5,49 €
Mehr erfahren.
- Herausgeber: BookRix
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
In the age of technical modernization, array of new opportunity and potential sources of efficiency for organisations of all sizes emerge but these new technologies have also brought unparalleled threats to economy and populace all over the world. Security measures must be taken to ensure safety and reliability of organizations. Hacking of data and information has become almost a practice in organizations. Therefore it is necessary to understand the features of cyber security. Cyber security is described as the protection of systems, networks and data in cyberspace. It is a critical concern for all businesses. Cyber technology is documented as modern ways for investors and common people to effortlessly, economically and efficiently access ample of source and opportunities to accomplish their task. In parallel, it also attracts fraudsters to apply fake schemes. Internet media is a major resource for developing serious crime. As Internet is growing rapidly, online criminals try to present fraudulent plans in many ways. Cyber-attacks are current method of creating fear in a technology driven world.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Veröffentlichungsjahr: 2021
Ähnliche
Introduction to Security Concepts: Cyber Security
Cyber Security
BookRix GmbH & Co. KG81371 MunichPreface
System Security is the most indispensable segment in data security since it is in charge of anchoring all data went through organized PCs. System Security alludes to all equipment and programming capacities, attributes, highlights, operational methods, responsibility, measures, get to control, and managerial and administration arrangement required to give a worthy level of assurance for Hardware and Software, and data in a system. System security issues can be isolated generally into four intently interlaced territories: mystery, verification, non disavowal, and honesty control.
The text book is written in simple and easily understandable language. I (Dr. Prakash Kumar) made sincere attempt to analyse every topic completely and put before the readers of this book in the best presentable form.
An attempts has been made by me to write this book in a simple and lucid language with neat and self-explanatory diagrams, which could be easily understood by an average student.
the subject matter is divided in seven Chapters. All chapters are providing a complete course coverage in a simple and understandable language.
All the efforts have been made to bring out a very good and useful book. Neverthless, the authors does not lay and claim to perfection, there is always scope for improvement in a book of this kind.
All suggestions for its improvement will therefore be welcomed.
Dr. Prakash Kumar
HOD - Computer Science and Cyber Security,
Jharkhand Raksha Shakti University,Ranchi.
Chapter 1: Introduction to Security Concepts
1.
INTRODUCTION TO SECURITY CONCEPTS
-------------------------------------------------------------------------------------------------------
1.1 Introduction
This is the age of universal electronic connectivity, where the activities like hacking, Viruses, electronic fraud are very common. Unless security measures are taken, a network conversation or a distributed application can be compromised easily.
Some simple examples are:
a). Online purchases using a credit/debit card.
b). A customer unknowingly being directed to a false website.
c). A hacker sending a message to person pretending to be someone else.
In the last three decades, we have witnessed the rapid growth of the Internet,mobile technology and the correspondingly rapid growth of online crimes, or cybercrimes. With this growth, there has been a spike in the rate of cybercrimes committed over the Internet. This has resulted into some people condemning the Internet and partner technologies as responsible for creating new crimes and the root causes of these crimes. However, there is hardly any new crime resulting from these new technologies. What has changed, as a result of these new technologies, is the enabling environment. Technology is helping in the initiation and propagation of most known crimes. As we get rapid changes in technological advances, we are correspondingly witnessing waves of cybercrimes evolving.
Figure 1 : The Changing Nature of Cyber Crime
1.2 Security
Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network Security is a term to denote the security aspects attributed to the use of computer networks. This involves the protection of the integrity of the communications that are sent over the network, who is able to access the network or information system present, and also what can be sent over the network. There are a multitude of scenarios and areas that a network and its use can be exploited.
Security is about protecting Assets i.e. Web Page or Customer Database or any sensitive information.
Security is about Risk Management and taking effective countermeasures.
Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).
