GROUP 1

 INTRODUCTION TO COMPUTER SECURITY

 THREATS
 VULNERABILITIES
 SECURITY MODELS
 CRYPTOGRAPHY AND CRYPTANALYSIS
MEMBERS
Mary Kagumbate B191631B
Frank Chinembiri B193090B
David Smart B192874B
Malvin Chikwanha B190633A
Kecy Majawala B1954020
Olinda Cheresai B191364B
Macdaniels Muchimbiri B190169A
Jean S Matiyenga B191216B
Shelton T Nzviramiri B192035B
Chipo T Nyamutsamba B192394B
Florence T Siyapeya B191636B
COMPUTER SECURITY
• the protection of computer systems and information from harm, theft,
and unauthorized use.
• security is all about system correctness meaning
1. If a user inputs expected input the system will generate desired
output
2. If a user inputs unexpected input the system will fail to produce
results meaning it halts its functionality.
SECURITY REQUIREMENTS TRIAD
(CIA)
• The three letters in "CIA triad" stand for Confidentiality, Integrity, and
Availability. The CIA triad is a common model that forms the basis for
the development of security systems. They are used for finding
vulnerabilities and methods for creating solutions.
• Ideally, when all three standards have been met, the security profile of
the organization is stronger and better equipped to handle threat
incidents.
CIA
• Confidentiality: involves the efforts of an organization to make sure data is kept
secret or private. To accomplish this, access to information must be controlled to
prevent the unauthorized sharing of data—whether intentional or accidental.
• INTEGRITY: Integrity involves making sure your data is trustworthy and free
from tampering. The integrity of your data is maintained only if the data is
authentic, accurate, and reliable.
• AVAILABILITY: Even if data is kept confidential and its integrity maintained,
it is often useless unless it is available to those in the organization and the
customers they serve. This means that systems, networks, and applications must
be functioning as they should and when they should. Also, individuals with
access to specific information must be able to consume it when they need to, and
getting to the data should not take an inordinate amount of time.
OTHER PROPERTIES
• AUNTHENTICITY: provides access control for systems by checking
to see if a user's credentials match the credentials in a database of
authorized users or in a data authentication server. In doing this,
authentication assures secure systems, secure processes and enterprise
information security.
• ACCOUNTABILITY: The traceability of actions performed on a
system to a specific system entity (user, process, device).
SECURITY THREATS
• A potential for violation of security, which exists when there is an
entity, circumstance, capability, action, or event that could cause harm.
TYPES OF COMPUTER SECURITY
THREATS
1. TROJAN HORSE: is a type of malware that conceals its true
content to fool a user into thinking it’s a harmless file.
2. VIRUSES AND WORMS: are malicious programs that self-
replicates on computers or via computer networks without the user
being aware.
3. SPYWARE: is a malicious software that enters a user’s computer,
gathers data from the device and user, and sends it to the third
parties without their consent.
4. BACKDOOR: is a malware type that negates normal authentication
procedures to access a system.
CONT…
5. COOKIES: these are files that left on your computer by the website
and they are used to keep details such as passwords, credit card details and
track sites visit history.
6. KEYLOGGING: it is a process of secretly recording keystrokes from the
user computer via the internet.
7. MALWARE: is a malicious application and code that can cause damage and
disrupt normal use of devices.
8. DOS ATTACK: is a cyber-attack in which the perpetrator seeks to make a
machine or network resource unavailable to its intended users by temporarily
or indefinitely disrupting services of a host connected to a network.
9.
VULNERABILITIES
• Is a weakness, flaw, or error found within a security system that has
the potential to be leveraged by a threat agent inorder to comprise a
secure network.
• For example weak passwords, code mistakes, outdated antiviruses and
weak auditing skills .
• Types of Vulnerabilities are Physical vulnerability, economic
vulnerability, social vulnerability and environmental vulnerability.
SECURITY MODELS
• Is a scheme for specifying and enforcing security policies.
• Determine how security will be implemented ,what subject can access
the system and what objects they will have access to.
TYPES OF SECURITY MODELS
STATE MACHINE MODEL

• In this model, to verify a security of a system, the state is used, which means all current
permissions and all current instances of subjects accessing objects must be captured.
• Maintaining the state of a system deals with each subject’s association with objects.
• If the subjects can only access objects by means that are concurrent with the security
policy, the system is secure.
• A state of a system is a snapshot of a system in one moment of time.
• There are many activities that can alter this state, which is referred to as a state
transition.
• A system that has employed a state machine model will be in a secure state in each and
every instance of its existence
Bell-LaPadula Model

