Information and Network Security

Ms. Hansa Vaghela , Assistant Professor

Computer Science & Engineering
CHAPTER-1
Introduction
Outline

• Computer Security Concept

• OSI Security Architecture
• Security Attacks
• Security Services
• Security Mechanism
• A Model for Network Security
Computer Security Concepts
Computer Security:-
•Computer Security, Cyber Security or IT Security Software is the
protection of computer systems from theft of or damage to their
hardware, software or electronic data, as well as from disruption or
misdirection of the services they provide collection of program.
• Computer Security means securing a standalone machine by
keeping it updated and patched
•Network Security is by securing both the software and hardware
technologies
•Cybersecurity is defined as protecting computer systems, which
communicate over the computer networks
Information Security
Information Security:-
• The internet is not a single network, but a worldwide collection of
loosely connected networks
– Accessible by individual computer hosts, in a variety of ways,
to anyone with a computer and a network connection.
• Along with the convenience and easy access to information come
risks.
Information Security

•Risks :- valuable information will be lost, stolen, changed, or

misused.
• If information is recorded electronically and is available on
networked computers, it is more vulnerable than if the same
information is printed on paper.
OSI Security Architecture
• The OSI (Open Systems Interconnection) security architecture
focuses on Security Attacks, Mechanisms, and Services.
• Security Attack: Any action that compromises the security of
information owned by an organization.
• Security Mechanism: A process that is designed to detect,
prevent, or recover from a security attack.
• Security Service: A communication service that enhances the
security of the data processing systems and the information
transfers of an organization.
Security Attacks
• There are mainly two types:
• A passive attack attempts to learn or make use of information from the
system but does not affect system resources.
1. Release of message contents
2. Traffic analysis
• An active attack attempts to alter system resources or affect their
operation.
1. Masquerade
2. Replay
3. Modification of messages
4. Denial of service.
1) Release of message contents (Passive Attack)

Release of message contents [2}

1) Release of message contents (Passive Attack)

• A telephone conversation, an electronic mail message, and a

transferred file may contain sensitive or confidential information.
• We would like to prevent an opponent from learning the
contents of these transmissions.
2)
2) Traffic
Traffic Analysis
Analysis (Passive
(Passive Attack)
Attack)

Traffic Analysis[3}
2) Traffic Analysis (Passive Attack)

• In such attacks, an adversary, capable of observing network

traffic statistics in several different networks, correlates the traffic
patterns in these networks.
1) Masquerade Attack (Active Attack)

Masquerade Attack[1}
1) Masquerade Attack (Active Attack)

• A masquerade takes place when one entity pretends to be a

different entity.
2) Replay Attack (Active Attack)

Replay Attack[4}
2) Replay Attack (Active Attack)

• Replay attack involves the passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect.
3) Modification of messages Attack (Active Attack)

Modification of messages Attack[5}

3) Modification of messages Attack (Active Attack)

• Modification of messages simply means that some portion of a

legitimate message is altered, or that messages are delayed or
reordered, to produce an unauthorized effect.
4) Denial of Service Attack (Active Attack)

Denial of service attack[3}

4) Denial of Service Attack (Active Attack)

• The denial of service attack prevents the normal use or

management of communications facilities.
Security Attacks

Security Attacks[4}
 Security Services (X.800)

• X.800 standard defines a

security service as a
service that is provided by
a protocol layer of
communicating open
systems and that ensures
security of the systems or
of data transfers.
Security Services[3}
Security Services (X.800)

Security Services[3}
 Authentication
• Authentication is the assurance that the communicating entity is
the one that it claims to be. Who you are ?
1. Peer Entity Authentication: Used (biometrics)
in association with a logical
connection to provide confidence Physical Authentication[3}

in the identity of the entities authentication

connected. where you are ?
2. Data-Origin Authentication: In a What you know ?
connectionless transfer, provides Password Authentication[3}

assurance that the source of One-time Passwords

received data is as claimed. Network address
Access Control
• Access control is the prevention of unauthorized use of a
resource.

Access Control[2}
Access Control

• This service controls who can have access to a resource, under

what conditions access can occur, and what those accessing the
resource are allowed to do.
 Data Confidentiality

• Data confidentiality is the protection of data from unauthorized

disclosure.

