Cryptography and Network Security-21. What are Security Policies? Explain military security policy.A security policy is a statement of the security we expect the system to enforce. Each piece of information in military is ranked at a particular sensitivity level, such as unclassified, restricted, confidential, secret, or top secret. Military security policy is based on protecting classified information The ranks or levels form a hierarchy, and they reflect an increasing order of sensitivity, as shown in figure

That is, the information at a given level is less sensitive than the information in the level above it and more sensitive than the level below it. For example, restricted information is more sensitive than unclassified but more sensitive than confidential. We can denote the sensitivity of an object O by rank o. In the rest of this unit we assume these five sensitivity levels. Information access is limited by the need-to-know rule:

The subjects who need the sensitive data to perform their jobs are only allowed to access the sensitive data. Each piece of classified information may be associated with one or more projects, called compartments, describing the subject matter of the information. For example, the alpha project may use secret information, as may the beta project, but staff on alpha do not need access to the information on beta. In other words, both projects use secret information, but each is restricted to only the secret information needed for its particular project. In this way, compartments help enforce need-to-know restrictions so that people obtain access only to information that is relevant to their jobs. A compartment may cover information at only one sensitivity level, or it may include information at several sensitivity levels. The relationship between compartments and sensitivity levels is shown in figure

2. Explain Chinese wall Security Policy.Chinese Wall Security Policy is builds on three levels of abstraction. Objects: At the lowest level are elementary objects, such as files. Each file contains information concerning only one company. Company groups: At the next level, all objects concerning a particular company are grouped together. Conflict classes: At the highest level, all groups of objects for competing companies are clustered.

With this model, each object belongs to a unique company group, and each company group is contained in a unique conflict class. A conflict class may contain one or more company groupsUsing the Chinese Wall hierarchy, you would form six company groups (one for each company) and three conflict classes:

{Suchard, Cadbury}, {Citicorp, Deutsche Bank, Credit Lyonnais}, and {SAS}. The hierarchy guides a simple access control policy: A person can access any information as long as that person has never accessed information from a different company in the same conflict class. That is, access is allowed if either the object requested is in the same company group as an object that has previously been accessed or the object requested belongs to a conflict class that has never before been accessed. In our example, initially you can access any objects. Suppose you read from a file on Suchard. A subsequent request for access to any bank or to SAS would be granted, but

a request to access Cadbury files would be denied. Your next access, of SAS data, does not affect future accesses. But if you then access a file on Credit Lyonnais, you will be blocked from future accesses to Deutsche Bank or Citicorp

The Chinese Wall is a commercially inspired confidentiality policy. It is unlike most other commercial policies, which focus on integrity. It is also interesting because access permissions change dynamically: As a subject accesses some objects, other objects that would previously have been accessible are subsequently denied.

3. Write a short note on Impersonation.Impersonation is a more significant threat in a wide area network than in a local one. Local individuals often have better ways to obtain access as another user; they can, for example, simply sit at an unattended workstation. Still, impersonation attacks should not be ignored even on local area networks, because local area networks are sometimes attached to wider area networks without anyone's first thinking through the security implications. In an impersonation, an attacker has several choices like guess the identity and authentication details of the target, pick up the identity and authentication details of the target from a previous communication or from wiretapping, circumvent or disable the authentication mechanism at the target computer, use a target that will not be authenticated, use a target

whose authentication data are known. 4. Explain link and end-to-end encryption. Encryption plays a major role in network security. It is powerful tool in

providing privacy, authenticity, integrity, and limited access to data. Because networks often involve even greater risks, they often secure data with encryption, perhaps in combination with other controls

In network applications, encryption can be applied either between two hosts (called link encryption) or between two applications (called end-to-end encryption). We consider each below. With either form of encryption, key distribution is always a problem. Encryption keys must be delivered to the sender and receiver in a secure manner. Link encryption

In link encryption, data are encrypted just before the system places them on the physical communications link. In this case, encryption occurs at layer 1 or 2 in the OSI model. (A similar situation occurs with TCP/IP protocols.) Similarly, decryption occurs just as the communication arrives at and enters the receiving computer. A model of link encryption is shown in Figure 9.4.

Encryption protects the message in transit between two computers, but the message is in plaintext inside the hosts. (A message in plaintext is said to be "in the clear.") Notice that because the encryption is added at the bottom protocol layer, the message is exposed in all other layers of the sender and receiver. If we have good physical security, we may not be too concerned about this exposure; the exposure occurs on the sender's or receiver's host or workstation, protected by alarms or locked doors, for example. Nevertheless, you should notice that the message is exposed in two layers of all intermediate hosts through which the message may pass. This exposure occurs because routing and addressing are not read at the bottom layer, but only at higher layers. The message is in the clear in the intermediate hosts, and one of these hosts may not be especially

trustworthy. Link encryption is especially appropriate when the transmission line is the point of greatest vulnerability. If all hosts on a network are reasonably secure but the communications medium is shared with other users or is not secure, link encryption is an easy control to use.

