Network Security &

Applications 407312
Introduction
Course Overview
Textbook:
Computer
Security
Principles & Practices
– 4th Edition

Willian Stalling
& Lawrie Brown
Chapters: Overview:

01
• Computer Security Concepts
• Threats, Attacks, and Assets
• Security Functional Requirements
• Fundamental Security Design Principles
• Attack Surfaces and Attack Trees
• Computer Security Strategy
Cryptography:

02
• cryptographic algorithms important element in security services
• review various types of elements
 symmetric encryption
 public-key (asymmetric) encryption
 digital signatures and key management
 secure hash functions
• example is use to encrypt stored data

User Authentication:
• Electronic user authentication principles

03
• Password-based authentication
• Token-based authentication
• Biometric authentication
• Remote user authentication
• Security issues for user authentication
• Practical application: an iris biometric system

Access Control:

04
• introduced access control principles
• subjects, objects, access rights
• discretionary access controls
• role-based access control

Malware:
• introduced types of malicious software

05
• incl backdoor, logic bomb, trojan horse, mobile
• virus types and countermeasures
• worm types and countermeasures
• bots
• rootkits
Evaluation Method

25% 35% 40% 5%

Week 9 Includes Week 15 Class
Assignments Participation
, Quizzes & &
Reports Engagement

Midterm Coursework Final Bonus

 Course Outcomes
Course catalog:
The course covers classic security topics,
No.1
A successful student in this course will be
such as applied cryptography, able to be familiar with information security
authentication, authorization and basic concepts and terms.
security principles. Furthermore, it
covers some recent topics such as web No.2
security and virtual machines security. A successful student in this course will be
The topics that the course covers are able to use symmetric and asymmetric en-
listed below: cryption methods.
 Overview: Confidentiality, Integrity,
Availability. Security policy and
No.3
A successful student in this course will be
mechanism. Basic principles of secure able to code a hacking system that teach
system design. students how attackers think and hack sys-
 Cryptography: Basic crypto primitives,
tems.
Secret key crypto, public key crypto,
Digital signatures, Message
authentication.
No.4
A successful student in this course will be
 System security: Authentication, able to analyze access control methods and
Access Control, Discussion of popular their differences, and implement an access
systems and security protocols. control method.
 Network Security: Firewalls, Intrusion
Prevention Systems, DHCP spoofing No.5 Network Security
407312
and snooping, MAC flooding. A successful student in this course will be
able to design some types of malicious
software.

No.6
A successful student in this course will be
able to understand how countermeasures
works and how intruders may bypass se-
curity countermeasures.
Chapter 1: Overview
8

Chapter 1 Overview

• Computer Security Concepts

• Threats, Attacks, and Assets
• Security Functional Requirements
• Fundamental Security Design Principles
• Attack Surfaces and Attack Trees
• Computer Security Strategy
9

Learning Objectives

• Describe the key security requirements of

confidentiality, integrity and availability
• Discuss the types security threats and attacks that
must be dealt with
• Summarize the functional requirements for
computer security
• Explain the fundamental security design
principles
• Discuss the use of attack surfaces and attack trees
• Understand the principle aspects of a
comprehensive security strategy
10

A Definition Of Computer Security

• Computer security: The protection

afforded to an automated information
system in order to attain the applicable
objectives of preserving the integrity,
availability and confidentiality of
information system resources (includes
hardware, software, firmware,
information/data, and
telecommunications)

NIST 1995
11
Three Key Objectives
(The CIA Triad)
• Confidentiality
 Data confidentiality: Assures that confidential information
is not disclosed to unauthorized individuals
 Privacy: Assures that individual control or influence what
information may be collected and stored
• Integrity
 Data integrity: assures that information and programs are
changed only in a specified and authorized manner
 System integrity: Assures that a system performs its
operations in unimpaired manner
• Availability: assure that systems works promptly and
service is not denied to authorized users
12

Key Security Concepts

13
Other Concepts
To A Complete Security Picture
• Authenticity: the property of being genuine
and being able to be verified and trusted;
confident in the validity of a transmission,
or a message, or its originator
• Accountability: generates the requirement
for actions of an entity to be traced
uniquely to that individual to support
nonrepudiation, deference, fault isolation,
etc.
14

Levels Of Security Breach Impact

• Low: the loss will have a limited impact, e.g., a

degradation in mission or minor damage or
minor financial loss or minor harm
• Moderate: the loss has a serious effect, e.g.,
significance degradation on mission or
significant harm to individuals but no loss of
life or threatening injuries
• High: the loss has severe or catastrophic
adverse effect on operations, organizational
assets or on individuals (e.g., loss of life)
15
Examples Of Security
Requirements: Confidentiality
• Student grade information is an asset whose
confidentiality is considered to be very high
 The US FERPA Act: grades should only be
available to students, their parents, and their
employers (when required for the job)
• Student enrollment information: may have
moderate confidentiality rating; less damage
if enclosed
• Directory information: low confidentiality
rating; often available publicly
16
Examples Of Security
Requirements: Integrity
• A hospital patient’s allergy information (high
integrity data): a doctor should be able to trust that
the info is correct and current
 If a nurse deliberately falsifies the data, the database
should be restored to a trusted basis and the falsified
information traced back to the person who did it
• An online newsgroup registration data: moderate
level of integrity
• An example of low integrity requirement:
anonymous online poll (inaccuracy is well
understood)
17
Examples Of Security
Requirements: Availability
• A system that provides authentication: high
availability requirement
 If customers cannot access resources, the loss of
services could result in financial loss
• A public website for a university: a moderate
availably requirement; not critical but causes
embarrassment
• An online telephone directory lookup: a low
availability requirement because unavailability is
mostly annoyance (there are alternative sources)
18