• This is used to maintain the Confidentiality of Security. Here, the

classification of Subjects(Users) and Objects(Files) are organized in a
non-discretionary fashion, with respect to different layers of secrecy.
Bell-LaPadula Model RULES
1. SIMPLE CONFIDENTIALITY RULE: Simple Confidentiality Rule states that
the Subject can only Read the files on the Same Layer of Secrecy and the Lower
Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this
rule as NO READ-UP.
2. TAR CONFIDENTIALITY RULE: Star Confidentiality Rule states that
the Subject can only Write the files on the Same Layer of Secrecy and the Upper
Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this
rule as NO WRITE-DOWN.
3. STRONG STAR CONFIDENTIALITY RULE: Strong Star Confidentiality
Rule is highly secured and strongest which states that
the Subject can Read and Write the files on the Same Layer of Secrecy only and
not the Upper Layer of Secrecy or the Lower Layer of Secrecy, due to which we
call this rule as NO READ WRITE UP DOWN
BIBA MODEL
• This Model was invented by Scientist Kenneth .J. Biba. Thus this
model is called Biba Model. This is used to maintain the Integrity of
Security. Here, the classification of Subjects(Users) and Objects(Files)
are organized in a non-discretionary fashion, with respect to different
layers of secrecy. This works the exact reverse of the Bell-LaPadula
Model.
BIBA MODEL RULES
1. SIMPLE INTEGRITY RULE: Simple Integrity Rule states that
the Subject can only Read the files on the Same Layer of Secrecy
and the Upper Layer of Secrecy but not the Lower Layer of Secrecy,
due to which we call this rule as NO READ DOWN
2. STAR INTEGRITY RULE: Star Integrity Rule states that
the Subject can only Write the files on the Same Layer of Secrecy
and the Lower Layer of Secrecy but not the Upper Layer of Secrecy,
due to which we call this rule as NO WRITE-UP
3. STRONG STAR INTEGRITY RULE
CLARKE-WILSON
• This Model is a highly secured model.

ENTITES
• SUBJECT: It is any user who is requesting for Data Items.
• CONSTRAINED DATA ITEMS: It cannot be accessed directly by
the Subject. These need to be accessed via Clarke Wilson Security
Model
• UNCONSTRAINED DATA ITEMS: It can be accessed directly by
the Subject.
CLARKE-WILSON COMPONENTS
• TRANSFORMATION PROCESS: Here, the Subject’s request to
access the Constrained Data Items is handled by the Transformation
process which then converts it into permissions and then forwards it to
Integration Verification Process
• INTEGRATION VERIFICATION PROCESS: The Integration
Verification Process will perform Authentication and Authorization.
If that is successful, then the Subject is given access to Constrained
Data Items.
BREWER AND NASH
• The model is referred to as the chinese wall model.
• It can eliminate conflict of interest by preventing individuals , like
consultants, from signing onto more than one COI, i.e, rows of
interests categories.
• The modification of access control policies is based on the behaviour
of users. This means that if a user who has access to the data is on the
right side, they cannot access data from the other side or are
unavailable to the same user.
HARRISON RUZZO ULLMAN
• Is an add on model to the BLP model. The BLP model lacks a
mechanism for changing access privileges or creating or deleting
objects or subjects.
• This Harrison Ruzzo Ullman model fixes the issue by authorizing the
structures to be used for access rights distribution and checking
compliance with the policy that prohibits access to non-authorized
users.
• This model can be implemented through an access control list or
capabilities list.
Cryptography and Cryptanalysis
• Cryptography is a method of protecting information and communications
through the use of codes, so that only those for whom the information is
intended can read and process it.
• In computer science, cryptography refers to secure information and
communication techniques derived from mathematical concepts and a set of
rule-based calculations called algorithms, to transform messages in ways that
are hard to decipher.
• These deterministic algorithms are used for cryptographic key generation,
digital signing, verification to protect data privacy, web browsing on the
internet and confidential communications such as credit card transactions and
email.
• Three main types of cryptography are
 Cryptography
plaintext ciphertext plaintext
Encryption Decryption

• Encryption algorithm also called a cipher

• Cryptography has evolved so that modern encryption and
decryption use secret keys
• Cryptographic algorithms can be openly published
• Only have to protect the keys

