Network Security

Course Outlines

 Introduction
 security architectures, designs and models
 L2 Security
 L3 Security
 Hardening Network devices
 Encryption techniques
 ACL
 AAA
 NAC
 VPN
 Firewall (ACL, Zones, etc.)
 IDS
References
Network security | Definition

 Information Security involves all type of

information (digital or non-digital)
 Network security is the protection of the
underlying networking infrastructure from
unauthorized access, misuse, or theft.
 Network security involves creating a secure
infrastructure for devices, applications, and
users to work in a secure manner.
 It consists of measures to deter, prevent, detect,
and correct security violations that involve the
transmission of information.
Network Security vs. Internet
Security

 Network Security: Measures to protect data during transmission

 Internet Security: Measures to protect data during transmission over a
collection of interconnected networks.
Computer Security | Key Objectives

 Confidentiality
 Integrity (changes only occur in a specified and authorized manner)
 Availability (service is not denied to authorized users)
Computer Security | Key Objectives

 Confidentiality (covers two related concepts)

 Data confidentiality : Assures that private or confidential information is not
made available or disclosed to unauthorized individuals.
 Privacy: Assures that individuals control or influence what information related to them may
be collected and stored and by whom and to whom that information may be disclosed.
 Integrity (changes only occur in a specified and authorized manner)
 Availability (service is not denied to authorized users)
Computer Security | Key Objectives

 Confidentiality
 Integrity (changes only occur in a specified and authorized manner)
 Data Integrity: data/programs (both stored and in transmit) are not altered/changed
 System Integrity: System performs its functions
 Availability
 Computer Security | Key Objectives

 Confidentiality
CIA
 Integrity (changes only occur in a specified and authorized manner)
Triad
 Availability (systems works promptly and service is not denied to authorized users)
 Computer Security | Key Objectives

FIPS 199 provides a useful characterization of the three CIA objectives in terms of
requirements and the definition of a loss of security in each category.

Objective Requirements Loss of Objective Indicators

Confidentiality Preserving authorized restrictions on unauthorized disclosure of
information access and disclosure, including information
means for protecting personal privacy and
proprietary information
Integrity Guarding against improper information unauthorized modification or
modification or destruction, including destruction of information
ensuring information nonrepudiation and
authenticity
Availability Ensuring timely and reliable access to and disruption of access to or use of
use of information information or an information
system
Computer Security | Key Objectives

 Confidentiality
 Integrity (changes only occur in a specified and authorized manner)
 Availability (service is not denied to authorized users)
Extra Objectives (as seen by some in the security field):
 Authenticity: The property of being genuine and being able to be verified and trusted.
 Accountability: trace a security breach to a responsible party. This support
nonrepudiation, deterrence, fault isolation, intrusion detection and prevention,
and after-action recovery and legal action
 Why Accountability is important? Since Since truly secure systems are not yet an achievable
truly secure systems are not yet an achievable goal,
goal, we must be able to trace a security breach toparty.
we must be able to trace a security breach to a responsible a responsible
Systems must party.
keepSystems
records ofmust
keepactivities
their recordstoofpermit
their later
activities to analysis
forensic permit later forensic
to trace analysis
security toortrace
breaches to aidsecurity breaches
in transaction
or to aid
disputes 1 in transaction disputes 1.
.
Computer Security | Key Objectives
Security Breach | Impact Level

 Low
 Moderate
 High
Security Breach | Impact Level

 Low
 Cause a degradation in mission capability to an extent and duration that
the
organization is able to perform its primary functions, but the effectiveness
of the
functions is noticeably reduced;
 Result in minor damage to organizational assets;
 Result in minor financial loss;
 Result in minor harm to individuals.
 Moderate
 High
Security Breach | Impact Level

