Cybersecurity

Cybersecurity is the protection of information that is stored, transmitted, and processed in a networked
system of computers, other digital devices, and network devices and transmission lines, including the
Internet. Protection encompasses confidentiality, integrity, availability, authenticity, and accountability.

Security Objectives
1. Confidentiality: This term covers two related concepts:
 Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
 Privacy: Assures that individual’s control what information related to them may be
collected and stored and by whom and to whom that information may be disclosed.
2. Integrity: This term covers two related concepts:
 Data integrity: Assures that data (both stored and in transmitted packets) and programs
are changed only in a specified and authorized manner. This concept also encompasses
data authenticity, which means that a digital object is indeed what it claims to be or what
it is claimed to be, and nonrepudiation, which is assurance that the sender of information
is provided with proof of delivery and the recipient are provided with proof of the sender’s
identity, so neither can later deny having processed the information.
 System integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
3. Availability: Assures that systems work promptly and service is not denied to authorized users.

Security Attacks
Security attacks are the attacks that compromises the security objectives like confidentiality, integrity
and availability. Security attacks are of two types:
 Passive Attacks
 Active Attacks
Passive Attacks - Passive attacks are monitoring the transmissions that are being transmitted through
a network. The goal of the attacker is to obtain information that is being transmitted. Passive attacks
are very difficult to detect because they do not involve any alteration of the data. The different types of
Passive attacks are: Eavesdropping and Traffic Analysis
 Eavesdropping – It is done to know the contents of the messages.
 Traffic Analysis – It is done to know the type of the contents of the messages.
Active Attacks - Active attacks involve some modification of the data stream or the creation of a false
stream. The different types of active attacks are: replay, masquerade, modification of messages, and
denial of service.
 Replay – Replay involves the passive capture of a data unit and its subsequent retransmission
to produce an unauthorized effect.
 Masquerade – A masquerade takes place when one entity pretends to be a different entity.
  Modification of Messages- Data modification simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce an unauthorized
effect. For example, a message stating, “Allow John Smith to read confidential file accounts” is
modified to say, “Allow Fred Brown to read confidential file accounts.”
 Denial of Service - The denial of service prevents or inhibits the normal use or management
of communication facilities. This attack may have a specific target; for example, an entity may
suppress all messages directed to a particular destination. Another form of service denial is the
disruption of an entire network, either by disabling the network or by overloading it with
messages so as to degrade performance.

Fig. Security Attacks

Security Services

A security service is a capability that supports one or more of the security requirements (confidentiality,
integrity, availability, authenticity, and accountability). Security services implement security policies and
are implemented by security mechanisms.
1. Authentication
The authentication service is concerned with assuring that a communication is authentic. Two
specific authentication services are defined in X.800:
  Peer entity authentication: Provides for the corroboration of the identity of a peer entity
in an association. Two entities are considered peers if they implement the same protocol
in different systems.
 Data origin authentication: Provides for the corroboration of the source of a data unit.
It does not provide protection against the duplication or modification of data units. This
type of service supports applications like electronic mail, where there are no ongoing
interactions between the communicating entities.
2. Access Control
In the context of network security, access control is the ability to limit and control the access to
host systems and applications via communications links. To achieve this, each entity trying to
gain access must first be identified, or authenticated, so that access rights can be tailored to
the individual.
3. Data Confidentiality
Confidentiality is the protection of transmitted data from passive attacks. With respect to the
content of a data transmission, several levels of protection can be identified. The broadest
service protects all user data transmitted between two users over a period of time.
4. Data Integrity
As with confidentiality, integrity can apply to a stream of messages, a single message, or
selected fields within a message. A connection-oriented integrity service, one that deals with a
stream of messages, assures that messages are received as sent with no duplication, insertion,
modification, reordering, or replays. The destruction of data is also covered under this service.
Thus, the connection-oriented integrity service addresses both message stream modification
and denial of service. A connectionless integrity service, one that deals with individual
messages without regard to any larger context, generally provides protection against message
modification only.
5. Nonrepudiation
Nonrepudiation prevents either sender or receiver from denying a transmitted message. Thus,
when a message is sent, the receiver can prove that the alleged sender in fact sent the
message. Similarly, when a message is received, the sender can prove that the alleged receiver
in fact received the message.
6. Availability Service
Availability is the property of a system, or a system resource being accessible and usable upon
demand by an authorized system entity, according to performance specifications for the
system.

Security Mechanisms

The different types of security mechanisms are:

1. Cryptographic algorithms: We can distinguish between reversible cryptographic mechanisms
and irreversible cryptographic mechanisms. A reversible cryptographic mechanism is simply an
encryption algorithm that allows data to be encrypted and subsequently decrypted. Irreversible
 cryptographic mechanisms include hash algorithms and message authentication codes, which
are used in digital signature and message authentication applications.
2. Data integrity: This category covers a variety of mechanisms used to assure the integrity of a
data unit or stream of data units.
3. Digital signature: Data appended to, or a cryptographic transformation of, a data unit that
allows a recipient of the data unit to prove the source and integrity of the data unit and protect
against forgery.
4. Authentication exchange: A mechanism intended to ensure the identity of an entity by means
of information exchange.
5. Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
6. Routing control: Enables selection of particular physically or logically secure routes for certain
data and allows routing changes, especially when a breach of security is suspected.
7. Notarization: The use of a trusted third party to assure certain properties of a data exchange.
8. Access control: A variety of mechanisms that enforce access rights to resources.

Cryptography

Cryptography is a branch of mathematics that deals with the transformation of data. Cryptographic
algorithms are used in many ways in information security and network security. Cryptography is an
essential component in the secure storage and transmission of data, and in the secure interaction
between parties.

Symmetric Encryption
A symmetric encryption scheme has five ingredients:
 Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.
 Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
 Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different output
depending on the specific key being used at the time. The exact substitutions and
transformations performed by the algorithm
 depend on the key.
 Ciphertext: This is the scrambled message produced as output. It depends on the plaintext
and the secret key. For a given message, two different keys will produce two different
ciphertexts. The ciphertext is an apparently random
 stream of data and, as it stands, is unintelligible.
 Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the
ciphertext and the secret key and produces the original plaintext.
Fig. Symmetric Encryption