Fundamentals of Security
Uploaded by
srivallabhkakaralaFundamentals of Security
Uploaded by
srivallabhkakarala1/22/2025
SWE3002 Information Systems Security
Text/Reference books
William Stallings,
SWE 3002 Cryptography & Network Security - Principles and Practices, 6th
Edition by Pearson Publishers, 2014.
Information and Charles p. Pfleeger,
Systems Security Security in computing, 4th Edition, Pearson, 2009.
Module -1
Prof. Rajesh Kumar SWE 3002 Information & Systems Security
Definition and Challenges
What are challenges in information security? A transmits a file to user B
What is CIA? Sensitive information – C, Snoops
In depth definition/understanding of CIA components? Capture, Copy
Does A, B knows? When?
Consequence?
Network manager send Authentication file to Computer E
New Users, Who should access computer
C intercepts and changes information
C makes a new file and send to server E
E receives and updates the information
Consequence?
Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
3 4
Definition and Challenges Definition and Challenges
Employee is to be fired. The HR send the message to Stock exchange –
invalidate user account Customer asked to purchase share @ 100
The employee incepts the message and delays the message Price falls for share to 60
It downloads sensitive information Later denies sending the message
Send the message to server to deactivate account Consequence?
Can HR find? Consequence
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
5 6
Prof. Rajesh Kumar 1
1/22/2025
SWE3002 Information Systems Security
Computer Security Confidentiality
The protection afforded to an automated information Computer security mean that
system We are addressing three important aspects of
in order to attain the applicable objectives of preserving the any computer-related system
CIA Triad
Confidentiality of information system resources (includes hardware,
software, firmware, information/data, and telecommunications) • Access to authorized person
• Who is authorized?
Integrity • Which part of information
can the person access?
Availability • Privacy – Information to be
collected, stored.
• Who can do it
• To whom this can be
disclosed
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
Cryptography & Network Security - Principles and Practices, William Stallings
7 8
Confidentiality Integrity
Ensuring confidentiality can be difficult. Precise Data Integrity
Accurate
Who determines which people or systems are authorized to Unmodified
System Integrity
access the current system? Consistent
By "accessing" data, Modified only by authorized people
Do we mean that an authorized party can access by authorized processes
A single bit? in acceptable ways
Pieces of data out of context? Meaningful and usable
the whole collection of data? Separation and protection of resources
Error detection and correction
Can someone who is authorized disclose those data to other
Integrity can be enforced in same way as can confidentiality
parties? By rigorous control of
who or what can access which resources in what ways
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
9 10
Availability Availability
System, data , services are present in a usable form. The service or system can be used easily
Readable, Accessible
Timely response to service request In the way it was intended to be used.
The service is completed in an acceptable period of time. Concurrency is controlled
It is making clear progress Simultaneous access,
Wait mode - it has a bounded waiting time.
Not stuck in a loop, or never attended to Deadlock management, and
Applies to Data, Service Exclusive access are supported as required.
Information and information processing Fault tolerance
It has enough capacity to meet the service's needs.
Memory, Bandwidth, Computing capacity Failure leads to
Fair allocation of resource Graceful cessation of service or
Requests are not favored over others. To work-around
Rather than to crashes and abrupt loss of information.
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
11 12
Prof. Rajesh Kumar 2
1/22/2025
SWE3002 Information Systems Security
CIA goals may be Conflicting Authenticity
High Confidentiality can degrade availability confidence in the validity of a Tx
It is easy to preserve a particular object's confidentiality in a a message and / or
secure system simply by Message originator.
preventing everyone from reading that object. Genuine and being able to be verify and trust
Availability suffers. System is not secure. This means verify users are who they say they are
High Integrity can degrade availability Each input arriving at the system came from a trusted source.
What information or asset is confidential?
Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
13 14
Accountability Levels of impact
The requirement for actions of an entity to be traced Low
uniquely to that entity Perform primary function with minor degradation
User, object, system Effectiveness is noticeable
trace a security breach to a responsible party Minor damage, financial loss, harm to individual
nonrepudiation, Medium
intrusion detection and prevention Primary function is achieved but the effectiveness is severely
fault isolation degraded
After action recovery and legal action Significant damage, financial loss, harm to individual
Deterrence High
Systems must keep records of their activities to permit later Loss of primary function – one or more
forensic analysis to trace security breaches Major damage, financial loss, harm to individual
to aid in transaction disputes loss of life, life threatening injuries
Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
15 16
OSI Security Architecture OSI Security Architecture
Choose, evaluate Security attack
security products, policies for meeting the security requirements The actions that compromise the security of organization
of organization information.
WAN and Local networks of organization Security service: A service that enhances the security
Meet the defined security requirements of
Security needs of an organization must be assessed The data processing systems
Define security requirements The information transfers of an organization.
X.800 - Security Architecture for OSI The services are intended to counter security attacks
Systematic, structured approach Service make use of one or more SM to provide the service.
Helps organize task of security for an organization Security mechanism:
Products and services confirm to standards and can be A process /device that is designed to
purchased detect, prevent, or recover from a security attack.