As its name implies, end-to-end encryption provides security from one end of a transmission to the other. The encryption can be applied by a hardware device between the user and the host. Alternatively, the encryption can be done by software running on the host computer. In either case, the encryption is performed at the highest levels (layer 7, application, or perhaps at layer 6, presentation) of the OSI model. A model of end-to-end encryption is shown in Figure

Since the encryption precedes all the routing and transmission processing ofthe layer, the essage is transmitted in encrypted form throughout thenetwork. The encryption addresses potential flaws in lower layers in thetransfer model. If a lower layer should fail to preserve security and revealdata it has received, the data confidentiality is not endangered. Figure shows a typical message with

end-to-end encryption, again with the encrypted field shaded.

When end-to-end encryption is used, messages sent through several hostsare protected. The data content of the message is still encrypted, as shown in Figure , and the message is encrypted (protected against disclosure)while in transit. Therefore, even though a message must pass throughpotentially insecure nodes (such as C through G) on the path between Aand B, the message is protected against disclosure while in transit.

5. Explain in detail, the Security Association.IPSec provides connectionless, best-effort delivery of datagrams through a network by protecting it from snooping or modification. IPSec protects IP datagrams by defining a method of specifying the traffic to protect, how that traffic is to be protected, and to whom the traffic is sent. IPSec can protect packets between hosts, between network security gateways, or between hosts and security gateways. Since an IPSec-protected datagram is itself just another IP packet it is possible to nest security services and provide, for example, end-to-end authentication between hosts and send that IPSecprotected data through a tunnel, which is itself protected by security

gateways using IPSec.

In order to communicate each pair of hosts using IPSec, it must establish a security association with one another. The security association connects the security services and a key, with the traffic to be protected, and the remote peer with whom IPSec traffic is being exchanged. The security association that applies to a given IPSec header is determined by the packets destination IP address and the security parameter index (SPI) in the packet header. SAs reside in the security association database (SADB).

The SAs are one way, i.e., simplex. If two hosts, A and B, are communicating securely using ESP, then the host A will have an SA, SA ,for processing outbound packets and will have a different SA, SA , for processing the inbound pack ets. The host B will also create two SAs for processing its packets. The SA out of the host A and the SA of the host B will share the same cryptographic parameters such as keys. Similarly, SA in of the host A and the SA of the host B will share the same cryptographic parameters. As SAs are unidirectional, a separate table is maintained for

SAs used for outbound and inbound processing. Out The SAs are also protocol specific. There is an SA for each protocol. If two hosts A and B are communicating securely using both AH and ESP, then each host builds a separate SA for each protocol. Security Policy Database (SPD) is also a component in the IPSec architecture. The SPD works in conjunction with the SADB in processing packets. The policy is an extremely important component of IPSec architecture. The policy defines the security communications characteristics between the two entities. It defines what protocols to use in what modes and the transforms to be used. It also defines how the IP packets are treated.

6. Describe the Authentication Header.Authentication Header (AH) is one of the two core security protocols in IPSec protocol suite. AH provides data integrity, data source authentication, and protection against replay attacks. It does not provide confidentiality. This makes AH header much simpler than ESP. It is merely a header and not a header plus trailer. The figure shows the AH protected IP packet.

It provides authentication of either all or part of the contents of a datagramthrough the addition of a header that is calculated based on the values in the datagram. What parts of the datagram are used for the calculation, and the placement of the header, depends on the mode (tunnel or transport) and the version of IP. The figure shows the AH protocol structure.

The fields comprising the AH header are: Next Header: The next header field identifies the protocol type of the next packet header after the AH packet header. Payload Length: The length field states the length of the AH header information. Reserved field: It is for future extensions of the AH protocol. SPI field: shows to which SA the packet belongs. Sequence number: It is an incrementing value that prevents against replay attacks. The authentication data: contains the information for authenticating the

packet.

The operation of the AH protocol is simple especially for any protocol that has anything to do with network security. It can be considered analogous to the algorithms used to calculate checksums or perform CRC checks for error detection. In those cases, a standard algorithm is used by the sender to compute a checksum or CRC code based on the contents of a message. This computed result is transmitted along with the original data to the destination, which repeats the calculation and discards the message if any discrepancy is found between its calculation and the one done by the source.

This is the same idea behind AH, except that instead of using a simple algorithm known to everyone, it uses a special hashing algorithm and a specific key known only to the source and the destination. SA between two devices is set up that specifies these particulars so that the source and destination know how to perform the computation, but nobody else can. On the source device, AH performs the computation and puts the result (called the Integrity Check Value or ICV) into a special header with other fields for transmission. The destination device does the same calculation using the key the two devices share, which enables it to see immediately if any of the fields in the original datagram were modified either due to error or malice. It's important to point here that just as a checksum doesn't change the original data, neither does the ICV calculation change it. The presence of the AH header allows us to verify the integrity of the message, but doesn't encrypt it. Thus, AH provides authentication but not privacy. 7. Explain in detail, the Secure Socket layer.SSL is a security protocol that was developed by Netscape Communications Corporation, along with RSA Data Security, Inc. The primary goal of the SSL protocol is to provide a private channel between communicating applications, which ensures privacy of data, authentication of the partners, and integrity.

