Mr.

Saquib Ali
Information Security
Unit-I
Information Security mitigating vulnerabilities. This practice generally refers to
The meaning of computer security The meaning of the software vulnerabilities in computing systems.
term computer security has evolved in recent years. Backdoors A backdoor in a computer system is a
Before the problem of data security became widely method of bypassing normal authentication, securing
publicized in the media, most people‘s idea of remote access to a computer, obtaining access to plaintext,
and so on, while attempting to remain undetected. The
computer security focused on the physical machine.
backdoor may take the form of an installed program (e.g.,
Traditionally, computer facilities have been physically
Back Orifice), or could be a modification to an existing
protected for three reasons: program or hardware device. It may also fake information
• To prevent theft of or damage to the hardware about disk and memory usage.
• To prevent theft of or damage to the information Denial-of-service attack unlike other exploits,
• To prevent disruption of service denials of service attacks are not used to gain unauthorized
access or control of a system. They are instead designed to
Computer security: render it unusable. Attackers can deny service to individual
victims, such as by deliberately entering a wrong password
is security applied to computing devices such as
enough consecutive times to cause the victim account to be
computers and smartphones, as well as computer
locked, or they may overload the capabilities of a machine
networks such as private and public networks, or network and block all users at once. These types of
including the whole Internet. The field covers all the attack are, in practice, very hard to prevent, because the
processes and mechanisms by which digital behavior of whole networks needs to be analyzed, not only
equipment, information and services are protected the behavior of small pieces of code. Distributed denial of
from unintended or unauthorized access, change or service (DDoS) attacks are common, where a large number
destruction, and are of growing importance in line of compromised hosts (commonly referred to as "zombie
with the increasing reliance on computer systems of computers", used as part of a botnet with, for example; a
most societies worldwide. It includes physical security worm, Trojan horse, or backdoor exploit to control them)
to prevent theft of equipment, and information are used to flood a target system with network requests,
thus attempting to render it unusable through resource
security to protect the data on that equipment. It is
exhaustion.
sometimes referred to as "cyber security" or "IT
security", though these terms generally do not refer to Direct-access attacks An unauthorized user gaining
physical access to a computer (or part thereof) can perform
physical security (locks and such).
many functions, install different types of devices to
compromise security, including operating system
Some important terms used in computer modifications, software worms, key loggers, and covert
security are: listening devices. The attacker can also easily download
Vulnerability Vulnerability is a weakness which large quantities of data onto backup media, for instance
allows an attacker to reduce a system's information CD-R/DVD-R, tape; or portable devices such as key
assurance. Vulnerability is the intersection of three drives, digital cameras or digital audio players. Another
elements: a system susceptibility or flaw, attacker access to common technique is to boot an operating system
the flaw, and attacker capability to exploit the flaw. To contained on a CD-ROM or other bootable media and read
exploit vulnerability, an attacker must have at least one the data from the hard drive(s) this way. The only way to
applicable tool or technique that can connect to a system defeat this is to encrypt the storage media and store the key
weakness. In this frame, vulnerability is also known as the separate from the system. Direct-access attacks are the only
attack surface. Vulnerability management is the cyclical type of threat to Standalone computers (never connect to
practice of identifying, classifying, remediating, and internet), in most cases.
 Mr. Saquib Ali
Information Security
Unit-I
Eavesdropping Eavesdropping is the act of Principle security:
surreptitiously listening to a private conversation, typically There are five principles of security. They are as
between hosts on a network. For instance, programs such follows:
as Carnivore and NarusInsight have been used by the FBI  Confidentiality: The principle of confidentiality
and NSA to eavesdrop on the systems of internet service
specifies that only the sender and the intended
providers.
recipient should be able to access the content of the
Spoofing Spoofing of user identity describes a situation message.
in which one person or program successfully masquerades
as another by falsifying data and thereby gaining an
illegitimate advantage.
Tampering Tampering describes an intentional  Integrity: The confidential information sent by A to
modification of products in a way that would make them B which is accessed by C without the permission or
harmful to the consumer. knowledge of A and B.
Repudiation Repudiation describes a situation where
the authenticity of a signature is being challenged.
Information disclosure Information Disclosure
(Privacy breach or Data leak) describes a situation where
information, thought as secure, is released in an untrusted
environment.  Authentication: Authentication mechanism helps in
Elevation of privilege Elevation of Privilege
establishing proof of identification.
describes a situation where a person or a program want to  Non-repudiation:
gain elevated privileges or access to resources that are  Access control: Access control specifies and control
normally restricted to him/it. who can access what.
Exploits An exploit is a piece of software, a chunk of  Availability: It means that assets are accessible to
data, or sequence of commands that takes advantage of a authorized parties at appropriate times.
software "bug" or "glitch" in order to cause unintended or
unanticipated behavior to occur on computer software, Security Attacks
hardware, or something electronic (usually computerized). A vulnerable application could subject people and
This frequently includes such things as gaining control of a systems to several kinds of harm. An attack occurs
computer system or allowing privilege escalation or a when a malevolent actor takes advantage of security
denial of service attack. The term "exploit" generally refers flaws or vulnerabilities to harm others. In this article,
to small programs designed to take advantage of a software we‘ll examine various attack methods, so that you‘ll
flaw that has been discovered, either remote or local. The know what to watch out for when safeguarding your
code from the exploit program is frequently reused in application.
Trojan horses and computer viruses.
Indirect attacks An indirect attack is an attack Types of Security Attacks
launched by a third-party computer. By using someone Cyber security attacks can be of the following two
else's computer to launch an attack, it becomes far more types:
difficult to track down the actual attacker. There have also
been cases where attackers took advantage of public  Active attacks
anonymizing systems, such as the tor onion router system.  Passive attacks
Computer crime: Computer crime refers to any
crime that involves a computer and a network. Active Attacks:
 Mr. Saquib Ali
Information Security
Unit-I
An active assault tries to change system resources or
interfere with their functionality. Active attacks entail
some form of data stream manipulation or false
statement generation. Active attacks can take the
following forms:
1.1 Masquerade
When one entity impersonates another, it commits a
masquerade attack. One of the other active attack
types is included in a masquerade attack. An
1.3. Repudiation
authorization process can become extremely
vulnerable to a disguised attack if it isn‘t always This attack happens when the login control gets
completely safeguarded. Masquerade attacks can be tampered with or the network is not totally secure.
carried out via stolen logins and passwords, by With this attack, the author‘s information can be
spotting holes in programmers, or by figuring out a altered by malicious user actions in order to save fake
way to get around the authentication procedure. data in log files, up to the broad alteration of data on
behalf of others, comparable to the spoofing of email
messages.

1.4. Replay
When the network is not completely secure or the
login control is tampered with, an attack occurs. With
this attack, the information of the author can be
changed by malicious user actions to save suspicious
data in log files, up to the widespread alteration of
1.2 Modification of Messages
data on behalf of others, similar to the spoofing of
Modification denotes that a communication has been email messages.
delayed, reordered, or had a piece of it changed to
achieve an unlawful effect. Modification compromises
the accuracy of the source data. In essence, it indicates
that unauthorised individuals not only access data but
also spoof it by initiating denial-of-service attacks,
such as modifying sent data packets or flooding the
network with false data. An assault on authentication
is manufacturing. A notification that originally said,
―Allow JOHN to view confidential file X,‖ for
instance, is changed to say, ―Allow Smith to read
confidential file X.‖
 Mr. Saquib Ali
Information Security
Unit-I
1.5. Denial of Service jeopardises the confidentiality factor in a
conversation.
Denial of service hinders the regular use of
communication infrastructure. There may be a
specified target for this attack. An entity might, for
instance, suppress all messages sent to a specific
location. Another example of service denial is when
an entire network is disrupted, either by network
disablement or message overload that lowers
performance.

2.2. Traffic Analysis

Imagine that we had a method of hiding (encrypting)
data, preventing the attacker from extracting any data
from the communication even if it was intercepted.

The adversary was able to ascertain the

communication host‘s location and identity as well as
2. Passive Attacks
its frequency and message length. It could be possible
A passive attack does not eat up system resources and to infer the nature of the message from this
instead makes an effort to gather or use information information.
from the system. Attacks that are passive in nature spy
on or keep track of transmission. The adversary wants SIP traffic encryption is the most practical defence
to intercept the transmission of information in order to against traffic analysis. An attacker would need access
collect it. The following are examples of passive to the SIP proxy or call log in order to find out who
attacks: made the call to accomplish this.

2.1. Releasing Message Content

Sensitive or confidential information may be present
in a telephone conversation, an email, or a transmitted
file. We want to keep an adversary from finding out
what is being transmitted. In this type of passive
attack, the information transmitted from one person to
another gets into the hands of a third person/hacker. It
 Mr. Saquib Ali
Information Security
Unit-I
Computer criminals: VIRUS AUTHOR
A virus author is any person who writes a computer
HACKERS virus. Virus authors create viruses for several reasons,
A hacker is anyone who uses their computer skills to
gain unauthorised access to computer systems or data. including causing damage, showing off their skills,
They can do this through a combination of exploits, gaining information or money or taking over
scripts and social engineering. computers and using them to send spam emails.
Many security experts will argue that calling a hacker
TYPES OF HACKERS a criminal is also incorrect since many hackers do not
 White hat hackers: help companies use their computer skills for illegal purposes but are
improve their security by trying to hack into instead paid by companies to test their security
their computers. systems.
 Black hat hackers illegally break into
computer systems. Internet stalkers
 Gray Hat Hackers These hackers carry Internet stalkers are people who maliciously monitor
out violations and do seemingly deceptive the web activity of their victims to acquire personal
things however not for individual addition data. This type of cyber crime is conducted through
or to cause harm. These hackers may the use of social networking platforms and malware,
disclose a vulnerability to the affected that are able to track an individual‘s PC activity with
organization after having compromised little or no detection.
their network and they may exploit it .
Security services:
 Message Confidentiality − The principle of
CRACKERS
confidentiality defines that only the sender and
Cracker refers to Individuals who use their skills
the intended recipient should be capable to create
illegally. They may break into computer systems for a
the element of the message. It protects the
variety of reasons, from stealing data to testing their
transmitted data from passive attack.
skills to making political statements.
Confidentiality can be used at several levels on
The word cracker can also be used to refer to people the basis of content of an information to be
who write software cracks (tools that allow software transmitted. There are the following types of
to be pirated and used illegally). confidentiality which are as follows −
o Connection Confidentiality − The
CER GANGS protection of all user information on a
A cyber gang, much like a gang in real life, is a group connection.
of people who work together to commit computer o Connectionless Confidentiality − The
crimes. Just like in real life gangs, these gangs can be security of all user data in an individual
made up of many loosely organised members. data block.
 Mr. Saquib Ali
Information Security
Unit-I
o Traffic-flow Confidentiality − The replay of any information within a whole
protection of the information that can be data sequence, with recovery attempted.
derived from observation of traffic flows. o Connection integrity without recovery −
 Authentication − The authentication service is It supports only detection without
concerned with likely that a connection is recovery.
authentic. In the case of a single message, o Selective-field connection integrity − It
including a warning or alarm signal, the function supports for the principle of selected
of the authentication service is to persuade the areas within the user information of a
recipient that the message is from the source that data block shared over a connection and
it declare to be from. creates the form of decision of whether
 Non-repudiation − Nonrepudiation avoids the selected fields have been changed,
either sender or receiver from adverse a inserted, removed or replayed.
transmitted message. Therefore, when a message o Connectionless integrity − It supports
is sent, the receiver can validate that the asserted for the integrity of an individual
sender actually sent the message. connectionless data block and can take
Likewise, when a message is received, the the form of detection of data
sender can validate that the asserted receiver modification. Moreover, it is a limited
actually received the message. form of replay detection can be provided.
 Access Control − The principle of access o Selective-field connectionless
control decides who should be capable to access integrity − It supports for the integrity of
information or system through communication selected fields within an individual
link. It supports the avoidance of unauthorized connectionless data block and takes the
use of a resource. form of determination of whether the
 Data Integrity − Data integrity is designed to selected areas have been changed.
secure information from modification, insertion,
deletion and rehashing by any entity. Data Security Mechanism:
integrity can be used to a flow of message, an
individual message or a selected portion inside a
message. Data integrity can be used to support
total stream protection.
There are various types of data integrity which
are as follows −
o Connection integrity with recovery − It
supports for the integrity of all user 1. Encipherment:
This security mechanism deals with hiding and
information on a connection and identify covering of data which helps data to become
any modification, insertion, deletion or confidential. It is achieved by applying
mathematical calculations or algorithms which
 Mr. Saquib Ali
Information Security
Unit-I
reconstruct information into not readable form. It
only those for whom the information is intended can
is achieved by two famous techniques named
Cryptography and Encipherment. Level of data read and process it.
encryption is dependent on the algorithm used for In computer science, cryptography refers to secure
encipherment.
2. Access Control: information and communication techniques derived
This mechanism is used to stop unattended access from mathematical concepts and a set of rule-based
to data which you are sending. It can be achieved
by various techniques such as applying calculations called algorithms, to transform messages
passwords, using firewall, or just by adding PIN in ways that are hard to decipher. These deterministic
to data.
algorithms are used for cryptographic key generation,
3. Notarization:This security mechanism involves
use of trusted third party in communication. It digital signing, verification to protect data privacy,
acts as mediator between sender and receiver so web browsing on the internet and confidential
that if any chance of conflict is reduced. This
mediator keeps record of requests made by sender communications such as credit card transactions and
to receiver for later denied. email.
4. Data Integrity :This security mechanism is
used by appending value to data to which is
created by data itself. It is similar to sending Cryptography techniques
packet of information known to both sending and Cryptography is closely related to the disciplines
receiving parties and checked before and after of cryptology and cryptanalysis. It includes techniques
data is received. When this packet or data which
such as microdots, merging words with images and
is appended is checked and is the same while
sending and receiving data integrity is other ways to hide information in storage or transit.
maintained. However, in today's computer-centric world,
5. Authentication exchange: This security cryptography is most often associated with
mechanism deals with identity to be known in
communication. This is achieved at the TCP/IP scrambling plaintext (ordinary text, sometimes
layer where two-way handshaking mechanism is referred to as cleartext) into ciphertext (a process
used to ensure data is sent or not. called encryption), then back again (known as
6. Bit stuffing :This security mechanism is used to
decryption). Individuals who practice this field are
add some extra bits into data which is being
transmitted. It helps data to be checked at the known as cryptographers.
receiving end and is achieved by Even parity or
Odd Parity.
7. Digital Signature :This security mechanism is Modern cryptography concerns itself with the
achieved by adding digital data that is not visible following four objectives:
to eyes. It is form of electronic signature which is
added by sender which is checked by receiver 1. Confidentiality. The information cannot be
electronically. This mechanism is used to
understood by anyone for whom it was
preserve data which is not more confidential but
sender‘s identity is to be notified. unintended.

Cryptography: 2. Integrity.The information cannot be altered in

Cryptography is a method of protecting information storage or transit between sender and intended
and communications through the use of codes, so that receiver without the alteration being detected.
 Mr. Saquib Ali
Information Security
Unit-I
recognition as the ―father of Western
3. Non-repudiation. The creator/sender of the
cryptography.‖
information cannot deny at a later stage their ▪
intentions in the creation or transmission of the Polygraphic (block) cipher Several letters (or
digits when we're dealing with binary data) are
information. encrypted at the same time, using a system that
can handle all the possible combinations of a
4. Authentication. The sender and receiver can set number of characters.
confirm each other's identity and the ▪
Fractionation Multiple symbols are
origin/destination of the information. substituted for each plain-text letter, and then
Substitution Ciphers: the letters or digits are transposed.
A substitution cipher merely substitutes different
letters, numbers, or other characters for each character Transposition Cipher
in the original text. The most straightforward example Transposition Cipher is a cryptographic algorithm
is a simplistic substitution in which each letter of the
alphabet is represented by a numerical digit, starting where the order of alphabets in the plaintext is
with 1 for A. The message goodbye then becomes 7- rearranged to form a cipher text. In this process, the
15-15-4-2-25-5. This code is obviously extremely actual plain text alphabets are not included.
easy to break.
The Caesar Cipher used a simple shifting method, in Example
which each letter of the message is represented by the A simple example for a transposition cipher
letter two places to the right in the alphabet (A is columnar transposition cipher where each
becomes C, B becomes D, and so on). Other character in the plain text is written horizontally with
substitution methods can be much more difficult to specified alphabet width. The cipher is written
crack. For example, if two parties exchanging vertically, which creates an entirely different cipher
communications have an identical copy of a particular text.
book, they might create a message by referencing Consider the plain text hello world, and let us apply
page, line, and word numbers (for example, 73-12-6 the simple columnar transposition technique as shown
tells you that the word in the message is the same as below
the sixth word in the twelfth line on page 72 of the
code book). In this case, anyone who doesn't have a
copy of the book (and to cite the correct pages, it must
be the exact same edition and print run) will not be
able to decipher the message.
Some types of substitution ciphers are:
▪
Monoalphabetic substitution Each letter is The plain text characters are placed horizontally and
represented by another letter or character in a the cipher text is created with vertical format as :
one-to-one relationship. holewdlo lr. Now, the receiver has to use the same
▪ table to decrypt the cipher text to plain text.
Polyalphabetic substitution Different cipher-
text characters can represent the same plain-
text letter, making it more difficult to decrypt
Confusion:
messages using the frequency analysis
technique. Renaissance architect and art Confusion defines that the key does not associate in a
theorist Leon Battista Alberti is credited with simple method to the ciphertext. In specific, each
developing this technique, earning him
 Mr. Saquib Ali
Information Security
Unit-I
character of the ciphertext should be based on several Ciphers can only implement confusion, including the
elements of the key. Shift Cipher or the World War II encryption machine
Enigma are not protected. Neither are ciphers which
In confusion, the relationship between the data of the only implement diffusion. However, through the
ciphertext and the value of the encryption key is made concatenation of such service, a strong cipher can be
difficult. It is completed by substitution. constructed.