Challenges Of Computer Security

1. Computer security is not simple
2. One must consider potential (unexpected) attacks
3. Procedures used are often counter-intuitive
4. Must decide where to deploy mechanisms
5. Involve algorithms and secret info (keys)
6. A battle of wits between attacker / admin
7. It is not perceived on benefit until fails
8. Requires constant monitoring
9. Too often an after-thought (not integral)
10. Regarded as impediment to using system
19

A Model For Computer Security

• Table 1.1 and Figure 1.1 show the relationship

• Systems resources
 Hardware, software (OS, apps), data (users, system,
database), communication facilities and network (LAN,
bridges, routers, …)
• Our concern: vulnerability of these resources
(corrupted, unavailable, leaky)
• Threats exploit vulnerabilities
• Attack is a threat that is accrued out
 Active or passive; from inside or from outside
• Countermeasures: actions taken to prevent, detect,
recover and minimize risks
20

Computer Security Terminology

21

Security Concepts & Relationships

22

Threat Consequences

• Unauthorized disclosure: threat to confidentiality

 Exposure (release data), interception, inference,
intrusion
• Deception: threat to integrity
 Masquerade, falsification (alter data), repudiation
• Disruption: threat to integrity and availability
 Incapacitation (destruction), corruption (backdoor logic),
obstruction (infer with communication, overload a line)
• Usurpation: threat to integrity
 Misappropriation (theft of service), misuse (hacker
gaining unauthorized access)
23
Threat Consequences
(Tabular Form)
24

The Scope Of Computer Security

25

Examples Of Threats
26

Security Functional Requirements

(FIPS 200)
• Technical measures
 Access control; identification & authentication; system &
communication protection; system & information
integrity
• Management controls and procedures
 Awareness & training; audit & accountability;
certification, accreditation, & security assessments;
contingency planning; maintenance; physical &
environmental protection; planning; personnel security;
risk assessment; systems & services acquisition
• Overlapping technical and management
 Configuration management; incident response; media
protection
27

X.800 Security Architecture

• X.800, Security Architecture for OSI

• systematic way of defining requirements for
security and characterizing approaches to
satisfying them
• defines:
 security attacks - compromise security
 security mechanism - act to detect, prevent,
recover from attack
 security service - counter security attacks
28
Fundamental Security Design Principles [1/5]

• Despite years of research, it is still difficult to

design systems that comprehensively prevent
security flaws
• But good practices for good design have been
documented (analogous to software
engineering)
 Economy of mechanism, fail-safe defaults, complete
mediation, open design, separation of privileges,
lease privilege, least common mechanism,
psychological accountability, isolation, encapsulation,
modularity, layering, least astonishment
29
Fundamental Security Design Principles [2/5]

• Economy of mechanism: the design of security

measures should be as simple as possible
 Simpler to implement and to verify
 Fewer vulnerabilities
• Fail-safe default: access decisions should be based
on permissions; i.e., the default is lack of access
• Complete mediation: every access should
checked against an access control system
• Open design: the design should be open rather
than secret (e.g., encryption algorithms)
30
Fundamental Security Design Principles [3/5]

• Isolation
 Public access should be isolated from critical
resources (no connection between public and
critical information)
 Users files should be isolated from one another
(except when desired)
 Security mechanism should be isolated (i.e.,
preventing access to those mechanisms)
• Encapsulation: similar to object concepts (hide
internal structures)
• Modularity: modular structure
31
Fundamental Security Design Principles [4/5]

• Layering (defense in depth): use of

multiple, overlapping protection
approaches
• Least astonishment: a program or
interface should always respond in a
way that is least likely to astonish a user
32
Fundamental Security Design Principles [5/5]

• Separation of privilege: multiple privileges should

be needed to do achieve access (or complete a
task)
• Least privilege: every user (process) should have
the least privilege to perform a task
• Least common mechanism: a design should
minimize the function shared by different users
(providing mutual security; reduce deadlock)
• Psychological acceptability: security mechanisms
should not interfere unduly with the work of users
33

Attack Surfaces

• Attack surface: the reachable and exploitable

vulnerabilities in a system
 Open ports
 Services outside a firewall
 An employee with access to sensitive info
 …
• Three categories
 Network attack surface (i.e., network vulnerability)
 Software attack surface (i.e., software vulnerabilities)
 Human attack surface (e.g., social engineering)
• Attack analysis: assessing the scale and severity of threats
34

Attack Trees

• A branching, hierarchical data structure

that represents a set of potential
vulnerabilities
• Objective: to effectively exploit the info
available on attack patterns
 published on CERT or similar forums
 Security analysts can use the tree to guide
design and strengthen countermeasures
35

An Attack Tree
36

Computer Security Strategy

• An overall strategy for providing security

 Policy (specs): what security schemes are supposed to do
• Assets and their values
• Potential threats
• Ease of use vs security
• Cost of security vs cost of failure/recovery
 Implementation/mechanism: how to enforce
• Prevention
• Detection
• Response
• Recovery
 Correctness/assurance: does it really work
(validation/review)
37

Security Taxonomy
38

Security Trends
39

Computer Security Losses

40

Security Technologies Used

41

Summary

• Security concepts
• Terminology
• Functional requirements
• Security design principles
• Security strategy
End of Chapter 1