REVISIONREVISION
CSE2500 SYSTEM SECURITY & PRIVACY
Revision Srini & Nandita2
Introduction to securityIntroduction to security
Security attack - action that compromises the security of a system and its information
Security mechanism – prevention, detection and reaction
Security services – tools and programs that prevent/detect/react the attacks. many combine mechanism/services into
method(s) for thwarting security threats.
Revision Srini & Nandita3
Security Attack TypesSecurity Attack Types
Interruption – attack on availabilityInterception – attack on confidentialityModification – attack on integrityFabrication – attack on authenticity
Function Property
Revision Srini & Nandita4
Security is defined asSecurity is defined as
Computer security deals with the prevention and detection of unauthorised actions by users of a computer system AND
deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others
Revision Srini & Nandita5
Attacks – typesAttacks – types
Passive (interception) – eavesdropping on, monitoring of, transmissions. Examples: release of message contents and traffic analysis
Active - Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service..
Revision Srini & Nandita6
RISK ANALYSIS & SECURITY PLANRISK ANALYSIS & SECURITY PLAN
RISK = LOSS ($) X PROBABILITYBenefits of RA
Awareness & documentation of assets & risks
Accountable decision and expenditutreCriticism of RA probable loss &
uncertaintySecurity Plan
Document addressing security needs
Revision Srini & Nandita7
Steps to Complete a RASteps to Complete a RA
List the Assets Determine their value, including costs of
recreating data files Vulnerabilities Probability of Loss Computation Possible Controls Cost of Applied Controls Cost/Benefit
Revision Srini & Nandita8
Content of a Security Plan (1)Content of a Security Plan (1)
PolicyCurrent Situation RequirementsRecommendationsAccountable PersonnelPlans and SchedulesEvaluation and Review
Revision Srini & Nandita9
Authentication meansAuthentication means
to establish the proof of identity.Authentication techniques may vary
depending on the kind of resource being accessed.
The various kinds of access can be classified into user-to-host host-to-host user(or process) –to – user (process)
Revision Srini & Nandita10
Authentication is done byAuthentication is done by
by something you are (SYA) by something you know (SYK) by something you have (SYH)
SYA is more reliable and accurate compared to SYH.
Revision Srini & Nandita11
User-to-Host authenticationUser-to-Host authentication
Typical methods are static passwords - SYK challenge and response – mathematical
function shared one-time passwords – changes every time trusted third parties - simple sign-on system
Revision Srini & Nandita12
Static passwords - Static passwords - problemsproblems
A password guesser (also known as cracker/dictionary attack) can be used to guess some of the passwords even if the passwords (or its derivatives) are stored in encrypted form.
The passwords can be guessed because of their poor choice such as password is same as the user name
or the actual user name, or the popular words in the dictionary, etc.
Revision Srini & Nandita13
Biometric TechniquesBiometric Techniques
Biometrics identify people by measuring some aspect of individual anatomy or physiology - SYH
Handwritten signaturesFace RecognitionFingerprintsIris CodesDevices
Revision Srini & Nandita14
Fundamental Model of Access Fundamental Model of Access ControlControl
subject Access request Reference
Monitorsobject
Revision Srini & Nandita15
Possible Access Control Possible Access Control Mechanisms areMechanisms are
Control Matrix Control lists Groups and Roles Extension to Distributed (+file) Systems
Revision Srini & Nandita16
Access Control MatrixAccess Control Matrix
Object
Users
Operating system
Accounts
Program
Accounting Data
Audit Trail
Sam rwx rwx rw r
Alice x x rw -
Bob rx r r r
Revision Srini & Nandita17
ACLs per subject(Capabilities list)ACLs per subject(Capabilities list)
Sam
rwx
rwx
r
r
Alice
rx
x
-
-
Acc.pgm
rx
r
rw
w
Bob
rx
r
r
r
Srini
rx
r
r
r
User
OS
A/C Prgm
A/C Data
Audit trail
Revision Srini & Nandita18
Access Control ListsAccess Control Lists
User Accounting Data
Sam rw
Alice rw
Bob r
Srini r
Revision Srini & Nandita19
Trusted hosts – Trusted hosts – advantages/disadvantagesadvantages/disadvantages
Password cannot be sniffed because it is not transmitted.
Users can log in once and then subsequently move to any machine in the trusted network.
A compromised host makes others vulnerable
Vulnerable to IP spoofing
Revision Srini & Nandita20
Security Models and their properties:Security Models and their properties:
The Bell-LaPadula model addresses information confidentiality
Chinese Wall model restricts information flow and addresses conflicts of interest
Biba model addresses information integrityClarke-Wilson model formally models a policy
based on well-formed transactions.
