1 / 17

CONTROLS & PROTECTION MECHANISMS

This comprehensive overview covers essential controls and protection mechanisms in information security, as outlined in Whitman & Mattord's "Management of Information Security". Key topics include access controls, firewalls, intrusion detection systems (IDSs), wireless network security, and cryptography. Detailed discussions on authentication methods, authorization processes, firewall generations, and encryption techniques are provided. The material emphasizes the importance of ensuring authorized access and protecting data integrity through various security strategies.

tia
Télécharger la présentation

CONTROLS & PROTECTION MECHANISMS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2nd edition, 2008 Chapter 9

  2. Overview • Access controls • Firewalls • Intrusion Detection Systems (IDSs) • Wireless Network Security • Cryptography

  3. Access Controls • Authentication – controlling a person’s access to a system • Barrier (i.e. login sequence) versus ongoing (intrusion detection) • Something you know • Something you have • Something you are (and something you produce, e.g. voice) • Includes biometrics which authenticate a user against known personal features (fingerprints, iris patterns, voice, etc) • Something you do (user behaviour profiling) • Authorisation – controlling a person’s access to features (software, data) within the system • Scoping each user’s permitted activities • Maybe individual or group-based • Can be specific to resources

  4. Firewalls • Generations • 1: packet filtering • 2: application-level • 3: stateful inspection • 4: dynamic packet filtering • Architectures • Packet filtering routers • Screened-host firewalls • Dual-homed host firewalls • Screened-subnet firewalls

  5. Intrusion Detection Systems • Host-based • Alerts administrator when files or folders change • Monitor host only • Network-based • Monitor network traffic • Alerts administrator when patterns of network traffic change • Signature-based • Work like anti-virus software • Alerts administrator when ‘signature’ of attack is matched • Statistical-anomaly-based • Establishes baseline of what is ‘normal’ traffic • Alerts administrator when pattern is abnormal • Rule-based ‘never do this’ • includes honeypots

  6. Wireless Network Security • Wired Equivalent Privacy (WEP) • basic level of security • several fundamental cryptological flaws • average home or small only • Wi-Fi Protected Access (WPA) • WPA is industry standard • increased capabilities for authentication, encryption, and throughput

  7. Cryptography • Symmetric encryption methods • Substitution, Transposition, XOR, Vernam Cipher, One-time pad, and many others • the same key—a secret key—is used to encrypt and decrypt the message • Mono-alphabetic & poly-alphabetic ciphers • Asymmetric encryption • public key encryption (PKE) • uses two different keys. Either key can be used to encrypt or decrypt the message, but one must always be kept secret • Digital signatures • PKE used in reverse to give non-repudiation • Steganography • Hiding messages in graphics files

  8. Encryption & Decryption Plain Text Encryption Cipher from Sender Secure Cipher Text Key Management Plain Text Decryption Cipher to Recipient

  9. Symmetric Encryption Methods • Substitution • One letter exchanged for another • Creates confusion • Mono-alphabetic or Poly-alphabetic • Transposition • Re-arrangement of letters • Creates diffusion • XOR • If 2 values are the same, you get “0” • If not, you get “1” • Process is reversible E.g. 1 0 1 0 0 0 1 0 1 1 1 1 0 0 0 1 __________________ 0 1 0 1 0 0 1 1

  10. Monoalphabetic cipher Random A B C D E F G H I J K L M N O P Q R S T U V W X Y Z M N B V C X Z L K J H G F D S A P O I U Y T R E W Q Keyword A B C D E F G H I J K L M N O P Q R S T U V W X Y Z S E C U R I T Y A B D F G H J K L M N O P Q V W X Z Caesar A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C plaintext is ROSTRUM ciphertext is URVWUXP

  11. Polyalphabetic Cipher Alphabet No. 1 (offset by 3) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Alphabet No. 2 (offset by 15) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z P Q R S T U V W X Y Z A B C D E F G H I J K L M N O 1 2 1 2 1 2 1 2 1 plaintext is GO FOR GOLD ciphertext is JD IDU VRAG

  12. Transposition Ciphers • For example, every 4th letter • Modern transposition ciphers use a network or path diversity principle, so the diffusion is not just within-file but over the network via different paths 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 THE RAIN IN SPAIN FALLS 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 MAINLY ON THE PLAIN becomes TANIL AYHAH ISNLI OEIEN PFSNN PNRIA AMLTL

  13. Vernam Cipher • The perfect substitution cipher • The original one-time pad Plaintext V E R N A M Numerics 21 4 17 13 0 12 Random 76 48 16 82 44 3 _________________ Sum 97 52 33 95 44 15 Mod 26 19 0 7 17 18 15 Ciphertext T A H R S P

  14. Breaking Encryption • (almost) All encryption is crackable… • Just need time and computing power • Brute force may not work because - • Number of alphabet combinations is 26 x 25 x 24 x 23 x etc which equals 4 x 1027 • 4 000 000 000 000 000 000 000 000 000 • If each alphabet takes 1 millionth of a sec (micro second) then all combinations would take 4 x 1021 secs • 4 x 1013 years !!!! • EXCEPT… • The one-time pad is provably secure (if properly used) • but it is not easy to use properly

  15. Public Key Encryption • Known as Asymmetric encryption • 2 keys, one public, one private, linked mathematically, one to encrypt & one to decrypt • Uses large prime numbers • “mathematically infeasible” to derive private key from public key • Advantages • no need to tell anyone your private key • no need for key distribution • no need for a key for each pair of people • Not used to encrypt messages, as it is generally slower than secret-key encryption • Used to encrypt other keys (as in PGP) and to authenticate sender

  16. Digital Signatures • Reverses the role of private & public keys • Effectively unique to the document • uses a cryptographically-robust hash function • Unforgeable (without the sender’s private key) • not re-usable (due to message-specific hash) • document unalterable • undeniable

  17. What you Need to Know • A basic level of detail about all of the security technologies in the previous slides.

More Related