1 / 161

CSE 331: Introduction to Networks and Security

CSE 331: Introduction to Networks and Security. Slide Set 6. Fall 2001 Instructor: Carl A. Gunter. Goals Availability Integrity Confidentiality Targets Hardware Software Data. Controls Physical security Limited interface Identification and authorization Encryption

teryl
Télécharger la présentation

CSE 331: Introduction to Networks and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSE 331: Introduction to Networks and Security Slide Set 6 Fall 2001 Instructor: Carl A. Gunter

  2. Goals Availability Integrity Confidentiality Targets Hardware Software Data Controls Physical security Limited interface Identification and authorization Encryption Analysis of costs and benefits Introduction to Security

  3. Progress and Risk • Security-critical considerations • Credit card purchases on the web • Voting on the web • Banking on the web • Mobile agents and active networks • Safety and security considerations • Military systems, eg. Star Wars • Actuators on public networks

  4. Security Requirements • Banking • Government • Public Telecommunications Carriers • Corporate / Private Networks • Electronic Commerce

  5. Banking • Electronic Funds Transfer (EFT) • Prosecution of fraud problematic • Financial system overall at risk • Automated Teller Machine (ATM)

  6. Automatic Teller Machines • Goals • Availability: Provide automated teller operations 24x7 in convenient locations • Integrity: Authorized users only, transactional guarantees • Confidentiality: Private communication with branches or center • Vulnerabilities and controls • Risk analysis and liabilities

  7. Government • National security of course, but also • “Unclassified but sensitive information” must not be disclosed • Example: social security web page • Electronic signatures approved for government contractors

  8. Public Telecom Carriers • Operations, Administration, Maintenance, and Provisioning (OAM&P) • Customer network management complexities • Theft by hackers • Unauthorized eavesdropping • Availability is a key concern • Significant insider risks

  9. Corporate Private Networks • Completely private networks are becoming a thing of the past because of telecommuting. • Protection of proprietary information of course, but also concerns like privacy in the health care industry. • Foreign government threat?

  10. Electronic Commerce • Electronic Data Interchange (EDI) • Electronic contracts need to be binding • ABA Resolution: “recognize that information in electronic form, where appropriate, may be considered to satisfy legal requirements regarding a writing or signature to the same extent as information on paper or in other conventional forms, when appropriate security techniques, practices, and procedures have been adopted.”

  11. Three Scenarios • Vera buys a lathe. • Inter-corporate trading. • Nola’s electronic market.

  12. Vera Buys a Lathe • Vera, owner of Vera’s Manufacturing, shops for a lathe on the internet using WWW. • She finds the desired product from Danielle’s Machine Makers and makes the order using a web form provided by Danielle’s. • Danielle’s confirms that the order really comes from Vera’s manufacturing.

  13. Vera Pays for the Lathe • She sends her credit card number, suitably encrypted. • She sends an EDI payment order remittance advice transaction set instructing Vera’s bank to credit Danielle’s bank account. • She uses an online payment mechanism like a credit-card based payment protocol or electronic check. • The lathe is delivered through the usual distribution channels.

  14. Inter-Corporate Trading • Danielle’s Machine Makers is a medium-sized company in Canada with long-established requirements for high-grade steel which it buys from Steelcorp. • Steelcorp aims to reduce costs of customer transactions by using secure messaging with its regular customers. • Origin and confidentiality of all correspondence must be ensured.

  15. Nola’s Electronic Market • Nola is an entrepreneurial small businessperson who works from her home basement. • She buys items from suppliers willing to do business wholly electronically and sells them through a WWW storefront. • Effective marketing of the web page and very low overhead provide Nola’s competitive edge.

  16. Legal Support Mostly by analogy with other commerce rules, but there are challenges. • How to satisfy traditional legal requirements for reduction of agreements to signed writings. • How to apply rules of evidence. • Interpreting, adapting, and complying with existing legal standards for electronic transactions.

  17. DATA DATA Confidentiality DATA Integrity Availability Goals of Security

  18. Safety and Security • Many things in common and some major differences. • Some similarities aid understanding of both. • System vs. Environment. • Accident, breach. • Hazard, vulnerability.

  19. System vs. Environment (Safety) Environment System

  20. System vs. Environment (Security) Environment System

  21. Accident and Security Breach • Accident • Loss of life • Injury • Damage to property • Security Breach • Secret is revealed • Service is disabled • Data is altered • Messages are fabricated

  22. Accident Definition • An accidentis an undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of harm. • Define breach similarly. • A security threat is a possible form of breach

  23. Hazards and Vulnerabilities • Hazard • No fire alarms • No fire extinguishers • Rags close to furnace • Vulnerability • Password too short • Secret sent in plaintext over public network • Files not write protected

  24. Hazard Definition • A hazard is a state or set of conditions of a system that, together with other conditions in the environment of the system, will lead inevitably to an accident. • Define security vulnerability similarly.