Ranked Model multilevel security
Revision Srini & Nandita21
CryptographyCryptography
plaintext (data file or messages)
encryption
ciphertext (stored or transmitted safely)
decryption
plaintext (original data or messages)
Revision Srini & Nandita22
General approaches to CryptographyGeneral approaches to Cryptography
There are two general encryption methods: Block ciphers & Stream ciphers
Block ciphers Slice message M into (fixed size blocks) m1, …, mn
• Add padding to last block Use Ek to produce (ciphertext blocks) x1, …, xn
Use Dk to recover M from m1, …, mn
E.g: DES, etc. Stream ciphers
Generate a long random string (or pseudo random)called one-time pad.
Message one-time pad (exclusive or)• E.g: EC4
Revision Srini & Nandita23
Types of ciphersTypes of ciphers
Private key cryptosystems/ciphersThe secret key is shared between two parties
Public key cryptosystems/ciphersThe secret key is not shared and two parties
can still communicate using their public keys
Revision Srini & Nandita24
Design of Private Key CiphersDesign of Private Key Ciphers
A Cryptographic algorithm should be efficient for good use It should be fast and key length should be of the right length –
e.g.; not too short Cryptographic algorithms are not impossible to break
without a key If we try all the combinations, we can get the original message
The security of a cryptographic algorithm depends on how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographic algorithm X
using all the computers of a state, X can be thought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crack many current cryptographic algorithms.
Revision Srini & Nandita25
What is PKE used for?What is PKE used for?
Private Key Encryption (PKE) can be used:Transmitting data over an insecure channelSecure stored data (encrypt & store)Provide integrity check:
• (Key + Mes.) -> MAC (message authentication code)
Revision Srini & Nandita26
Private Key EncryptionPrivate Key Encryption
Caesar cipher substitution cipher (letters shifted by fixed key, K)
DES (US, 1977) (3DES)key -- 56 bits, plaintext/ciphertext -- 64 bits
IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bits
SPEED (Y Zheng in 1996)Key/(plaintext/ciphertext) -- 48,64,80,…,256 bits
AES (Joan Daemen & Vincent Rijmen 2000)Key/(plaintext/ciphertext) -- 128, 192 and 256 bits
Revision Srini & Nandita27
Private key cipherPrivate key cipher
E Network or Storage
Plain Text Cipher Text Cipher Text
D
Bob
Secret Key
Alice
Secret Key
Plain Text
Revision Srini & Nandita28
Motivation of Public Key CryptographyMotivation of Public Key Cryptography
Is it possible for Alice & Bob, who have no shared secret key, to communicate securely ?
This led to the SINGLE MOST IMPORTANT discovery of public key communications: Diffie & Hellman’s ideas of public key
cryptography: <private-key, public-key>
Revision Srini & Nandita29
Public Key CryptosystemPublic Key Cryptosystem
E Network
Plain Text Cipher Text Cipher Text
D
Plain Text
Alice
Bob
Bob:
Public Key Directory (Yellow/White Pages)
Secret Key
Revision Srini & Nandita30
RSA Public Key CryptosystemRSA Public Key Cryptosystem
c=m e mod n
Network
Plain Text Cipher Text Cipher Text Plain Text
Alice
Bob
Bob: (e, n)Public Key Directory (Yellow/White Pages)
public key:
e & n
secret key: d
m=c d mod n
Revision Srini & Nandita31
Private key ciphersPrivate key ciphers
Good pointsin-expensive to usefastlow cost VLSI chips available
Bad pointskey distribution is a problem
Revision Srini & Nandita32
Public key ciphersPublic key ciphers
Good pointskey distribution is NOT a problem
Bad pointsrelatively expensive to userelatively slowVLSI chips not available or relatively high cost
Revision Srini & Nandita33
Digital Signature Digital Signature (based on RSA)(based on RSA)
Public Key Directory (Yellow/White Pages)
Bob:
E
Network
Plain Text
Plain Text
Bob
Secret Key
+
Cathy
Signature
Accept if equal
D
Signature
?
Public Key
Revision Srini & Nandita34
Digital Signature Digital Signature (for short doc)(for short doc)
Public Key Directory (Yellow/White Pages)
Bob: (e, n)
Network
Plain Text
Plain Text
Bob
Secret Key d
+
Cathy
Signature
Accept if equal
Signature
?
Public Key (e, n)
s =md mod n t =se mod n
Revision Srini & Nandita35
Digital Signature Digital Signature (for long doc)(for long doc)
Public Key Directory (Yellow/White Pages)
Bob:
Network
Plain Text
Plain Text
H
100 bits
Bob
Secret Key
+
H 100 bits
Cathy
Signature
Accept if equal1-way hash
100 bits
Signature
?
