Presentation is loading. Please wait.

Presentation is loading. Please wait.

CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2 nd edition, 2008 Chapter 9.

Similar presentations


Presentation on theme: "CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2 nd edition, 2008 Chapter 9."— Presentation transcript:

1 CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2 nd edition, 2008 Chapter 9

2 Overview Access controls Firewalls Intrusion Detection Systems (IDSs) Wireless Network Security Cryptography

3 Access Controls Authentication – controlling a person’s access to a system – Barrier (i.e. login sequence) versus ongoing (intrusion detection) – Something you know – Something you have – Something you are (and something you produce, e.g. voice) – Includes biometrics which authenticate a user against known personal features (fingerprints, iris patterns, voice, etc) – Something you do (user behaviour profiling) Authorisation – controlling a person’s access to features (software, data) within the system – Scoping each user’s permitted activities – Maybe individual or group-based – Can be specific to resources

4 Firewalls Generations – 1: packet filtering – 2: application-level – 3: stateful inspection – 4: dynamic packet filtering Architectures – Packet filtering routers – Screened-host firewalls – Dual-homed host firewalls – Screened-subnet firewalls

5 Intrusion Detection Systems Host-based – Alerts administrator when files or folders change – Monitor host only Network-based – Monitor network traffic – Alerts administrator when patterns of network traffic change Signature-based – Work like anti-virus software – Alerts administrator when ‘signature’ of attack is matched Statistical-anomaly-based – Establishes baseline of what is ‘normal’ traffic – Alerts administrator when pattern is abnormal Rule-based ‘never do this’ – includes honeypots

6 Wireless Network Security Wired Equivalent Privacy (WEP) – basic level of security – several fundamental cryptological flaws – average home or small only Wi-Fi Protected Access (WPA) – WPA is industry standard – increased capabilities for authentication, encryption, and throughput

7 Cryptography Symmetric encryption methods – Substitution, Transposition, XOR, Vernam Cipher, One-time pad, and many others – the same key—a secret key—is used to encrypt and decrypt the message – Mono-alphabetic & poly-alphabetic ciphers Asymmetric encryption – public key encryption (PKE) – uses two different keys. Either key can be used to encrypt or decrypt the message, but one must always be kept secret Digital signatures – PKE used in reverse to give non-repudiation Steganography – Hiding messages in graphics files

8 Encryption Cipher Decryption Cipher Encryption & Decryption Cipher Text Plain Text from Sender Plain Text to Recipient Secure Key Management

9 Symmetric Encryption Methods Substitution – One letter exchanged for another – Creates confusion – Mono-alphabetic or Poly-alphabetic Transposition – Re-arrangement of letters – Creates diffusion XOR – If 2 values are the same, you get “0” – If not, you get “1” – Process is reversible E.g __________________

10 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Caesar plaintext is ROSTRUM ciphertext is URVWUXP A B C D E F G H I J K L M N O P Q R S T U V W X Y Z M N B V C X Z L K J H G F D S A P O I U Y T R E W Q Random Keyword A B C D E F G H I J K L M N O P Q R S T U V W X Y Z S E C U R I T Y A B D F G H J K L M N O P Q V W X Z Monoalphabetic cipher

11 Polyalphabetic Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Alphabet No. 1 (offset by 3) Alphabet No. 2 (offset by 15) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z P Q R S T U V W X Y Z A B C D E F G H I J K L M N O plaintext is GO FOR GOLD ciphertext is JD IDU VRAG

12 Transposition Ciphers For example, every 4th letter Modern transposition ciphers use a network or path diversity principle, so the diffusion is not just within-file but over the network via different paths becomes THE RAIN IN SPAIN FALLS MAINLY ON THE PLAIN TANIL AYHAH ISNLI OEIEN PFSNN PNRIA AMLTL

13 Vernam Cipher The perfect substitution cipher The original one-time pad Plaintext V E R N A M Numerics Random _________________ Sum Mod Ciphertext T A H R S P

14 Breaking Encryption (almost) All encryption is crackable… – Just need time and computing power Brute force may not work because - – Number of alphabet combinations is 26 x 25 x 24 x 23 x etc which equals 4 x – – If each alphabet takes 1 millionth of a sec (micro second) then all combinations would take 4 x secs – 4 x years !!!! EXCEPT… – The one-time pad is provably secure (if properly used) – but it is not easy to use properly

15 Public Key Encryption Known as Asymmetric encryption 2 keys, one public, one private, linked mathematically, one to encrypt & one to decrypt Uses large prime numbers “mathematically infeasible” to derive private key from public key Advantages – no need to tell anyone your private key – no need for key distribution – no need for a key for each pair of people Not used to encrypt messages, as it is generally slower than secret-key encryption Used to encrypt other keys (as in PGP) and to authenticate sender

16 Digital Signatures Reverses the role of private & public keys Effectively unique to the document – uses a cryptographically-robust hash function Unforgeable (without the sender’s private key) not re-usable (due to message- specific hash) document unalterable undeniable

17 What you Need to Know A basic level of detail about all of the security technologies in the previous slides.


Download ppt "CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2 nd edition, 2008 Chapter 9."

Similar presentations


Ads by Google