cpe 5002 network security. look at the surroundings before you leap

CPE 5002 Network securityCPE 5002 Network security

Look at the surroundings before Look at the surroundings before you leapyou leap

CPE5002 Network Security/

Srini

3

LecturersLecturers

Prof B Srinivasan – 990 32333, C4.47 [email protected]

Mr Pravin Shetty – 990 31945, B3.35 [email protected]

Guest Lecturers – Dr Le and Mr C Wilson


Srini

4

TopicsTopics

Basic principles (Access Control /Authentication/Models of threat & Practical Countermeasures).

Security issues over LANS & WANS[Earlier Models & Current Solutions].

Public key encryptions/ PKI/Digital signatures/Kerberos

Unix security [Internet=TCP/IP Security—VPNs/Firewalls.

Intrusion detection systems. Security in E-Commerce and banking, Including

WWW, EDI , EFT,ATM.


Srini

5

Rules of the game (1)Rules of the game (1)

11 weeks of lectures Assignment – written and a presentation of 15-

20 mts– Weightage: 40%– Presentation: during weeks 12 and 13

Examination: – Week 14, – Weightage: 60% – Assignment presentation topics are included in the

examination assessment.


Srini

6

Rules of the game (2)Rules of the game (2)

References: – Computer Security—Dieter Gollman– Network and Internetwork Security---William

Stallings.

– Open Systems Networking—David M Piscitello/ A Lyman Chapin.

No Formal Tutorial for this subject.


Srini

7

Where to look for notes materials?Where to look for notes materials?

http://beast.csse.monash.edu.au/cpe5002

Username: cpe5002 Password: srini


Srini

8

Today’s lecture isToday’s lecture is

Domain of network securityTaxonomy of security attacksAims or services of securityModel of internetwork securityMethods of defence


Srini

9

SecuritySecurity

Human nature– physical, financial, mental,…, data and

information security


Srini

10

Information SecurityInformation Security

1. Shift from the physical security to the protection of data and to thwart hackers (by means of automated software tools) – called computer securitycomputer security


Srini

11

Network SecurityNetwork Security

2. With the widespread use of distributed systems and the use of networks and communications require protection of data during transmission – called network security


Srini

12

Internetwork securityInternetwork security

The term Network Security may be misleading, because virtually all business, govt, and academic organisations interconnect their data processing equipment with a collection of interconnected networks – probably we should call it as internetwork security


Srini

13

Aspects of information securityAspects of information security

Security attack – any action that compromises the security of information.

Security mechanism – to detect, prevent, or recover from a security attack.

Security service – service that enhances and counters security attacks.


Srini

14

Security mechanismsSecurity mechanisms

No single mechanism that can provide the services mentioned in the previous slide. However one particular aspect that underlines most (if not all) of the security mechanism is the cryptographic techniques.

Encryption or encryption-like transformation of information are the most common means of providing security.


Srini

15

Why Internetwork Security?Why Internetwork Security?

Internetwork security is not simple as it might first appear.

In developing a particular security measure one has to consider potential countermeasures.

Because of the countermeasures the problem itself becomes complex.

Once you have designed the security measure, it is necessary to decide where to use them.

Security mechanisms usually involve more than a particular algorithm or protocol.


Srini

16

Security Attacks - TaxonomySecurity Attacks - Taxonomy

Interruption – attack on availabilityInterception – attack on confidentialityModification – attack on integrityFabrication – attack on authenticity

Propertythat is

compromised


Srini

17

InterruptionInterruption

also known as denial of services.Information resources (hardware,

software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction.

e.g: cutting a communication line, disabling a file management system, etc.


Srini

18

InterceptionInterception

also known as un-authorised access.Difficult to trace as no traces of intrusion

might be left.E.g: illegal eavesdropping or wiretapping

or sniffing, illegal copying.


Srini

19

ModificationModification

also known as tampering a resource.Resources can be data, programs,

hardware devices, etc.


Srini

20

FabricationFabrication

also known as counterfeiting.Allows to by pass the authenticity checks. e.g: insertion of spurious messages in a

network, adding a record to a file, counterfeit bank notes, fake cheques,…


Srini

21

Security Attacks - TaxonomySecurity Attacks - Taxonomy

InformationSource

InformationDestination

Normal

InformationSource


Interruption

InformationSource


Interception

InformationSource


Modification

InformationSource


Fabrication


Srini

22

Attacks – Passive typesAttacks – Passive types

Passive (interception) – eavesdropping on, monitoring of, transmissions.

The goal is to obtain information that is being transmitted.

Types here are: release of message contents and traffic analysis.


Srini

23

Attacks – Active typesAttacks – Active types

Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service.


Srini

24

AttacksAttacks

Passive

Interception(confidentiality)

Release ofMessage contents

Trafficanalysis

Active

Modification(integrity)

Fabrication(integrity)

Interruption(availability)


Srini

25

Security servicesSecurity services

ConfidentialityAuthenticationIntegrityNonrepudiationAccess controlAvailability


Srini

26

Model for internetwork securityModel for internetwork security

Information channel

Message Message

SecretinformationSecret

information

PrincipalPrincipal

Opponent

Trusted Third party

Gate Keeper


Srini

27

Methods of defence (1)Methods of defence (1)

Modern cryptology– Encryption, authentication code, digital

signature,etc.Software controls

– Standard development tools (design, code, test, maintain,etc)

– Operating systems controls– Internal program controls (e.g: access

controls to data in a database)– Fire walls


Srini

28

Methods of defence (2)Methods of defence (2)

Hardware controls– Security devices, smart cards, …

Physical controls– Lock, guards, backup of data and software,

thick walls, ….Security polices and proceduresUser educationLaw

cpe 5002 network security. look at the surroundings before you leap

Documents

security of information

physical security

cpe5002 network security

security mechanisms

security issues

information security

term network security

internetwork security