Embed Size (px)
Citation preview
1
MODULE 2 - NETWORK SECURITY
E - COMMERCE
•CLIENT SERVER NETWORK SECURITY
•CLIENT SERVER SECURITY THREATS
PRESENTED BY - SREERAG GOPINATH P.C
SEMESTER VIII
COMPUTER SCIENCE & ENGG.
SJCET, PALAI
2
SECURITY THREATS
A Security threat is a circumstance, condition, or event with the potential to cause economic hardship to data or network resources in the form of
- destruction,
- disclosure,
- modification of data,
- denial of service, and / or
- fraud, waste or abuse.
Confidence, reliability and protection of information against security threats is a crucial prerequisite for the functioning of e-commerce.
3
SECURITY CONCERNS
The discussion of security concerns in e-commerce can be divided into two broad types :
1. Client-server security
• Uses authorization methods to make sure only valid users & programs have access to information resources such as databases.
• Access control mechanisms – password protection, encrypted smart cards, biometrics, and firewalls.
2. Data & Transaction Security
• Ensures privacy & confidentiality in electronic messages & data packets.
• Includes authentication of remote users in network transactions.
• Aim to defeat any attempt to assume another identity in data communication.
• Preventive measures – data encryption using cryptographic methods.
4
CLIENT SERVER NETWORK SECURITY
Client
server
Network
security
• User maneuverability
• Easy access
• Site security
• Confidentiality
B A L A N C I N G
&
SYSTEM ADMINISTRATORS
HAVE A HARD TIME
5
WHY PAY ATTENTION TO SECURITY?
INTERNET
10000 networks- Unlimited number of hackers?
CORPORATE LAN OR WAN
SUBNET
CORPORATE NETWORK
6
CLIENT SERVER SECURITY PROBLEMS
Client-server network security problems manifest themselves in three ways:
1. Physical security holes
Result when individuals gain unauthorized access to a computer.
2. Software security holes
• Result when badly written programs or “privileged” software are “compromised”
into doing things they shouldn’t.
• “sendmail hole” (1988), “rlogin hole”
3. Inconsistent usage holes
Result when a system administrator assembles a combination of hardware & software such that the system is seriously flawed from a security point of view.
7
REDUCING CLIENT SECURITY THREATS
The problem with e-commerce
If consumers connect a computer to the Internet, they can easily log into it from anywhere the network reaches. Without proper access control, anyone else can too.
Therefore, protection mechanisms become unavoidable in e-commerce.
Protection (authorization / access control)
• Grants privileges to the system or resource by checking user-specific informationsuch as passwords.
• File level – OS provides mechanisms like Access Control Lists, specifying the resources various users and groups are entitled to.
8
PROTECTION METHODS
• Trust-based Security
• Security Through Obscurity
• Password Schemes
• Biometric Systems
9
TRUST BASED SECURITY
• The approach is to trust everyone and do nothing extra for protection
• No access restrictions of any kind
• Assume all users are trustworthy and competent in their use of the shared network.
• Worked in the past, but is dangerous today
10
SECURITY THROUGH OBSCURITY (STO)
• Notion that any network can be secure as long as nobody outside its management group is allowed to find out anything about its operational details and users are provided information on a need-to-know basis.
• Ex: Hiding accounts & passwords in binary files or scripts.
• Provides a false sense of security by hiding information.
• Quite successful with stand-alone systems that ran OSs like IBM MVS or CMS and DEC VAX.
• Limited usefulness in the UNIX world - mobility
- users with greater knowledge & computing power
11
PASSWORD SCHEMES
• Erects a first-level barrier to accidental intrusion.
• Do little about deliberate attack.
• Weaknesses of passwords - Simple or familiar words Dictionary comparison
- Unencrypted transfer Eavesdropping
- Writing down, sharing
• Countering these threats - Creating One time passwords Smart Cards
Randomized tokens
Challenge-response
systems
12
BIOMETRIC SYSTEMS
• Most secure level of authorization.
