Scribd
Upload
89 views22 pages

Introduction To Computer Security

The document discusses the basics of computer security including confidentiality, integrity, and availability. Confidentiality refers to concealing information, integrity refers to trustworthy data, and availability refers to being able to access desired information. The document also covers security threats like snooping, masquerading, and modification. Snooping is unauthorized interception of information, masquerading is impersonating another entity, and modification is unauthorized changes to information.

Uploaded by

Manashi Shah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
89 views22 pages

Introduction To Computer Security

The document discusses the basics of computer security including confidentiality, integrity, and availability. Confidentiality refers to concealing information, integrity refers to trustworthy data, and availability refers to being able to access desired information. The document also covers security threats like snooping, masquerading, and modification. Snooping is unauthorized interception of information, masquerading is impersonating another entity, and modification is unauthorized changes to information.

Uploaded by

Manashi Shah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Chapter 1

Introduction to Computer Security


Basics components of security

 Confidentiality
 Integrity
 Availability
Confidentiality

 Confidentiality is the concealment of information or


resources.

 Access control mechanisms support confidentiality

 Cryptography scrambles data to make it


incomprehensible.

 Cryptographic key controls access to the unscrambled


data, but then the cryptographic key itself becomes
another datum to be protected.
Contd..
 EXAMPLE: Enciphering an income tax return will
prevent anyone from reading it. If the owner needs
to see the return, it must be deciphered. Only the
possessor of the cryptographic key can enter it into
a deciphering program. However, if someone else
can read the key when it is entered into the
program, the confidentiality of the tax return has
been compromised.
Integrity

 Integrity refers to the trustworthiness of data or


resources

 is usually phrased in terms of preventing improper


or unauthorized change.

 Integrity includes data integrity (the content of the


information) and origin integrity (the source of the
data, often called authentication).
Contd..
 EXAMPLE: A newspaper may print information
obtained from a leak at the White House but
attribute it to the wrong source. The information is
printed as received (preserving data integrity), but
its source is incorrect (corrupting origin integrity).
Integrity mechanisms

 Prevention Mechanisms
 seek to maintain the integrity of the data by blocking any unauthorized
attempts to change the data or any attempts to change the data in
unauthorized ways.

 Detection Mechanism
 Detection mechanisms do not try to prevent violations of integrity; they
simply report that the data’s integrity is no longer trustworthy.
 analyze system events (user or system actions) to detect problems or
(more commonly) may analyze the data itself to see if required or
expected constraints still hold.
 may report the actual cause of the integrity violation (a specific part of a
file was altered), or they may simply report that the file is now corrupt.
Availability

 Availability refers to the ability to use the information


or resource desired.

 Information only has value if the right people can


access it at the right times.

 De nying access to information has become a very


common attack nowadays.

 The primary aim of DoS attacks is to deny users of the


website access to the resources of the website.
Contd..
 EXAMPLE: Suppose Anne has compromised a bank’s secondary system
server, which supplies bank account balances. When anyone else asks
that server for information, Anne can supply any information she desires.
Merchants validate checks by contacting the bank’s primary balance
server. If a merchant gets no response, the secondary server will be asked
to supply the data. Anne’s colleague prevents merchants from contacting
the primary balance server, so all merchant queries go to the secondary
server. Anne will never have a check turned down, regardless of her
actual account balance. Notice that if the bank had only one server (the
primary one), this scheme would not work. The merchant would be
unable to validate the check.
Threat Vs. Attack
 Threat
 A potential for violation of security, which exists when there is a circumstance,
capability, action, or event that could breach security and cause harm. That is, a
threat is a possible danger that might exploit a vulnerability.
 is a possible danger that might exploit a vulnerability to breach security and this
cause possible harm.

 Attack
 An assault on system security that derives from an intelligent threat; that is, an
intelligent act that is a deliberate attempt (especially in the sense of a method or
technique) to evade security services and violate the security policy of a system.
 Is any attempt to destroy, expose, alter, disable, steal or gain unauthorized
access to resources.
Categories of Threats

 Shirey divides threats into four broad classes:


 disclosure, or unauthorized access to information
 deception, or acceptance of false data
 disruption, or interruption or prevention of correct
operation
 usurpation, or unauthorized control of some part
of a system
Security Attacks

 Passive Attack
 are in the nature of eavesdropping on, or monitoring of,
transmissions.
 The goal of the opponent is to obtain information that is
being transmitted.
 Two types
▪ Release of message contents
▪ Traffic Analysis
▪ The common technique for masking contents is encryption.
▪ If we had encryption protection in place, an opponent might still be able to observe the
pattern of these messages.
▪ The opponent could determine the location and identity of communicating hosts and
could observe the frequency and length of messages being exchanged. This information
might be useful in guessing the nature of the communication that was taking place.
Active Attacks

 involve some modification of the data stream or the creation of a


false stream

 can be subdivided into four categories: masquerade, replay,


modification of messages, and denial of service.
 A masquerade takes place when one entity pretends to be a different entity
 Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect
 Modification of messages simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce
an unauthorized effect
 The denial of serviceprevents or inhibits the normal use or management of
communications facilities. for example, an entity may suppress all messages
directed to a particular destination (e.g., the security audit service).
Security Threats: Snooping

 Snooping
 the unauthorized interception of information
 is a form of disclosure
 Is passive in nature
 some entity is listening to (or reading) communications or
browsing through files or system information.
 E.g. passive wiretapping in which network is monitored.
Masquerading

 Also termed as spoofing

 An impersonation of one entity by another

 Is a form of both deception and usurpation

 Lures a victim into believing that the entity with which it is


communicating is a different entity

 For example, if a user tries to log into a computer across the


Internet but instead reaches another computer that claims
to be the desired one, the user has been spoofed.
Modification

 Also termed as alteration, an unauthorized change of


information

 Covers three classes of threats


 deception, in which some entity relies on the modified data to determine
which action to take, or in which incorrect information is accepted as
correct and is released.
 If the modified data controls the operation of the system, the threats of
disruption and usurpation arise.

 modification is active; it results from an entity changing


information. Active wiretapping is a form of modification in
which data moving across a network is altered

You might also like