760 likes | 910 Views
Computer Security ( CE-408). An Overview Muhammad Najmul Islam Farooqui Assistant Professor Department of Computer Engineering. Course Tutors. Muhammad Najmul Islam Farooqui (B) Ms. Roohi Kamal (A) Mr. Muhammad Naseem (C) Mr. Hisham Naeem (DE) Mr. Noman Ali Khan (F).
E N D
Computer Security (CE-408) An Overview Muhammad Najmul Islam Farooqui Assistant Professor Department of Computer Engineering
Course Tutors • Muhammad Najmul Islam Farooqui(B) • Ms. RoohiKamal(A) • Mr. Muhammad Naseem(C) • Mr. HishamNaeem (DE) • Mr. Noman Ali Khan (F)
Time Distribution 3/4 1/4 Theory Practical Theoretical aspects of the course Labs Mid Term Exam Practical approachto the course Labs
Marks Distribution Total 100 points 80 20 Lectures Labs 5 75 14 6 Course Work Exams Weekly Labs Attendance 2 3 15 60 Assign. Quizzes Mid Term Final Lab1, Lab 2 ……Lab n Performance Assessment Criteria
Pre-Mid Term Course Coverage
Post-Mid Term Course Coverage
Reading Resources • Text Book • Reference Books • Specific to the course • General to the topic • Internet Sources
Text Book • Cryptography and Network Security: Principles & Practice (Fifth Edition) • By William Stallings – Prentice Hall Publication
Reference Books • Specific to the Course • Handbook of Cryptography • By Alfred J. Menezese, Paul C. van Orchi • Network Security Essentials, 2ndEdition • William Stallings, Prentice Hall, 2003 • Web Security: A step-by-step Reference Guide • By Lincoln D. Stein – Addison Wesley Publication • Internet Security Protocols: Protecting IP Traffic (Low Price Edition) • By Uyless Black – Pearson Education Asia Publication • General to the Topic • Active Defense: A Comprehensive Guide to Network Security • By Chris Brenton & Cameron Hunt
Internet Sources • http://www.ssuet.edu.pk/~mfarooqui • http://sites.google.com/site/ibrahimmhr • http://www.dcs.ed.ac.uk/home/compsec/ • http://www.infosecuritymag.com/ • http://www.w3.org/Security/Faq/ • http://www.iwar.org.uk/comsec/resources/security-lecture/
How to get what we discuss? • Online Access • http://www.ssuet.edu.pk/courses/ce408/CompSec/ • Soft Copy • http://www.ssuet.edu.pk/courses/ce408/CompSec/ • Hard Copy • Will not be provided
Codes of Conduct • Strictly practice your attendance in the class and labs. • No relaxation, compensation or adjustment in your attendance. • Be in Uniform (at least in the class) • Preserve the sanity of the class, teachers, department and the University. • Help us in serving you for a better future.
What is Computer Security? • The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) is called Computer Security.
Computer Security Computer security is a heady concoction of science, technology, and engineering. A secure system is only as strong as the weakest link, so each part of the mix needs to be good.
Definitions • Security • The protection of assets. • Computer Security • Focuses on protecting assets within computer systems. Just as real-world physical security systems vary in their security provision (e.g., a building may be secure against certain kinds of attack, but not all), so computer security systems provide different kinds and amounts of security.
What is Computer Security? • For some Computer Security is controlling access to hardware, software and data of a computerized system. • A large measure of computer security is simply keeping the computer system's information secure. • In broader terms, computer security can be thought of as the protection of the computer and its resources against accidental or intentional disclosure of confidential data, unlawful modification of data or programs, the destruction of data, software or hardware. • Computer security also includes the denial of use of one’s computer facilities for criminal activities including computer related fraud and blackmail. • Finally, computer security involves the elimination of weaknesses or vulnerabilities that might be exploited to cause loss or harm.
The Need for Computer Security • Why the need for Computer Security? • The value of computer assets and services • What is the new IT environment? • Networks and distributed applications/services • Electronic Commerce (E-commerce, E-business)
The Value of Computer Assets and Services • Most companies use electronic information extensively to support their daily business processes. • Data is stored on customers, products, contracts, financial results, accounting etc. • If this electronic information were to become available to competitors or to become corrupted, false or disappear, what would happen? What would the consequences be? Could the business still function?