• Involve some unique aspect of a person’s body.
• Past biometric authentication fingerprint comparison
palm prints
retinal patterns
signature verification
voice recognition
• Expensive to implement – best suited for controlling physical access than for network or workstation access.
• Inconvenient - High verification time (10-30 seconds)
• Unduly intrusive – user reluctance
• New device variations Keystroke scan
IR facial pattern detection
13
EMERGING CLIENT - SERVER SECURITY THREATS
These threats can be divided into two major categories –
1. Threats to local computing environment from mobile software , and
2. Access control & threats to servers that include Impersonation
Eavesdropping
Denial of Service
Packet Replay
Packet Modification
14
SOFTWARE AGENTS & MALICIOUS CODE THREATS
• Mobile code (software agent) is an executable program that has the ability to move from machine to machine and also to invoke itself without external influence.
• Major security threat derives from the nature of the Internet :
Client programs interpret data downloaded from arbitrary servers on the Internet.
• Client threats mostly arise from malicious data or code.
• Malicious code refers to Viruses
Worms
Trojan Horses
Logic Bombs
Other deviant software programs
15
MALICIOUS CODE
• Viruses: computer program that as ability to replicate and spread to other files; most also deliver a “payload” of some sort (may be destructive or benign); include macro viruses, file-infecting viruses and script viruses
• Worms: designed to spread from computer to computer
• Trojan horse: appears to be benign, but then does something other than expected
• Bad applets (malicious mobile code): malicious Java applets or ActiveX controls that may be downloaded onto client and activated merely by surfing to a Web site
16
MALICIOUS CODE - EXAMPLES
17
THREATS TO SERVERS
Threats to servers consist of Unauthorized modification of server data
Unauthorized eavesdropping or modification
Compromise of a server system by exploiting bugs
Denial of Service
Packet Replay
Network servers are much more susceptible to impersonation –
Hackers have potential access to a large number of systems
Popular UNIX programs – Finger, rsh, ruser discover account names
Guess Passwords Dictionary Attacks
Eavesdropping – trap user names & passwords Wiretapping
Auxiliary ports
Prevention - Encryption
18
DENIAL OF SERVICE ATTACKS
• The primary goal of any denial of service attack is to prevent the victim’s machine from fulfilling its function, ‘denying’ service to those legitimate users.
• The two most common forms of DoS attacks are –
Service Overloading
Message Flooding
• Hard to prevent, but can be reduced by restricting access to critical accounts, resources, and files and protecting them from unauthorized users.
• Important to protect against DoS without denying access to legitimate users.
19
SERVICE OVERLOADING
• Service overloading occurs when floods of network requests are made to a server daemon on a single computer.
• These requests can be initiated in a number of ways, many intentional.
• The result of these floods can cause your system to be so busy servicing interrupt requests and network packets that it is unable to process regular tasks in a timely fashion.
• Many requests will be thrown away as there is no room to queue them. If it is a TCP-based service, they will be resent and will add to the load.
• Such attacks can also mask an attack on another machine by preventing audit records and remote login requests from being processed in a timely manner. They deny access to a particular service.
20
MESSAGE FLOODING
• Message flooding occurs when a user slows down the processing of a system on the network to prevent the system from processing its normal workload, by "flooding" the machine with network messages addressed to it.
• These may be requests for file service or login, or they may be simple echo-back requests.
• Whatever the form, the flood of messages overwhelms the target so it spends most of its resources responding to the messages. In extreme cases, this flood may cause the machine to crash with errors or lack of memory to buffer the incoming packets. This attack denies access to a network server.
• A server that is being flooded may not be able to respond to network requests in a timely manner. An attacker can take advantage of this behavior by writing a program that answers network requests in the server's place. For example, an attacker could flood an NIS server and then issue his own replies for NIS requests - specifically, requests for passwords.
21
COUNTERING SERVER THREATS - FIREWALLS
INTERNET CORPORATE LAN OR WAN
CORPORATE NETWORK
STOP
22
THANK YOU !!!