Data Confidentiality[4}
Data Confidentiality

1. Connection Confidentiality: The protection of all user data on a

connection.
2. Connectionless Confidentiality: The protection of all user data
in a single data block.
3. Selective-Field Confidentiality: The confidentiality of selected
fields within the user data on a connection or in a single data
block.
4. Traffic-Flow Confidentiality: The protection of the information
that might be derived from observation of traffic flows.
Data Integrity
• Data integrity is the
assurance that data
received are exactly as
sent by an authorized
entity (i.e., contain no
modification, insertion,
deletion, or replay).

Data Integrity[3}
Data Integrity
• Connection Integrity with Recovery: Provides integrity of all
user data on a connection and detects any modification,
insertion, deletion, or replay of any data with recovery
attempted.
• Connection Integrity without Recovery: As above, but provides
only detection without recovery.
• Selective-Field Connection Integrity: Provides integrity of
selected fields within the user data and takes the form of
determination of whether the selected fields have been
modified, inserted, deleted, or replayed.
Data Integrity
• Connectionless Integrity: Provides integrity of a single
connectionless data block and may take the form of detection
of data modification. Additionally, a limited form of replay
detection may be provided.
• Selective-Field Connectionless Integrity: Provides integrity of
selected fields within a single connectionless data block; takes
the form of determination of whether the selected fields have
been modified.
Non Repudiation
• Nonrepudiation is the assurance that someone cannot deny
something.

Non Repudiation[1}
Non Repudiation
• Typically, nonrepudiation refers to the ability to ensure that a
communication cannot deny the authenticity of their signature
on a document or the sending of a message that they
originated.
• Nonrepudiation-Origin: Proof that the message was sent by
the specified party.
• Nonrepudiation-Destination: Proof that the message was
received by the specified party.
Security Mechanisms (X.800)
• Specific security mechanisms: Integrated into the appropriate
protocol layer in order to provide some of the OSI security
services.
• Pervasive security mechanisms: Not integrated to any
particular OSI security service or protocol layer
Security Mechanism (Specific Security)
• Encipherment: Hiding or covering data using mathematical
algorithms.
• Digital Signature: The sender can electronically sign the data
and the receiver can electronically verify the signature.
• Access Control: A variety of mechanisms that enforce access
rights to resources.
• Data Integrity: A variety of mechanisms used to assure the
integrity of a data unit or stream of data units.
• Authentication Exchange: Two entities exchange some
messages to prove their identity to each other.
Security Mechanism (Specific Security)
• Traffic Padding: The insertion of bits into gaps in a data stream
to frustrate traffic analysis attempts.
• Routing Control: Selecting and continuously changing routes
between sender and receiver to prevent opponent from
eavesdropping.
• Notarization: The use of a trusted third party to assure and
control the communication.
Model for Network Security

Network Security Model[3]

Model for Network Security

Network Security Model[3]

Model for Network Security
The general model shows that there four basic tasks in designing a
particular security service:
⮚ Design an algorithm for performing the security-related
transformations. The algorithm should be such that an opponent
cannot defeat its purpose.
⮚ Generate the secret information to be used with the algorithm.
⮚ Develop methods for the distribution and sharing of the secret
information
⮚ Specify a protocol to be used by two principals that makes use of the
security algorithm and the secret information to achieve a particular
security service.
 References
[1] Information Security Articles, References, & Blogs, UC SANTA BARBARA
https://www.it.ucsb.edu/general-security-resources/information-security-articles-
references-blogs
[2] What is Information Security? cisco
https://www.cisco.com/c/en_in/products/security/what-is-information-security-
infosec.html
[3] CRYPTOGRAPHY AND NETWORK SECURITY. Harlow: Tata McGraw-Hill.
[4] Nutt, G. J. (2004). Operating systems: A modern perspective. Boston:
Pearson/Addison Wesley.
[5] Cyber Security Strategies. Tutorials point.
https://www.tutorialspoint.com/information_security_cyber_law/
cyber_security_strategies.htm
www.paruluniversity.ac.in