 Low
 Moderate (Serious adverse effect on organizational operations, assets, or individuals. )
 cause a significant degradation in mission capability to an extent and duration that the
organization is able to perform its primary functions, but the effectiveness of the functions
is
significantly reduced;
 Result in significant damage to organizational assets;
 Result in significant financial loss;
 Result in significant harm to individuals that does not involve loss of life or serious, life-
threatening injuries.
 High
Security Breach | Impact Level

 Low
 Moderate
 High (a severe or catastrophic adverse effect on organizational operations, assets, or
individuals)
 Cause a severe degradation in or loss of mission capability to an extent and duration that the
organization is not able to perform one or more of its primary functions;
 Result in major damage to organizational assets;
 Result in major financial loss;
 Result in severe or catastrophic harm to individuals involving loss of life or serious, life-
threatening injuries.
Threats and Attacks (RFC 4949)

 Threat
 is a possible danger that might exploit a vulnerability.
 Attack
 An assault on system security that derives from an intelligent threat. That is,
an intelligent act that is a deliberate attempt (especially in the sense of a
method or technique) to evade security services and violate the security
policy of a system.
X.800 | OSI Security Architecture

 Is an OSI Security Architecture

 Define a systematic way for defining and providing security
requirements
 Defines security requirements and specifies means by which these
requirements might be satisfied
 Useful to managers as a way of organizing the tasks of providing
security
 Focuses on security attacks, mechanisms, and services.
X.800 | OSI Security Architecture

 Security attack: Any action that compromises the security of information

owned by an organization.
 Security mechanism: A process (or a device incorporating such a process) that
is designed to detect, prevent, or recover from a security attack.
 Security service: A processing or communication service that enhances the
security of the data processing systems and the information transfers of an
organization. The services are intended to counter security attacks, and
they make use of one or more security mechanisms to provide the service.
X.800 | Security Attack

 Passive attacks (eavesdropping or monitoring transmission to obtain information

-- are very difficult to detect)
 Active attack
X.800 | Security Attack | Passive

 Passive attacks (eavesdropping or monitoring transmission to obtain

information -- are very difficult to detect----Why?)
 release of message contents
 traffic analysis
X.800 | Security Attack | Attack

 Active attack:
 Masquerade (one entity pretends to be a different entity - impersonation)
 Replay
 Modification of messages (messages are delayed,
reordered, or altered to produce an unauthorized effect)
 Denial of Service
X.800 | Security Service

 A processing or communication service that is provided by a system to give a specific kind of

protection to system resources; security services implement security policies and are
implemented by security mechanisms.
 A service that is provided by a system to ensure adequate security of the systems or of data
transfers
 Services are intended to counter security attacks
 They use security mechanisms to provide the service.
 X.800 divides Security Service into five categories:
 Authentication
 Access Control
 Data Confidentiality
 Data Integrity
 Nonrepudiation
X.800 | Security Service Categories

 Authentication : Assures that a communication is authentic

 Peer entity Authentication: Used in association with a logical connection to provide
confidence in the identity of the entities connected.(provide confidence that an entity is
not performing either a masquerade or an unauthorized replay of a previous
connection.)
 Data-Origin Authentication: In a connectionless transfer, provides assurance that the
source of received data is as claimed (It does not provide protection against the
duplication or modification of data units)
 Access Control
 Data Confidentiality
 Data Integrity
 Nonrepudiation
X.800 | Security Service Categories

 Authentication
 Access Control:
 Who can have an access to a resource, under what condition, and what is allowed to be
done
 Data Confidentiality
 Data
 Nonrepudiation
X.800 | Security Service Categories

 Authentication
 Access Control
 Data Confidentiality
 Connection Confidentiality: (The protection of all user data on a connection)
 Connectionless Confidentiality: The protection of all user data in a single data block
 Selective-Field Confidentiality:
 Traffic-Flow Confidentiality: The protection of the information that might be derived
from observation of traffic flows (e.g. source and destination, frequency, length, etc.).
 Data Integrity
 Nonrepudiation
X.800 | Security Service Categories