  25. Other Terms • Asset: object of value. • Exposure: threat to an asset. • Attack: effort by an agent to exploit a vulnerability and create a breach.

  26. Major Threats • Interruption • Interception • Modification • Fabrication

  27. Major Assets • Hardware • Software • Data

  28. Threats to Hardware • Interruption: crash, performance degradation • Interception: theft • Modification: tapping • Fabrication: spoofed devices

  29. Threats to Software Code • Interruption: deletion, reset protection • Interception: theft • Modification • Trojan horse • Logic bomb • Virus • Back door • Information leak • Fabrication: spoofing software distribution on the web

  30. Threats to Software Processes • Interruption: bad inputs • Interception: attacks on agents • Modification: of exploited data • Fabrication: service spoofing (man-in-the-middle)

  31. Threats to Data • Interruption: deletion, perceived integrity violation • Interception: eavesdropping, snooping memory • Modification: alteration of important information • Fabrication: spoofing web pages

  32. Principles of Security • Easiest Penetration: An intruder must be expected to use any available means of penetration. • Adequate Protection: Computer items must be protected only until they lose their value. They must be protected to a degree consistent with their value. • Effectiveness: Controls must be used to be effective. They must be efficient, easy to use, and appropriate.

  33. Controls • Physical security • Limited interface • Identification and authorization • Encryption

  34. Breakdown of S/W Controls • Program controls • as exercised by the programmer • as dictated by the programming language or programming environment • Operating system controls • Development process controls

  35. Basic Encryption • Monoalphabetic substitution ciphers • Polyalphabetic substitution ciphers • Transposition ciphers • Other hiding techniques • Stream versus block ciphers

  36. Sender Transmission Medium Receiver S T R O Interceptor Circumstances

  37. What Can O Do to a Message? • Block it (availability) • Intercept it (confidentiality) • Modify it (integrity) • Fabricate another (integrity)

  38. Terminology • Encryption / Decryption • Encode / Decode • Plaintext / Ciphertext • Cryptography: hidden writing. • Cryptanalysis: uncovering what is hidden.

  39. Monoalphabetic Substitution • Substitute one letter for another • Creates “confusion”

  40. Keyless Encryption • C = E(P) and P = D(C) • P = D(E(P)) • Transmit E(P), receiver applies D. • Select D and E so that • Without knowing D or E it is hard to discover P from E(P). • It is feasible to know and apply D and E.

  41. Caesar Cipher (Original) • E(p) = p + 3 (mod 26) • D(p) = p - 3 (mod 26) • Easy to recall and calculate D and E. Create a table: T R E A T Y I M P O S S I B L E w u h d w b l p s r v v l e o h A B C D E F G H I J K L M N O P Q R S T U V W X Y Z d e f g h I j k l m n o p q r s t u v w x y z a b c

  42. Encryption Strategy: Confusion • The Caesar cipher confuses the letters of the alphabet, causing the result look like gibberish. • As we applied it in the previous example, a space is interpreted as a space, providing no confusion. • Note: changing one letter of plaintext changes exactly one letter of ciphertext.

  43. Algorithm vs. Key • Moreover: • It is hard to keep D and E secret if they are much used, and • Cryptanalysis is possible. • To address the first of these problems assume: algorithm is known, but key is not known.

  44. Encryption with a Key • Symmetric key • C = E(K, P) • P = D(K, C) • P = D(K, E(K, P)) • Asymetric key • C = E(Kpublic, P) • P = D(Kprivate, C) • P = D(Kprivate, E(Kpublic, P))

  45. Permutation • Generalize Caesar cipher to allow other ways to permute the alphabet. • What is now called a Caesar cipher is any choice of an offset: () = (n + ) (mod 26). The number n is the key. • Generalize further: use any permutation as a key. • To encode, apply the key to each letter. • To decode, apply the inverse of the key to each letter.

  46. Sample Permutations • Example: a passphrase like “this is a long key” can be a key. • Example: take every third letter. • () = (3 * ) (mod 26) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z t h i s a l o n g k e y b c d f j m p q r u v w x z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a d g j m p s v y b e h k n q t w z c f i l o r u x

  47. Cryptanalysis of Monoalphabetic Ciphers • There are 26! permutation keys, so it is not feasible to try all possible keys. • Mapping a space to itself is a big clue: try to guess short words. • Look for common English repeated letters like a “ss” or “oo” • Exploit frequency information wklv phvvdjh lv qrw wrr kdug wr euhdn T--- ------- -- -OT TOO ---- TO -----

  48. Sample Ciphertext • hqfubswlrq lv d phdqv rl dwwdlqlqj vhfxuh frpsxwdwlrq ryhu lqvhfxuh fkdqqhov eb xvlqj hqfubswlrq zh glvjxlvh wkh phvvdjh vr wkdw hyhq li wkh wudqvplvvlrq lv glyhuwhg wkh phvvdjh zloo qrw eh uhyhdohg

  49. Note similarity of e and h.

More Related