Public Key
Revision Srini & Nandita36
Why Digital Signature ?Why Digital Signature ?Unforgeable
takes 1 billion years to forge !Un-deniable by the signatoryUniversally verifiableDiffers from doc to docEasily implementable by
software orhardware orsoftware + hardware
Revision Srini & Nandita37
Use & Abuse of encryptionUse & Abuse of encryption
Proper use:protects privacy of individualsprotects commercial interests of companies
Abuse:organised crimes (s.a. drug trafficking)fraud and corruptionterrorism......
Revision Srini & Nandita38
Escrowed keyEscrowed key
E Network or Storage
Plain Text Cipher Text Cipher Text
D
OriginalPlain Text
Bob
Secret Key
Alice
Secret Key
EscrowAgency A
EscrowAgency B
Revision Srini & Nandita39
A positive use of key escrowA positive use of key escrowEncrypted data become useless if the key
is lost or forgotten !Have you ever forgotten your password ?
To prevent loss of corporate information, a company can build a company-wide “key escrow” system (our original Question on slide 2)Question: HOW ?
(hint: no police or court system is involved in this case.)
Revision Srini & Nandita40
Shamir’s (t,n)-threshold schemeShamir’s (t,n)-threshold scheme
Key disposing --- by the dealerinitialisationdistributing a share to each of the n
participants in the groupKey recovery --- by participants
gathering shares from t participantsreconstructing the key from the t shares
Revision Srini & Nandita41
Auditing and LoggingAuditing and Logging
Log files are an important building block of a secure system: they form a recorded history, or audit trail, of the computer’s past, making it easier to track an attack.
Log files also have a fundamental vulnerability (as they can be modified similar to modifying the database files) as they are stored on the system which can be modified by the intruder.
Revision Srini & Nandita42
Integrity ManagementIntegrity Management
The goal of integrity management is to prevent alterations to (or deletions of) data, to detect modification or deletions if they occur, and to recover from alterations or deletions if they happen.
Revision Srini & Nandita43
Integrity Management TechniquesIntegrity Management Techniques
Setting appropriate file permissions and restricting access to the root account on Unix.
Immutable files – that cannot be modified once the system is running.
Append only files – files to which data can be appended, but in which the existing data cannot be changed. This type is ideally suitable for log files.
Read-only file systems – a hardware read only protection will be even better.
Revision Srini & Nandita44
Detecting a change in a file(s)Detecting a change in a file(s)
Meta data - such as file sizes, last modification time, etc
Comparison copies – comparing byte-by-byte – unwieldy and time consuming.
Checksum – file content can be modified in such a way that it generates the same checksum – not effective.
Digital Signatures!!!
Revision Srini & Nandita45
DDB should deliverB should deliver (advantages) (advantages)
shared accessminimal redundancydata consistencydata integritycontrolled access
Revision Srini & Nandita46
Reliability & integrityReliability & integrity three dimensions:
database integrityelement integrityelement accuracy
various techniques2-phase update introducing redundancy recoveryconcurrency/consistency controlusing monitors
Revision Srini & Nandita47
Access decisions on sensitive dataAccess decisions on sensitive data
factors to be considered when permitting “user x to access data y”availability of data
• Record is blocked from read while it is modified
acceptability of access• No disclosure (even ‘partial’) of sensitive values
to unauthorized users
assurance of authenticity of user• Limit access based on other considerations
(time of access, previous accesses,…)
Revision Srini & Nandita48
Inference ProblemInference Problem
definition:infer or derive sensitive data from non-
sensitive or (seemingly) un-related data“inference” is a subtle vulnerability in
database security
Revision Srini & Nandita49
Summary of inferenceSummary of inference
no perfect solution to inference problem3 common approaches
suppress obviously sensitive data fairly easy
track what the user knows costlydisguise data may result in incorrect or
wrong responses to legitimate queries
Revision Srini & Nandita50
Guidelines on Protection of Privacy & Transborder flows of personal Information were adopted by the OECD on 30 September 1980, contained 8 basic principles:
1. Collection limitation
2. Data quality
3. Purpose specification
4. Use limitation
5. Security Safeguards
6. Openness
7. participation
8. Accountability
Revision Srini & Nandita51
State legislation
Victoria and NSW have introduced Privacy legislation.
The Information Privacy Act 2000 (Victoria) applies to state government Departments. Ministers of the state Crown, courts, police – and universities set up under state legislation.
Contains 10 Information Privacy Principles (IPPs) very similar to the 10 NPPs in the Federal Act.
The Health Records Act 2001 (Victoria), protects privacy of health records
Contains 11 Health privacy Principles (HPPs)