Network Security Issues • “The network is the computer” • Proliferation of networks has increased security risks much more. • Sharing of resources increases complexity of system. • Unknown perimeter (linked networks), unknown path. • Many points of attack. • Computer security has to find answers to network security problems. • Hence today the field is called Computer and Network Security.
Is there a Security Problem in Computing? • Computer fraud in the U.S. alone exceeds $3 billion each year. • Less than 1% of all computer fraud cases are detectedover 90% of all computer crime goes unreported. • “Although no one is sure how much is lost to EFT crime annually, the consensus is that the losses run in the billions of dollars. Yet few in the financial community are paying any heed.” • Average computer bank theft amounts to $1.5 million.
Natural Disasters – Another Dimension • Millions of dollars of damage resulted from the 1989 San Francisco earthquake. • The fire at Subang International Airport knocked out the computers controlling the flight display system. A post office near the Computer Room was also affected by the soot which decommissioned the post office counter terminals. According to the caretaker, the computers were not burnt but crashed because soot entered the hard disks. • Fire, Earthquakes, Floods, Electrical hazards, etc. • How to prevent?
Computer Security Requirements • Secrecy • Integrity • Availability • Authenticity • Non-repudiation • Access control
Secrecy (Confidentiality) • Secrecy requires that the information in a computer system only be accessible for reading by authorized parties. • This type of access includes: • Printing • Displaying • Other forms of disclosure, including simply revealing the existing of an object
Integrity • Integrity requires that the computer system asset can be modified only by authorized parties. • Modification includes: • Writing • Changing • Changing status • Deleting and • Creating
Availability • Availability requires that computer system assets are available to authorized parties. • Availability is arequirement intended to assure that systems work promptly and service is not denied to authorized users.
More About Integrity • Integrity: In lay usage, information has integrity when it is timely, accurate, complete, and consistent. However, computers are unable to provide or protect all of these qualities. Therefore, in the computer security field, integrity is often discussed more narrowly as having two data integrity and system integrity. • “Data integrity is a requirement that information and programs are changed only in a specified and authorized manner.” • System integrity is a requirement that a system “performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.” • The definition of integrity has been, and continues to be, the subject of much debate among computer security experts.
Data Data Confidentiality Integrity Data Data Availability Secure Data Security of Data
Authenticity • Authenticity means that parties in a information services can ascertain the identity of parties trying to access information services. • Also means that the origin of the message is certain. • Therefore two types: • Principal Authentication • Message Authentication
Non-repudiation • Originator of communications can’t deny it later. • Without non-repudiation you could place an order for 1 million dollars of equipment online and then simply deny it later. • Or you could send an email inviting a friend to the dinner and then disclaim it later. • Non-repudiation associates the identity of the originator with the transaction in a non-deniable way.
Access Control • Unauthorized users are kept out of the system. • Unauthorized users are kept out of places on the system/disk. • Typically makes use of Directories or Access Control Lists (ACLs) or Access Control Matrix • Objects: Resources that need to be protected • Subjects: Entities that need access to resources • Rights: Permissions • Each entry is a triple <subject, object, rights>
For example: User authentication used for access authorization control purposes in confidentiality. Non-repudiation is combined with authentication. Security Requirements are often Combined Confidentiality Integrity Availability
A threat is a danger which could affect the security (confidentiality, integrity, availability) of assets, leading to a potential loss or damage. Interruption Interception Modification Fabrication Type of Attacks/Threats in Computer Systems
Interruption • An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on the availability. • Examples include destruction of a piece of hardware, such as a hard disk, the cutting of a communication link, or the disabling of the file management system. • DOS - Denial of Service Attacks have become very well known.
Interception • Information disclosure/information leakage • An unauthorized party gains access to an asset. • This is an attack on confidentiality. • The unauthorized party could be a person, a program, or a computer. • Examples include: • wiretapping to capture data in a network • the illicit copying of files or programs
Modification • Modification is integrity violation. • An unauthorized party not only gains access to but tampers with an asset. • This is an attack on the integrity. • Examples include changing values in a data file, altering a program so that it performs differently, and modifying the content of a message being transmitted in a network.
Fabrication • An unauthorized party inserts counterfeit objects into the system. This is an attack on the authenticity. • Examples include the insertion of spurious messages in a network or the addition of records to a file.
Classification of Attacks • Computer Security attacks can be classified into two broad categories: • Passive Attacks can only observe communications or data. • Active Attacks can actively modify communications or data. Often difficult to perform, but very powerful. Examples include • Mail forgery/modification • TCP/IP spoofing/session hijacking