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
17 18
Prof. Rajesh Kumar 3
1/22/2025
SWE3002 Information Systems Security
SM vs. Security service Passive Attack
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
19 20
Security Attack Active Attack
Passive attack – Snooping – Difficult to detect
No change in information
Release of information
Telephone, email, file with sensitive information
Traffic analysis
location, who (IP Address),
Patterns of message – frequency, length
Guess nature of communication
Prevent such attack than to detect it
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
21 22
Security Attack SM vs. Security service
Active Attack
Change the information, create new data/stream
Masquerade, replay, Change of information,
DOS
MIM
You can detect the attack
Difficult to prevent
Vulnerabilities in - physical, software, and network
Goal detect and recover with No/minimum damage. Reduce the
delay.
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
23 24
Prof. Rajesh Kumar 4
1/22/2025
SWE3002 Information Systems Security
Security Service Security Service
Provided by a protocol layer of Authentication(2)– Peer entity , Data origin
Communicating open systems and that ensures adequate Data confidentiality(4)–Encryption –TA - Passive attack
security of Data Integrity(5) – Active attack, detection
The systems Non repudiation(2) – Origin(send), Destination(Received)
Data transfers. Availability - Access control –
A processing or communication service who, performance
Attacks makes systems unavailable / reduction in availability
Provided by a system to give a specific kind of protection to system Automatic or Manual recovery
resources
It helps to implement security policies
Implemented by security mechanisms
5 categories, 14 Services as per X.800 OSI SA
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
25 26
Security Mechanism Security Mechanism
X.800 defines a SM SM without protocol layer
Implemented in a specific protocol layer Security label to a resource (data)
TCP, application-layer protocol, Names the security attributes of that resource
Encipherment – Key - Algorithm Create a bound for the resource
Digital Signature Event detection related to security
Identify source and integrity of data
Access control Security audit trail (logs)
Access right for resources an independent review / examination of system records and activities
Data Integrity Security recoveries
Not specific to any particular protocol layer or security service Handle recovery action from management function, event handling
Trusted functionality – perceived to be correct with respect to some functions
criteria
Established by a security policy
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
27 28
Security Mechanism SM vs. Security service
Specific SM
Authentication exchange
Authentication server
Traffic padding
Prevent traffic analysis
Routing control
Change of route in case of breach,
Specific routes for some data.
Notarization
Use of third party for certain data exchange.
Cryptography & Network Security - Principles and Practices, William Stallings Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
29 30
Prof. Rajesh Kumar 5
1/22/2025
SWE3002 Information Systems Security
Security policies Security Policies
Rules of organization
Policy, Standard, Guideline, Procedure Specifies
Policy is a high-level statement of requirements. who—which individuals, groups, subjects—
A security policy is the primary way can access which resources and objects.
Central to security policy is authentication
Expectations of management for security
knowing and being assured of the accuracy of identities.
Of an organization’s information systems(IS)
The users of IS we can rely on agreed-on procedures or policies among
users with high impact.
Rather than enforcing security through h/w or s/w
Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
31 32
Security Policies Security policies
Password format, change of password
No click on links Standards specify
Training Standards for security ISO 27000 , ISO 27002, BS 7799.
How to configure devices
Commonality of believe among users How to install and configure software,
Legal and ethical control How to use computer systems and other organizational
Likelihood of use assets,
To be compliant with the intentions of the policy.
Procedures specify
Step-by-step instructions to perform various tasks in
accordance with policies and standards.
Cryptography & Network Security - Principles and Practices, William Stallings
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
33 34
Security policies Access control
In paper based office
Guidelines are advice, suggestions, about Files in cabinet and key of cabinet
How to achieve the goals of the security policy Reference monitor – locked cabinet
They are an important communication tool to let Access with right key
people know Denied access
How to follow the policy’s. A company contest stalls
They convey best practices for Registration and list of qualified participants
Name in list allowed to put the stall
Using technology systems or
Else denied
Behaving according to management’s preferences.
Club – Security guard and list of club members
Guidelines are not rules
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
35 36
Prof. Rajesh Kumar 6
1/22/2025
SWE3002 Information Systems Security
Access control Access control
A generic term for the process in computer Subject, Object and Principal
To controls the interaction between users and system resources Subject – makes a access request for one or more object
To implement a security policy as per Refer to the active entity in an access operation
Organisational requirements User, Application, Process, Thread
Statutory requirements Access rights
Medical records Attributes of user, application (process)
Policy requirements may include
A principal is a property associated with a subject
Confidentiality (restrictions on read access) User ID
Integrity (restrictions on write access) Public key
Availability Process
Thread
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
37 38
Access control Access control and access control structures
A subject may be represented by
More than one principal What is access control?
Any user or application actually gains access to an object by means of A user requests access
a process that represents that user or application. Read, write, print, etc. to a resource in the
Object computer system
Passive entity or resource in a computer The reference monitor
Files, directories, printers Establishes the validity of the request …
… and returns a decision either granting or
denying access to the user
Access System
Request Reference Monitor Decision
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
39 40
Access control Access control policy
Access operations Can be embodied in an authorization DB
An interaction between an object and a subject Dictates what types of access are permitted
A subject may observe (read) an object under what circumstances
Information flows from object to subject By whom.