The problem is that given the OSI Network Model of: Application, Transport,Network, Datalink and Physical, where amongst this can security be deployed? Should everything be concentrated at the data link or network or transport layers? or should a Defense in Depth strategy be employed? These notes details the various ways in which networks can be made secure. The remainder of this chapter provides some introductory material in relation to networks and their security.First, some terminology:
Security Attack: Any action that compromises the security of information exchanges and systems.Security Service: A service that enhances the security of information exchanges and systems. A sercurity service makes use of one or more security mechanisms.Security Mechanism: A mechanism that is designed to detect, prevent or recover from a security attack.
1.3 Why Security is Needed
Security is needed in various aspects of life to protect people, assets, information, and systems from potential harm or threats. In the context of cybersecurity, the need for security arises due to several factors:
Protection against unauthorized access: Security measures are necessary to prevent unauthorized individuals or entities from gaining access to sensitive information, systems, or resources. Unauthorized access can lead to data breaches, identity theft, financial loss, or disruption of services.Safeguarding sensitive data: In today's digital age, vast amounts of sensitive data, such as personal information, financial records, intellectual property, and trade secrets, are stored electronically. Security measures are crucial to ensure the confidentiality, integrity, and privacy of this data, protecting it from unauthorized disclosure, modification, or destruction.Mitigating cyber threats: The digital landscape is filled with various cyber threats, including hackers, malware, ransomware, phishing attacks, and more. Security measures help to detect, prevent, and mitigate these threats, reducing the risk of financial loss, reputational damage, or legal consequences.Preserving business continuity: Organizations heavily rely on computer systems and networks to conduct their operations. Security measures help maintain the availability and reliability of these systems, ensuring uninterrupted services, productivity, and customer trust. It helps prevent or minimize the impact of cyber incidents, such as denial-of-service attacks or system failures.Compliance with regulations and standards: Many industries are subject to legal and regulatory requirements regarding data protection, privacy, and cybersecurity. Implementing security measures is essential to comply with these regulations and standards, avoiding penalties, lawsuits, and reputational damage.Safeguarding critical infrastructure: Critical infrastructure, such as power grids, transportation systems, healthcare facilities, and communication networks, are vulnerable to cyber attacks. Security measures are necessary to protect these essential systems from disruption, which could have severe societal and economic consequences.Building trust and confidence: Security is vital for building trust among users, customers, and stakeholders. When individuals feel their data and privacy are protected, they are more likely to engage with digital services, conduct online transactions, and share information.Preserving personal privacy: Security measures help protect individuals' personal privacy by preventing unauthorized access to their personal information and online activities. This includes safeguarding sensitive information shared through communication channels, social media platforms, or online transactions.
Security remains the least priority yet it is most importantLack of Security Training and AwarenessSecurity leaks in Application
a) Revenue Loss
b) Impact Business values
c) Brand image tarnished
Need for early adoption of Security in SDLC
1.4 Security Terminologies
An Asset is any company owned information, system or hardware used in course of business activities.A Threat is any potential occurrence, malicious or otherwise, that cause harm an asset.A Vulnerability is a weakness that makes threat possible.Threat Agent is a mean or methods used to exploit a vulnerability in a system, operation, or facility.An Attack is an action that exploits a vulnerability or enact a threat.An Attack Vector identifies which attacks can be done.An Attack Surface describes how exposed one is to attacks.Encryption vs Encoding vs Hashing vs Obfuscation
a) Encoding – ASCII, UNICODE, URL Encoding, Base64
b) Encryption – AES, Blowfish, RSA
c) Hashing – SHA,SHA-2,SHA-3,MD5(Now obsolete) etc.
d) Obfuscation – JavaScript Obfuscator, ProGuard
Cryptography – Ciphers, Keys & IV, NonceSymmetric & Asymmetric EncryptionPKI & Certificates - Root, CA, Digital SignaturesProtocols – SSL/TLS/SSH/IPSec.
1.4 A MODEL FOR NETWORK SECURITY
A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent,and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender.
