiretapping to capture data in a network. >Illicitly copying data or programs.
Network Security/ A V Ramana 8
Security Attacks
Modification: An unauthorized party gains access and tampers an asset. oThis is an attack on integrity. Examples: Changing data files. Altering a program. Altering the contents of a message.
Network Security/ A V Ramana 9
Security Attacks
Fabrication: An unauthorized party inserts a counterfeit object into the system. O This is an attack on authenticity. Examples: > Insertion of records in data files. > Insertion of spurious messages in a network. (message replay).
Network Security/ A V Ramana 10
12
Passive Threats
Release of a message contents: Contents of a message are read. > A message may be carrying sensitive or confidential data. Traffic analysis: An intruder makes inferences by observing message patterns. > Can be done even if messages are encrypted. > Inferences: location and identity of hosts.
Network Security/ A V Ramana 13
Active Threats
Masquerade: An entity pretends to be some other entity. Example: An entity captures an authentication sequence and replays it later to impersonate the original entity. Replay: Involves capture of a data unit and its retransmission to produce an unauthorized effect.
Network Security/ A V Ramana 14
Active Threats
Modification of messages: A portion of a legitimate message has been altered to produce an undesirable effect. Denial of service: Inhibits normal use of computer and communications resources. > Flooding of computer network. >Swamping of CPU or a server.
Network Security/ A V Ramana 15
Security Services
A classification of security services: Confidentiality (privacy) Authentication (who created or sent the data) Integrity (has not been altered) Non-repudiation (the order is final) Access control (prevent misuse of resources) Availability (permanence, non-erasure) Denial of Service Attacks Virus that deletes files
Network Security/ A V Ramana 16
Security Goals
Confidentiality
Integrity
Avalaibility
17
Henric Johnson
18
19
Methods of Defence
Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls
Network Security/ A V Ramana 20
21
22
Recommended Reading
Pfleeger, C. Security in Computing. Prentice Hall, 1997. Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001.
23