1 / 20

Chapter 1 - Introduction

Chapter 1 - Introduction. Security Violations OSI Security Architecture Network Security Model. Security Violations. 1. Capture. File F is SENSITIVE F A -------> B C CAPTURES F. Security Violations. 2. Intercept - Update.

damian
Download Presentation

Chapter 1 - Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 1 - Introduction • Security Violations • OSI Security Architecture • Network Security Model

  2. Security Violations 1. Capture File F is SENSITIVE F A -------> B C CAPTURES F

  3. Security Violations 2. Intercept - Update Authorisation File F is SENSITIVE A sends message to B: ”Update F with names” A(m) m B(F) C INTERCEPTS m and adds name of C A(m) m C(m) m B(F)

  4. Security Violations 3. Substitute Authorisation File F is SENSITIVE C PRETENDS to be A C sends message to B: ”Update F with name of C” {C}A(m) m B(F)

  5. 4. Intercept - Preempt Security Violations A sends message to B: ”STOP C’s r/w access” A(m0) m0 B(m1) B(m1) m1STOP(C) C INTERCEPTS m0: A(m0) m0 C m0 B(m1) C(r/w ACCESS) B(m1) m1STOP(C)

  6. 5. Denial Security Violations C sends message to B C(m) m B Later, B QUERIES C about message B m,? C C DENIES sending message C(m,?) NO B

  7. OSI Security Architecture(X.800 – Security for Open Systems Interconnection) • International Standard • 5 Categories • 14 Services

  8. OSI Security Architecture Categories(services) • Authentication (peer-entity, data-origin) • Access Control • Data Confidentiality (connection, • connectionless, selective-field, traffic-flow) • Data Integrity (connection[recovery, • no-recovery, selective-field], • connectionless[no-recovery,selective-field]) • NonRepudiation (origin, destination)

  9. OSI Security ArchitectureAuthentication Data Origin (m not protected) A(m) m B B(m,A)  AUTHENTIC(A)? Peer Entity A c B S(A,B)  AUTHENTIC(A,B)? S(c,masquerador,replay)  SECURE(c)?

  10. Access REQUEST: A(m) m {Host/System} Host MATCHES m to A: {Host/System}(m,A) m’ A A GRANTED read/write access: c A(m’)  {Host/System} OSI Security ArchitectureAccess Control

  11. CONNECTION: cK A  B (e.g. TCP) CONNECTIONLESS: A mK B SELECTIVE-FIELD: cK|c’ A  B TRAFFIC-FLOW: A {} B OSI Security ArchitectureConfidentiality

  12. CONNECTION-RECOVERY: c modification/destruction A m B(m) recover  m CONNECTION-NO RECOVERY: c modification/destruction A m B(m) detect  !! SELECTIVE FIELD: c modification/destruction A m|m’ B(m) detect(m)  !! OSI Security ArchitectureIntegrity

  13. OSI Security ArchitectureNon-Repudiation SENDER VERIFICATION: A m,[A] B(m,[A])  mA RECEIVER VERIFICATION: A m B B [m],[B] A([m],[B])  mB

  14. OSI Security ArchitectureAvailability • Upon request • Denial of Service • Attack Countermeasures: • Authentication • Encryption • Physical Response

  15. Encipherment – unintelligible • Signature – data tag to ensure • a) Source b) Integrity c) anti-forgery • Access Control • Data Integrity • Authentication • Traffic Padding – prevent traffic analysis • Routing Control – adapt upon partial failure • Notarization – trusted third party SECURITY MECHANISMS(X.800) - specific

  16. Trusted Functionality • Security Label • Event Detection • Audit Trail • Recovery SECURITY MECHANISMS(X.800) - pervasive

  17. PASSIVE: • System unaltered, • – hard to detect, easier to prevent • ACTIVE: • System altered, • – easier to detect, hard to prevent ATTACKS

  18. PASSIVE: • eavesdropping, monitoring, • message release, traffic analysis • ACTIVE: • replay,masquerade(impersonation), • modification, denial of service(supression,overload) ATTACKS

  19. Model for Network Security Block Ciphers

  20. Model for Network Access Security • Gatekeeper: password-based login, screening logic • Internal controls: monitor activity, analyse stored info Block Ciphers

More Related