Cryptology:
This is the study of techniques for ensuring the secrecy and/or authenticity of information.
The two main branches of cryptology are:
- Cryptography, which is the study of the design of such techniques; and
- Cryptanalysis, deals with defeating such techniques, to recover information, or forging information that will be accepted as authentic.
Network security:
This area covers the use of cryptographic algorithms in network protocols and network applications.
Computer security:
We use this term to refer to the security of computers against intruders
(e.g., hackers) and malicious software (e.g., viruses).
Typically, the
computer to be secured is attached to a network and the bulk of the threats
arise from the network.
ACCESS CONTROL
In the context of network security, access control is the ability to limit
and control access to host systems and applications via communications
links. To achieve this, each entity trying to gain access must first be
identified, or authenticated, so that access rights can be tailored to the
individual.
AUTHENTICATION
The assurance that the communicating entity is the one that it claims to
be.
Peer Entity Authentication
Used in association with a logical connection to provide confidence in the
identity of the entities connected.
Data Origin Authentication
AVAILABILITY
This is the property of a system or a system resource being accessible
and usable upon demand by an authorized system entity, according to
performance specifications for the system.
In simple words, a system should be
available if it provides services according to the system design
whenever users request them.
A variety of attacks can result in the loss of or reduction in
availability. It is a property to be associated with various security
services. However, it makes sense to call out specifically an
availability service. An availability service protects a system to
ensure its availability. This service addresses the security concerns
raised by denial-of-service attacks. It depends on proper management
and control of system resources and thus depends on access control
services and other security services.
DATA CONFIDENTIALITY
Confidentiality is the protection of transmitted data from passive
attacks. Concerning the content of data transmission, several levels of protection can be identified. The
broadest service protects all user
data transmitted between two users over some time. For example, when a
TCP connection is set
up between two systems, this broad protection prevents the release of
any user data transmitted over
the TCP connection.
DATA INTEGRITY
As with confidentiality, integrity can apply to a stream of messages, a
single message, or selected fields
within a message. Again, the most useful and straightforward approach
is total stream protection.
A connection-oriented integrity service, one that deals with a stream
of messages, assures that
messages are received as sent, with no duplication, insertion,
modification, reordering, or replays. The
destruction of data is also covered under this service. Thus, the
connection-oriented integrity service
addresses both message stream modification and denial of service.
DENIAL OF SERVICE
The denial of service prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages to degrade performance.
INTRUDER
The intruder can be a disgruntled employee who wishes to do damage or a criminal who seeks to exploit computer assets for financial gain (e.g., obtaining credit card numbers or performing illegal money transfers).
MASQUERADE
A masquerade takes place when one entity pretends to be a different entity. (As shown in Figure.)
A
masquerade attack usually includes one of the other forms of active
attack. For example, authentication
sequences can be captured and replayed after a valid authentication
sequence has taken place, thus
enabling an authorized entity with few privileges to obtain extra
privileges by impersonating an entity
that has those privileges.
NONREPUDIATION
This provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Nonrepudiation, Origin
This is the proof that the message was sent by the specified party.
Nonrepudiation, Destination
This one is the proof that the message was received by the specified party.
THREAT
A potential for violation of security exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a threat is a possible danger that might exploit the vulnerability.
ATTACK
An assault on system security derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
REPLAY
Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
SECURITY ATTACKS
Security attacks are classified as either passive attacks, which include unauthorized reading of a message or file and traffic analysis; and active attacks, such as modification of messages or files, and denial of service.
SECURITY MECHANISMS
A security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocols.
SPECIFIC SECURITY MECHANISMS |
PERVASIVE SECURITY MECHANISMS |
May be incorporated
into the appropriate protocol layer to provide some of the
OSI security services.
Encipherment
The use of mathematical algorithms to transform data into
a form that is not readily intelligible. The
transformation and subsequent recovery of the data depend
on an algorithm and zero or more encryption keys.
Digital Signature
Data appended to, or a cryptographic transformation of, a
data unit that allows a recipient of the data unit to
prove the source and integrity of the data unit and
protect against forgery (e.g., by the recipient).
Access Control
A variety of mechanisms enforce access rights to
resources.
Data Integrity
A variety of mechanisms are used to assure the integrity
of a data unit or stream of data units.
Authentication Exchange
A mechanism intended to ensure the identity of an entity
using information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream
frustrates traffic analysis attempts.
Routing Control
Enables selection of particular physically secure routes
for certain data and allows routing changes, especially
when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain
properties of a data exchange. |
Mechanisms that are not specific
to any particular
OSI security service or protocol layer.
Trusted Functionality
That which is perceived to be correct concerning some
criteria (e.g., as established by a security policy).
Security Label
The marking is bound to a resource (which may be a data
unit) that names or designates the security attributes of
that resource.
Event Detection
Detection of security-relevant events.
Security Audit Trail
Data collected and potentially used to facilitate a
security audit, which is an independent review and
examination of system records and activities.
Security Recovery
Deals with requests from mechanisms, such as event
handling and management functions, and takes recovery
actions. |
SECURITY SERVICES
Security services include authentication, access control, data confidentiality, data integrity, nonrepudiation, and availability.
TRAFFIC ANALYSIS
Traffic analysis is subtler. Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
A message is to be transferred from one party to another across some sort of internet. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. A logical information channel is established by defining a route through the internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals.
Security aspects come into play when it is necessary or desirable to protect the information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on. All the techniques for providing security have two components:
- A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender
- Some secret information is shared by the two principals and, it is hoped, unknown to the opponent.
An example is an encryption key used in conjunction with the
transformation to scramble the message before transmission and
unscramble it on reception.
A trusted third party may be needed to achieve secure
transmission. For example, a third party may be responsible for
distributing the secret information to the two principals while
keeping it from any opponent. Or a third party may be needed to
arbitrate disputes between the two principals concerning the
authenticity of a message transmission.
This general model shows that there are four basic tasks in designing a particular security service:
Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent cannot defeat its purpose.
Generate the secret information to be used with the algorithm.
Develop methods for the distribution and sharing of secret information. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
A general model of these other situations is illustrated by the figure below, which reflects a concern for protecting an information system from unwanted access.
Another type of unwanted access is the placement in a computer
system of logic that exploits vulnerabilities in the system and
that can affect application programs as well as utility
programs, such as editors and compilers. Programs can present
two kinds of threats:
- Information access threats intercept or modify data on behalf of users who should not have access to that data.
- Service threats exploit service flaws in computers to inhibit use by legitimate users.
Viruses and worms are two examples of software attacks. Such
attacks can be introduced into a system using a disk containing
unwanted logic concealed in otherwise useful software. They can
also be inserted into a system across a network; this latter
mechanism is of more concern in network security.
The security mechanisms needed to
cope with unwanted access fall into two broad categories (see Network Access Security Model). The first category might be termed a gatekeeper function. It
includes password-based login procedures designed to deny access
to all but authorized users and screening logic designed to
detect and reject worms, viruses, and other similar attacks.
Once an unwanted user or
unwanted software gains access, the second line of defence
consists of various internal controls. This monitors activity
and analyses stored information in an attempt to detect the
presence of unwanted intruders.
OSI SECURITY ARCHITECTURE
To assess effectively the security needs of an organization and
to evaluate and choose various security products and policies,
the manager responsible for security needs some systematic way
of defining the requirements for security and characterizing the
approaches to satisfying those requirements.
This is difficult enough in a centralized data processing
environment; with the use of local and wide area networks, the
problems are compounded.
· ITU-T Recommendation X.800, Security Architecture for OSI, defines such a systematic approach.
· \ The OSI security architecture is useful to managers ba as off organises the task of providing security.
· Furthermore, because this architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to this structured definition of services and mechanisms.
· The OSI security architecture provides a useful, if abstract, overview of many of the concepts.
· The OSI security architecture focuses on security attacks, mechanisms, and services.
· These can be defined briefly as:
Security attack: Any action that compromises the security of information owned by an organization.
Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.
Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they can use one or more security mechanisms to provide the service.
In the literature, the terms threat and attack are commonly used to mean more or less the same thing.
- Prof. R. D. Mane,
Department of Computer Science & Engineering,
Dr. J. J. Magdum College of Engineering, Jaysingpur.
Post a Comment