Network Security- 8 th semester (Unit 1)
Unit 1 The OSI Security Architecture : To assess the security requirements of an organization the manager has to choose various products and define certain requirements and characterize the approaches to satisfy these requirements. This is difficult for a centralized data processing environment and the difficulty is compounded if there are LANs and WANs. The ITU-T Recommendation X.800, Security Architecture for OSI defines such a systematic approach to fulfill security requirements. It is an international standard. Computer and communications vendors have designed their products to relate to these security standards. OSI Architecture focuses on (i) (ii) (iii) (i)
Security Se Services Security Mechanism Security At Attack. Security Se Services : (a) Data Confiden Confidential tiality ity (b) Authent Authenticat ication ion (c) Data Data Int Integr egrity ity (d) Non-rep Non-repudia udiation tion (e) Acces Accesss Contro Controll (a) Data Confiden Confidentiali tiality ty
Protection of data from unauthorized disclosure.
1)
Conn Connect ection ion confi confiden dentia tialit lity: y: Protection of all user data on a connection.
2) Connect Connectionl ionless ess Confiden Confidentiali tiality ty: Protection of all user data on a single data block. 3) Select Selective ive field field confid confident ential iality ity:: Confidentiality of a selected field in user data on a connection or on a single data block. 4) Traff Traffic ic flow flow confid confident ential iality ity: Protection of information that might be derived by observing the flow of traffic. (b) Authentication : Assurance that that communicating entity is the one that it claims to be.
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
1
Network Security- 8 th semester (Unit 1)
1) Peer Peer entit entity y authe authenti ntica catio tion: n: Used in association with the logical connection to provide confidence in the identity of the entities connected. 2) Data Data orig origin in auth authent entic icati ation on : In connectionless transfer provides assurance that the data is from the source it claims to be. (c) Data Data Integ Integrit rity: y: Assures that data is received as it is sent by authorized entity. 1) Connection integrity with recovery: Provides for integrity of all user data on a connection and detects any modification, insertion, deletion and replay and attempts recovery if detected. 2) Connection integrity without recovery: Provides for integrity of all user data on a connection and only detects modification, replay, insertion and deletion with no attempt to recovery. 3) Selective field connection integrity: Provides for integrity of selected fields in the user data in a block in a connection and takes the form of determination of modification, insertion, deletion and replay in that field. 4) Connectionless Connectionless integrity: provides for integrity of user data in a single connectionless block and takes the form of determination of modification and retain degree of detection of replay. 5) Selectiv Selectivee field field conne connectio ctionles nlesss integri integrity: ty: provides provides for integrity integrity in in selected fields in connectionless data block and takes the form of determination of modification in that field. (d) Non-rep Non-repudia udiation tion:: Provides against denial of one of the entities involved in communication having participated in part or in all of the communication. 1) Non-r Non-repu epudia diatio tion n , Origi Origin: n: Proof that message was sent by specified party. 2) Non-r Non-repu epudia diatio tion n , Destin Destinati ation: on: Proof that message was received by specified specified party. party. (e) Acces Accesss Contro Control: l: Prevention of unauthorized use of resources. (Controls who can have access to the resources, under what conditions access can be given, and what those accessing the resources are allowed to do). ii) Security Mechanisms: There is no single mechanism which can provide all all the services services mentioned mentioned above but there is one technique technique which which
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
2
Network Security- 8 th semester (Unit 1)
underlies all mechanisms and that is cryptographic technique. Encryption or encryption-like transformations of information are the most common means of providing security. iii) Security Attacks: The classification of attacks can be characterized by viewing the function of a computer system as providing of information. There is flow of information from a source such as a file or a region of main memory to a destination such as another file or a user. The normal flow is as depicted below.
Information source
Information destination
Four types of attacks are depicted below i) ii) iii) iv)
Interruption Interception Modification Fabrication.
i)
Interruption:
The computer system assets are made unusable or unavailable or destroyed. This is an attack on availability. Examples are, destroying pieces of hardware like the hard disk, cutting the communicating line or destroying the file management system. ii) Interception:
An unauthorized party gains access to the computer system assets. This is an attack on confidentiality. The authorized party could be a person, program or
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
3
Network Security- 8 th semester (Unit 1)
computer. An example is wiretapping to capture the data in a network and illicit copying of files or programs.
iii) iii ) Modificat Modif ication: ion:
Unauthorized party not only gains access to the assets but also tampers with it. This is an attack on integrity. For example, changing values in a data file, altering a program so that it performs differently, modifying the contents of messages being transmitted in a network.
iv) Fabrication: Fabrication:
An unauthorized party inserts counterfeit objects into the system. This is an attack on authenticity. For example, this involves insertion of spurious messages into the network or addition of records in a file.