Figure1-1 : Network Security Model
Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunc-tion with the transformation to scramble the message before transmission and unscramble it on reception.
A trusted third party may be needed to achieve secure transmission. For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent. Or a third party may be needed to arbitrate disputes between the two principals concerning the authenticity of a message transmission. This general model shows that there are four basic tasks in designing a particular security service:
Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent cannot defeat its purpose.Generate the secret information to be used with the algorithm.Develop methods for the distribution and sharing of the secret information.Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
There are other security-related situations of interest that do not neatly fit this model but are consid-ered in this book. A generalmodel of these other situations is illustrated by Figure given below, which reflects a concern for protecting an information system from unwanted access. Most readers are familiar with the concerns caused by the existence of hackers, who attempt to penetrate systems that can be accessed over a network. The hacker can be someone who, with no malign intent, simply gets satisfaction from breaking and entering a computer system. The intruder can be a disgruntled employee who wishes to do damage or a criminal who seeks to exploit computer assets for financial gain (e.g., obtaining credit card numbers or performing illegal money transfers).
Figure1-2 : Network Access Security Model
Another type of unwanted access is the placement in a computer system of logic that exploits vulnerabilities in the system and that can affect application pro-grams as well as utility programs, such as editors and compilers. Programs can pre-sent two kinds of threats:
Information access threats: Intercept or modify data on behalf of users who should not have access to that data.Service threats: Exploit service flaws in computers to inhibit use by legitimate users.
Viruses and worms are two examples of software attacks. Such attacks can be introduced into a system by means of a disk that contains the unwanted logic con-cealed in otherwise useful software. They can also be inserted into a system across a network; this latter mechanism is of more concern in network security.
1.5 THE OSI SECURITY ARCHITECTURE
To assess effectively the security needs of an organization and to evaluate and choose various security products and policies, the manager responsible for computer and network security needs some systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. This is difficult enough in a centralized data processing environment; with the use of local and wide area networks, the problems are compounded.
ITU-T4 Recommendation X.800, Security Architecture for OSI, defines such a systematic approach. The OSI security architecture is useful to managers as a way of organizing the task of providing security. Furthermore, because this architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to this structured definition of services and mechanisms.
For our purposes, the OSI security architecture provides a useful, if abstract, overview of many of the concepts that this book deals with.The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as :
Security attack - Any action that compromises the security of information owned by an organization.
Security mechanism - A mechanism that is designed to detect, prevent or recover from a security attack.
Security service - A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks and they make use of one or more security mechanisms to provide the service.
1.6 SECURITY ATTACKS
There are four general categories of attack which are listed below.
Interruption
An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability e.g., destruction of piece of hardware, cutting of a communication line or Disabling of file management system.
Interception
An unauthorized party gains access to an asset. This is an attack on confidentiality. Unauthorized party could be a person, a program or a computer. e.g., wire tapping to capture data in the network, illicit copying of files.
Modification
An unauthorized party not only gains access to but tampers with an asset. This is an attack on integrity. e.g., changing values in data file, altering a program, modifying the contents of messages being transmitted in a network.
Fabrication
An unauthorized party inserts counterfeit objects into the system. This is an attack on authenticity. e.g., insertion of spurious message in a network or addition of records to a file.
1.6.1 Cryptographic Attacks
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Passive attacks are of two types:
Release of message contents: A telephone conversation, an e-mail message and a transferred file may contain sensitive or confidential information. We would like to prevent the opponent from learning the contents of these transmissions.
Traffic analysis: If we had encryption protection in place, an opponent might still be able to observe the pattern of the message. The opponent could determine the location and identity of communication hosts and could observe the frequency and length of messages being exchanged.
This information might be useful in guessing the nature of communication that was taking place. Passive attacks are very difficult to detect because they do not involve any alteration of data.
However, it is feasible to prevent the success of these attacks.
Active attacks
These attacks involve some modification of the data stream or the creation of a false stream.
These attacks can be classified in to four categories:
