Lecture 1_Intro - Welcome to COMP 6370 Computer and Network...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Welcome to COMP 6370 Computer and Network Security Today’s Lesson: 1.  Course Introduction 2.  Administrative Comments 3.  Internet Standards, RFCs and Conventional Encryption “All Warfare is Based on Deception” Sun-Tzu Comp 6370 – Lecture 1 1 Course Objectives 1). Recognize potential risks and threats to computer operations and communications. 2). Understand Federal rules and regulations affecting computer security, including legal ramifications, FOIA, and policies. 3). Understand security issues unique to wireless communications. 4). Have a working knowledge of relevant cryptographic techniques. 5). Have a critical understanding of computer security with an emphasis on “end-to-end” vulnerabilities. Comp 6370 – Lecture 1 2 Background •  Students should always gather intelligence about who they are dealing with. –  Intelligence gathering is not always malevolent, but does need to be monitored. •  ENS policies and procedures. •  NSA Center of Academic Excellence •  Information Assurance Laboratory •  U.S. versus international perspectives. Comp 6370 – Lecture 1 3 Information Assurance Minor (INAS), MSwE & Ph.D. •  A student must take the following courses: –  COMP 6370 Computer and Network Security –  ADMH 6180 Cryptography •  A student must also take one course from the following: –  –  –  –  –  –  COMP 6320 Design and Analysis of Computer Network COMP 6350 Digital Forensics COMP 6500 Advanced Operating Systems COMP 6520 Network and Operating System Administration COMP 7360 Wireless and Mobile Networks COMP 7370 Advanced Computer and Network Security •  Annotation on transcript: INFORMATION ASSURANCE OPTION Comp 6370 – Lecture 1 4 Grades Comp 6370 – Lecture 1 5 Lecture 1 Internet Standards, RFCs and Conventional Encryption Slides modified from Henric Johnson Blekinge Institute of Technology, Sweden Comp 6370 – Lecture 1 6 •  •  •  •  •  •  Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork Security Internet standards and RFCs Comp 6370 – Lecture 1 7 Attacks, Services and Mechanisms •  Security Attack: Any action that compromises the security of information. •  Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. •  Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Comp 6370 – Lecture 1 8 Stallings’ Taxonomy Comp 6370 – Lecture 1 9 Security Attacks •  Interruption: This is an attack on availability •  Interception: This is an attack on confidentiality •  Modification: This is an attack on integrity •  Fabrication: This is an attack on authenticity Comp 6370 – Lecture 1 10 Security Goals Access Control Non-repudiation Confidentiality Integrity Availability Comp 6370 – Lecture 1 11 Active and Passive Security Threats Passive Threats Traffic Analysis Active Threats Compromise of Message Contents Masquerade Replay Denial of Service Msg Content Modification Comp 6370 – Lecture 1 12 Sensitive Data (U.S. Government) •  •  •  •  •  •  •  •  Unclassified Sensitive but Unclassified (SBU) FOUO Confidential Secret Top Secret Top Secret SCI (Compartmented) So secret that the classification itself is classified –  Other countries have other designations  secret discreet  NOFORN Comp 6370 – Lecture 1 13 •  Confidentiality (privacy) •  Authentication (who created or sent the data) •  Integrity (has not been altered) •  Non-repudiation (the order is final) •  Access control (prevent misuse of resources) •  Availability (permanence, non-erasure) –  Denial of Service Attacks –  Virus that deletes files Comp 6370 – Lecture 1 14 Designing a Security Service (Secure Data Transfer – see next) 1.  Design an algorithm for performing the securityrelated transformation. The algorithm should be such that an opponent cannot defeat its purpose. 2.  Generate the secret information to be used with the algorithm. 3.  Develop methods for the distribution and sharing of the secret information. 4.  Specify a protocol to be used by the two principals that make use of the security algorithm and the secret information to achieve a particular security service. Comp 6370 – Lecture 1 15 Models for Network Security Comp 6370 – Lecture 1 16 Networks Access Security Model Gatekeepers: Passwords/Logins Screening Logic ex. malware After gatekeepers come various forms of internal controls as the last line of defense Preventing unwanted access Comp 6370 – Lecture 1 17 Methods of Defense •  Encryption •  Software Controls (access limitations in a data base, in operating system protect each user from other users) •  Hardware Controls (smartcard) •  Policies (frequent changes of passwords) •  Physical Controls Comp 6370 – Lecture 1 18 Security Standards Internet - Internet Engineering Task Force (IETF) De Facto (PGP email security system, Kerberos-MIT) ITU (X.509 Certificates) National Institute of Standards and Technology (SHA –1 secure hash function ) IEEE DOD, Nat. Computer Security Center - Tempest (radiation limits) - Orange Book: Class A1, B3, C1, C2, ... Export Controls - High Performance Computers - Systems with “Hard” Encryption Comp 6370 – Lecture 1 19 Internet RFC Publication Process •  The Internet Society –  Internet Architecture Board (IAB) –  Internet Engineering Task Force (IETF) –  Internet Engineering Steering Group (IESG) Note: there exists an internet security group Comp 6370 – Lecture 1 20 Viruses, Worms, and Trojan Horses Virus - code that copies itself into other programs Payload - harmful things it does, after it has had time to spread. Worm - a program that replicates itself across the network (usually riding on email messages or attached documents (e.g., macro viruses). Trojan Horse - instructions in an otherwise good program that cause bad things to happen (sending your data or password to an attacker over the net). Logic Bomb - malicious code that activates on an event (e.g., date). Trap Door (or Back Door) - undocumented entry point written into code for debugging that can allow unwanted users. Comp 6370 – Lecture 1 21 Virus Protection 1.  Have a well-known virus protection program, configured to scan disks and downloads automatically for known viruses. 2.  Do not execute programs (or "macro's") from unknown sources (e.g., PS files, HyperCard files, MS Office documents, Java, ...), if you can help it. 3.  Avoid the most common operating systems and email programs, if possible. Comp 6370 – Lecture 1 22 Recommended Reading •  Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001. •  Internet Request for Comments http://www.rfc-editor.org/ •  Security RFCs http://www.cert.dfn.de/eng/resource/rfc/ Comp 6370 – Lecture 1 23 This course is important •  Computer and Network Security is the antithesis of information warfare. “War is a matter of vital importance to the State; the province of life or death; the road to survival or ruin. It is mandatory that it be thoroughly studied.” Sun-Tzu Comp 6370 – Lecture 1 24 ...
View Full Document

This note was uploaded on 11/14/2011 for the course COMP 6370 taught by Professor Staff during the Fall '08 term at Auburn University.

Ask a homework question - tutors are online