SSL provides an alternative to the standard TCP/IP socket API that has security implemented within it. Therefore, in theory, it is possible to run any TCP/IP application in a secure way without changing the application. In practice, SSL is only widely implemented for HTTP connections, but Netscape Communications Corp, has stated an intention to employ it for other application types, such as NNTP and Telnet, and there are several such implementations freely available on the Internet. IBM, for example, uses SSL to enhance security for TN3270 sessions in the IBM WebSphere Host On-Demand and eNetwork Communications Server products.

SSL is composed of two layers:

At the lower layer, a protocol for transferring data using a variety of predefined cipher and authentication combinations, called the SSL Record Protocol. Figure 11.1 illustrates this and contrasts it with a standard HTTP socket connection. Note that this diagram shows SSL as

providing a simple socket interface on which other applications can be layered. In reality, current implementations have the socket interface embedded within the application and do not expose an API that other applications can use.

On the upper layer, a protocol for initial authentication and transfer of encryption keys, called the SSL Handshake Protocol.

8. Mention different possible threats to E-mail. The threats to electronic mail are message interception leading to either loss of confidentiality or blocked delivery, message interception and subsequent replay, message content modification, message origin modification, message content forgery by outsider and recipient, message origin forgery by outsider and recipient, denial of message transmission. Confidentiality and content forgery are often handled by encryption. Encryption can also help in a defense against replay, although we would also have to use a protocol in which each message contains something

unique that is encrypted. Symmetric encryption cannot protect against forgery by a recipient, since both sender and recipient share a common key however, public key schemes can let a recipient decrypt but not encrypt. Because of lack of control over the middle points of a network, senders or

receivers generally cannot protect against blocked delivery.

9. What is Firewall? Explain. A firewall is a device that act as a barrier between an authorized or "inside" network and a unauthorized or "outside" network. Usually a firewall runs on

a dedicated device; which means nonfirewall functions should not be done on the same machine. Because a firewall is executable code, the attacker could compromise that code and execute from the firewall's device. Thus, the fewer pieces of code on the device, the fewer tools the attacker would have by compromising the firewall. Firewall code usually runs on a proprietary or carefully minimized operating system.

The purpose of a firewall is to keep "bad" things outside a protected environment. To accomplish that, firewalls implement a security policy that is specifically designed to address what bad things might happen. For example, the policy might be to prevent any access from outside (while still

allowing traffic to pass from the inside to the outside). Alternatively, the policy might permit accesses only from certain places, from certain users, or for certain activities. Part of the challenge of protecting a network with a firewall is determining which security policy meets the needs of the

installation.

10. What do you mean by Planning Security policies? Explain.In a computing system the security plan identifies and organizes the security activities. The plan is both a description of the current situation and a plan for improvement. Every security plan must address seven issues.

current state, describing the status of security at the time of the plan

policy, indicating the goals of a computer security effort and the willingness of the people involved to work to achieve those goals

requirements, recommending ways to meet the security goals

recommended controls, mapping controls to the vulnerabilities identified in the policy and requirements

accountability, describing who is responsible for each security activity

timetable, identifying when different security functions are to be done

continuing attention, specifying a structure for periodically updating the security plan

There are many approaches for creating and updating a security plan. Some organizations have a formal, defined security planning process, much as they might have a defined and accepted development or maintenance process. Others look to security professionals for guidance on how to

perform security planning.Good, effective security planning includes a careful risk analysis. A risk is a potential problem that the system or its users may experience. We distinguish a risk from other project events by looking for three things:1. A loss associated with an event: The event must generate a negative effect: compromised security, lost time, diminished quality, lost money, lost control, lost understanding, and so on. This loss is called the risk impact.

2. The likelihood that the event will occur: There is a probability of occurrence associated with each risk, measured from 0 (impossible) to

3. 1 (certain). When the risk probability is 1, we say we have a problem.

3. The degree to which we can change the outcome: We must determine what, if anything, we can do to avoid the impact or at least reduce its effects. Risk control involves a set of actions to reduce or eliminate the risk. Many of the security controls we describe in this book are examples of risk control.

In general, there are three strategies for risk reduction:

1. avoiding the risk, by changing requirements for security or other system characteristics

2. transferring the risk, by allocating the risk to other systems, people, organizations, or assets; or by buying insurance to cover any financial loss should the risk become a reality 3. assuming the risk, by accepting it, controlling it with available resources, and preparing to deal with the loss if it occurs

Thus, costs are associated not only with the potential impact of risks but also with reducing it. Risk leverage is the difference in risk exposure divided by the cost of reducing the risk. In other words, Risk Leverage is: (Risk Exposure before reduction) (Risk Exposure after reduction)

(Cost of risk reduction)

If the leverage value of a proposed action is not high enough, then we look for alternative but less costly actions or more effective reduction techniques.

//////////////////////////////////////////////////////////////////////////////////////////////////////////