Unformatted text preview: Course Objectives Welcome to COMP 6370
Computer and Network Security 1). Recognize potential risks and threats to computer
operations and communications. Today’s Lesson:
1. Course Introduction
2. Administrative Comments
3. Internet Standards, RFCs and
Conventional Encryption 2). Understand Federal rules and regulations affecting
computer security, including legal ramifications, FOIA, and
3). Understand security issues unique to wireless
4). Have a working knowledge of relevant cryptographic
techniques. “All Warfare is Based on Deception” 5). Have a critical understanding of computer security with an
emphasis on “end-to-end” vulnerabilities. Sun-Tzu
Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
• Students should always gather intelligence about
who they are dealing with.
– Intelligence gathering is not always malevolent, but
does need to be monitored. 2 Information Assurance Minor (INAS),
MSwE & Ph.D.
• A student must take the following courses:
– COMP 6370 Computer and Network Security
– ADMH 6180 Cryptography • A student must also take one course from the following: • ENS policies and procedures. –
– • NSA Center of Academic Excellence
• Information Assurance Laboratory COMP 6320 Design and Analysis of Computer Network
COMP 6350 Digital Forensics
COMP 6500 Advanced Operating Systems
COMP 6520 Network and Operating System Administration
COMP 7360 Wireless and Mobile Networks
COMP 7370 Advanced Computer and Network Security • Annotation on transcript: • U.S. versus international perspectives. INFORMATION ASSURANCE OPTION Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
3 Grades 4 Lecture 1
Internet Standards, RFCs and
Conventional Encryption Slides modified from Henric Johnson
Blekinge Institute of Technology, Sweden Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
5 6 1 Attacks, Services and Mechanisms
• Attacks, services and mechanisms
Methods of Defense
A model for Internetwork Security
Internet standards and RFCs • Security Attack: Any action that compromises the
security of information.
• Security Mechanism: A mechanism that is designed
to detect, prevent, or recover from a security attack.
• Security Service: A service that enhances the
security of data processing systems and information
transfers. A security service makes use of one or
more security mechanisms. Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
7 8 Security Attacks
• Interruption: This is an attack on availability
• Interception: This is an attack on confidentiality
• Modification: This is an attack on integrity
• Fabrication: This is an attack on authenticity Stallings’ Taxonomy Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
9 Security Goals
Access Control 10 Active and Passive Security Threats
Non-repudiation Confidentiality Passive Threats Traffic Analysis Integrity Active Threats Compromise of
Message Contents Masquerade Replay Denial of
Service Msg Content
Modification Availability Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
11 12 2 Sensitive Data (U.S. Government)
Sensitive but Unclassified (SBU)
Top Secret SCI (Compartmented)
So secret that the classification itself is classified
– Other countries have other designations
NOFORN • Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
13 14 Designing a Security Service
(Secure Data Transfer – see next)
1. Design an algorithm for performing the securityrelated transformation. The algorithm should be
such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the
3. Develop methods for the distribution and sharing of
the secret information.
4. Specify a protocol to be used by the two principals
that make use of the security algorithm and the
secret information to achieve a particular security
Comp 6370 – Lecture 1 Models for Network Security
Comp 6370 – Lecture 1 15 Networks Access Security Model Gatekeepers:
ex. malware 16 Methods of Defense
• Software Controls (access limitations in a data
base, in operating system protect each user from
• Hardware Controls (smartcard)
• Policies (frequent changes of passwords)
• Physical Controls After gatekeepers come various
forms of internal controls as the
last line of defense Preventing unwanted access Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
17 18 3 Security Standards Internet RFC Publication Process Internet - Internet Engineering Task Force (IETF)
De Facto (PGP email security system, Kerberos-MIT)
ITU (X.509 Certificates) • The Internet Society National Institute of Standards and Technology
(SHA –1 secure hash function ) – Internet Architecture
– Internet Engineering
Task Force (IETF)
– Internet Engineering
DOD, Nat. Computer Security Center
- Tempest (radiation limits)
- Orange Book: Class A1, B3, C1, C2, ... Export Controls
- High Performance Computers
Note: there exists an internet security group - Systems with “Hard” Encryption
Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
19 Viruses, Worms, and Trojan Horses 20 Virus Protection Virus - code that copies itself into other programs
Payload - harmful things it does, after it has had time to spread.
Worm - a program that replicates itself across the network (usually
riding on email messages or attached documents (e.g., macro
Trojan Horse - instructions in an otherwise good program that cause
bad things to happen (sending your data or password to an attacker
over the net).
Logic Bomb - malicious code that activates on an event (e.g., date).
Trap Door (or Back Door) - undocumented entry point written into
code for debugging that can allow unwanted users. Comp 6370 – Lecture 1 1. Have a well-known virus protection program,
configured to scan disks and downloads
automatically for known viruses.
2. Do not execute programs (or "macro's") from
unknown sources (e.g., PS files, HyperCard
files, MS Office documents, Java, ...), if you can
3. Avoid the most common operating systems and
email programs, if possible.
Comp 6370 – Lecture 1 21 Recommended Reading 22 This course is important • Mel, H.X. Baker, D. Cryptography Decrypted.
Addison Wesley, 2001.
• Internet Request for Comments
• Security RFCs
http://www.cert.dfn.de/eng/resource/rfc/ • Computer and Network Security is the antithesis
of information warfare.
“War is a matter of vital importance to the State;
the province of life or death; the road to survival
or ruin. It is mandatory that it be thoroughly
Sun-Tzu Comp 6370 – Lecture 1 Comp 6370 – Lecture 1
23 24 4 ...
View Full Document
This note was uploaded on 11/14/2011 for the course COMP 6370 taught by Professor Staff during the Fall '08 term at Auburn University.
- Fall '08