For example, suppose that it can have a Hill cipher Diffusion means that if it can change an individual bit
with an n x n matrix, and suppose that it can have a of the plaintext, therefore (statistically) half of the bits
plaintext-ciphertext pair of length n2 with which it is in the ciphertext must change, and likewise, if it can
able to solve for the encryption matrix. alter one bit of the ciphertext, thus relatively one half
of the plaintext bits should alter.
If it can change one character of the ciphertext, one
column of the matrix can change effectively. Of Because a bit can get only two states, when they are
course, it can be more desirable to have the complete all re-calculated and changed from one apparently
key change. When a situation like that appears, the random location to another, half of the bits will have
cryptanalyst can probably require to solve for the modified state.
complete key simultaneously, instead of piece by
piece. The concept of diffusion is to secret the relationship
among the ciphertext and the plain text. This will
Property of Confusion create it complex for an attacker who tries to discover
 The property of confusion protect the out the plain text and it enhance the redundancy of
relationship between the ciphertext and the plain text by spreading it across the rows and
key. columns. It can be achieved through transposition of
 This property creates it complex to find the algorithm and it can be used by block ciphers only.
key from the ciphertext.
 If an individual bit in a key is changed, there
are several bits in the ciphertext will be
Asymmetric Encryption
changed. Asymmetric encryption (also known as asymmetric
Diffusion: cryptography) allows users to encrypt information
using shared keys.
Diffusion is an encryption process where the authority You need to send a message across the internet, but
of one plaintext symbol is spread over some ciphertext you don't want anyone but the intended recipient to
symbols with the objective of hiding statistical see what you've written. Asymmetric encryption can
properties of the plaintext. A simple diffusion element help you achieve that goal.
is the bit permutation, which can be used frequently Asymmetric cryptography techniques allow for
within DES. AES need the more advanced Mix- extremely secure communication between two parties.
column process. Chances are, you've encountered this technology
 Mr. Saquib Ali
Information Security
Unit-I
before, even if you never knew what it was called. For the development of a pair of asymmetric keys. Other
example, each time you visit a website with an programs work in a similar manner.
address starting with "https," you're dealing with Imagine that someone wants to send an encrypted
asymmetric encryption. message to another person. The process looks like
Security in an asymmetric encryption environment this:
comes from two keys.  Registration: The user and the sender have
1. Public key encryption: Anyone can see this connected with an official entity that generated
and access it. both public and private keys.
2. Private key encryption: Only the  Lookup: The sender scours a public-key
authenticated recipient has access to it. directory for the recipient's public key
These two keys are separate but equal, and they're information.
both required to decode a message. If you have only  Encrypt: The sender creates a message,
one, decryption is impossible. encrypts it with the recipient's public key, and
Symmetric encryption is asymmetric encryption's sends it.
counterpart. If you use symmetric encryption, one key  Decode: The recipient uses the private key to
both encrypts and decrypts data. A hacker with access unscramble the message.
to that one key can do both functions.  Reply: If the recipient wants to respond, the
Asymmetric encryption relies on two keys. One process moves in reverse.
encrypts, and the other decodes. The result is a
stronger level of security. Advantages of Asymmetric Encryption
Asymmetric encryption also known as public key
cryptography is a method of cryptography that uses
two different keys to encrypt and decrypt data, here
are some advantages of asymmetric encryption: –
 Enhanced Security: Asymmetric encryption
provides a higher level of security compared to
symmetric encryption where only one key is used
for both encryption and decryption with
asymmetric encryption a different key is used for
each process and the private key used for
decryption is kept secret by the receiver making,
it harder for an attacker to intercept and decrypt
Sensitive messages move through a process of the data.
encryption and decryption with public and private  Authentication: Asymmetric encryption can be
keys. used for authentication purposes which means
that the receiver can verify the sender s identity.
An algorithm starts the process. A mathematical This is achieved by the sender encrypting a
function generates a key pair. Each key is different, message with their private key which can only be
but they are related to one another mathematically. decrypted with their public key if the receiver can
Key generation protocols differ, and the keys they successfully decrypt the message, it proves that it
was sent by the sender who has the corresponding
create are different too. In the Microsoft environment,
private key.
for example, you need about four lines of code to start  Non-repudiation: Asymmetric encryption also
provides non-repudiation which means that the
 Mr. Saquib Ali
Information Security
Unit-I
sender cannot deny sending a message or altering 1. The initial permutation (IP) function receives
its contents this is because the message is the 64-bit plaintext block.
encrypted with the sender s private key and only 2. The IP is performed on plaintext.
their public key can decrypt it . Therefore, the 3. The IP then makes two halves of the block that
receiver can be sure that the message was sent by has been permutated. The two halves are
the sender and has not been tampered with. known as left plan text (LPT) and right text
 Key distribution: Asymmetric encryption (RPT).
eliminates the need for a secure key distribution 4. All LPTs and RPTs are encrypted 16 times.
system that is required in symmetric encryption 5. The LPT and RPT are joined, and then the
with symmetric encryption, the same key is used final permutation (FP) is performed on this
for both encryption and decryption and the key block.
needs to be securely shared between the sender 6. The 64-bit cipher text is now ready.
and the receiver asymmetric encryption, on the
other hand, allows the public key to be shared
openly and the private key is kept secret by the
receiver.
 Versatility: Asymmetric encryption can be used
for a wide range of applications including secure
email communication online banking transactions
and e-commerce it is also used to secure
SSL/TSL connections which are commonly used
to secure internet traffic.

Data Encryption Standard Algorithm

(DES):
 The DES Algorithm is a block cipher that uses In the encryption process (step 4), there are five
symmetric keys to convert 64-bit plaintext stages:
blocks into 48-bit ciphertext blocks.  Key transformation
 The (DES) Data Encryption Standard  Expansion permutation
Algorithm was developed by the IBM team in  S-Box permutation
the 1970s.  P-Box permutation
 It has since been accepted by the National  XOR, and swap
Institute of Standards and Technology (NSIT). In the decryption process, the same algorithm is used
 The DES encryption algorithm uses with the order of the 16 keys reversed.
symmetric keys, which means that the
same key is used for encrypting
and decrypting the data. DES Modes of Operation
1. Electronic Codebook (ECB): In this mode,
Triple DES Algorithm: each block of 64-bits is independently
Triple DES is a block cipher that applies the DES
encrypted and decrypted.
algorithm thrice. It usually uses three different keys—
2. Cipher Block Chaining (CBC): In this mode,
k1, k2, and k3. The first key, k1, is used to encrypt,
each block of 64-bits is dependent on the one
the second key, k2, is used to decrypt, and the third
before it. It uses an initialization vector (IV).
key, k3, is used to encrypt again.
3. Cipher Feedback (CFB): In this mode, the
The triple DES also has a variant that uses only two
previous ciphertext is used as the input for the
keys, where k1 and k3 are the same.
encryption algorithm. This produces a
pseudorandom output. This output is then
DES Algorithm Steps:
 Mr. Saquib Ali
Information Security
Unit-I
XORed along with the plaintext. This creates lost, we will not be able to receive
the next ciphertext unit. decipherable data at all.
4. Output Feedback (OFB): This mode is like
CFB, except for the fact that the input for the Hash functions
encryption algorithm is the output of the
previous DES. A hash function is a mathematical function that
5. Counter (CTR): In this mode, every block of converts a numerical input value into another
plaintext gets XORed with a counter that has compressed numerical value. The input to the hash
been encrypted. The counter is incremented for function is of arbitrary length but output is always of
every next block. fixed length.Values returned by a hash function are
called message digest or simply hash values. The
Advantages of DES Algorithm following picture illustrated hash function −
 The algorithm has been in use since 1977.
Technically, no weaknesses have been found
in the algorithm. Brute force attacks are still
the most efficient attacks against the DES
algorithm.
 DES is the standard set by the US
Government. The government recertifies DES
every five years, and has to ask for its
replacement if the need arises.
 The American National Standards Institute
(ANSI) and International Organization for
Standardization (ISO) have declared DES as a
standard as well. This means that the algorithm
Features of Hash Functions:
 Fixed Length Output (Hash Value)
is open to the public—to learn and implement.
o Hash function coverts data of arbitrary
 DES was designed for hardware; it is fast in
length to a fixed length. This process is
hardware, but only relatively fast in software.
often referred to as hashing the data.
o In general, the hash is much smaller than
Disadvantages of DES Algorithm the input data, hence hash functions are
 Probably the biggest disadvantage of the DES sometimes called compression functions.
algorithm is the key size of 56-bit. There are o Since a hash is a smaller representation of a
chips available that can encrypt and decrypt a larger data, it is also referred to as a digest.
million DES operations in a second. A DES o Hash function with n bit output is referred
cracking machine that can search all the keys to as an n-bit hash function. Popular hash
in about seven hours is available for $1 functions generate values between 160 and
million. 512 bits.
 DES can be implemented quickly on hardware.  Efficiency of Operation
But since it was not designed for software, it is o Generally for any hash function h with input
relatively slow on it. x, computation of h(x) is a fast operation.
 It has become easier to break the encrypted o Computationally hash functions are much
code in DES as the technology is steadily faster than a symmetric encryption.
improving. Nowadays, AES is preferred over
DES.
 DES uses a single key for encryption as well Properties of Hash Functions:
as decryption as it is a type of symmetric In order to be an effective cryptographic tool, the hash
encryption technique. In case that one key is function is desired to possess following properties −
 Pre-Image Resistance
 Mr. Saquib Ali
Information Security
Unit-I
o This property means that it should be to 512 bits. The following illustration demonstrates
computationally hard to reverse a hash function. hash function −
o In other words, if a hash function h produced a
hash value z, then it should be a difficult
process to find any input value x that hashes to
z.
o This property protects against an attacker who
only has a hash value and is trying to find the
input. Hashing algorithm involves rounds of above hash
 Second Pre-Image Resistance function like a block cipher. Each round takes an input
o This property means given an input and its of a fixed size, typically a combination of the most
hash, it should be hard to find a different input recent message block and the output of the last round.
with the same hash. This process is repeated for as many rounds as are
o In other words, if a hash function h for an input required to hash the entire message. Schematic of
x produces hash value h(x), then it should be hashing algorithm is depicted in the following
difficult to find any other input value y such illustration −
that h(y) = h(x).
o This property of hash function protects against
an attacker who has an input value and its hash,
and wants to substitute different value as
legitimate value in place of original input value.
Since, the hash value of first message block becomes
 Collision Resistance
an input to the second hash operation, output of which
o This property means it should be hard to find
alters the result of the third operation, and so on. This
two different inputs of any length that result in
effect, known as an avalanche effect of hashing.
the same hash. This property is also referred to Avalanche effect results in substantially different hash
as collision free hash function. values for two messages that differ by even a single
o In other words, for a hash function h, it is hard
bit of data.
to find any two different inputs x and y such Understand the difference between hash function and
that h(x) = h(y). algorithm correctly. The hash function generates a
o Since, hash function is compressing function
hash code by operating on two blocks of fixed-length
with fixed hash length, it is impossible for a binary data.
hash function not to have collisions. This Hashing algorithm is a process for using the hash
property of collision free only confirms that function, specifying how the message will be broken
these collisions should be hard to find. up and how the results from previous message blocks
o This property makes it very difficult for an
are chained together.
attacker to find two input values with the same
hash.
o Also, if a hash function is collision-
Popular Hash Functions
 Message Digest (MD)
resistant then it is second pre-image resistant.
 Secure Hash Function (SHA)
 RIPEMD (RACE Integrity Primitives Evaluation
Design of Hashing Algorithms Message Digest)
At the heart of a hashing is a mathematical function  Whirlpool
that operates on two fixed-size blocks of data to create
a hash code. This hash function forms the part of the Key Exchange:
hashing algorithm. In general, cryptographic key exchange or encrypted
The size of each data block varies depending on the key exchange (EKE) protocols work by allowing the
algorithm. Typically the block sizes are from 128 bits two parties to generate a shared secret without
revealing the secret to any third parties. This is
 Mr. Saquib Ali
Information Security
Unit-I
typically done using a combination of public key
cryptography and mathematical algorithms. The shared
secret can then be used as a key for a symmetric
cipher, which allows the two parties to communicate
securely.
Cryptographic key exchange is a method of securely
exchanging cryptographic keys over a network. It is a
fundamental aspect of many cryptographic protocols,
as it allows two parties to establish a shared secret that
can be used to securely communicate with each other.
The exchange is used in a variety of applications, Steps in Key Exchange
including secure communication, secure online The steps needed for the Diffie-Hellman key exchange
transactions, and access control. It is often used to are as follows:
establish a secure connection between two parties, Step 1: You choose a prime number q and select a
such as a client and a server, or between two devices. primitive root of q as α. To be a primitive root, it must
So before any files can be sent securely over protocols satisfy the following criteria:
like FTPS, HTTPS, and SFTP, the two communicating
parties must first engage in a key exchange.
In the most general form of EKE, at least one party
encrypts an ephemeral (one-time) public key using a
password, and sends it to a second party, who decrypts
it and uses it to negotiate a shared key with the first
party.
Another variation of this scheme exists, called
Augmented-EKE. Augmented methods have the added
goal of ensuring that password verification data stolen
from a server cannot be used by an attacker to
masquerade as the client, unless the attacker first
determines the password (e.g. by performing a brute Step 2: You assume the private key for our sender as
force attack on the stolen data). Xa where Xa < q. The public key can be calculated as
The two most popular key exchange algorithms are Ya = αxa mod q. So, the key pair for your sender
RSA and Diffie-Hellman (now known as Diffie- becomes {Xa, Ya}.
Helmlman-Merkle). Assume the private key for the receiver to be Xb
where Xb < q. The public key for the receiver is
Diffie-Hellman: calculated as Yb = αxb mod q. For the receiver, the
In 1976, Whitfield Diffie and Martin Hellman key pair becomes {Xb, Yb}.
published a cryptographic protocol called the Diffie– Step 3: To generate the final secret key, you use three
Hellman key exchange (D–H) based on concepts parameters. For the sender, you need the private key
developed by Hellman‘s PhD student Ralph Merkle. (Xa), the receiver‘s public key (Yb), and the original
The protocol enables users to securely exchange secret q. The formula to calculate the key is K = (Yb)Xa
keys even if an opponent is monitoring that mod q.
communication channel. It is based on the idea of For the receiver, you need the private key (Ya),
using exponentiation in a finite field to generate a sender‘s public key (Xb), and the original q. The
shared secret that can be used to encrypt and decrypt formula to calculate the secret key is K = (Ya)Xb mod
messages. q.
Here is an example of the Diffie-Hellman key If both the values of K generated are equal, the Diffie-
exchange process and as illustrated in the diagram Hellman key exchange algorithm is complete.
below:
 Mr. Saquib Ali
Information Security
Unit-I
Digital signatures  Signer feeds data to the hash function and
generates hash of data.
Digital signatures are the public-key primitives of  Hash value and signature key are then fed to
message authentication. In the physical world, it is the signature algorithm which produces the
common to use handwritten signatures on handwritten digital signature on given hash. Signature is
or typed messages. They are used to bind signatory to appended to the data and then both are sent to
the message. the verifier.
 Verifier feeds the digital signature and the
Similarly, a digital signature is a technique that binds verification key into the verification algorithm.
a person/entity to the digital data. This binding can be The verification algorithm gives some value as
independently verified by receiver as well as any third output.
party.  Verifier also runs same hash function on
received data to generate hash value.
Digital signature is a cryptographic value that is  For verification, this hash value and output of
calculated from the data and a secret key known only verification algorithm are compared. Based on
by the signer. the comparison result, verifier decides whether
the digital signature is valid.
In real world, the receiver of message needs assurance  Since digital signature is created by ‗private‘
that the message belongs to the sender and he should key of signer and no one else can have this
not be able to repudiate the origination of that key; the signer cannot repudiate signing the
message. This requirement is very crucial in business data in future.
applications, since likelihood of a dispute over
exchanged data is very high. It should be noticed that instead of signing data
directly by signing algorithm, usually a hash of data is
Model of Digital Signature: created. Since the hash of data is a unique
representation of data, it is sufficient to sign the hash
As mentioned earlier, the digital signature scheme is in place of data. The most important reason of using
based on public key cryptography. The model of hash instead of data directly for signing is efficiency
digital signature scheme is depicted in the following of the scheme.
illustration −
Let us assume RSA is used as the signing algorithm.
As discussed in public key encryption chapter, the
encryption/signing process using RSA involves
modular exponentiation.

Signing large data through modular exponentiation is

computationally expensive and time consuming. The
hash of the data is a relatively small digest of the data,
hence signing a hash is more efficient than signing
the entire data.
 Each person adopting this scheme has a
public-private key pair. Importance of Digital Signature:
 Generally, the key pairs used for
encryption/decryption and signing/verifying Out of all cryptographic primitives, the digital
are different. The private key used for signing signature using public key cryptography is considered
is referred to as the signature key and the as very important and useful tool to achieve
public key as the verification key. information security.
 Mr. Saquib Ali
Information Security
Unit-I
Apart from ability to provide non-repudiation of achieve this requirement. There are two possibilities,
message, the digital signature also provides message sign-then-encrypt and encrypt-then-sign.
authentication and data integrity. Let us briefly see
how this is achieved by the digital signature − However, the crypto system based on sign-then-
encrypt can be exploited by receiver to spoof identity
 Message authentication − When the verifier of sender and sent that data to third party. Hence, this
validates the digital signature using public key method is not preferred. The process of encrypt-then-
of a sender, he is assured that signature has sign is more reliable and widely adopted. This is
been created only by sender who possess the depicted in the following illustration −
corresponding secret private key and no one
else.
 Data Integrity − In case an attacker has
access to the data and modifies it, the digital
signature verification at receiver end fails. The
hash of modified data and the output provided
by the verification algorithm will not match.
Hence, receiver can safely deny the message
assuming that data integrity has been breached.
 Non-repudiation − Since it is assumed that
only the signer has the knowledge of the
signature key, he can only create unique
The receiver after receiving the encrypted data and
signature on a given data. Thus the receiver
signature on it, first verifies the signature using
can present data and the digital signature to a
sender‘s public key. After ensuring the validity of the
third party as evidence if any dispute arises in
signature, he then retrieves the data through
the future.
decryption using his private key.
By adding public-key encryption to digital signature
scheme, we can create a cryptosystem that can provide
the four essential elements of security namely − Digital Certificate:
Privacy, Authentication, Integrity, and Non- A digital certificate is a file or electronic password
repudiation. that proves the authenticity of a device, server, or user
through the use of cryptography and the public key
infrastructure (PKI).
Encryption with Digital Signature:
Digital certificate authentication helps organizations
In many digital communications, it is desirable to ensure that only trusted devices and users can connect
exchange an encrypted messages than plaintext to to their networks. Another common use of digital
achieve confidentiality. In public key encryption certificates is to confirm the authenticity of a website
scheme, a public (encryption) key of sender is to a web browser, which is also known as a secure
available in open domain, and hence anyone can spoof sockets layer or SSL certificate.
his identity and send any encrypted message to the
receiver. A digital certificate contains identifiable information,
such as a user‘s name, company, or department and a
This makes it essential for users employing PKC for device‘s Internet Protocol (IP) address or serial
encryption to seek digital signatures along with number. Digital certificates contain a copy of a public
encrypted data to be assured of message key from the certificate holder, which needs to be
authentication and non-repudiation. matched to a corresponding private key to verify it is
real. A public key certificate is issued by certificate
This can archived by combining digital signatures
with encryption scheme. Let us briefly discuss how to
 Mr. Saquib Ali
Information Security
Unit-I
authorities (CAs), which sign certificates to verify the recipient. Client certificates can also be used to
identity of the requesting device or user. help users access protected databases.

Types of Digital Certificates: Features of Digital Certificates:

 TLS/SSL Certificate: A TLS/SSL certificate  Security: Digital certificates encrypt internal
sits on a server— such as an application, mail, and external communications to prevent
or web server—to ensure communication with attackers from intercepting and stealing
its clients is private and encrypted. The sensitive data. For example, a TLS/SSL
certificate provides authentication for the certificate encrypts data between a web server
server to send and receive encrypted messages and a web browser, ensuring an attacker
to clients. The existence of a TLS/SSL cannot intercept website visitors‘ data.
certificate is signified by the Hypertext  Scalability: Digital certificates provide
Transfer Protocol Secure (HTTPS) designation businesses of all shapes and sizes with the
at the start of a Uniform Resource Locator same encryption quality. They are highly
(URL) or web address. It comes in three scalable, which means they can easily be
forms: issued, revoked, and renewed in seconds, used
 Domain Validated: A domain validated to secure user devices, and managed through a
certificate is a quick validation method that is centralized platform.
acceptable for any website. It is cheap to  Authenticity: Digital certificates are crucial to
obtain and can be issued in a matter of ensuring the authenticity of online
minutes. communication in the age of widespread
 Organization Validated: This provides light cyberattacks. They make sure that users‘
business authentication and is ideal for messages will always reach their intended
organizations selling products online through recipient—and only reach their intended
e-commerce. recipient. TLS/SSL certificates encrypt
 Extended Validation: This offers full websites, Secure/Multipurpose Internet Mail
business authentication, which is required by Extensions (S/MIME) encrypt email
larger organizations or any business dealing communication, and document-signing
with highly sensitive information. It is certificates can be used for digital document
typically used by businesses in the financial sharing.
industry and offers the highest level of  Reliability: Only publicly trusted CAs can
authentication, security, and trust. issue recognized digital certificates. Obtaining
 Code Signing Certificate: A code signing one requires rigorous vetting, which ensures
certificate is used to confirm the authenticity hackers or fake organizations cannot trick
of software or files downloaded through the victims that use a digital certificate.
internet. The developer or publisher signs the  Public Trust: Using a digital certificate
software to confirm that it is genuine to users provides confirmation that a website is
that download it. This is useful for software genuine and that documents and emails are
providers that make their programs available authentic. This projects public trust, assuring
on third-party sites to prove that files have not clients that they are dealing with a genuine
been tampered with. company that values their security and privacy.
 Client Certificate: A client certificate is a
digital ID that identifies an individual user to
another user or machine, or one machine to
another. A common example of this is email,
where a sender signs a communication
digitally and its signature is verified by the
 Mr. Saquib Ali
Information Security
Unit-II
SECURE PROGRAM:  Non-malicious program errors refer to a broad
Consider what we mean when we say that a program is category of errors that can occur in software
"secure." We know that security implies some degree of programs.
trust that the program enforces expected confidentiality,
 These errors are unintentional and result from
integrity, and availability.
Early work in computer security was based on the mistakes made during the design, coding, or
paradigm of "penetrate and patch," in which analysts testing phases of software development.
searched for and repaired faults. Often, a top-quality  Non-malicious program errors can cause a wide
"tiger team" would be convened to test a system's range of issues, from minor glitches to
security by attempting to cause it to fail. The test was catastrophic failures that can compromise the
considered to be a "proof" of security; if the system
security of the system or the data it contains.
withstood the attacks, it was considered secure.
Unfortunately, far too often the proof became a counter Types of Non-malicious Program Errors:
example, in which not just one but several serious Syntax Errors: These occur when the programmer
security problems were uncovered. The problem violates the rules of the programming language. Syntax
discovery in turn led to a rapid effort to "patch" the errors are usually detected by the compiler, which
system to repair or restore the security. However, the reports the error and prevents the program from
patch efforts were largely useless, making the system running.
less secure rather than more secure because they Runtime Errors: These occur when a program is
frequently introduced new faults. running and encounters an unexpected situation that it
cannot handle. Runtime errors can be caused by a wide
Program security flaws: range of issues, including input errors, hardware
Program security flaws can derive from any kind of failures, and memory leaks.
software fault. That is, they cover everything from a Logic Errors: These occur when a program produces
misunderstanding of program requirements to a one- incorrect output due to a flaw in the design or coding of
character error in coding or even typing. The flaws can the program. Logic errors can be difficult to detect and
result from problems in a single code component or correct, as they do not cause the program to crash or
fromthe failure of several programs or program pieces report an error.
to interact compatibly through a shared interface. The Resource Errors: These occur when a program fails to
security flaws can reflect code that was intentionally manage system resources, such as memory or file
designed or coded to be malicious or code that was handles, properly. Resource errors can cause a program
simply developed in a sloppy or misguided way. Thus, to crash or behave unpredictably.
it makes sense to divide program flaws into two
separate logical categories: inadvertent human errors Impact of Non-malicious Program Errors:
versus malicious, intentionally induced flaws.
 Non-malicious program errors can have a
significant impact on the security of a system.
Types of Flaws:  In some cases, these errors can be exploited by
attackers to gain unauthorized access to the
 validation error (incomplete or inconsistent):
system or to extract sensitive information.
permission checks  For example, a logic error in a web application
 domain error: controlled access to data could allow an attacker to bypass authentication
 serialization and aliasing: program flow order controls and access sensitive data.
 inadequate identification and authentication:
basis for authorization Preventing Non-malicious Program Errors:
 boundary condition violation: failure on first or  The best way to prevent non-malicious program
errors is to follow good software development
last case practices.
 other exploitable logic errors  This includes using well-established
programming languages, writing clear and
NON MALICIOUS PROGRAM ERRORS: concise code, and testing the software
thoroughly before deployment.
 Mr. Saquib Ali
Information Security
Unit-II
 Code reviews and automated testing can also  Keep the operating system and all software
help to identify and correct errors before they applications up to date with the latest security
become a problem. patches and updates.
 Use strong and unique passwords for all
Malicious Codes – Virus: accounts and change them regularly.
 Malicious codes are programs designed to cause  Use a firewall to block unauthorized access to
harm to a system or its users. the system.
 Viruses are one type of malicious code that can  Backup critical data and files regularly and keep
replicate themselves and spread from one the backup copies in a safe place.
system to another.
 Viruses are typically attached to legitimate files Trap Door:
or programs and can infect a system when the A trap door is a defect in the computer code that allows
user opens or runs the infected file. malicious actors to exploit the flaw and gain access to
 Once a virus infects a system, it can perform a valuable information.
wide range of malicious activities, including A trapdoor is an undocumented entry point to a module.
deleting files, stealing sensitive information, and The trapdoor is inserted during code development,
using the infected system to launch attacks perhaps to test the module, to provide "hooks" by which
against other systems. to connect future modifications or enhancements or to
allow access if the module should fail in the future. In
addition to these legitimate uses, trapdoors can allow a
Types of Viruses:
programmer access to a program once it is placed in
File infectors: These viruses infect executable files, production.
such as .exe or .com files. When the infected file is run, A trapdoor or backdoor is a feature in a program by
the virus is activated and can spread to other files on the which someone can access the program other than by
system. the obvious, direct call, perhaps with special privileges.
Boot sector viruses: These viruses infect the boot For instance, an automated bank teller program might
sector of a disk, making it difficult to remove the virus allow anyone entering the number 990099 on the
without reformatting the entire disk. keypad to process the log of everyone's transactions at
Macro viruses: These viruses infect macro-enabled that machine. In this example, the trapdoor could be
documents, such as Microsoft Word or Excel files. intentional, for maintenance purposes, or it could be an
When the infected document is opened, the virus is illicit way for the implementer to wipe out any record
activated and can spread to other documents on the of a crime.
system.
Polymorphic viruses: These viruses are designed to Salami Attack:
evade detection by changing their code each time they A salami attack is a cybercrime that attackers typically
replicate. This makes it difficult for antivirus software use to commit financial crimes. Criminals steal money
to detect and remove the virus. or resources from financial accounts on a system one at
a time. This attack occurs when several minor attacks
Effects of Virus Infections: combine to form a powerful attack. Because of this type
 Slowing down of the system of cybercrime, these attacks frequently go undetected.
 Frequent crashes and freezes Anyone guilty of such an attack faces punishment
 Unauthorized access to personal or sensitive under Section 66 of the IT Act. Salami
information Slicing and Penny Shaving are two significant types of
 Theft of identity and financial data salami attacks in cyber security.
 Loss of critical data and files After attempting many different routing and bank
 Disruption of normal business operations account mixtures to gain access to accounts,
cybercriminals can make negligible deposits into users’
Preventing Virus Infections: accounts once they find a valid account. They can set
up small monthly fees to be withdrawn from the
 Avoid downloading and opening email
financial institution and placed into accounts they can
attachments or files from untrusted sources.
access once they find an account.
 Mr. Saquib Ali
Information Security
Unit-II
Because the fees are so minor, users will ignore them Set up alerts: Most banks offer alert services that
on their bank statements. However, if hackers notify you of any unusual activity on your account. You
successfully deploy this illegal strategy throughout can set up alerts for transactions over a certain amount
other hundreds of bank accounts, their earnings can or for any changes to your account.
rapidly increase.
Keep your passwords secure: Always use strong and
Types of Salami Attacks: unique passwords for your financial accounts and never
Salami Slicing Attack share them with anyone.
A “salami slicing attack” or “salami fraud” occurs when Covert Channels:
an attacker uses an online database to obtain customer  A communication channel that is hidden from
information, such as bank/credit card details. Over time, normal security measures, allowing
the attacker deducts insignificant amounts from each unauthorized communication between two
account. These sums naturally add up to large sums of entities
money invisibly taken from the joint accounts. Most  Purpose: to bypass security measures and
people do not report the deduction, often due to the exchange information without detection
small amount involved.  Risks: can be used for malicious purposes, such
For example, suppose an attacker withdraws 0.01 (1 as stealing data or controlling a system
paise) from each bank account. Nobody will notice  Examples: using unused fields in network
such a minor discrepancy. However, a large sum is protocols to exchange data, using steganography
produced when one paise is deducted from each to hide data within an image or audio file..
account holder at that bank. In the 1990s, researchers discovered a covert channel in
the IP protocol that allowed an attacker to communicate
Penny Shaving Attack
with malware on a victim's computer without being
Penny shaving is the fraudulent practice of repeatedly detected by security software. The attacker could use
stealing money in extremely small amounts. By using unused fields in the IP header to transmit data to the
rounding to the nearest cent in financial transactions. malware, which would then respond by using other
The goal is to make the change so small that any fields in the header to send data back to the attacker.
transaction goes undetected.
Another example of a covert channel is steganography,
How to Spot a Salami Attack? which involves hiding data within an image or audio
A salami attack is a type of financial fraud where small file. The data can be extracted by someone who knows
amounts of money are stolen over a long period of time, the secret key or algorithm used to hide the data.
which adds up to a significant amount of money. Here Covert channels can also be used in social engineering
are some ways to spot a salami attack: attacks, where an attacker uses a seemingly innocent
Monitor your bank statements regularly: Keep a communication channel, such as email or instant
close eye on your bank statements and transactions, and messaging, to communicate with a victim and trick
check them frequently to identify any unauthorized them into revealing sensitive information or performing
transactions. a certain action.
Look for small deductions: Watch out for small Control Against Program: (Attack)
deductions or transactions you don’t recognize, as these  Control against program attacks involve gaining
can indicate a salami attack. control over a program or system and using it to
carry out malicious actions.
Check your credit report: Keep an eye on your credit
 These attacks can be carried out through
report for any unauthorized accounts or inquiries. If you
vulnerabilities in the software or hardware, or
see something suspicious, take action immediately.
through social engineering techniques that trick
Be wary of unsolicited emails: Be cautious of users into running malicious code.
unsolicited emails or messages that ask for your  Risks: can lead to data theft, system disruption,
personal or financial information. These are often or other harmful consequences
phishing attempts that can lead to a salami attack.  Examples: gaining control over a web server
and using it to launch DDoS attacks or steal data
 Mr. Saquib Ali
Information Security
Unit-II
A common example of a control against program A program that has the potential to harm the system
attack is a distributed denial-of-service (DDoS) seriously.
attack, where a large number of computers or 2. Attack
devices are used to overwhelm a server or network A breach of security that allows unauthorized access to
with traffic, making it unavailable to legitimate a resource.
users. There are two types of security breaches that can harm
Another example of a control against program the system: malicious and accidental. Malicious threats
attack is ransomware, which is a type of malware are a type of destructive computer code or web script
that encrypts a victim's files and demands payment that is designed to cause system vulnerabilities that lead
in exchange for the decryption key. Once the to back doors and security breaches. On the other hand,
malware is installed on a victim's computer, the Accidental Threats are comparatively easier to protect
attacker can remotely control the malware and carry against.
out the attack. Security may be compromised through the breaches.
Control against program attacks can also be carried
out through social engineering techniques, such as Some of the breaches are as follows:
phishing emails or fake software updates that trick 1. Breach of integrity
users into running malicious code or providing This violation has unauthorized data modification.
sensitive information.
2. Theft of service
Operating System Security It involves the unauthorized use of resources.
Every computer system and software design must 3. Breach of confidentiality
handle all security risks and implement the It involves the unauthorized reading of data.
necessary measures to enforce security policies. At 4. Breach of availability
the same time, it's critical to strike a balance It involves the unauthorized destruction of data.
because strong security measures might increase 5. Denial of service
costs while also limiting the system's usability, It includes preventing legitimate use of the system.
utility, and smooth operation. As a result, system
Some attacks may be accidental.
designers must assure efficient performance without
compromising security. The goal of Security System
The process of ensuring OS availability, There are several goals of system security. Some of
confidentiality, integrity is known as operating them are as follows:
system security. OS security refers to the processes 1. Integrity
or measures taken to protect the operating system Unauthorized users must not be allowed to access the
from dangers, including viruses, worms, malware, system's objects, and users with insufficient rights
and remote hacker intrusions. Operating system should not modify the system's critical files and
security comprises all preventive-control procedures resources.
that protect any system assets that could be stolen, 2. Secrecy
modified, or deleted if OS security is breached. The system's objects must only be available to a small
Security refers to providing safety for computer number of authorized users. The system files should not
system resources like software, CPU, memory, be accessible to everyone.
disks, etc. It can protect against all threats, 3. Availability
including viruses and unauthorized access. It can be All system resources must be accessible to all
enforced by assuring the operating authorized users, i.e., no single user/process should be
system's integrity, confidentiality, able to consume all system resources. If such a situation
and availability. If an illegal user runs a computer arises, service denial may occur. In this case, malware
application, the computer or data stored may be may restrict system resources and preventing legitimate
seriously damaged. processes from accessing them.

System security may be threatened through two Types of Threats

violations, and these are as follows:
There are mainly two types of threats that occur. These
1. Threat
are as follows:
 Mr. Saquib Ali
Information Security
Unit-II
Program threats 2. Worm
The operating system's processes and kernel carry out The worm is a process that can choke a system's
the specified task as directed. Program Threats occur performance by exhausting all system resources. A
when a user program causes these processes to do Worm process makes several clones, each consuming
malicious operations. The common example of a
system resources and preventing all other processes
program threat is that when a program is installed on a
computer, it could store and transfer user credentials to from getting essential resources. Worm processes can
a hacker. There are various program threats. Some of even bring a network to a halt.
them are as follows:
3. Denial of Service
Denial of service attacks usually prevents users from
1.Virus legitimately using the system. For example, if a denial-
A virus may replicate itself on the system. Viruses are of-service attack is executed against the browser's
extremely dangerous and can modify/delete user files as content settings, a user may be unable to access the
well as crash computers. A virus is a little piece of code
internet.
that is implemented on the system program. As the user
interacts with the program, the virus becomes Threats to Operating System
embedded in other files and programs, potentially There are various threats to the operating system. Some
rendering the system inoperable.
of them are as follows:
2. Trojan Horse
This type of application captures user login credentials. Malware
It stores them to transfer them to a malicious user who
It contains viruses, worms, trojan horses, and other
can then log in to the computer and access system
resources. dangerous software. These are generally short code
3. Logic Bomb snippets that may corrupt files, delete the data, replicate
A logic bomb is a situation in which software only to propagate further, and even crash a system. The
misbehaves when particular criteria are met; otherwise, malware frequently goes unnoticed by the victim user
it functions normally. while criminals silently extract important data.
4. Trap Door
A trap door is when a program that is supposed to work Network Intrusion
as expected has a security weakness in its code that Network intruders are classified as masqueraders,
allows it to do illegal actions without the user's misfeasors, and unauthorized users. A masquerader is
knowledge.
an unauthorized person who gains access to a system
and uses an authorized person's account. A misfeasor is
System Threats
System threats are described as the misuse of system a legitimate user who gains unauthorized access to and
services and network connections to cause user misuses programs, data, or resources. A rogue user
problems. These threats may be used to trigger the takes supervisory authority and tries to evade access
program threats over an entire network, known as constraints and audit collection.
program attacks. System threats make an environment
in which OS resources and user files may be misused. Buffer Overflow
There are various system threats. Some of them are as It is also known as buffer overrun. It is the most
follows: common and dangerous security issue of the operating
1. Port Scanning system. It is defined as a condition at an interface under
It is a method by which the cracker determines the
which more input may be placed into a buffer and a
system's vulnerabilities for an attack. It is a fully
automated process that includes connecting to a data holding area than the allotted capacity, and it may
specific port via TCP/IP. To protect the attacker's overwrite other information. Attackers use such a
identity, port scanning attacks are launched through situation to crash a system or insert specially created
Zombie Systems, which previously independent malware that allows them to take control of the system.
systems now serve their owners while being utilized
for such terrible purposes. How to ensure Operating System Security?
 Mr. Saquib Ali
Information Security
Unit-II
There are various ways to ensure operating system  Hardware is designed to provide memory
security. These are as follows: protection.

Authentication 1. Memory and Address Protection – Fixed

The process of identifying every system user and Fence
associating the programs executing with those users is
known as authentication. The operating system is
responsible for implementing a security system that
ensures the authenticity of a user who is executing a
specific program. In general, operating systems identify
and authenticate users in three ways.

1. Username/Password
Every user contains a unique username and password
that should be input correctly before accessing a
system.

2. User Attribution
These techniques usually include biometric verification,
such as fingerprints, retina scans, etc. This
authentication is based on user uniqueness and is
compared to database samples already in the system.  A fence defines a boundary on one side and
Users can only allow access if there is a match. restricts the user.
 The fence address location is fixed. The
3. User card and Key
operating system resides on one side and the
To login into the system, the user must punch a card
user works on the other side of the fence.
into a card slot or enter a key produced by a key
generator into an option provided by the operating
system.

One Time passwords

Along with standard authentication, one-time
passwords give an extra layer of security. Every time a
user attempts to log into the One-Time Password
system, a unique password is needed. Once a one-time
password has been used, it cannot be reused. One-time
passwords may be implemented in several ways.

Memory and Address Protection

 An operating system is the multiprogramming
system allowing multiple users to use
concurrently.
 Operating system is designed in such a way that
one user’s computation cannot be intercepted by
malicious user.
 Memory protection in multiprogramming
prevents other programs from interfering to
user’s program.
 Mr. Saquib Ali
Information Security
Unit-II
 This implementation was restrictive – operating 2. Memory and Address Protection –
system always occupied predefined amount of Base/Bounds Registers
space, whether it was needed or not.  Fence registers mention the beginning not the
end of memory meaning specifies the lower
 Operating system defines register part of
bound but does not specify upper limit.
hardware, termed as a fence register; holds the
 An upper limit can count the available space and
address indicating the operating system ends at
checks that overflow does not lead into
this address.
“forbidden” areas.
 This scheme differs from fixed fence, as in this
scheme change can take place in the location of
the fence.
 For every data modification request by user
program, address referred for data modification,
is checked against the address defined as fence.
The address used is above the fence address
then this address falls in the user area and the
instruction gets executed. In case the address is
below the fence address then it penetrates in the
operating system area which raises a
fault.Variable Fence Register – Limitation A
fence register derives the boundary between
operating system and users. The fence cannot
prevent penetration of one user into the area of
another user. Memory and Address Protection –
Relocation
 Relocation process takes a program considering
address 0 for the first instruction and replaces
rest of the addresses with the actual addresses in
memory that the program is residing at.
 Every time each address adds constant
relocation factor to get the address. The first
address of the program becomes the value of
relocation factor.
 The fence register acts as a relocation device
defined in hardware. To generate address of the
program, the fence register contents are read and
added to the address for each instruction of the
program.
 Mr. Saquib Ali
Information Security
Unit-II
 The bounds register marks the upper address
limit and a base or fence register marks the
lower address limit.
 The address generated for program has to be
above the base address because addition is
performed on the contents of the base register
and the address assigned to program. Each
address is checked against the bounds address to
make sure that it is below the bounds address.
This helps in saving the program’s addresses
from modification by other users.
 When operating system switches from program
of one user to program of other user, the
contents of the base and bound registers are
changed to reflect the actual address space
assigned to the current user. This is called a
context switch. The operating system performs
context switching means assign control to other
user from current user.
 A user error occurs in following situations.
 1) When an array subscript refers to an element
that is out of range
 2) An undefined variable is used in executable
instruction which refers to an address lying in
the user’s space.
 3) A user accidentally stores data in the memory
area of instructions which destroys a user’s own
program.
 To solve the problem of overwriting data to
instructions, one more pair of base/bounds
register is used. Instructions of the
program(code) holds one register and data space
holds another register.
3. Memory and Address Protection – Tagged
 Two pairs of base/bound registers are used.
Architecture
When instructions are to be executed, their
In Tagged architecture, allocated registers are three
relocation address is checked against the first or more than three pairs: one for code, one for read-
register pair, and check against second register only data, and one for data values that can be
pair is performed for all kinds of data accesses modified.
(operands of instructions).
In some cases – some data values need to be
protected but not all.

A programmer allows certain data values to be

modified while initializing the program but program
is not allowed to modify these data values at later
stage, thus ensures integrity.
 Mr. Saquib Ali
Information Security
Unit-II
 A programmer invokes a shared subprogram attributes of users, systems and environmental
from a common library. conditions.
 Base/bounds registers create an all-or-nothing 2. Discretionary Access Control (DAC): In DAC,
the owner of data determines who can access
environment for sharing: meaning that a
specific resources.
program allows access and modification of data
3. History-Based Access Control (HBAC): Access is
or all accesses are prohibited. granted or declined by evaluating the history of
 There are four resources P,Q,R,S. A procedure activities of the inquiring party that includes
wants to share P, Q, and R data items with one behavior, the time between requests and content of
module; P, R, and S with a second module, and requests.
P, Q, and S with a third module. These sets need 4. Identity-Based Access Control (IBAC): By using
to be saved in contiguous space so that they are this model network administrators can more
effectively shared. effectively manage activity and access based on
individual requirements.
5. Mandatory Access Control (MAC): A control
Access control
model in which access rights are regulated by a
Access control is a fundamental component of data
central authority based on multiple levels of
security that dictates who’s allowed to access and
security. Security Enhanced Linux is implemented
use company information and resources. Through
using MAC on the Linux operating system.
authentication and authorization, access control
6. Organization-Based Access control
policies make sure users are who they say they are
and that they have appropriate access to company (OrBAC): This model allows the policy designer to
data. Access control can also be applied to limit define a security policy independently of the
physical access to campuses, buildings, rooms, and implementation.
datacenters. 7. Role-Based Access Control (RBAC): RBAC
allows access based on the job title. RBAC
eliminates discretion on a large scale when
Authentication Mechanism:
providing access to objects. For example, there
1. Two-factor authentication
should not be permissions for human resources
2. Multi factor authentication
specialist to create network accounts.
3. one-time password
8. Rule-Based Access Control (RAC): RAC method
4. Three-factor authentication
is largely context based. Example of this would be
5. Bio metrics
only allowing students to use the labs during a
6. Hard Tokens
certain time of day.
7. Soft Tokens
8. Contextual Authentication
9. Device identification File Protection
File protection is the process of safeguarding files from
unwarranted and unauthorized access. It involves
Different access control models are used depending on securing file systems so that files aren’t modified,
the compliance requirements and the security levels of erased, deleted, or otherwise tampered with without due
information technology that is to be protected. Basically authority.
access control is of 2 types: While it includes physical file security, digital file
protection typically starts at the operating system level
1. Physical Access Control: Physical access control
and encompasses monitoring and security access
restricts entry to campuses, buildings, rooms and
controls, especially for business-critical files.
physical IT assets.
2. Logical Access Control: Logical access control Type of File protection
limits connections to computer networks, system File protection is an essential component of modern
files and data. operating systems, ensuring that files are secured from
Access Control Models: unauthorized access, alteration, or deletion. In this
1. Attribute-based Access Control (ABAC): In this context, there are several types of file protection
model, access is granted or declined by evaluating a mechanisms used in operating systems to provide
set of rules, policies, and relationships using the robust data security.
 Mr. Saquib Ali
Information Security
Unit-II
 File Permissions − File permissions are a basic creating a record of all file access and changes,
form of file protection that controls access to including who accessed the file, what actions
files by setting permissions for users and were performed, and when they were
groups. File permissions allow the system performed. Auditing and logging can help to
administrator to assign specific access rights to detect and prevent unauthorized access and can
users and groups, which can include read, write, also provide an audit trail for compliance
and execute privileges. These access rights can purposes.
be assigned at the file or directory level,  Physical File Security − Physical file security
allowing users and groups to access specific involves protecting files from physical damage
files or directories as needed. File permissions or theft. It includes measures such as file storage
can be modified by the system administrator at and access control, backup and recovery, and
any time to adjust access privileges, which helps physical security best practices. Physical file
to prevent unauthorized access. security is essential for ensuring the integrity
 Encryption − Encryption is the process of and availability of critical data, as well as
converting plain text into ciphertext to protect compliance with regulatory requirements.
files from unauthorized access. Encrypted files
Advantages of File protection
can only be accessed by authorized users who
 Data Security − File protection mechanisms
have the correct encryption key to decrypt them.
such as encryption, access control lists, and file
Encryption is widely used to secure sensitive
permissions provide robust data security by
data such as financial information, personal
preventing unauthorized access to files. These
data, and other confidential information. In an
mechanisms ensure that only authorized users
operating system, encryption can be applied to
can access files, which helps to prevent data
individual files or entire directories, providing
breaches and other security incidents. Data
an extra layer of protection against unauthorized
security is critical for organizations that handle
access.
sensitive data such as personal data, financial
 Access Control Lists (ACLs) − Access control
information, and intellectual property.
lists (ACLs) are lists of permissions attached to
 Compliance − File protection mechanisms are
files and directories that define which users or
essential for compliance with regulatory
groups have access to them and what actions
requirements such as GDPR, HIPAA, and PCI-
they can perform on them. ACLs can be more
DSS. These regulations require organizations to
granular than file permissions, allowing the
implement appropriate security measures to
system administrator to specify exactly which
protect sensitive data from unauthorized access,
users or groups can access specific files or
alteration, or deletion. Failure to comply with
directories. ACLs can also be used to grant or
these regulations can result in significant
deny specific permissions, such as read, write,
financial penalties and reputational damage.
or execute privileges, to individual users or
 Business Continuity − File protection
groups.
mechanisms are essential for ensuring business
 Auditing and Logging − Auditing and logging
continuity by preventing data loss due to
are mechanisms used to track and monitor file
accidental or malicious deletion, corruption, or
access, changes, and deletions. It involves
 Mr. Saquib Ali
Information Security
Unit-II
other types of damage. File protection to implement and manage. This can lead to
mechanisms such as backup and recovery, errors and misconfigurations that compromise
auditing, and logging can help to recover data data security.
quickly in the event of a data loss incident,  Compatibility Issues − Some file protection
ensuring that business operations can resume as mechanisms may not be compatible with all
quickly as possible. types of files or applications, leading to
 Increased Productivity − File protection compatibility issues and limitations in file
mechanisms can help to increase productivity by usage.
ensuring that files are available to authorized  Cost − Implementing robust file protection
users when they need them. By preventing mechanisms can be expensive, especially for
unauthorized access, alteration, or deletion of small organizations with limited budgets. This
files, file protection mechanisms help to can make it difficult to achieve full data
minimize the risk of downtime and data loss protection.
incidents that can impact productivity.  User Frustration − Stringent file protection
 Enhanced Collaboration − File protection mechanisms such as complex passwords,
mechanisms can help to enhance collaboration frequent authentication requirements, and
by allowing authorized users to access and share restricted access can frustrate users and impact
files securely. Access control lists, file productivity.
permissions, and encryption can help to ensure
that files are only accessed by authorized users, User Authentication
which helps to prevent conflicts and  Authentication is the process of identifying
users that request access to a system, network,
misunderstandings that can arise when multiple or device. Access control often determines user
users access the same file. identity according to credentials like username
 Reputation − File protection mechanisms can and password. Other authentication technologies
like biometrics and authentication apps are also
enhance an organizations reputation by used to authenticate user identity.
demonstrating a commitment to data security  User authentication is a method that keeps
and compliance. By implementing robust file unauthorized users from accessing sensitive
information. For example, User A only has
protection mechanisms, organizations can build
access to relevant information and cannot see
trust with their customers, partners, and the sensitive information of User B.
stakeholders, which can have a positive impact  Cybercriminals can gain access to a system and
on their reputation and bottom line. steal information when user authentication is not
secure.
Disadvantages of File protection  The data breaches companies like Adobe,
Equifax, and Yahoo faced are examples of what
 Overhead − Some file protection mechanisms
happens when organizations fail to secure their
such as encryption, access control lists, and user authentication.
auditing can add overhead to system  Hackers gained access to Yahoo user accounts
performance. This can impact system resources to steal contacts, calendars and private emails
between 2012 and 2016. The Equifax data
and slow down file access and processing times. breach in 2017 exposed credit card data of more
 Complexity − File protection mechanisms can than 147 million consumers. Without a secure
be complex and require specialized knowledge authentication process, any organization could
be at risk.
 Mr. Saquib Ali
Information Security
Unit-II
Certificate-based authentication
Certificate-based authentication technologies identify
Common Authentication Types users, machines or devices by using digital certificates.
Cybercriminals always improve their attacks. As a A digital certificate is an electronic document based on
result, security teams are facing plenty of the idea of a driver’s license or a passport.
authentication-related challenges. This is why
companies are starting to implement more The certificate contains the digital identity of a user
sophisticated incident response strategies, including including a public key, and the digital signature of a
authentication as part of the process. The list below certification authority. Digital certificates prove the
reviews some common authentication methods used to ownership of a public key and issued only by a
secure modern systems. certification authority.

Password-based authentication Users provide their digital certificates when they sign in
Passwords are the most common methods of to a server. The server verifies the credibility of the
authentication. Passwords can be in the form of a string digital signature and the certificate authority. The server
of letters, numbers, or special characters. To protect then uses cryptography to confirm that the user has a
yourself you need to create strong passwords that correct private key associated with the certificate.
include a combination of all possible options.
Biometric authentication
However, passwords are prone to phishing attacks and  Biometrics authentication is a security process
bad hygiene that weakens effectiveness. An average that relies on the unique biological
person has about 25 different online accounts, but characteristics of an individual. Here are key
only 54% of users use different passwords across their advantages of using biometric authentication
accounts. technologies:
 Biological characteristics can be easily
The truth is that there are a lot of passwords to compared to authorized features saved in a
remember. As a result, many people choose database.
convenience over security. Most people use simple  Biometric authentication can control physical
passwords instead of creating reliable passwords access when installed on gates and doors.
because they are easier to remember.  You can add biometrics into your multi-factor
authentication process.
The bottom line is that passwords have a lot of  Biometric authentication technologies are used
weaknesses and are not sufficient in protecting online by consumers, governments and private
information. Hackers can easily guess user credentials corporations including airports, military bases,
by running through all possible combinations until they and national borders. The technology is
find a match. increasingly adopted due to the ability to
achieve a high level of security without creating
Multi-factor authentication friction for the user. Common biometric
Multi-Factor Authentication (MFA) is an authentication authentication methods include:
method that requires two or more independent ways to
identify a user. Examples include codes generated from  Facial recognition—matches the different face
the user’s smartphone, Captcha tests, fingerprints, voice characteristics of an individual trying to gain access
biometrics or facial recognition. to an approved face stored in a database. Face
recognition can be inconsistent when comparing
MFA authentication methods and technologies increase faces at different angles or comparing people who
the confidence of users by adding multiple layers of look similar, like close relatives. Facial liveness like
security. MFA may be a good defense against most ID R&D’s passive facial liveness prevents spoofing.
account hacks, but it has its own pitfalls. People may  Fingerprint scanners—match the unique patterns
lose their phones or SIM cards and not be able to on an individual’s fingerprints. Some new versions
generate an authentication code. of fingerprint scanners can even assess the vascular
patterns in people’s fingers. Fingerprint scanners are
currently the most popular biometric technology for
 Mr. Saquib Ali
Information Security
Unit-II
everyday consumers, despite their frequent
inaccuracies. This popularity can be attributed to
iPhones.
 Speaker Recognition —also known as voice
biometrics, examines a speaker’s speech patterns for
the formation of specific shapes and sound qualities.
A voice-protected device usually relies on
standardized words to identify users, just like a
password.
 Eye scanners—include technologies like iris
recognition and retina scanners. Iris scanners project
a bright light towards the eye and search for unique
patterns in the colored ring around the pupil of the
eye. The patterns are then compared to approved
information stored in a database. Eye-based
authentication may suffer inaccuracies if a person
wears glasses or contact lenses.

Token-based authentication
Token-based authentication technologies enable users
to enter their credentials once and receive a unique
encrypted string of random characters in exchange. You
can then use the token to access protected systems
instead of entering your credentials all over again. The
digital token proves that you already have access
permission. Use cases of token-based authentication
include RESTful APIs that are used by multiple
frameworks and clients.
 Notes
Information Security
Module III
Database security: Oxley Act (SAO) or Payment Card Industry
Security of databases refers to the array of controls, Data Security Standard (PCI DSS) specific to
tools, and procedures designed to ensure and safeguard industry regulations on data privacy, like
confidentiality, integrity, and accessibility. This tutorial HIPAA or regional privacy laws like the
will concentrate on confidentiality because it's a European Union's General Data Protection
component that is most at risk in data security breaches. Regulation (GDPR) could be a major problem
with fines in worst cases in excess of many
Security for databases must cover and safeguard the million dollars for each violation.
following aspects: o Costs for repairing breaches and notifying
o The database containing data. consumers about them: Alongside notifying
o Database management systems (DBMS) customers of a breach, the company that has
o Any applications that are associated with it. been breached is required to cover the
investigation and forensic services such as crisis
o Physical database servers or the database server
management, triage repairs to the affected
virtual, and the hardware that runs it.
systems, and much more.
o The infrastructure for computing or network that
is used to connect to the database. Common Threats and Challenges:
Security of databases is a complicated and challenging Numerous software configurations that are not correct,
task that requires all aspects of security practices and weaknesses, or patterns of carelessness or abuse can
technologies. This is inherently at odds with the lead to a breach of security. Here are some of the most
accessibility of databases. The more usable and prevalent kinds of reasons for security attacks and the
accessible the database is, the more susceptible we are reasons.
to threats from security. The more vulnerable it is to
attacks and threats, the more difficult it is to access and Insider Dangers
utilize. An insider threat can be an attack on security from any
three sources having an access privilege to the database.
Why Database Security is Important? o A malicious insider who wants to cause harm
According to the definition, a data breach refers to a
o An insider who is negligent and makes mistakes
breach of data integrity in databases. The amount of
that expose the database to attack. vulnerable to
damage an incident like a data breach can cause our
attacks
business is contingent on various consequences or
elements. o An infiltrator is an outsider who acquires
o Intellectual property that is credentials by using a method like phishing or
compromised: Our intellectual property--trade accessing the database of credential information
secrets, inventions, or proprietary methods -- in the database itself.
could be vital for our ability to maintain an
advantage in our industry. If our intellectual Insider dangers are among the most frequent sources of
property has been stolen or disclosed and our security breaches to databases. They often occur as a
competitive advantage is lost, it could be consequence of the inability of employees to have
difficult to keep or recover. access to privileged user credentials.
o The damage to our brand's
reputation: Customers or partners may not Human Error:
want to purchase goods or services from us (or The unintentional mistakes, weak passwords or sharing
deal with our business) If they do not feel they passwords, and other negligent or uninformed
can trust our company to protect their data or behaviours of users remain the root causes of almost
their own. half (49 percent) of all data security breaches.
o The concept of business continuity (or lack of
it): Some businesses cannot continue to function Database Software Vulnerabilities can be Exploited
until a breach has been resolved.
o Penalties or fines to be paid for not
Hackers earn their money by identifying and exploiting
complying: The cost of not complying with vulnerabilities in software such as databases
international regulations like the Sarbanes- management software. The major database software
 Notes
Information Security
Module III
companies and open-source databases management deployment, management, and administration of
platforms release regular security patches to fix these security solutions more difficult.
weaknesses. However, failing to implement the patches o More stringent requirements for regulatory
on time could increase the risk of being hacked. compliance: The worldwide regulatory
compliance landscape continues to increase by
SQL/NoSQL Injection Attacks complexity. This makes the compliance of every
A specific threat to databases is the infusing of untrue mandate more challenging.
SQL as well as other non-SQL string attacks in queries
for databases delivered by web-based apps and HTTP Best use of Database Security
headers. Companies that do not follow the safe coding
practices for web applications and conduct regular As databases are almost always accessible via the
vulnerability tests are susceptible to attacks using these. network, any security risk to any component or part of
the infrastructure can threaten the database. Likewise,
Buffer Overflow is a way to Exploit Buffers any security attack that impacts a device or workstation
could endanger the database. Therefore, security for
Buffer overflow happens when a program seeks to copy databases must go beyond the limits of the database.
more data into the memory block with a certain length
than it can accommodate. The attackers may make use In evaluating the security of databases in our workplace
of the extra data, which is stored in adjacent memory to determine our organization's top priorities, look at
addresses, to establish a basis for they can begin each of these areas.
attacks.
o Security for physical security: If the database
DDoS (DoS/DDoS) Attacks servers are on-premises or the cloud data centre,
In a denial-of-service (DoS) attack in which the attacker they should be placed in a secure, controlled
overwhelms the targeted server -- in this case, the climate. (If our server for database is located in
database server with such a large volume of requests a cloud-based data centre, the cloud provider
that the server is unable to meet no longer legitimate will handle the security on our behalf.)
requests made by actual users. In most cases, the server o Access to the network and administrative
is unstable or even fails to function. restrictions: The practical minimum number of
users granted access to the database and their
Malware access rights should be restricted to the
Malware is software designed to exploit vulnerabilities minimum level required to fulfil their tasks.
or cause harm to databases. Malware can be accessed Additionally, access to the network is limited to
via any device that connects to the databases network. the minimum permissions needed.
o End security of the user account or device: Be
Attacks on Backups aware of who has access to the database and
Companies that do not protect backup data using the when and how data is used. Monitoring tools for
same rigorous controls employed to protect databases data can notify you of data-related activities that
themselves are at risk of cyberattacks on backups. are uncommon or seem to be dangerous. Any
device that connects to the network hosting the
The following factors amplify the threats: database must be physically secured (in the sole
control of the appropriate person) and be subject
o Data volumes are growing: Data capture, to security checks throughout the day.
storage, and processing continue to increase DATA
o Security: ALL data--including data stored in
exponentially in almost all organizations. Any
databases, as well as credential information
tools or methods must be highly flexible to meet
should be secured using the highest-quality
current as well as far-off needs.
encryption when in storage and while in
o The infrastructure is sprawling: Network
transport. All encryption keys must be used in
environments are becoming more complicated,
accordance with the best practices guidelines.
especially as companies shift their workloads
into multiple clouds and hybrid cloud o Security of databases using software: Always
architectures and make the selection of use the most current version of our software to
 Notes
Information Security
Module III
manage databases and apply any patches compliance. This could require tokenization
immediately after they're released. (data concealing) or advanced key management
o Security for web server applications and of security keys.
websites: Any application or web server that o Optimization of Data Security and Risk
connects to the database could be a target and Analysis: An application that will provide
should be subjected to periodic security testing contextual insights through the combination of
and best practices management. security data with advanced analytics will allow
o Security of backups: All backups, images, or users to perform optimizing, risk assessment,
copies of the database should have the identical and reporting in a breeze. Select a tool that is
(or equally rigorous) security procedures as the able to keep and combine large amounts of
database itself. recent and historical data about the security and
state of your databases. Also, choose a solution
o Auditing: Audits of security standards for
that provides data exploration, auditing, and
databases should be conducted every few
reporting capabilities via an extensive but user-
months. Record all the logins on the server as
friendly self-service dashboard.
well as the operating system. Also, record any
operations that are made on sensitive data, too.
Database Security Requirements:
Data protection tools and platforms • Database security is the protection of data
Today, a variety of companies provide data protection against unauthorized access, use, disclosure,
platforms and tools. A comprehensive solution should modification, or destruction.
have all of the following features: • Security requirements are essential for any
database system to ensure that data is secure and
o Discovery: The ability to discover is often
protected.
needed to meet regulatory compliance
• There are several security requirements that a
requirements. Look for a tool that can detect and
database system must meet to be considered
categorize weaknesses across our databases,
secure, including confidentiality, integrity,
whether they're hosted in the cloud or on-
availability, and accountability
premises. It will also provide recommendations
to address any vulnerabilities that are Confidentiality:
discovered. Confidentiality is the requirement to ensure that
o Monitoring of Data Activity: The solution sensitive data is not disclosed to unauthorized
should be capable of monitoring and analysing individuals or entities. It is a critical aspect of database
the entire data activity in all databases, whether
security, especially for databases that contain personal
our application is on-premises, in the cloud, or
inside a container. It will alert us to suspicious or sensitive information.
activity in real-time to allow us to respond more
quickly to threats. It also provides visibility into How to ensure database confidentiality:
the state of our information through an • Implementing access controls to restrict access
integrated and comprehensive user interface. It to the database to authorized personnel only.
is also important to choose a system that
• Using encryption to protect sensitive data stored
enforces rules that govern policies, procedures,
and the separation of duties. Be sure that the in the database from unauthorized access.
solution we select is able to generate the reports • Implementing data masking or redaction
we need to comply with the regulations. techniques to hide sensitive data from
o The ability to Tokenize and Encrypt Data: In unauthorized personnel.
case of an incident, encryption is an additional • Regularly auditing and monitoring access to the
line of protection against any compromise. Any database to detect any unauthorized attempts to
software we choose to use must have the
access sensitive data.
flexibility to protect data cloud, on-premises
hybrid, or multi-cloud environments. Find a tool Reliability:
with volume, file, and application encryption Reliability refers to the ability of a database to perform
features that meet our company's regulations for its functions accurately and consistently over time. A
 Notes
Information Security
Module III
reliable database ensures that the data it stores is always organization, or society as a whole. This includes data
available when needed and is not corrupted or lost due that is confidential, personal, or proprietary in nature.
to hardware or software failures, power outages, or Examples of sensitive data include financial records,
other technical issues. such as credit card numbers, bank account information,
or tax identification numbers; health records, such as
How to ensure database reliability: medical history or diagnoses; intellectual property, such
• Implementing a backup and recovery plan to as trade secrets, patents, or copyrights; and personal
prevent data loss in the event of hardware or identifiers, such as social security numbers or driver's
software failures. license numbers.
• Using redundant hardware and software
configurations to ensure that the database Types of Data based on Sensitivity:
remains operational even if one component Public Data: This type of data is considered non-
sensitive and can be freely disclosed without any
fails.
restrictions. Examples of public data include press
• Monitoring the database for errors and issues, releases, promotional materials, and other information
and taking proactive measures to address them that is intended for public consumption.
before they become critical. Internal Use Data: This type of data is intended for
• Implementing failover systems to ensure that the internal use within an organization and is generally not
database can switch to an alternative system if shared with the public. Examples of internal use data
include employee records, customer lists, and financial
the primary system fails. reports.
Confidential Data: This type of data is highly sensitive
Integrity: and is intended for use only by authorized personnel
Integrity refers to the accuracy and consistency of the within an organization. Examples of confidential data
data stored in a database. An integral database ensures include trade secrets, product development plans, and
that the data it stores is correct and consistent, and that financial information.
it is not modified or tampered with without Restricted Data: This type of data is considered the
authorization. most sensitive and is subject to strict access controls.
Examples of restricted data include classified
government information, national security secrets, and
How to ensure database integrity: highly sensitive corporate data.
• Implementing access controls to restrict access
to the database to authorized personnel only. Protection of Sensitive Data:
Protecting sensitive data is a critical aspect of database
• Using encryption to protect sensitive data stored
security. Sensitive data should be encrypted when
in the database from unauthorized access.
stored and transmitted, and access to it should be
• Implementing auditing and logging mechanisms
restricted to authorized users only. Access controls
to track changes made to the database and detect
should be implemented to ensure that users only have
any unauthorized
access to the data they need to perform their job
• Implementing data validation checks to ensure
functions.
that data entered into the database meets certain
In addition to technical controls, organizations
criteria or standards, such as ensuring that phone
should have policies and procedures in place to govern
numbers are in the correct format, or that dates
the handling of sensitive data. This includes training
are entered in the correct format.
employees on security best practices, performing
regular risk assessments and audits, and having incident
Sensitive Data:
Sensitive data is any type of information that, if response plans in place to address security breaches or
disclosed, could cause harm to an individual, incidents involving sensitive data.
 Notes
Information Security
Module III
Inference: can help prevent inference attacks by ensuring that
security measures are up-to-date and effective.
• Inference is a method of deducing sensitive Education and Training: Employees and users should
information from non-sensitive data through a be educated and trained on security best practices and
series of logical or statistical analyses. the risks associated with inference attacks. This can
• Inference attacks can be carried out by an help prevent unintentional disclosures of sensitive data
attacker who has access to a database that and improve overall security awareness within the
contains both sensitive and non-sensitive data. organization.
By analyzing patterns in the non-sensitive data,
an attacker can make inferences about the Multilevel Security:
sensitive data. • Multilevel security (MLS) is a security model
• For example, if a database contains medical that allows for the simultaneous access of
records that include a patient's age, gender, and information with different levels of sensitivity,
zip code, an attacker could use statistical while enforcing strict access controls to ensure
analysis to deduce information about the that each user can only access information at
patient's medical condition or treatment history. their level of clearance.
• Inference attacks can also be carried out through • MLS is commonly used in government and
a combination of data from multiple sources. By military settings, where different levels of
correlating data from different sources, an security clearance are required to access
attacker can make inferences about sensitive classified information.
data that may not be present in any single source • MLS works by assigning security levels to data
• Inference attacks can be difficult to detect and users based on their level of clearance. Each
because they do not involve direct access to security level is defined by a set of security
sensitive data. Instead, they rely on patterns and controls and policies that restrict access to the
correlations in non-sensitive data to deduce data based on the user's clearance level.
sensitive information. • For example, a government database might
contain classified information at different levels
Measures to prevent inference attacks: of sensitivity, such as top secret, secret, and
Data Masking and Perturbation: Organizations can confidential.
use data masking and perturbation techniques to add • Users with top secret clearance would be able to
noise or randomization to non-sensitive data to make it access all levels of classified information, while
more difficult for attackers to deduce sensitive users with secret clearance would only be able
information. For example, a medical database might use to access secret and confidential information.
a technique called k-anonymization to group patients
with similar demographic data and medical conditions, Implementation of MLS:
making it more difficult for an attacker to identify an • MLS can be implemented through a variety of
individual patient's medical history. technical controls, such as mandatory access
Data Partitioning and Separation: Organizations can controls (MAC) or discretionary access controls
partition data into smaller subsets and separate sensitive (DAC). In MAC, access controls are enforced
data from non-sensitive data to limit the amount of by the operating system or database, while in
information available in any single source. This can DAC, access controls are left to the discretion of
reduce the likelihood of an attacker being able to make the user or administrator.
inferences by correlating data from multiple sources. • MLS can be challenging to implement and
Access Controls and Auditing: Access controls can be maintain, as it requires strict security policies
used to restrict access to sensitive data and limit the and procedures, as well as specialized training
ability of attackers to make inferences from non- for users and administrators. Additionally, MLS
sensitive data. Auditing can be used to monitor access can have a significant impact on performance
to sensitive data and detect any unauthorized attempts and usability, as users may be required to
to access or manipulate the data. undergo multiple authentication and
Regular Security Reviews: Regular security reviews authorization processes to access information at
can help organizations identify potential vulnerabilities different levels of clearance.
and gaps in their security controls and procedures. This
 Notes
Information Security
Module III
• However, MLS can provide a high level of Message Integrity: Data integrity means that the data
security and control over sensitive information, must arrive at the receiver exactly as it was sent. There
making it an important tool for organizations must be no changes in the data content during
that deal with classified or sensitive data. transmission, either maliciously or accident, in a transit.
As there are more and more monetary exchanges over
Network Security: the internet, data integrity is more crucial. The data
Network Security protects your network and data from integrity must be preserved for secure communication.
breaches, intrusions and other threats. This is a vast and End-point authentication: Authentication means that
overarching term that describes hardware and software the receiver is sure of the sender?s identity, i.e., no
solutions as well as processes or rules and imposter has sent the message.
configurations relating to network use, accessibility, Non-Repudiation: Non-Repudiation means that the
and overall threat protection. receiver must be able to prove that the received
Network Security involves access control, virus and message has come from a specific sender. The sender
antivirus software, application security, network must not deny sending a message that he or she send.
analytics, types of network-related security (endpoint, The burden of proving the identity comes on the
web, wireless), firewalls, VPN encryption and more. receiver. For example, if a customer sends a request to
transfer the money from one account to another
Advantages of Network Security account, then the bank must have a proof that the
o Network security is essential for safeguarding customer has requested for the transaction.
client data and information, maintaining the
security of shared data, guaranteeing dependable How is Network Security Implemented?
network performance, and defending against
online attacks. 1. Secret Key Cryptography:
o An effective network security solution lowers
The sender and the receiver share one secret key. The
overhead costs and protects businesses from data is encrypted at the sender's end using this secret
significant losses brought on by a data breach or key. Data is encrypted before being transferred to the
other security event. recipient via a public network. The recipient may
readily decipher the encrypted data packets because
o Ensuring appropriate access to systems, they are both aware of and possess the Secret Key.
applications, and data facilitates company The Data Encryption Standard (DES) is an illustration
operations and customer service. of secret key encryption. It is challenging to administer
Secret Key encryption since each computer on the
Aspects of Network Security network needs a unique key.
Following are the desirable properties to achieve
secure communication:

Privacy: Privacy means both the sender and the

receiver expects confidentiality. The transmitted
message should be sent only to the intended receiver
while the message should be opaque for other users.
Only the sender and receiver should be able to
understand the transmitted message as eavesdroppers
can intercept the message. Therefore, there is a
requirement to encrypt the message so that the message
cannot be intercepted. This aspect of confidentiality is
commonly used to achieve secure communication.
 Notes
Information Security
Module III
4. Intrusion Prevention Systems
2. Public Key Cryptography Intrusion prevention systems scan network traffic to
Each user in this encryption scheme has a unique Secret identify and stop assaults. This is accomplished by
Key that is not kept in the common domain. The secret connecting network activity with databases of attack
key is kept from the public. Every user has a unique but methods that experts are familiar with.
public key in addition to a secret key. Senders encrypt 5. Wireless Security
the data using a public key that is always made In comparison to wireless networks, wired networks
available to the public. Using the user's personal Secret could be more secure. It would help if you had control
Key, he can quickly decode the encrypted data once he over the computers and people who may access the
receives it. Rivest-Shamir-Adleman (RSA), a kind of network of your business. It would help if you had
public key encryption, is an illustration. wireless security, especially in light of the fact that
3. Message Digest fraudsters are increasingly extorting people for their
In this approach, a hash value is computed and private information.
delivered in place of actual data. The second end user 6. Application Security
generates its hash value and contrasts it with the most Applications' weak points may be tracked down and
recent one. It is approved if both hash values match; secured using a combination of software, hardware, and
otherwise, it is refused. processes, which makes it harder for hackers to access
Message Digest example using MD5 hashing. It is your network.
mostly utilized in authentication processes when server 7. Behavioural Analysis
passwords are compared against user passwords. You need to have a solid understanding of the typical
behaviour of your network if you want to be able to
Tools and Software for Network Security: spot abnormalities and different network breaches as
Network to network, and with time, there are changes they happen. Different behavioural analytics solutions
in the security tools and rules available. Strong security are available that may quickly identify unusual activity.
frequently requires various strategies, sometimes
known as layered security or defence, to provide Network Security Threat:
organizations with the most feasible security controls. A network security threat is any malicious activity that
The following are some examples of frequently used compromises the confidentiality and integrity of online
tools and software for network security: data and systems. It is performed by individuals or
groups hoping to gain unauthorized access to systems
1. Firewalls
Web pages, pop-ups, and other service entry and and steal data. Additionally, perpetrators usually
departure decisions are made by firewalls, which are disrupt network operations or perform ransom ware by
guardian services or devices. Depending on the needs, taking advantage of weak spots in the network. As a
these firewalls utilize a preset set of rules to help block result, victims of network threats experience substantial
or allow traffic. Depending on the requirements of the financial losses, reputational damage, or legal penalties.
system, firewalls might be either software- or hardware-
based, or both. Network security threats aim to exploit system
2.AccessControl vulnerabilities or human behaviors to penetrate
Access control enables businesses to stop unauthorized company networks and inflict damage to sensitive data,
people and devices from connecting to a specific applications, and workloads. When a cybercriminal
network and to stop prospective attackers from detects a weak spot in the system, they use it to gain
accessing sensitive data. This limits network access to unauthorized access and install malware, spyware, or
users who are authorized to utilize the specified other harmful software. These weak spots are also a
resources. gateway for social engineering attacks, where
3. Virtual Private Networks (VPN) individuals become an easier target.
In most cases, a VPN encrypts the communication
between an endpoint device and a network via the A network security threat can come from the outside or
internet. Additionally, VPN enables experts to verify the inside of an organization. Outside threats come
the connection between the network and the device. As from malicious individuals who
a consequence, an online tunnel that is encrypted and perform phishing, distributed denial of service (DDoS)
safe is created. attacks, or other network security attacks. On the other
 Notes
Information Security
Module III
hand, inside threats sometimes happen unintentionally, There are many ways to identify network security
due to an employee’s negligence, or purposefully, as a threats before they happen. Below are the most
form of revenge or another malicious intent towards the common methods:
company and its staff. • Intrusion detection systems (IDS). These
systems monitor network traffic for suspicious
Network Security Threats Examples activities and alerts network administrators.
There are many examples of network security threats • Firewall logs. Firewalls log details about traffic,
organizations should watch out for. The list below including connection attempts or any anomalies.
provides the most common examples: • Security information and event management
• Malware. This threat represents installing (SIEM) systems. SIEM systems collect and
malicious software to exploit and disrupt analyze logs from multiple network devices to
systems without users’ knowledge. detect potential attacks.
• Ransomware. This attack encrypts sensitive • Antivirus and antimalware software. This
data belonging to an individual or an software scans network devices to detect
organization. Ransomware makes data malicious behavior.
unreadable until the ransom is paid. • Traffic analysis. This analysis helps detect
• Phishing. This threat works by tricking unauthorized data flows or communication with
individuals into sharing sensitive information suspicious IP addresses.
such as passwords or payment details via • Vulnerability scanning. These scans identify
deceptive emails or websites. network vulnerabilities to shed light on potential
• Man-in-the-middle (MitM) attacks. Man-in- weak spots.
the-Middle attacks intercept online • Penetration testing. These tests simulate real
communication between individuals to steal or network attacks to check the system’s ability to
alter confidential data. remediate them quickly.
• Distributed denial of service (DDoS) • Behavior analytics. Human behavior is
attacks. DDoS attacks use compromised analyzed to determine patterns and deviations
devices to flood systems with traffic and from it that might seem suspicious.
exhaust their bandwidth and other resources.
• SQL injections. These attacks exploit databases How to Prevent Network Security Threats?
to steal, alter, or delete the information in them.
• Zero-day exploits. These exploits are instant • Regular patching and software
attacks on detected hardware or software updates. System patching and software updates
vulnerabilities before the vendor gets the chance are crucial for preventing threats that become
to remediate them. more sophisticated as time passes.
• Insider threats. Insider threats are made by • Using firewalls. Firewalls serve as a barrier
internal members of organizations who abuse between trusted and untrusted networks, which
their access to sensitive information for goes a long way in threat prevention.
malicious agendas. • Using VPNs. VPNs ensure secure remote
• Drive-by downloads. Drive-by downloads are access to systems through encryption.
performed by downloading damaging software • Implementing multi-factor authentication
to the users’ devices without their knowledge to (MFA). MFA requires several confirmations of
perform attacks. identity during logins to prevent unauthorized
• Credential stuffing. Credential stuffing is access.
abusing previously leaked credentials on • Creating regular backups. Organizations
multiple platforms expecting that individuals should backup all their data for easy recovery in
use the same ones on each site. case of data losses.
• Social engineering. Social engineering exploits • Training employees. Employees should take
human psychology to get them to share courses and seminars and engage in simulated
confidential information or perform damaging attacks to ensure they follow the current security
activities to their organization and data. policies.

How to Identify Network Security Threats?

 Notes
Information Security
Module III
• Defining permissions. Organizations must sources. It only allows incoming traffic that is
specify who has access to sensitive information configured to accept.
and systems to minimize potential for attacks. Typically, firewalls intercept network traffic at a
• Using segmented networks. If an attack occurs, computer's entry point, known as a port. Firewalls
network segmenting prevents it from spreading perform this task by allowing or blocking specific data
to the entire system. packets (units of communication transferred over a
digital network) based on pre-defined security rules.
Network Security Controls Incoming traffic is allowed only through
Network Security Controls are used to ensure the trusted IP addresses, or sources.
confidentiality, integrity, and availability of the
network services. These security controls are either Functions of Firewall
technical or administrative safeguards implemented As stated above, the firewall works as a gatekeeper. It
to minimize the security risk. To reduce the risk of a analyzes every attempt coming to gain access to our
network being compromised, an adequate network operating system and prevents traffic from unwanted or
security requires implementing a proper non-recognized sources.
combination of network security controls. Since the firewall acts as a barrier or filter between the
These network security controls include: computer system and other networks (i.e., the public
• Access Control Internet), we can consider it as a traffic controller.
• Identification Therefore, a firewall's primary function is to secure our
• Authentication network and information by controlling network traffic,
• Authorization preventing unwanted incoming network traffic, and
• Accounting validating access by assessing network traffic for
• Cryptography malicious things such as hackers and malware.
• Security Policy Generally, most operating systems (for example -
Windows OS) and security software come with built-in
Firewall: firewall support. Therefore, it is a good idea to ensure
A firewall can be defined as a special type of network that those options are turned on. Additionally, we can
security device or a software program that monitors and configure the security settings of the system to be
filters incoming and outgoing network traffic based on automatically updated whenever available.
a defined set of security rules. It acts as a barrier Firewalls have become so powerful, and include a
between internal private networks and external sources variety of functions and capabilities with built-in
(such as the public Internet). features:
The primary purpose of a firewall is to allow non- o Network Threat Prevention
threatening traffic and prevent malicious or unwanted o Application and Identity-Based Control
data traffic for protecting the computer from viruses o Hybrid Cloud Support
and attacks. A firewall is a cybersecurity tool that filters o Scalable Performance
network traffic and helps users block malicious o Network Traffic Management and Control
software from accessing the Internet in infected o Access Validation
computers. o Record and Report on Events

Limitations of Firewall
When it comes to network security, firewalls are
considered the first line of defense. But the question is
whether these firewalls are strong enough to make our
devices safe from cyber-attacks. The answer may be
"no". The best practice is to use a firewall system when
using the Internet. However, it is important to use other
defense systems to help protect the network and data
A firewall system analyzes network traffic based on stored on the computer. Because cyber threats are
pre-defined rules. It then filters the traffic and prevents continually evolving, a firewall should not be the only
any such traffic coming from unreliable or suspicious consideration for protecting the home network.
 Notes
Information Security
Module III
The importance of using firewalls as a security system Next-Generation Firewall
is obvious; however, firewalls have some limitations: According to Gartner, Inc.’s definition, the next-
o Firewalls cannot stop users from accessing generation firewall is a deep-packet inspection firewall
malicious websites, making it vulnerable to that adds application-level inspection, intrusion
internal threats or attacks. prevention, and information from outside the firewall to
o Firewalls cannot protect against the transfer of go beyond port/protocol inspection and blocking.
virus-infected files or software. Unified Threat Management (UTM) Firewall
o Firewalls cannot prevent misuse of passwords. A UTM device generally integrates the capabilities of a
o Firewalls cannot protect if security rules are stateful inspection firewall, intrusion prevention, and
misconfigured. antivirus in a loosely linked manner. It may include
o Firewalls cannot protect against non-technical additional services and, in many cases, cloud
security risks, such as social engineering. management. UTMs are designed to be simple and easy
o Firewalls cannot stop or prevent attackers with to use.
modems from dialing in to or out of the internal Threat-Focused NGFW
network. These firewalls provide advanced threat detection and
o Firewalls cannot secure the system which is mitigation. With network and endpoint event
already infected. correlation, they may detect evasive or suspicious
Therefore, it is recommended to keep all Internet- behavior.
enabled devices updated. This includes the latest
operating systems, web browsers, applications, and
Intruder:
other security software (such as anti-virus). Besides, the
A intruder is anyone or anything that tries to get access
security of wireless routers should be another practice.
to any part of your computer system. An intruder is
The process of protecting a router may include options
typically referred to as a hacker. Hackers are known to
such as repeatedly changing the router's name and
use automated computer programs to compromise your
password, reviewing security settings, and creating a
computer’s security system.
guest network for visitors.

Types of Firewall Types of intruders in network security:

Depending on their structure and functionality, there are Computer intruders are basically divided into the
different types of firewalls. The following is a list of following three categories:
some common types of firewalls:
o Proxy Firewall Masquerader: These intruders are not authorized to
o Packet-filtering firewalls use the system but still find ways to exploit the user’s
o Stateful Multi-layer Inspection (SMLI) Firewall privacy and confidential information.
o Unified threat management (UTM) firewall Misfeasor: A misfeasor is authorized to use the system
o Next-generation firewall (NGFW) but misuses its access and privileges.
o Network address translation (NAT) firewalls Clandestine User: These intruders have supervision
Packet Filtering powers over the entire system and misuse this control.
A packet filtering firewall controls data flow to and Clandestine users typically use their power for financial
from a network. It allows or blocks the data transfer gains.
based on the packet's source address, the destination
address of the packet, the application protocols to Intrusion Detection System
transfer the data, and so on. An Intrusion Detection System (IDS) maintains
Proxy Service Firewall network traffic looks for unusual activity and sends
This type of firewall protects the network by filtering alerts when it occurs. The main duties of an Intrusion
messages at the application layer. For a specific Detection System (IDS) are anomaly detection and
application, a proxy firewall serves as the gateway from reporting, however, certain Intrusion Detection
one network to another. Systems can take action when malicious activity or
Stateful Inspection unusual traffic is discovered. In this article, we will
Such a firewall permits or blocks network traffic based discuss every point about the Intrusion Detection
on state, port, and protocol. Here, it decides filtering System.
based on administrator-defined rules and context.
 Notes
Information Security
Module III
A system called an intrusion detection system (IDS)
observes network traffic for malicious transactions and
sends immediate alerts when it is observed. It is
software that checks a network or system for malicious
activities or policy violations. Each illegal activity or
violation is often recorded either centrally using an
SIEM system or notified to an administration. IDS
monitors a network or system for malicious activity
and protects a computer network from unauthorized
access from users, including perhaps insiders. The
intrusion detector learning task is to build a predictive
model (i.e. a classifier) capable of distinguishing
between ‘bad connections’ (intrusion/attacks) and • Host Intrusion Detection System (HIDS): Host
‘good (normal) connections’. intrusion detection systems (HIDS) run on
independent hosts or devices on the network. A
Working of Intrusion Detection System(IDS) HIDS monitors the incoming and outgoing packets
• An IDS (Intrusion Detection System) monitors the from the device only and will alert the
traffic on a computer network to detect any administrator if suspicious or malicious activity is
suspicious activity. detected. It takes a snapshot of existing system
• It analyzes the data flowing through the network to files and compares it with the previous snapshot. If
look for patterns and signs of abnormal behavior. the analytical system files were edited or deleted,
• The IDS compares the network activity to a set of an alert is sent to the administrator to investigate.
predefined rules and patterns to identify any An example of HIDS usage can be seen on
activity that might indicate an attack or intrusion. mission-critical machines, which are not expected
• If the IDS detects something that matches one of to change their layout.
these rules or patterns, it sends an alert to the
system administrator.
• The system administrator can then investigate the
alert and take action to prevent any damage or
further intrusion.

Classification of Intrusion Detection System(IDS)

Intrusion Detection System are classified into 5 types:
• Network Intrusion Detection System
(NIDS): Network intrusion detection systems
(NIDS) are set up at a planned point within the
network to examine traffic from all devices on the
network. It performs an observation of passing
traffic on the entire subnet and matches the traffic
that is passed on the subnets to the collection of
known attacks. Once an attack is identified or
abnormal behavior is observed, the alert can be • Protocol-based Intrusion Detection System
sent to the administrator. An example of a NIDS is (PIDS): Protocol-based intrusion detection system
installing it on the subnet where firewalls are (PIDS) comprises a system or agent that would
located in order to see if someone is trying to crack consistently reside at the front end of a server,
the firewall. controlling and interpreting the protocol between a
user/device and the server. It is trying to secure the
web server by regularly monitoring the HTTPS
protocol stream and accepting the related HTTP
protocol. As HTTPS is unencrypted and before
instantly entering its web presentation layer then
 Notes
Information Security
Module III
this system would need to reside in this interface, • Compliance requirements: IDS can help in
between to use the HTTPS. meeting compliance requirements by monitoring
• Application Protocol-based Intrusion Detection network activity and generating reports.
System (APIDS): An application Protocol-based • Provides insights: IDS generates valuable insights
Intrusion Detection System (APIDS) is a system or into network traffic, which can be used to identify
agent that generally resides within a group of any weaknesses and improve network security.
servers. It identifies the intrusions by monitoring
and interpreting the communication on application- Detection Method of IDS
specific protocols. For example, this would • Signature-based Method: Signature-based IDS
monitor the SQL protocol explicitly to the detects the attacks on the basis of the specific
middleware as it transacts with the database in the patterns such as the number of bytes or a number
web server. of 1s or the number of 0s in the network traffic. It
• Hybrid Intrusion Detection System: Hybrid also detects on the basis of the already known
intrusion detection system is made by the malicious instruction sequence that is used by the
combination of two or more approaches to the malware. The detected patterns in the IDS are
intrusion detection system. In the hybrid intrusion known as signatures. Signature-based IDS can
detection system, the host agent or system data is easily detect the attacks whose pattern (signature)
combined with network information to develop a already exists in the system but it is quite difficult
complete view of the network system. The hybrid to detect new malware attacks as their pattern
intrusion detection system is more effective in (signature) is not known.
comparison to the other intrusion detection system. • Anomaly-based Method: Anomaly-based IDS
Prelude is an example of Hybrid IDS. was introduced to detect unknown malware attacks
as new malware is developed rapidly. In anomaly-
Intrusion Detection System Evasion Techniques based IDS there is the use of machine learning to
• Fragmentation: Dividing the packet into smaller create a trustful activity model and anything
packet called fragment and the process is known coming is compared with that model and it is
as fragmentation. This makes it impossible to declared suspicious if it is not found in the model.
identify an intrusion because there can’t be a The machine learning-based method has a better-
malware signature. generalized property in comparison to signature-
• Packet Encoding: Encoding packets using based IDS as these models can be trained
methods like Base64 or hexadecimal can hide according to the applications and hardware
malicious content from signature-based IDS. configurations.
• Traffic Obfuscation: By making message more
complicated to interpret, obfuscation can be Email Security:
utilised to hide an attack and avoid detection. Email security refers to the steps where we protect
• Encryption: Several security features, such as the email messages and the information that they
data integrity, confidentiality, and data privacy, are contain from unauthorized access, and damage. It
provided by encryption. Unfortunately, security involves ensuring the confidentiality, integrity, and
features are used by malware developers to hide availability of email messages, as well as safeguarding
attacks and avoid detection. against phishing attacks, spam, viruses, and another
form of malware. It can be achieved through a
Benefits of IDS combination of technical and non-technical measures.
• Detects malicious activity: IDS can detect any Some standard technical measures include the
suspicious activities and alert the system encryption of email messages to protect their contents,
administrator before any significant damage is the use of digital signatures to verify the authenticity
done. of the sender, and email filtering systems to block
• Improves network performance: IDS can unwanted emails and malware, and the non-technical
identify any performance issues on the network, measures may include training employees on how to
which can be addressed to improve network recognize and respond to phishing attacks and other
performance. email security threats, establishing policies and
procedures for email use and management, and
 Notes
Information Security
Module III
conducting regular security audits to identify and accessibility of email communication within the
address vulnerabilities. organization. An email security policy should include
the following essential components:
We can say that email security is important to protect
sensitive information from unauthorized access and • Appropriate Use: The policy should outline what
ensure the reliability and confidentiality of electronic comprises acceptable email usage inside the
communication. organization, including who is permitted to use
email, how to use it, and for what purpose email
Steps to Secure Email: we have to use.
• Password and Authentication: The policy should
require strong passwords and two-factor
We can take the following actions to protect our email. authentication to ensure that only authorized users
• Choose a secure password that is at least 12 can access email accounts.
characters long, and contains uppercase and • Encryption: To avoid unwanted access, the policy
lowercase letters, digits, and special characters. should mandate that sensitive material be
• Activate the two-factor authentication, which adds encrypted before being sent through email.
an additional layer of security to your email • Virus Protection: The policy shall outline the
account by requiring a code in addition to your period and timing of email messages and
password. attachment collection.
• Use encryption, it encrypts your email messages so • Retention and Detection: The policy should
that only the intended receiver can decipher them. outline how long email messages and their
Email encryption can be done by using the attachments ought to be kept available, as well as
programs like PGP or S/MIME. when they should continue to be removed.
• Keep your software up to date. Ensure that the • Training: The policy should demand that all staff
most recent security updates are installed on your members take a course on email best practices,
operating system and email client. which includes how to identify phishing scams and
• Beware of phishing scams: Hackers try to steal other email-based threats.
your personal information by pretending as • Incident Reporting: The policy should outline the
someone else in phishing scams. Be careful of reporting and investigation procedures for
emails that request private information or have occurrences involving email security breaches or
suspicious links because these are the resources of other problems.
the phishing attack. • Monitoring: The policy should outline the
• Choose a trustworthy email service procedures for monitoring email communications
provider: Search for a service provider that to ensure that it is being followed, including any
protects your data using encryption and other logging or auditing that will be carried out.
security measures. • Compliance: The policy should ensure compliance
• Use a VPN: Using a VPN can help protect our with all essential laws and regulations, including
email by encrypting our internet connection and the health
disguising our IP address, making it more difficult • Insurance rules, including the health portability
for hackers to intercept our emails. and accountability act and the General Data
• Upgrade Your Application Regularly: People Protection Regulation (GDPR)(HIPPA).
now frequently access their email accounts through • Enforcement: The policy should specify the
apps, although these tools are not perfect and can consequences for violating the email security
be taken advantage of by hackers. A cybercriminal policy, including disciplinary action and legal
might use a vulnerability, for example, to hack consequences if necessary.
accounts and steal data or send spam mail. Because
of this, it’s important to update your programs
frequently.

Email Security Policies

The email policies are a set of regulations and
standards for protecting the privacy, accuracy, and
 Notes
Information Security
Module IV
Administrating Security: The status can be expressed as a listing of
Security planning: organizational assets,
A security plan identifies and organizes the security The security threats to the assets, and the controls
activities for a computing system. The plan is both a in place to protect the assets. The status portion of the
description of the current situation and a plan for plan also defines the limits of responsibility for security.
improvement. Every security plan must address seven It describes not only which assets are to be protected but
issues also who is responsible for protecting them. The plan
• Policy, indicating the goals of a computer may note that some groups may be excluded from
security effort and the willingness of the people responsibility; for example, joint ventures with other
involved to work to achieve those goals organizations may designate one organization to provide
• Current state, describing the status of security at security for all member organizations. The plan also
the time of the plan defines the boundaries of responsibility, especially when
• Requirements, recommending ways to meet the networks are involved. For instance, the plan should
security goals clarify who provides the security for a network router or
• Recommended controls, mapping controls to the for a leased line to a remote site. Even though the
vulnerabilities identified in the policy and security plan should be thorough, there will necessarily
requirements be vulnerabilities that are not considered. These
• Accountability, describing who is responsible for vulnerabilities are not always the result of ignorance
each security activity rather, they can arise from the addition of new
• Timetable, identifying when different security equipment or data as the system evolves. They can also
functions are to be done result from new situations, such as when a system is
used in ways not anticipated by its designers. The
• Continuing attention, specifying a structure for
security plan should detail the process to be followed
periodically updating the security plan
when someone identifies a new vulnerability. In
particular, instructions should explain how to integrate
1. Policy: The policy statement should specify the
controls for that vulnerability into the existing security
following:
procedures.
• The organization's goals on security. For
example, should the system protect data from
3. Requirements: The heart of the security plan is
leakage to outsiders, protect against loss of data
its set of security requirements: functional or
due to physical disaster, protect the data's
performance demands placed on a system to
integrity, or protect against loss of business when
ensure a desired level of security. The
computing resources fail? What is the higher
requirements are usually derived from
priority: serving customers or securing data?
organizational needs. Sometimes these needs
• Where the responsibility for security lies. For
include the need to conform to specific security
example, should the responsibility rest with a
requirements imposed from outside, such as by a
small computer security group, with each
government agency or a commercial standard.
employee, or with relevant managers?
• The organization's commitment to security. For 4. Recommended Controls: The security
example, who provides security support for requirements lay out the system's needs in terms
staff, and where does security fit into the of what should be protected. The security plan
organization's structure? must also recommend what controls should be
incorporated into the system to meet those
2. Current Security Status: To be able to plan for requirements. Throughout this book you have
security, an organization must understand the seen many examples of controls, so we need not
vulnerabilities to which it may be exposed. The review them here. As we see later in this chapter,
organization can determine the vulnerabilities by we can use risk analysis to create a map from
performing a risk analysis: a careful investigation vulnerabilities to controls. The mapping tells us
of the system, its environment, and the things how the system will meet the security
that might go wrong. The risk analysis forms the requirements. That is, the recommended controls
basis for describing the current status of security. address implementation issues: how the system
 Notes
Information Security
Module IV
will be designed and developed to meet stated Security Planning Team Members: The membership
security requirements. of a computer security planning team must somehow
relate to the different aspects of computer security
5. Responsibility for Implementation: A section described in this book. Security in operating systems and
of the security plan should identify which people networks requires the cooperation of the systems
are responsible for implementing the security administration staff. Program security measures can be
requirements. This documentation assists those understood and recommended by applications
who must coordinate their individual programmers. Physical security controls are
responsibilities with those of other developers. implemented by those responsible for general physical
At the same time, the plan makes explicit who is security, both against human attacks and natural
accountable should some requirement not be met disasters. Finally, because controls affect system users,
or some vulnerability not be addressed. That is, the plan should incorporate users' views, especially with
the plan notes who is responsible for regard to usability and the general desirability of
implementing controls when a new vulnerability controls. Thus, no matter how it is organized, a security
is discovered or a new kind of asset is planning team should represent each of the following
introduced. groups.
People building, using, and maintaining the system play • Computer hardware group
many roles. Each role can take some responsibility for • System administrators
one or more aspects of security. Consider, for example, • Systems programmers
the groups listed here. • Applications programmers
• Personal computer users may be responsible for • Data entry personnel
the security of their own machines. Alternatively, • Physical security personnel
the security plan may designate one person or • Representative users
group to be coordinator of personal computer In some cases, a group can be adequately represented by
security. someone who is consulted at appropriate times, rather
• Project leaders may be responsible for the than a committee member from each possible
security of data and computations. constituency being enlisted.
6. Timetable: A comprehensive security plan Assuring Commitment To a security plan: After the
cannot be executed instantly. The security plan plan is written, it must be accepted and its
includes a timetable that shows how and when recommendations carried out. Acceptance by the
the elements of the plan will be performed. These organization is key; a plan that has no organizational
dates also give milestones so that management commitment is simply a plan that collects dust on the
can track the progress of implementation. shelf. Commitment to the plan means that security
functions will be implemented and security activities
7. Continuing Attention: Good intentions are not carried out. Three groups of people must contribute to
enough when it comes to security. We must not making the plan a success.
only take care in defining requirements and • The planning team must be sensitive to the needs
controls, but we must also find ways for of each group affected by the plan.
evaluating a system's security to be sure that the • Those affected by the security recommendations
system is as secure as we intend it to be. Thus, must understand what the plan means for the way
the security plan must call for reviewing the they will use the system and perform their
security situation periodically. As users, data, business activities. In particular, they must see
and equipment change, new exposures may how what they do can affect other users and
develop. In addition, the current means of control other systems.
may become obsolete or ineffective (such as
• Management must be committed to using and
when faster processor times enable attackers to
enforcing the security aspects of the system.
break an encryption algorithm). The inventory of
Management commitment is obtained through
objects and the list of controls should
understanding. But this understanding is not just a
periodically be scrutinized and updated, and risk
function of what makes sense technologically; it also
analysis performed anew.
involves knowing the cause and the potential effects of
 Notes
Information Security
Module IV
lack of security. Managers must also weigh tradeoffs in The key to coping with such disasters is advance
terms of convenience and cost. The plan must present a planning and preparation, identifying activities that will
picture of how cost effective the controls are, especially keep a business viable when the computing technology
when compared to potential losses if security is breached is disabled. The steps in business continuity planning are
without the controls. Thus, proper presentation of the these:
plan is essential, in terms that relate to management as • Assess the business impact of a crisis.
well as technical concerns. Management is often reticent • Develop a strategy to control impact.
to allocate funds for controls until the value of those • Develop and implement a plan for the strategy.
controls is explained. As we note in the next section, the
results of a risk analysis can help communicate the Incident response plan: Incident response Plan should
financial tradeoffs and benefits of implementing be :-
controls. By describing vulnerabilities in financial terms • Define what constitutes an incident.
and in the context of ordinary business activities (such as • Identify who is responsible for taking charge of
leaking data to a competitor or an outsider), security the situation.
planners can help managers understand the need for • Describe the plan of action.
controls. The plans we have just discussed are part of
normal business. They address how a business handles Risk Analysis: We distinguish a risk from other project
computer security needs. Similar plans might address events by looking for three things,
how to increase sales or improve product quality, so 1. A loss associated with an event. The event must
these planning activities should be a natural part of generate a negative effect: compromised security, lost
management. Next we turn to two particular kinds of time, diminished quality, lost money, lost control, lost
business plans that address specific security problems: understanding, and so on. This loss is called the risk
coping with and controlling activity during security impact.
incidents. 2. The likelihood that the event will occur. The
probability of occurrence associated with each risk is
Business Continuity Plan: A business continuity plan measured from 0 (impossible) to 1 (certain). When the
documents how a business will continue to function risk probability is 1, we say we have a problem.
during a computer security incident. An ordinary 3. The degree to which we can change the outcome. We
security plan covers computer security during normal must determine what, if anything, we can do to avoid the
times and deals with protecting against a wide range of impact or at least reduce its effects. Risk control
vulnerabilities from the usual sources. involves a set of actions to reduce or eliminate the risk.
A business continuity plan deals with situations having We usually want to weigh the pros and cons of
two characteristics: different actions we can take to address each risk. To
• Catastrophic situations, in which all or a major that end, we can quantify the effects of a risk by
part of a computing capability is suddenly multiplying the risk impact by the risk probability,
unavailable yielding the risk exposure. For example, if the likelihood
• Long duration, in which the outage is expected to of virus attack is 0.3 and the cost to clean up the affected
last for so long that business will suffer files is $10,000, then the risk exposure is $3,000. So we
There are many situations in which a business continuity can use a calculation like this one to decide that a virus
plan would be helpful. Here are some examples that checker is worth an investment of $100, since it will
typify what you might find in reading your daily prevent a much larger potential loss. Clearly, risk
newspaper: probabilities can change over time, so it is important to
• A fire destroys a company's entire network. track them and plan for events accordingly.
• A seemingly permanent failure of a critical Risk is inevitable in life: Crossing the street is
software component renders the computing risky but that does not keep us from doing it. We can
system unusable. identify, limit, avoid, or transfer risk but we can seldom
• A business must deal with the abrupt failure of eliminate it. In general, we have three strategies for
its supplier of electricity, telecommunications, dealing with risk:
network access, or other critical service. 1. Avoiding the risk, by changing requirements for
• A flood prevents the essential network support security or other system characteristics
staff from getting to the operations center. 2. Transferring the risk, by allocating the risk to other
systems, people, organizations, or assets; or by buying
 Notes
Information Security
Module IV
insurance to cover any financial loss should the risk steps, we can analyze the security risks in a computing
become a reality system. The basic steps of risk analysis are listed below.
3. Assuming the risk, by accepting it, controlling it with 1. Identify assets.
available resources, and preparing to deal with the loss if 2. Determine vulnerabilities.
it occurs 3. Estimate likelihood of exploitation.
Thus, costs are associated not only with the risk's 4. Compute expected annual loss.
potential impact but also with reducing it. Risk leverage 5. Survey applicable controls and their costs.
is the difference in risk exposure divided by the cost of 6. Project annual savings of control.
reducing the risk. In other words, risk leverage is:

(𝐑𝐢𝐬𝐤 𝐞𝐱𝐩𝐨𝐬𝐮𝐫𝐞 𝐛𝐞𝐟𝐨𝐫𝐞 𝐫𝐞𝐝𝐮𝐜𝐭𝐢𝐨𝐧) − (𝐑𝐢𝐬𝐤 𝐞𝐱𝐩𝐨𝐬𝐮𝐫𝐞 𝐛𝐞𝐟𝐨𝐫𝐞 𝐫𝐞𝐝𝐮𝐜𝐭𝐢𝐨𝐧)

(𝐜𝐨𝐬𝐭 𝐨𝐟 𝐫𝐢𝐬𝐤 𝐫𝐞𝐝𝐮𝐜𝐭𝐢𝐨𝐧)

The Nature of Risk: In our everyday lives, we take Arguments For and against risk analysis: Risk
risks. In crossing the road, eating oysters, or playing the analysis is a well-known planning tool, used often by
lottery, we take the chance that our actions may result in auditors, accountants, and managers. In many situations,
some negative result such as being injured, getting sick, such as obtaining approval for new drugs, new power
or losing money. Consciously or unconsciously, we plants, and new medical devices, a risk analysis is
weigh the benefits of taking the action with the possible required by law in many countries. There are many good
losses that might result. Just because there is a risk to a reasons to perform a risk analysis in preparation for
certain act we do not necessarily avoid it; we may look creating a security plan.
both ways before crossing the street, but we do cross it. • Improve awareness. Discussing issues of security
In building and using computing systems, we must take can raise the general level of interest and concern
a more organized and careful approach to assessing our among developers and users. Especially when the
risks. Many of the systems we build and use can have a user population has little expertise in computing,
dramatic impact on life and health if they fail. For this the risk analysis can educate users about the role
reason, risk analysis is an essential part of security security plays in protecting functions and data
planning. that are essential to user operations and products.
We cannot guarantee that our systems will be risk free; • Relate security mission to management
that is why our security plans must address actions objectives. Security is often perceived as a
needed should an unexpected risk become a problem. financial drain for no gain. Management does not
And some risks are simply part of doing business; for always see that security helps balance harm and
example, as we have seen, we must plan for disaster control costs.
recovery, even though we take many steps to avoid • Identify assets, vulnerabilities, and controls.
disasters in the first place. When we acknowledge that a Some organizations are unaware of their
significant problem cannot be prevented, we can use computing assets, their value to the organization,
controls to reduce the seriousness of a threat. For and the vulnerabilities associated with those
example, you can back up files on your computer as a assets. A systematic analysis produces a
defense against the possible failure of a file storage comprehensive list of assets, valuations, and
device. But as our computing systems become more risks.
complex and more distributed, complete risk analysis • Improve basis for decisions. A security manager
becomes more difficult and time consuming and more can present an argument such as "I think we need
essential. a firewall here" or "I think we should use token-
based authentication instead of passwords." Risk
Steps of a Risk Analysis: Risk analysis is performed in analysis augments the manager's judgment as a
many different contexts; for example, environmental and basis for the decision. Justify expenditures for
health risks are analyzed for activities such as building security. Some security mechanisms appear to be
dams, disposing of nuclear waste, or changing a very expensive and without obvious benefit. A
manufacturing process. Risk analysis for security is risk analysis can help identify instances where it
adapted from more general management practices, is worth the expense to implement a major
placing special emphasis on the kinds of problems likely security mechanism. Justification is often derived
to arise from security issues. By following well-defined
 Notes
Information Security
Module IV
from examining the much larger risks of not describe the nature of each audience and their security
spending for security. goals. Several other sections are required, including the
purpose of the computing system, the resources needing
Organizational Security Policies: A security policy is a protection, and the nature of the protection to be
high-level management document to inform all users of supplied.
the goals of and constraints on using a system. A policy • Purpose
document is written in broad enough terms that it does • Protected resources
not change frequently. The information security policy is • Nature of protection
the foundation upon which all protection efforts are
built. It should be a visible representation of priorities of Characteristics of a Good Security Policy: If a
the entire organization, definitively stating underlying security policy is written poorly, it cannot guide the
assumptions that drive security activities. The policy developers and users in providing appropriate security
should articulate senior management's decisions mechanisms to protect important assets. Certain
regarding security as well as asserting management's characteristics make a security policy a good one.
commitment to security. To be effective, the policy must • Durability
be understood by everyone as the product of a directive • Realism
from an authoritative and influential person at the top of • Usefulness
the organization.
Purpose: Security policies are used for several Physical security: Physical security is the term used to
purposes, including the following: describe protection needed outside the computer system.
• recognizing sensitive information assets Typical physical security controls include guards, locks,
• clarifying security responsibilities and fences to deter direct attacks. In addition, there are
• promoting awareness for existing employees other kinds of protection against less direct disasters,
• guiding new employees such as floods and power outages; these, too, are part of
physical security.
Audience: A security policy addresses several different
audiences with different expectations. That is, each Natural Disasters: It is impossible to prevent natural
group users, owners, and beneficiaries uses the security disasters, but through careful planning it is possible to
policy in important but different ways. reduce the damage they inflict. Some measures can be
Users: Users legitimately expect a certain degree of taken to reduce their impact. Because many of these
confidentiality, integrity, and continuous availability in perils cannot be prevented or predicted, controls focus
the computing resources provided to them. Although the on limiting possible damage and recovering quickly
degree varies with the situation, a security policy should from a disaster. Issues to be considered include the need
reaffirm a commitment to this requirement for service. for offsite backups, the cost of replacing equipment, the
Users also need to know and appreciate what is speed with which equipment can be replaced, the need
considered acceptable use of their computers, data, and for available computing power, and the cost or difficulty
programs. For users, a security policy should define of replacing data and programs. Some of them are
acceptable use. • Flood
Owners: Each piece of computing equipment is owned • Fire
by someone, and the owner may not be a system user. • Other natural disasters
An owner provides the equipment to users for a purpose,
such as to further education, support commerce, or Power loss: Computers need their food electricity and
enhance productivity. A security policy should also they require a constant, pure supply of it. With a direct
reflect the expectations and needs of owners. power loss, all computation ceases immediately.
Beneficiaries: A business has paying customers or Because of possible damage to media by sudden loss of
clients; they are beneficiaries of the products and power, many disk drives monitor the power level and
services offered by that business. At the same time, the quickly retract the recording head if power fails. For
general public may benefit in several ways: as a source certain time-critical applications, loss of service from the
of employment or by provision of infrastructure. system is intolerable; in these cases, alternative complete
power supplies must be instantly available.
Contents: A security policy must identify its audiences:
the beneficiaries, users, and owners. The policy should
 Notes
Information Security
Module IV
Human vandals: Because computers and their media they cannot be quickly substituted from another source.
are sensitive to a variety of disruptions, a vandal can Let us look what to do after a crisis occurs.
destroy hardware, software, and data. Human attackers • Back-up
may be disgruntled employees, bored operators, • Off-site backup
saboteurs, people seeking excitement, or unwitting • Network storage
bumblers. If physical access is easy to obtain, crude • Cold site
attacks using axes or bricks can be very effective. One • Hot site
man recently shot a computer that he claimed had been
in the shop for repairs many times without success. Physical security backup: We have to protect the
Physical attacks by unskilled vandals are often easy to facility against many sorts of disasters, from weather to
prevent; a guard can stop someone approaching a chemical spills and vehicle crashes to explosions. It is
computer installation with a threatening or dangerous impossible to predict what will occur or when. The
object. When physical access is difficult, more subtle physical security manager has to consider all assets and
attacks can be tried, resulting in quite serious damage. a wide range of harm. Malicious humans seeking
People with only some sophisticated knowledge of a physical access are a different category of threat agent.
system can short-circuit a computer with a car key or The primary physical controls are strength and
disable a disk drive with a paper clip. These items are duplication. Strength means overlapping controls
not likely to attract attention until the attack is implementing a defense-in-depth approach so that if one
completed. control fails, the next one will protect. People who built
• Unauthorized access and use ancient castles practiced this philosophy with moats,
• Theft walls, drawbridges, and arrow slits. Duplication means
• Preventing access eliminating single points of failure. Redundant copies of
• Preventing portability data protect against harm to one copy from any cause.
• Detecting theft Spare hardware components protect against failures.

Interception of Sensitive Information: When Protecting Programs And Data:

disposing of a draft copy of a confidential report Copyrights, patents, and trade secrets are legal devices
containing its sales strategies for the next five years, a that can protect computers, programs and data. Here
company wants to be especially sure that the report is how each of these forms are originally designed to be
not reconstructable by one of its competitors. When the used and how each is currently used in computing are
report exists only as hard copy, destroying the report is described.
straightforward, usually accomplished by shredding or Copyrights: Copyrights are designed to protect the
burning. But when the report exists digitally, destruction expression of ideas. Thus it is applicable to a creative
is more problematic. There may be many copies of the work, such as story, photographs, song or pencil sketch.
report in digital and paper form and in many locations The right to copy an expression of an idea is protected
(including on the computer and on storage media). There by copyright. The idea of copyright is to allow regular
may also be copies in backups and archived in e-mail and free exchange of ideas. Copyright gives the author
files. Here, we look at several ways to dispose of the exclusive right to make copies of the expression and
sensitive information. They are sell them in public. That is, only the author can sell the
• Shredding copies of the author’s book.
• Overwriting magnetic data Patents: Patents are unlike copyrights in that they
• Degaussing protect inventions, tangible objects, or ways to make
• Protecting against Emanation them, not works of the mind. The distinction between
patents and copyrights is that patents were intended to
Contingency Planning: The key to successful recovery apply to the results of science, technology, and
is adequate preparation. Seldom does a crisis destroy engineering, where as copyrights are meant to cover
irreplaceable equipment; most computing systems works in the arts, literature, and written in the
personal computers to mainframes are standard, off-the- scholarship. A Patent is designed to protect the device or
shelf systems that can be easily replaced. Data and process for carrying out an idea itself.
locally developed programs are more vulnerable because Trade Secrets: A trade secret is unlike a patent and
copyright in that it must kept secret. The information has
value only as secret, and an infringer is one who
 Notes
Information Security
Module IV
divulges the secret. Once divulged, the information Applicable to everyone Personal choice
usually cannot be made secret. A trade secret is Priority determined by courts Priority determined by an
information that gives one company a competitive edge if two laws conflict individual if two principles
over others. For example the formula of a soft drink is a conflict
trade secret, as is a mailing list of customer or Court final arbiter of “right” No external arbiter
information about a product due to be announced in a Enforceable by police and Limited enforcement
few months. court

Computer Crime: Cyber laws: also known as internet laws or digital laws,
Crimes involving computers are an area of the law that are laws that govern the use of the internet and other
is even less clear than the other areas. Computer crime digital technologies. These laws address a wide range of
consider why new laws are needed to address some of its issues, including intellectual property, privacy,
problems. Issues in computer crime are: cybercrime, and liability for online activities. Cyber laws
• Rules of property vary from country to country, but most countries have
• Rules of evidence laws that address issues such as hacking, identity theft,
• Threats to integrity and confidentiality and online fraud.
• Value of data There are several key cyber laws that govern online
• Acceptance of computer terminology activity and protect individuals and organizations from
cybercrime. Some of the most important laws include:
Why Computer crime is hard to define? The Computer Fraud and Abuse Act (CFAA): This
Some people in the legal process do not understand law criminalizes unauthorized access to computer
computers and computing, so crimes involving systems and networks, as well as unauthorized access to
computers are not always treated properly. Main reasons sensitive information stored on those systems.
are The Electronic Communications Privacy Act
• Lack of understanding (ECPA): This law regulates the interception and
• Lack of physical evidence disclosure of electronic communications, including
• Lack of recognition assets email and text messages.
• Lack of political impacts The Health Insurance Portability and Accountability
• Complexity of case Act (HIPAA): This law regulates the use and disclosure
• Juveniles of protected health information (PHI) in electronic form.
The Children’s Online Privacy Protection Act (COPPA):
Privacy: In particular, we want to investigate the This law regulates the collection of personal information
privacy of sensitive data about the user. The user should from children under the age of 13.
be protected against the system’s misuse of the private The General Data Protection Regulation (GDPR):
data and the system’s failure to protect its user’s private This EU regulation regulates the collection and
data against outside attack and disclosure. This is termed processing of the personal data of EU citizens.
as privacy in computer ethics. The Personal Data Protection Bill (PDPB): In India,
this bill regulates the collection, storage, and processing
Ethical Issues In Computer Security: of personal data of Indian citizens.
The primary purpose of this section is to explore some These are just a few examples of the many cyber laws
of ethical issues associated with computer security and that exist to protect individuals and organizations from
to show how ethics functions as a control. cybercrime. It’s important for individuals and
organizations to stay informed about these laws and to
Difference between Law and Ethics: comply with them in order to avoid legal repercussions.
Law Ethics The relationship between information security and cyber
Described by formal, written Described by unwritten laws is close, as both fields are concerned with
documents principles protecting sensitive information and preventing
Interpreted by courts Interpreted by each unauthorized access to that information. Cyber laws help
individual to define what constitutes a security breach and the
Established by legislature Presented by philosophers, penalties for committing such a breach, while
representing all people religions, professional groups information security practices help to prevent breaches
 Notes
Information Security
Module IV
from occurring in the first place. Cyber laws also help to
ensure that organizations are accountable for protecting
sensitive information and that individuals are able to
take legal action if their personal information is
mishandled.

Indian Laws & Government Initiatives

There are various legislations that support cybersecurity
in India. The table below mentions these:
Laws related Important Facts
to Cyber
Security in
India

Information • Came into force in October 2000

and • Also called Indian Cyber Act
Technology
• Provide legal recognition to all e-
Act, 2000
transactions
• To protect online privacy and curb
online crimes
Information The amendments in the IT Act mentioned:
Technology
Amendment • ‘Data Privacy’
Act 2008 • Information Security
(ITAA)
• Definition of Cyber Cafe
• Digital Signature
• Recognizing the role of CERT-In
• To authorize the inspector to
investigate cyber offenses against
DSP who was given the charge
earlier
National Indian Government is coming up with the
Cyber National Cyber Security Strategy 2020
Security entailing the provisions to secure
Strategy cyberspace in India. The cabinet’s nod is
2020 pending and it will soon be out for the
public.
Cyber MeitY in collaboration with National e-
Surakshit Governance Division (NeGD) came up
Bharat with this initiative in 2018 to build a
Initiative cyber-resilient IT set up