plaintext ciphertext plaintext

Encryption Decryption

Key KA Key KB
Three main types of cryptography are

• Symmetric key encryption: This type of encryption uses the same key to encrypt and
decrypt messages. The keys used in this type of encryption must be kept secret by both
parties, making them vulnerable to attack by hackers. Symmetric keys are most
commonly used for public key systems.
• Asymmetric key encryption: This type of encryption uses two keys instead of one. One
key is used for encryption, and another key is used for decryption. These keys do not
have to be kept secret because they are only used once per message and can be reused
multiple times. Asymmetric keys are most commonly used in public-key systems.
• Public-key encryption: Public-key systems use a pair of mathematically related keys
that cannot be derived from each other without knowing the different keys (a process
known as factoring). This means that even if someone finds your private key, they will
only be able to derive your public key (and vice versa).
• Techniques Used For Cryptography
The most commonly used techniques in cryptography, are,
• Symmetric Key Cryptography,
• Asymmetric Key Cryptography,
• Hashing,
• Secret Sharing,
• Digital Signatures,
• Elliptic Curve Cryptography,
• Quantum Cryptography,
• Steganography,
• Zero-Knowledge Proofs,
• Homomorphic Encryption.
Features of Cryptography
• Some of the crucial features of cryptography are,
• Authentication: Authentication is the process of verifying the identity of a person or entity. It ensures that only authorized
personnel can access confidential data or personal networks.
• Confidentiality: Confidentiality is keeping data or information secret from unauthorized individuals or entities. It is used to
ensure that the data is only accessible by authorized personnel.
• Integrity: Integrity ensures that data is not modified, corrupted, or tampered with during transmission or storage.
• Non-repudiation: Non-repudiation ensures that the sender or receiver cannot deny a transaction or communication at a later
date.
• Authorization: Authorization is the process of allowing authorized personnel access to specific data or networks.
• Key Management: Key management securely stores, distributes, and manages cryptographic keys.
Applications Of Cryptography
Electronic Commerce: Cryptography is used in e-commerce to protect data from theft and misuse. Digital signatures, encryption,
and authentication protocols secure online transactions.

Secure Storage: Encryption is used to store data securely on storage devices like external hard drives, USBs, memory cards, etc.

Wireless Network Security: Cryptography secures wireless networks from attacks. It is used to authenticate users and encrypts
data transmitted over the web.

Online Banking: Cryptography is used to secure online banking transactions. It is used to authenticate users, encrypt data, and
securely transfer funds.

Secure Email: Cryptography is used to send emails securely. It is used to authenticate users, encrypt data, and ensure that emails
are transmitted securely.
ADVANTAGES AND DISADVANTAGES
OF CRYPTOGRAPHY
Advantages
• Security: Encryption provides privacy and protection from unauthorized access to data.
• Authentication: Digital signatures can provide authentication, ensuring the sender is who they say they
are.
• Integrity: Data integrity ensures that the message has not been changed in transit.
• Digital signatures: Cryptography can also be used to create digital signatures, verifying a sender's identity.
Disadvantages
• Speed: Encryption can slow down during the data transmission, taking longer than unencrypted messages.
• Require a large amount of power: Cryptography is computationally intensive, requiring large amounts of
computing power to encrypt and decrypt data.
• Vulnerable: It is also susceptible to cryptographic attacks, such as brute-force attacks, that can
compromise the security of encrypted data.
• Requiring a high skill: Cryptography requires a high degree of skill, knowledge, and resources to
implement correctly.
CRYPTANALYSIS
• Cryptanalysis is the study of methods for obtaining the meaning of
encrypted information, without access to the secret information that is
typically required to do so. Typically, this involves knowing how the
system works and finding a secret key. Cryptanalysis is also referred
to as codebreaking or cracking the code. The ciphertext is generally
the easiest part of a cryptosystem to obtain and, therefore, is an
important part of cryptanalysis. Depending on what information is
available and what type of cipher is being analyzed, cryptanalysts can
follow one or more attack models to crack a cipher.
Cryptanalysis Techniques
• Brute force: try every key
• Ciphertext-only attack:
• Attacker knows ciphertext of several messages encrypted with same
key (but doesn’t know plaintext).
• Possible to recover plaintext (also possible to deduce key) by looking
at frequency of ciphertext letters
• Known-plaintext attack:
• Attackers observes pairs of plaintext/ciphertext encrypted with same
key.
• Possible to deduce key and/or devise algorithm to decrypt ciphertext.
Cryptanalysis Techniques
• Chosen-plaintext attack:
• Attacker can choose the plaintext and look at the paired ciphertext
• Attacker has more control than known-plaintext attack and may be
able to gain more info about key
• Adaptive Chosen-Plaintext attack:
• Attacker chooses a series of plaintexts, basing the next plaintext on the
result of previous encryption
• Examples
• Differential cryptanalysis – DES is resistant it
• Linear cryptanalysis
• Cryptanalysis attacks often exploit the redundancy of natural
language
• Lossless compression before encryption removes
redundancy
Types of ciphers
Substitution Cipher
• Substitution of single letters separately—simple substitution—can be demonstrated by writing out the alphabet in some order to represent the
substitution. This is termed a substitution alphabet. The cipher alphabet may be shifted or reversed (creating the Caesar and Atbash ciphers,
respectively) or scrambled in a more complex fashion, in which case it is called a mixed alphabet or deranged alphabet.
Transposition Cipher
• A transposition cipher is a method of encryption in which the positions held by units of plaintext (which are commonly characters or groups of
characters) are shifted according to a regular system so that the ciphertext constitutes a permutation of the plaintext.
Block Cipher
• a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called blocks, with an unvarying transformation that is
specified by a symmetric key. Block ciphers are important elementary components in the design of many cryptographic protocols and are widely
used to implement encryption of bulk data.
Stream Cipher
• a stream cipher is a symmetric key cipher in which plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In
a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the
ciphertext stream.
Password Cracking
• In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that have been stored in or
transmitted by a computer system. A common approach is to try guesses for the password repeatedly.