Information Security Chapter #1 PDF

INFORMATION SECURITY Dr. Abdullah Ayub Sindh Madressatul Islam University, Karachi Chapter #1 SE- Topic: Introduction to IS INFORMATION Dr. Abdullah Ayub SECURITY [email protected] Course (2+1) credit hours 16 lectures of 2+1 hours COURSE Marks Distribution INFORMAT Sessional marks Assignments 40 ION Class tests / Quizzes Class performance Presentation/Project Mid Term: 20 Final Exam: 40 S.No Topics 1 Introduction and overview 2 Cryptographic tools (classical encryption) 3 Symmetric encryption (DES, AES) / Mode of operation 4 Message authentication and hash functions / Public-key encryption 5 (DH & RSA) 6 PKI / Internet Security protocols (IPsec) 7 (Secure E-mail, SSL, HTTPS, etc) 8 Mid Term 9 Cyber and physical attacks 10 Vulnerability scanning 11 Vulnerability scanning 12 Firewall / Intrusion Detection 13 (continued) / Intrusion Response/Tolerance 14 Security management / Other security issues (1) 15 Other security issues (2) / Course review 16 Final Exams TEACHING DEMAND AFTER COMPLETION OF THIS COURSE 1. Get certificate of “Information Security Certification” from freecodecamp.com DATA Data can be defined as a representation of facts, concepts, or instructions in a formalized manner, which should be suitable for communication, interpretation, or processing by human or electronic machine. Data is represented with the help of characters such as alphabets (A-Z, a-z), digits (0-9) or special characters (+,-,/,*,,= etc.) WHAT IS INFORMATIO N? Information is organized or classified data, which has some meaningful values for the receiver. Information is the processed data on which decisions and actions are based. For the decision to be meaningful, the processed data must qualify for the following characteristics − Timely − Information should be available when required. Accuracy − Information should be accurate. Completeness − Information should be complete. DATA PROCESSING CYCLE Data processing is the re-structuring or re-ordering of data by people or machine to increase their usefulness and add values for a particular purpose. Data processing consists of the following basic steps - input, processing, and output. These three steps constitute the data processing cycle DATA PROCESSING CYCLE Input − In this step, the input data is prepared in some convenient form for processing. The form will depend on the processing machine. For example, when electronic computers are used, the input data can be recorded on any one of the several types of input medium, such as magnetic disks, tapes, and so on. Processing − In this step, the input data is changed to produce data in a more useful form. For example, pay-checks can be calculated from the time cards, or a summary of sales for the month can be calculated from the sales orders. Output − At this stage, the result of the proceeding processing step is collected. The particular form of the output data depends on the use of the data. For example, output data may be pay-checks for employees. WHAT IS STRUCTURED DATA? Structured data usually resides in relational databases (RDBMS). Fields store length delineated data phone numbers, Social Security numbers, or ZIP codes. Even text strings of variable length like names are contained in records, making it a simple matter to search. Data may be human- or machine-generated as long as the data is created within an RDBMS structure. This format is eminently searchable both with human generated queries and via algorithms using type of data and field names, such as alphabetical or numeric, currency or date. Common relational database applications with structured data include airline reservation systems, inventory control, sales transactions, and ATM activity. Structured Query Language (SQL) enables queries on this type of structured data within relational databases. Some relational databases do store or point to unstructured data such as customer relationship management (CRM) applications. The integration can be awkward at best since memo fields do not loan themselves to traditional database queries. Still, most of the CRM data is structured. Unstructured data is essentially everything else. Unstructured data has internal structure but is not structured via pre-defined data models or schema. It may be textual or non-textual, and human- or machine-generated. It may also be stored within a non-relational database like NoSQL. Typical human-generated unstructured data includes: WHAT IS Text files: Word processing, spreadsheets, presentations, email, logs. UNSTRUC Email: Email has some internal structure thanks to its metadata, and we sometimes refer to it as semi-structured. However, its message field is unstructured and traditional analytics tools cannot TURED parse it. Social Media: Data from Facebook, Twitter, LinkedIn. DATA? Website: YouTube, Instagram, photo sharing sites. Mobile data: Text messages, locations. Communications: Chat, IM, phone recordings, collaboration software. Media: MP3, digital photos, audio and video files. Business applications: MS Office documents, productivity applications TYPICAL MACHINE- GENERATED UNSTRUCTURED DATA INCLUDES: 1. Satellite imagery: Weather data, landforms, military movements. 2. Scientific data: Oil and gas exploration, space exploration, seismic imagery, atmospheric data. 3. Digital surveillance: Surveillance photos and video. 