Data Security Presentation PDF
Document Details
Uploaded by Deleted User
Dr Marwa Al Enany
Tags
Summary
This presentation provides an overview of data security concepts, focusing on the goals, types of attacks, and associated terminology. It's a thorough introduction to information security principles.
Full Transcript
DATA SECURITY 1 DR MARWA AL ENANY THE CONCEPT OF SECURITY Security is “the quality or state of being secure to be free from danger.” In other words, protection against adversaries from those who would do harm, intentionally or otherwise is the objective. The Committee on National S...
DATA SECURITY 1 DR MARWA AL ENANY THE CONCEPT OF SECURITY Security is “the quality or state of being secure to be free from danger.” In other words, protection against adversaries from those who would do harm, intentionally or otherwise is the objective. The Committee on National Security Systems (CNSS) defines information security as the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. THE CONCEPT OF SECURITY A successful organization should have the following multiple layers of security in place to protect its operations: Physical security, to protect physical items, objects, or areas from unauthorized access and misuse. Personnel security, to protect the individual or group of individuals who are authorized to access the organization and its operations. Operations security, to protect the details of a particular operation or series of activities. Communications security, to protect communications media, technology, and content. Network security, to protect networking components, connections, and contents. Information security, to protect the confidentiality, integrity and availability of information assets, whether in storage, processing, or transmission. It is achieved via the application of policy, education, training and awareness, and technology. Areas of information Security Information security management. Computer and data security. Network security. SECURITY GOALS The CNSS model of information security evolved from a concept developed by the computer security industry called the C.I.A. triangle. It is based on the three characteristics of information(security goals) that give it value to organizations: confidentiality. An organization needs to guard against those malicious actions that endanger the confidentiality of its information. When we send a piece of information to be stored in a remote computer or when we retrieve a piece of information from a remote computer, we need to conceal it during transmission. Integrity. Information needs to be changed constantly. In a bank, when a customer deposits or with draws money, the balance of her account needs to be changed. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. Availability. The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed. KEY INFORMATION SECURITY CONCEPTS Access: Authorized users have legal access to a system, whereas hackers have illegal access to a system. Access controls regulate this ability. Asset: The organizational resource that is being protected. An asset can be logical, such as a Web site, information, or data; or an asset can be physical, such as a person, computer system, or other tangible object. Attack: An intentional or unintentional act that can cause damage to or otherwise compromise information and/or the systems that support it. Attacks can be active or passive, intentional or unintentional, and direct or indirect. Control, safeguard, or countermeasure: Security mechanisms, policies, or procedures that can successfully counter attacks, reduce risk, resolve vulnerabilities, and otherwise improve the security within an organization. KEY INFORMATION SECURITY CONCEPTS Exposure: A condition or state of being exposed. In information security, exposure exists when a vulnerability known to an attacker is present. Loss: When an organization’s information is stolen, it has suffered a loss. Protection profile or security posture: The entire set of controls and safeguards that the organization implements to protect the asset. The terms are sometimes used interchangeably with the term security program. Risk: The probability that something unwanted will happen. Subjects and objects: A computer can be either the subject of an attack, an agent entity used to conduct the attack, or the object of an attack, or the target entity. KEY INFORMATION SECURITY CONCEPTS Exploit: A technique used to compromise a system. This term can be a verb or a noun. Exploits make use of existing software tools or custom-made software components. Threat: A category of objects, persons, or other entities that presents a danger to an asset. Threat agent: The specific instance or a component of a threat. For example, all hackers in the world present a collective threat. Vulnerability: A weaknesses or fault in a system or protection mechanism that opens it to attack or damage. Some examples of vulnerabilities are a flaw in a software package, an unprotected system port, and an unlocked door. SECURITY ATTACKS The unauthorized or illegal actions that are taken against the government, corporate, or private IT assets in order to: destroy, modify, or steal the sensitive data. They are further classified into active and passive attacks, in which the attacker gets unlawful access to the system's resources. Active attacks: An Active attack attempts to alter system resources or affect their operations. Active attacks involve some modification of the data stream or the creation of false statements. Passive attacks: A Passive attack attempts to learn or make use of information from the system but does not affect system resources. ACTIVE ATTACKS Types of active attacks are as follows: Masquerade Modification of messages Repudiation Replay Denial of Service ACTIVE ATTACKS Masquerade when one entity pretends to be a different entity. A Masquerade attack involves one of the other forms of active attacks. Masquerade assaults may be performed using the stolen passwords and logins, with the aid of using finding gaps in programs. ACTIVE ATTACKS Modification of messages It means that some portion of a message is altered or that message is delayed or reordered to produce an unauthorized effect. Modification is an attack on the integrity of the original data. It basically means that unauthorized parties not only gain access to data but also spoof the data by triggering denial-of-service attacks, such as altering transmitted data packets or flooding the network with fake data. ACTIVE ATTACKS Repudiation This attack occurs when the network is not completely secured or the login control has been tampered with. With this attack, the author’s information can be changed by actions of a malicious user in order to save false data in log files, up to the general manipulation of data on behalf of others, similar to the spoofing of e-mail messages. ACTIVE ATTACKS Replay It involves the passive capture of a message and its subsequent transmission to produce an authorized effect. the basic aim of the attacker is to save a copy of the data originally present on that particular network and later on use this data for personal uses. Once the data is corrupted or leaked it is insecure and unsafe for the users. ACTIVE ATTACKS Denial of Service It prevents the normal use of communication facilities. This attack may have a specific target. For example, an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network either by disabling the network or by overloading it with messages so as to degrade performance. PASSIVE ATTACK Types of Passive attacks are as follows: The release of message content Traffic analysis PASSIVE ATTACK The release of message content Telephonic conversation, an electronic mail message, or a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions. PASSIVE ATTACK Traffic analysis Suppose that we had a way of masking (encryption) information, so that the attacker even if captured the message could not extract any information from the message. The opponent could determine the location and identity of communicating host and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. BASIC TERMINOLOGY Cryptographic system or Plaintext cipher The original message Schemes used for Ciphertext encryption The coded message Cryptanalysis Enciphering or encryption Techniques used for deciphering a message Process of converting from plaintext to ciphertext without any knowledge of the enciphering details Deciphering or decryption Cryptology Restoring the plaintext from the ciphertext Areas of cryptography and Cryptography cryptanalysis together Study of encryption Overview on the Field of Cryptology the study of cryptosystems Cryptology is the science of using mathematics to encrypt and decrypt data. Cryptography Cryptanalysis It involves the study of cryptographic mechanism with the intention to break them. Symmetric-Key Asymmetric-Key Private-key Public-key Block Cipher Stream Cipher Encryption and Decryption Encryption is the process by which a readable message is converted to an unreadable form to prevent unauthorized parties from reading it. Decryption is the process of converting an encrypted message back to its original (readable) format. In decryption, the system extracts and converts the garbled data and transforms it to texts and images that are easily understandable not only by the reader but also by the system. The original message is called the plaintext message, while the encrypted message is called the ciphertext message. key—a word, number, or phrase—to encrypt the plaintext. CRYPTOSYSTEM MODEL CRYPTOGRAPHIC SYSTEMS The type of operations The number of keys The way in which the used for transforming used plaintext is processed plaintext to ciphertext Symmetric, single- key, secret-key, Substitution Block cipher conventional encryption Asymmetric, two- Transposition key, or public-key Stream cipher encryption In symmetric encryption, there is only one key, and all communicating parties use the same (secret) key for both encryption and decryption. In asymmetric, or public key, encryption, there are two keys: one key is used for encryption, and a different key is used for decryption. The decryption key is kept private (hence the "private key" name), while the encryption key is shared publicly, for anyone to use (hence the "public key" name).