 Authentication
 Access Control
 Data Confidentiality
 Data Integrity : The assurance that data received contain no duplication,
modification, insertion, deletion, reordering or replay)
 Connection Integrity with Recovery
 Connection Integrity without Recovery
 Selective-Field Connection Integrity
 Connectionless Integrity (protect messages from modification only)
 Selective-Field Connectionless Integrity
 Nonrepudiation (Nonrepudiation-Origin, Nonrepudiation-Destination)
X.800 | Security Service Categories

 Authentication
 Access Control
 Data Confidentiality
 Data Integrity
 Nonrepudiation
 Nonrepudiation (Origin)
 Nonrepudiation(Destination)
X.800 | Security Mechanisms

 A process(or a device incorporating such a process) that is designed to detect,

prevent, or recover from a security attack.
 The security mechanisms are divided into those that are implemented in a
specific protocol layer, such as TCP or an application-layer protocol, and those
that are not specific to any particular protocol layer or security service.
 Specific security mechanisms
 Are incorporated into the appropriate protocol layer in order to provide some of the OSI
security services.
 Pervasive security mechanisms
 Are not specific to any particular OSI security service or protocol layer.
X.800 | Security Mechanisms

 Specific security mechanisms

 Encipherment: The use of mathematical algorithms to transform data into a form that is not readily
intelligible.
 Digital Signature: Data appended to allow recipient to prove the source and data integrity.
 Access Control: A variety of mechanisms that enforce access rights to resources
 Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of data units.
 Authentication exchange: A mechanism intended to ensure the identity of an entity by means of
information exchange.
 Traffic Padding: to frustrate traffic analysis attempts
 Routing Control
 Notarization: The use of a trusted third party to assure certain properties of a data exchange.
 Pervasive security mechanisms
X.800 | Security Mechanisms

 Specific security mechanisms

 Pervasive security mechanisms
 Trusted Functionality: That which is perceived to be correct with respect to some
criteria (e.g., as established by a security policy). Any functionality that directly provides,
or provides access to, security mechanisms should be trustworthy.
 Security Label
 Event Detection
 Security Audit Trail: Data collected and potentially used to facilitate a security audit,
which is an independent review and examination of system records and activities.
 Security Recovery: Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.
Security Services and Mechanisms |
Relationship
Fundamental Security Design
Principles

 Economy of mechanism: Eliminate unnecessary complexity. small design is easier to test

and verify thoroughly
 Fail-safe defaults: (default situation is lack of access) access decisions should be based
on permission rather than exclusion. What if there is any mistakes?
 Complete mediation:
 Open design: open designs/algorithms can be reviewed by experts and therefore we can
have high confidence in them.
 Separation of privilege: is defined in [SALT75] as a practice in which multiple privilege
attributes are required to achieve access to a restricted resource.
 Least privilege: Only limited and essential privileges should be assigned to the user to
perform the desired task.
 Least common mechanism: The design should minimize the functions shared by
different users reduce the number of unintended communication paths.
Fundamental Security Design
Principles

 Least common mechanism: The design should minimize the functions shared by different users reduce the
number of unintended communication paths
 Psychological acceptability: (introduce minimum hurdles to the user)The design should not interfere with
the working of the user unduly. Users may opt to disable those mechanisms if it became irritating. security
mechanisms should be transparent to the users of the system or at most introduce minimal obstruction.
 Isolation: Isolate public access systems from critical resources (physically or logically), users’ files and
process from one another except when explicitly desired, and finally isolate security mechanisms from
unwanted access.
 Encapsulation:
 Modularity: support migration to new technology or upgrade of new features without requiring an entire
system redesign.
 Layering(defense in depth): the failure or circumvention of any individual protection approach (in an
overlapping protection approach) will not leave the system unprotected
 Least astonishment: a program or user interface should always respond in the way that is least likely to
astonish the user