4. Sensor data: Traffic, weather, oceanographic sensors. WHAT IS NETWORK in simple language a computer network is a OR collection of computers / devices also know as a nodes which are connected to each other COMPUTE in a certain pattern and communicate with each other using some protocol. R Protocols are set of rules that define how the NETWORK communication is going to happen. ? SECURITY Security is the degree of protection against danger, damage, loss, and crime Can be considered in many different contexts like Information, Data, Computer, Networks etc. NETWORK SECURITY Network security consists of the provisions and policies adopted by the network administrators to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network- accessible resources. Network security is the security provided to a network from unauthorized access and risks. It is the duty of network administrators to adopt preventive measures to protect their networks from potential security threats. NETWORK SECURITY (CONT…) Network security is any activity designed to protect the usability and integrity of your network and data. It includes both hardware and software technologies It targets a variety of threats It stops them from entering or spreading on your network Effective network security manages access to the network WHY NETWORK SECURITY? We need our network secured because there are a lot of threats to networks from hackers and software’s. our networks holds a lot of data some of which is confidential and cloud lead industry sabotage and espionage and so it must be protected. Protect vital info while still allowing access to those who need it. Provide authentication and access control for resources. Guarantee privacy and correct access. EXAMPLE Message (Plain text) R Bob Alice e a d s Tom Any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. ATTACK OR An assault on system security to evade security (INFORM services and violate the security policy of a system ATION A resource (both physical or logical), called an asset, can have one or more vulnerabilities that SECURIT can be exploited by a threat agent in a threat action Y) The result can potentially compromises the confidentiality, integrity or availability properties of resources of the organization and others involved parties (customers, suppliers). TYPES OF ATTACKS Active Attack Passive Attack The main goal of a passive attack is to obtain unauthorized access to the information. For example, actions such as intercepting and eavesdropping on the communication channel can be regarded as passive attack. These actions are passive in nature, as they neither affect information nor disrupt the communication channel. A passive attack is often seen as stealing information. The only difference in stealing physical goods and stealing information is that theft of data still leaves the owner in possession of that data. Passive information attack is thus more dangerous than stealing of goods, as information theft may go unnoticed by the owner. PASSIVE ATTACK PASSIVE ATTACK EXAMPLE Message (Plain text) R Bob Alice e a d s Tom An active attack involves changing the information in some way by conducting some process on the information. For example, Modifying the information in an unauthorized manner. Initiating unintended or unauthorized transmission of information. Alteration of authentication data such as originator name or timestamp associated with information Unauthorized deletion of data. Denial of access to information for legitimate users (denial of service). ACTIVE ATTACK ACTIVE ATTACK EXAMPLE PRINCIPLES OF NETWORK SECURITY CONFIDENTIAL AUTHENTICATI INTEGRITY NON- ACCESS ITY ON REPUDIATION CONTROL AVAILABILITY CONFIDENTIALITY The principles of confidentiality Confidentiality gets specifies that only compromised if an Interception attack sender and the unauthorized causes loss of intended recipient person is able to confidentiality should be able to access a message. access the contents of a message. AUTHENTICATION AUTHENTICATION MECHANISM’S THE AUTHENTICATION PROCESS HELP ESTABLISH PROOF OF ENSURES THE ORIGIN OF AN IDENTITIES. ELECTRONIC MESSAGE OR DOCUMENT IS CORRECTLY IDENTIFIED. INTEGRITY WHEN THE CONTENT OF A MESSAGE ARE MODIFICATION CAUSES LOSS OF CHANGED AFTER THE SENDER SENDS IT, INTEGRITY. BUT BEFORE IT REACHES THE INTENDED RECIPIENT, WE SAY THAT THE INTEGRITY OF A MESSAGE IS LOST. NON REPUDIATION means one party cannot deny receiving a message or a transaction nor can the other party deny sending a message or a transaction. For example in cryptography it is sufficient to show that message matches the digital signature signed with sender’s private key and that sender could have a sent a message and nobody else could have altered it in transit. Data Integrity and Authenticity are pre-requisites for Non repudiation. There are situations where a user sends a message and later on refuses that she had sent that message. The principle of non-repudiation defeats such possibilities of denying something, having done it. Non-repudiation does not allow the sender of a message to refute the claim of not sending that message. ACCESS CONTROL The principles of access control determines who should be able to access what. An control mechanism can be setup to ensure this. Access control is broadly related to role management and rule management. Role management concentrates on the user side. Rule management focuses on the resources side. AVAILABILITY means information must be available when needed. For example if one needs to access information of a particular employee to check whether employee has outstanded the number of leaves, in that case it requires collaboration from different organizational teams like network operations, development operations, incident response and policy/change management. Denial of service attack is one of the factor that can hamper the availability of information. THANK YOU

Information Security Chapter #1 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue