INTRODUCTION

Computer data often travels from one computer to another, leaving the safety of its protected
physical surroundings. Once the data is out of hand, people with bad intention could modify or
forge your data, either for amusement or for their own benefit.

Cryptography can reformat and transform our data, making it safer on its trip between
computers. The technology is based on the essentials of secret codes, augmented by modern
mathematics that protects our data in powerful ways.

• Computer Security - generic name for the collection of tools designed to protect data and to
thwart hackers

• Network Security - measures to protect data during their transmission

• Internet Security - measures to protect data during their transmission over a collection of
interconnected networks

Security Attacks, Services and Mechanisms

To assess the security needs of an organization effectively, the manager responsible for security
needs some systematic way of defining the requirements for security and characterization of
approaches to satisfy those requirements. One approach is to consider three aspects of
information security:

Security attack – Any action that compromises the security of information owned by an

organization.

Security mechanism – A mechanism that is designed to detect, prevent or recover from a

security attack.

Security service – A service that enhances the security of the data processing systems and the

information transfers of an organization. The services are intended to counter security attacks and

they make use of one or more security mechanisms to provide the service.

SECURITY ATTACKS

There are four general categories of attack which are listed below.

Interruption

An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on

availability e.g., destruction of piece of hardware, cutting of a communication line or

1
Disabling of file management system.

Interception

An unauthorized party gains access to an asset. This is an attack on confidentiality.

Unauthorized party could be a person, a program or a computer.e.g., wire tapping to

capture data in the network, illicit copying of files.

Modification

An unauthorized party not only gains access to but tampers with an asset. This is an attack on

integrity. e.g., changing values in data file, altering a program, modifying the contents of

messages being transmitted in a network.

Fabrication

An unauthorized party inserts counterfeit objects into the system. This is an attack on
authenticity. e.g., insertion of spurious message in a network or addition of records to a file.

2
Cryptographic Attacks

Passive Attacks

Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal

of the opponent is to obtain information that is being transmitted. Passive attacks are of two
types:

Release of message contents: A telephone conversation, an e-mail message and a transferred file

may contain sensitive or confidential information. We would like to prevent the opponent from

learning the contents of these transmissions.

Traffic analysis: If we had encryption protection in place, an opponent might still be able to
observe the pattern of the message. The opponent could determine the location and identity of
communication hosts and could observe the frequency and length of messages being exchanged.
This information might be useful in guessing the nature of communication that was taking place.

Passive attacks are very difficult to detect because they do not involve any alteration of data.

However, it is feasible to prevent the success of these attacks.

Active attacks

These attacks involve some modification of the data stream or the creation of a false stream.
These attacks can be classified in to four categories:

Masquerade – One entity pretends to be a different entity.

Replay – involves passive capture of a data unit and its subsequent transmission to produce an

unauthorized effect.

Modification of messages – Some portion of message is altered or the messages are delayed or

3
recorded, to produce an unauthorized effect.

Denial of service – Prevents or inhibits the normal use or management of communication

facilities. Another form of service denial is the disruption of an entire network, either by
disabling the network or overloading it with messages so as to degrade performance.

It is quite difficult to prevent active attacks absolutely, because to do so would require physical
protection of all communication facilities and paths at all times. Instead, the goal is to detect them
and to recover from any disruption or delays caused by them.

SECURITY MECHANISMS

One of the most specific security mechanisms in use is cryptographic techniques.

Encryption or encryption-like transformations of information are the most common means of

providing security. Some of the mechanisms are

1 Encipherment 2 Digital Signature 3 Access Control

SECURITY SERVICES

The classification of security services are as follows:

Confidentiality: Ensures that the information in a computer system a n d transmitted

information are accessible only for reading by authorized parties. E.g. Printing, displaying and
other forms of disclosure.

Authentication: Ensures that the origin of a message or electronic document is correctly

identified, with an assurance that the identity is not false.

Integrity: Ensures that only authorized parties are able to modify computer system assets and

transmitted information. Modification includes writing, changing status, deleting, creating

and delaying or replaying of transmitted messages.

Non repudiation: Requires that neither the sender nor the receiver of a message be able to deny

the transmission.

Access control: Requires that access to information resources may be controlled by or the target

4
system.

Availability: Requires that computer system assets be available to authorized parties when

needed.

Threat - a threat is a method of triggering a risk event that is dangerous. It is also the potential
for a threat-source to exercise (accidentally trigger or intentionally exploit) a specific
vulnerability.
Risk - a risk is a possible event which could cause a loss
Vulnerability - a weakness in a target that can potentially be exploited by a security threat. It can
also mean a flaw or weakness in system security procedures, design, implementation or internal
controls that could be exercised (accidentally triggered or intestinally exploited) and could result
in a security breach or a violation of a system’s security policy.
Exploit - a vulnerability that has been triggered by a threat - a risk of (100%)
Defense in depth - never rely on one single security measure alone
Likelihood – The probability that a potential vulnerability may be exercised within the construct
of an associated threat environment.