A subject may alter (write to) an object Discretionary access control (DAC):
Information flows from subject to object Controls access based on the identity of the requestor
File cabinet on access rules (authorizations)
Stating what requestors are (or are not) allowed to do.
Subject ->User It is termed discretionary because
Object -> a file in a cabinet An entity might have access rights that permit the entity, by its own
Access operation -> Read, write, remove key volition(power of choosing)
Computer file operation To enable another entity to access some resource.
Read, Read/write, write only(Append), Execute The traditional method of implementing AC
Computer Security: Principles and Practice : William Stallings Lawrie brown
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
41 42
Prof. Rajesh Kumar 7
1/22/2025
SWE3002 Information Systems Security
Access control policy Access control policy
Mandatory access control (MAC): Role-based access control - RBAC
Controls access based on comparing security labels Controls access based on the roles that users have within the system
It indicate how sensitive or critical on rules stating what accesses are allowed to users in given roles.
System resources
Attribute-based access control -ABAC
with security clearances
It indicate system entities are eligible to access certain resources. Controls access based on attributes of the user
Clearance to access a resource may not The resource to be accessed
Based on its own volition, Current environmental conditions.
Enable another entity to access that resource.
Military requirement
Part of Trusted systems
Computer Security: Principles and Practice : William Stallings Lawrie brown Computer Security: Principles and Practice : William Stallings Lawrie brown
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
43 44
Access Matrix Access control list
For each object, an ACL lists
Users and
Their permitted access rights
A default, or public, entry
What are access rights??
Is it applicable to group of users??
What are the limitations??
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
45 46
Access control Structure Access control List
Should it have
Integrity A column in the access control matrix
Unforgeability
[a.out: (Hari, {r,w,x}), (Martin, {r,x})]
Who should have
access right for them?
A reference monitor that uses ACLs
Check the validity of the request (Hari, a.out, r)?
ACL focus on the objects – (Guest list in a club)
Implemented at operating system level
Windows NT uses ACLs
Disadvantage before-the-act per-subject-review
trash a.out String.txt
Hari {r,w} {r,w,x} {r,w}
Martin {r,x} {r}
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
47 48
Prof. Rajesh Kumar 8
1/22/2025
SWE3002 Information Systems Security
Access control Matrix Capability List
Foundation of many security models Is a row in the access control matrix
[Hari: (trash, {r,w}), (a.out, {r,w,x}), (Strings.txt, {r,w})]
Rows indexed by subjects
A reference monitor that uses capability list
Columns indexed by objects Check the validity of the request (Hari, a.out, r)?
Matrix entries are (sets of) access operations ACL focus on the subjects (Keys of cabinet)
Hari (String.txt, w) – Granted Implemented in services and application software
Martin (String.txt, w) – Denied Database Application–fine grained access to table, query
Disadvantage – Sparse, Inefficient Distributed Systems
Advantage “before-the-act per-subject-review”
trash a.out String.txt
trash a.out String.txt
Hari {r,w} {r,w,x} {r,w}
Hari {r,w} {r,w,x} {r,w}
Martin {r,x} {r}
Martin {r,x} {r}
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
49 50
Authorization table Access control - Aggregation
One row for one access right of Administration tasks include
One subject to one resource Creation of new objects and subjects
Sort by subject Deletion of objects and subjects
Capability list Changing entries in access control matrix
Sort by object Changing entries in ACLs and capability lists
ACL The administration of access control structures is
Extremely time-consuming,
complicated and error-prone
Aggregation based on
User groups
Roles
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security
51 52
Aggregation – Roles (RBAC) Example
We define access operations or Procedures or
permissions Objects are bank accounts We define procedures for
Crediting accounts (CA)
on a data type Subjects are bank
Debiting accounts (DA)
A data type employees
Transferring funds between
The set of bank accounts
A set of objects with the same structure accounts (TF)
bank accounts
forms a data type Creating new accounts (NA)
We define roles Authorising overdrafts (AO)
Permissions are assigned to roles Teller
Users are assigned to roles Clerk
Roles are arranged in a hierarchy Administrator
Usually
Prof. Rajesh Kumar SWE 3002 Information & Systems Security
53
Prof. Rajesh Kumar 9
1/22/2025
SWE3002 Information Systems Security
Example Benefits of RBAC
We only need to assign users and permissions to roles
We assign procedure We can use inheritance in the role hierarchy
CA and DA to the Teller role Admin to reduce the number of assignments that are required
TF to the Clerk role
Simplifies administration
NA and AO to the Administrator role
We assign all users who are Clerk Roles implemented in
tellers to the Teller role, etc. Window NT (as global and local groups)
The Administrator role can run Oracle 8 onwards
all the procedures Teller .NET framework
IBM’s OS/400
Prof. Rajesh Kumar SWE 3002 Information & Systems Security Prof. Rajesh Kumar SWE 3002 Information & Systems Security