Cryptology:
This is the study of techniques for ensuring the secrecy and/or authenticity of information.
The two main branches of cryptology are
- Cryptography, which is the study of the design of such techniques; and
- Cryptanalysis, deals with defeating such techniques, to recover information, or forging information that will be accepted as authentic.
Network security:
This area covers the use of cryptographic algorithms in network protocols and network applications.
Computer security:
We use this term to refer to the security of computers against
intruders (e.g., hackers) and malicious software (e.g., viruses).
Typically, the computer
to be secured is attached to a network and the bulk of the threats arise from the
network.
ACCESS
CONTROL
In the context of network security,
access control is the ability to limit and control access to host systems
and applications via communications links. To achieve this, each entity trying
to gain access must first be identified, or authenticated, so that access
rights can be tailored to the individual.
AUTHENTICATION
The assurance that the communicating
entity is the one that it claims to be.
Peer
Entity Authentication
Used in association with a logical
connection to provide confidence in the identity of the entities connected.
Data
Origin Authentication
AVAILABILITY
This is the property of a system or a system resource being
accessible and usable upon demand by an authorized system entity, according to
performance specifications for the system.
In simple words,
a system should be available if it provides services according to the system
design whenever users request them.
A variety
of attacks can result in the loss of or reduction in availability. It is a
property to be associated with various security services. However, it makes sense
to call out specifically an availability service. An availability service protects a system to ensure its availability. This service addresses
the security concerns raised by denial-of-service attacks. It depends on proper
management and control of system resources and thus depends on access control
services and other security services.
DATA
CONFIDENTIALITY
Confidentiality
is the protection of transmitted data from passive attacks. Concerning the
content of data transmission,
several levels of protection can be identified. The broadest service protects
all user data transmitted
between two users over some time. For example, when a TCP connection is
set up between two systems,
this broad protection prevents the release of any user data transmitted over the TCP connection.
DATA
INTEGRITY
As
with confidentiality, integrity can apply to a stream of messages, a single
message, or selected fields within a
message. Again, the most useful and straightforward approach is total stream
protection.
A
connection-oriented integrity service, one that deals with a stream of
messages, assures that messages
are received as sent, with no duplication, insertion, modification, reordering,
or replays. The destruction
of data is also covered under this service. Thus, the connection-oriented
integrity service addresses
both message stream modification and denial of service.
DENIAL OF SERVICE
The denial of service prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages to degrade performance.
INTRUDER
The intruder can be a disgruntled employee who wishes to do damage or a criminal who seeks to exploit computer assets for financial gain (e.g., obtaining credit card numbers or performing illegal money transfers).
MASQUERADE
A masquerade takes place when one entity pretends to be a different entity. (As shown in Figure.)
A masquerade
attack usually includes one of the other forms of active attack. For example,
authentication sequences can be
captured and replayed after a valid authentication sequence has taken place,
thus enabling an authorized
entity with few privileges to obtain extra privileges by impersonating an
entity that has those privileges.
NONREPUDIATION
This provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Nonrepudiation, Origin
This is the proof that the message was sent by the specified party.
Nonrepudiation, Destination
This one is the proof that the message was received by the specified party.
THREAT
A potential for violation of security exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a threat is a possible danger that might exploit the vulnerability.
ATTACK
An assault on system security derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
REPLAY
Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
SECURITY ATTACKS
Security attacks are classified as either passive attacks, which include unauthorized reading of a message or file and traffic analysis; and active attacks, such as modification of messages or files, and denial of service.
SECURITY MECHANISMS
A security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocols.
|
SPECIFIC
SECURITY MECHANISMS |
PERVASIVE
SECURITY MECHANISMS |
|
May be incorporated into the
appropriate protocol layer to provide some of the OSI security services. Encipherment The
use of mathematical algorithms to transform data into a form that is not
readily intelligible. The transformation and subsequent recovery of the data
depend on an algorithm and zero or more encryption keys. Digital
Signature Data
appended to, or a cryptographic transformation of, a data unit that allows a
recipient of the data unit to prove the source and integrity of the data unit
and protect against forgery (e.g., by the recipient). Access
Control A
variety of mechanisms enforce access rights to resources. Data
Integrity A
variety of mechanisms are used to assure the integrity of a data unit or stream
of data units. Authentication
Exchange A
mechanism intended to ensure the identity of an entity using
information exchange. Traffic
Padding The
insertion of bits into gaps in a data stream frustrates traffic analysis
attempts. Routing
Control Enables
selection of particular physically secure routes for certain data and allows
routing changes, especially when a breach of security is suspected. Notarization The
use of a trusted third party to assure certain properties of a data exchange. |
Mechanisms that are not specific to any
particular OSI
security service or protocol layer. Trusted
Functionality That
which is perceived to be correct concerning some criteria (e.g., as
established by a security policy). Security
Label The
marking is bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource. Event
Detection Detection
of security-relevant events. Security
Audit Trail Data
collected and potentially used to facilitate a security audit, which is an
independent review and examination of system records and activities. Security
Recovery Deals
with requests from mechanisms, such as event handling and management
functions, and takes recovery actions. |
SECURITY SERVICES
Security services include authentication, access control, data confidentiality, data integrity, nonrepudiation, and availability.
TRAFFIC ANALYSIS
Traffic analysis is subtler. Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
A message is to be transferred from one party to another across some sort of internet. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. A logical information channel is established by defining a route through the internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals.
Security aspects come into play when it is necessary or desirable to protect the information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on. All the techniques for providing security have two components:
- A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender
- Some secret information is shared by the two principals and, it is hoped, unknown to the opponent.
An example is
an encryption key used in conjunction with the transformation to scramble the
message before transmission and unscramble it on reception.
A trusted third
party may be needed to achieve secure transmission. For example, a third party
may be responsible for distributing the secret information to the two principals
while keeping it from any opponent. Or a third party may be needed to arbitrate
disputes between the two principals concerning the authenticity of a message
transmission.
This general model shows that there are four basic tasks in designing a particular security service:
Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent cannot defeat its purpose.
Generate the secret information to be used with the algorithm.
Develop methods for the distribution and sharing of secret information. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
A general model of these other situations is illustrated by the figure below, which reflects a concern for protecting an information system from unwanted access.
Another type of unwanted access is the placement in a computer
system of logic that exploits vulnerabilities in the system and that can affect
application programs as well as utility programs, such as editors and
compilers. Programs can present two kinds of threats:
- Information access threats intercept or modify data on behalf of users who should not have access to that data.
- Service threats exploit service flaws in computers to inhibit use by legitimate users.
Viruses and worms are two examples of software attacks. Such
attacks can be introduced into a system using a disk containing
unwanted logic concealed in otherwise useful software. They can also be
inserted into a system across a network; this latter mechanism is of more
concern in network security.
The security
mechanisms needed to cope with unwanted access fall into two broad categories
(see Network Access Security Model). The first category might be termed a gatekeeper function. It
includes password-based login procedures designed to deny access to all but authorized users and screening logic designed to detect and
reject worms, viruses, and other similar attacks.
Once an unwanted user or unwanted software gains access, the second line of defence consists of various internal controls. This monitors activity and analyses stored
information in an attempt to detect the presence of unwanted intruders.
OSI SECURITY ARCHITECTURE
To
assess effectively the security needs of an organization and to evaluate and
choose various security products and policies, the manager responsible for
security needs some systematic way of defining the requirements for security
and characterizing the approaches to satisfying those requirements.
This is difficult enough in a
centralized data processing environment; with the use of local and wide area
networks, the problems are compounded.
· ITU-T Recommendation X.800, Security Architecture for OSI, defines such a systematic approach.
· \ The OSI security architecture is useful to managers ba as off organises the task of providing security.
· Furthermore, because this architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to this structured definition of services and mechanisms.
· The OSI security architecture provides a useful, if abstract, overview of many of the concepts.
· The OSI security architecture focuses on security attacks, mechanisms, and services.
· These can be defined briefly as:
Security attack: Any action that compromises the security of information owned by an organization.
Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.
Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they can use one or more security mechanisms to provide the service.
In the literature, the terms threat and attack are commonly used to mean more or less the same thing.
- Prof. R. D. Mane,
Department of Computer Science & Engineering,
Dr. J. J. Magdum College of Engineering, Jaysingpur.
Post a Comment