1
DATA SECURITY M.Mahdi
Introduction 2
Who am I? Ground Roles:
30 % of the absence is allowed = 3 lectures , the 4th , you will not attend the final exam You can eat, drink in the class. There is no long breaks. Late assignment submission make you lost 10% weakly until the 4th week your assignment will not be accepted If you came late enter the class without too much nose. My contact :
[email protected] The lecture note in security office
من انا قواعد العمل مع بعض من المادة%30 الغياب لكثر من اي، سيعرضك للحرمان من اعمال المادة محاضرات مسموح الغياب فيها سواء3 الرابعة تحرم وتدخل،بعذر او بدون عذر .100 المتحان النهائي من الراحة في المحاضرة ليست لوقت طويل تسليم الواجبات بشكل متأخر يعرضك اسبوعين من الدرجة حتى% 10 لخسارة .السبوع الرابع لن يقبل . اذا حضر متأخر ادخل بهدوء .الكل و الشرب مسموح في المحاضرة :للتصال بي على
[email protected] .المحاضرات ستوضع عند السكرتارية
Assessment Method 3
Class attendance 10% Mid Exam 20% Final Exam 50% Small group Project 20%
Unite Objectives 4
Clear overview of the security concepts. Clear overview of security divisions. Covering in depth the data security section. Practically apply the security concept.
Unite Reference: 5
Cryptography and Network Security. Principles and Practices, 4th Edition
By William Stallings, Publisher: Principles and Practices
Publish Date : 2005
ISBN: ISBN: 0131873164
Pages: 592
Computer Security Basics, 2nd Edition
By Rick Lehtinen
Publisher: O'Reilly Pub Date: June 2006
Print ISBN-10: 0-596-00669-1
Print ISBN-13: 978-0-59-600669-3
Pages: 310
Programming .NET Security
By Adam Freeman, Allen Jones Publisher: O'Reilly
Pub Date: June 2003
ISBN: 0-596-00442-7
Pages: 714
Unite Outline 6
The topics are going to be covered in this unit: Introduction, What Is Computer Security, Threats to Security. Computer System Security and Access Controls, What Makes a System Secure?, System Access Establishing and Maintaining a Security Policy Encryption CLASSICAL ENCRYPTION TECHNIQUES Block Ciphers and the Data Encryption Standard More on Symmetric Ciphers Programming Symmetrical Encryption with .net Public-Key Cryptography and RSA Digital Signatures Programming Digital Signatures .net
Today Outline 7
Introduction, What Is Computer Security, Threats to Security.
Security 8
The trend in Internet-related vulnerabilities reported to CERT over a 10-year period is showed
9
10
Common code you have to know theme
Identification
Who do you say you are?
Authentication How
do I know it's really you?
Authorization Now
that you are here, what are you allowed to
do?
Accountability Who
did what, and, perhaps, who pays the bill?
Threats to Security 11
There are three key words that come up in discussions of computer security issues: vulnerabilities, threats and countermeasures Vulnerability :is a point where a system is susceptible to attack. Threat : is a possible danger to the system. The danger might be a person (a system cracker or a spy), a thing (a faulty piece of equipment), or an event (a fire or a flood) that might exploit a vulnerability of the system. Techniques for protecting your system are called countermeasures.
Vulnerabilities 12
Physical vulnerabilities
Natural vulnerabilities
All electronic equipment emits electrical and electromagnetic radiation
Communications vulnerabilities
Backup media, such as disk packs, tape reels, cartridges, and printouts, can be stolen, or can be damaged
Emanation vulnerabilities
Certain kinds of hardware failures can compromise the security of an entire computer system
Media vulnerabilities
natural disasters and to environmental threats, fire, flood, earthquakes, lightning, dust, humidity, and uneven temperature
Hardware and software vulnerabilities
Intruders can break into your server room, can steal backup media and printouts
Messages can be intercepted misrouted, and forged Radio transmissions, the basis of wireless interconnections such as IEEE 802.11 (Wi-Fi) or IEEE 802.15 (Bluetooth), are particularly susceptible to surreptitious interception
Human vulnerabilities
The people who administer and use your computer system represent the greatest vulnerability of all
Security Attacks 13
Passive attacks Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted Two types of passive attacks are: release of message contents and traffic analysis
Active attacks Active
attacks involve some modification of the data stream or the creation of a false stream can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.
14
Release of message contents
The release of message contents :is easily understood (Figure). A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.
15
Passive attacks Release of message contents
Traffic analysis 16
Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
17
Passive Attack Traffic analysis
Notes 18
Passive attacks are very difficult to detect
Because they do not involve any alteration of the data
Third party has read the messages or observed the traffic pattern It is feasible to prevent the success of these attacks, usually by means of encryption. The emphasis in dealing with passive attacks is on prevention rather than detection
Active Attacks 19
Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.
A masquerade 20
takes place when one entity pretends to be a different entity For example
enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
Active
21 Masquerade تنكر
Replay 22
involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect
Active
23 Replay
Modification of messages 24
simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect
Active
25 Modification Of message
The denial of service 26
prevents or inhibits the normal use or management of communications facilities for example an
entity may suppress all messages directed to a particular destination the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance
Active
27 Denial Of Service
Notes 28
Active attacks present the opposite characteristics of passive attacks. It is quite difficult to prevent active attacks absolutely because of the wide variety of potential physical software, and network vulnerabilities Easier to detect The goal is to detect active attacks and to recover from any disruption or delays caused by them If the detection has a deterrent effect, it may also contribute to prevention.
Countermeasures 29
Computer security Communications security Physical security