Passive threats
Passive attacks and Active attacks: Interception
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia . Release of message Content
4 Traffic analysis
Network Security- 8 th semester (Unit 1)
Active threats
Interruption (Attack on availability)
Fabrication Modification (Attack on authenticity) (Attack on integrity) Passive attacks use interception. Interception has two goals. One is the release of message content . An email or a telephone conversation or a transmission of a file may contain sensitive information. We should prevent the opponent from learning the contents of the transmissions. Traffic analysis is more more subt subtle le and it is very very diff difficu icult lt to dete detect. ct. The The messages can be masked by using encryption, so that even if the opponent could access the messages it would not be useful. Still, he can guess the nature of the message by getting to know the location and identity of the hosts communication and the length and frequency of the messages being transmitted. Emphasis is given to prevention rather than detection.
Active attacks are of four types. 1. Masque querade 2. Replay 3. Modi Modifi ficat catio ion n of the the mes messag sagee 4. Deni Denial al of serv servic ice. e. 1. Masquera erade: de: One entity pretends to be another different entity. One entity with few privileges captures the authentication sequences of another entity and replays it thus enabling the entity with few privileges to gain more privilege privilege by impersonat impersonating ing the entity entity who who has those those privileges. privileges. 2. Replay: Replay is the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
5
Network Security- 8 th semester (Unit 1) 3. Modif Modifica icatio tion n of the the mess messag age: e: Some portion of the legitimate message is altered or it is delayed or recorded. For example, a message such as, “Allow John Smith to read confidential file accounts” can be modified to read “Allow Jacob Brown to read confidential file accounts”. 4. Deni Denial al of of Ser Service vice:: Prevents or inhibits the normal use or management of a communication facility. It may have a particular target. For example, the security service audit. Another form of service denial is disrupting an entire network with messages so as to degrade performance.
A model for Network Security:
Trusted third party (Arbiter, distributor of secret information) Principal
Principal
Message
Message i t n h n e c l n o L g o i a i f r m a o c a n l
Secret information
Secret information
Opponent
Computing resources (processor, memory, I/O) Data Opponent -human (ex. Cracker)
Processes
-software Gate Keeper function (ex. Virus, worm) Access Channel Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
Internal Security Controls
Software
6
Network Security- 8 th semester (Unit 1)
The message is transferred from one party to another. The two parties involved are called the principals. The communication link over which the message is transferred is called the logical information channel. There should be an agreement between between the two parties for the communication to take place. The agreement is done in the form of a common protocol such as the TCP/IP. The communication link is also called the internet. The logical information channel is established by finding a route through the internet from the source to the destination. The security aspect comes into consideration when we want to protect the information being transmitt transmitted ed over the the channel from from the the opponent. The two two aspects aspects are: 1. Encryption: This is a method used to protect the information from being understood by the opponent. It involves scrambling of the message before transmitting and descrambling on reception. Also a code is introduced which identifies the sender. 2. Encryption Key: This is a common information shared by the sender and receiver or the two principals and hopefully not known to the opponent. The key is used in conjunction with transmission to scramble the message and to unscramble it at the receiving end.
A trusted third party is also involved in distributing the shared secret information called the key and also to solve disputes between the two principals regarding authenticity.
The general model for security service performs the following major tasks: 1. Generates an algorithm to perform security related transformation. The algorithm should be so designed such that the opponent cannot defeat its purpose. 2. Generating shared secret information by the two principals used with the algorithm. 3. Methods to distribute and share the secret information.
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
7
Network Security- 8 th semester (Unit 1) 4. Specify a protocol to be used by the two principals who make use of the algorithm and the shared secret information to achieve a particular security service.
Another model, as shown in figure 2 above, provides security to a computer system which can be accessed over a network. The security is provided against hackers, who have no malignant intention except the satisfaction of breaking into a computer system, against a disgruntled employee who has intentions of breaking into the system to do harm, or a criminal who exploits the computer assets for financial gain. For example, illegal transfer of money or obtaining credit card numbers. Another type of unwanted access is the placement of a logic in a computer system which can affect the computer application or the editor and compiler. Two kinds of threats are presented by the programs. 1. Information access threats intercept and modify data on behalf of a user who should not have access to that data 2. Service threats exploit services flaws and inhibits the use of the computer by legitimate users. Virus and worms are examples of unwanted logic which can be introduced into a computer system through a diskette or over the network. Because it can be introduced over the network the security mechanism can be broadly classified into two categories. One is the gate keeper function which provides access to user based on a password. Once the unwanted logic gains entry into the system the internal security control monitors the activity and analyses the stored information in an attempt to detect the presence of unwanted intruders. The virus is a concealed unwanted logic in otherwise useful software.
Unit 1 questions
1. List and and describe describe the Services, Services, Attacks Attacks and and Mechanisms Mechanisms of the OSI OSI Security Security Architecture.
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
8
Network Security- 8 th semester (Unit 1)
2. How How are are Atta Attack ckss clas classi sifie fied? d? OR List and describe active attacks and passive attacks. 3. With With a diagram diagram explain explain the model model for for Netwo Network rk Securit Security. y.
Bindu M.N. Department of E & C, K.V.G.C.E., Sullia .
9
