IAS Merge
IAS Merge
IAS Merge
Assurance and
Security
LECTURE 1 : INTRODUCTION TO INFORMATION
SECURITY
Resource Personnel
Kavinga Yapa Abeywardena (Lecturer in Charge)
Lecturer
Department of Computer Systems Engineering
Email: kavinga.y@sliit.lk
Recommended Texts
W. Stallings and L. Brown, “Computer Security, Principles and Practice, 2nd edition, Pearson, 2012, Chapter 1.
Supplementary text
Charles P. Pfleeger and Shari L. Pfleeger, Security in Computing (3rd edition). Prentice-Hall. 2003. ISBN: 0-13-
035548-8.
NIST’s Requirement: Preserve authorized restrictions on information access and disclosure, including
means for protecting personal privacy and proprietary information
NIST’s requirement: Ensuring timely and reliable access and use of information.
Loss of Availability means disruption to the authorized users in accessing or use of information.
Accountability: Able to trace back the actions performed by an entity to that entity.
Accountability supports: nonrepudiation, deterrence, fault isolation, intrusion detection
and prevention, after-action recovery and legal action.
Such behavior frequently includes things like gaining control of a computer system, allowing
privilege escalation, or a denial-of-service (DoS or related DDoS) attack.
• Used as a verb, exploit refers to the act of successfully making such an attack (make use of a
vulnerability).
Example:
Someone who compromise a system without permission and
then disclose the vulnerabilities publically.
However, by publicizing a vulnerability, the gray hat hacker
may give other hackers the opportunity to exploit it.
10
Source: COBIT® 5, figure 2. © 2012 ISACA® All rights reserved.
Meeting Stakeholder Needs
Principle 1. Meeting Stakeholder Needs:
Enterprises have many stakeholders, and ‘creating value’
means different—and sometimes conflicting—things to
each of them.
Governance is about negotiating and deciding amongst
different stakeholders’ value interests.
The governance system should consider all stakeholders
when making benefit, resource and risk assessment
decisions.
For each decision, the following can and should be asked:
- Who receives the benefits?
- Who bears the risk?
11
- What resources are required?
1. Meeting Stakeholder Needs
13
Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved.
Information
Risk Management:
An Introduction
By Kavinga Yapa Abeywardena
Sri Lanka Institute of Information Technology (SLIIT)
THE BIG PICTURE
Enterprise
Risk
Management
PROBABILITY
Qualitative Scale Numeric Description
Scale
Significant additional Funding Delay affects key stakeholders Significant elements of scope
Moderat required and causes loss of confidence or functionality will be
e in the project unavailable
Significant reallocation of Failure to meet key deadlines Failure to meet the needs of a
owner’s funds (or borrowing) in relation to the strategic plan large proportion of
High
required to achieve business stakeholders
goals
Threaten the existence of the Delay jeopardizes the Products or services become
Very business (Can be beyond existence of the business effectively unusable
high recovery)
Risk Management Process
Step 2 : Qualitative Analysis (Example)
• Intangible Assets
• Measure asset’s fair market value (depreciation!) e.g. Trade Secrets
• Focus on the income producing capability of the intangible asset
• Involve senior management to conduct final valuation
Risk Management Process
Step 4 : Response Planning
RESPONSE DESCRIPTION
Risk Removal and Risk Prevention. Altering the plan so that the
Avoid circumstances which may give rise to the risk no longer exist.
Mitigate Risk Reduction. Reducing the probability or impact of the risk.
Transfer Moving the impact (and ownership) of the risk to a third party.
Deferring aspects of the plan to a date when the risk is less likely
Defer to occur.
Dealing with the risk via contingency rather than altering the
Accept plan.
Risk Management Process
Step 5 : Monitor & Control Risks
• Next Lecture!
OCTAVE
Risk Evaluation
Framework
By Kavinga Yapa Abeywardena
Sri Lanka Institute of Information Technology (SLIIT)
Operationally Critical Threat
Asset & Vulnerability Evaluation
• OCTAVE is a methodology for identifying and
evaluating information security risks to an asset
Image: http://www.cert.org/octave/
OCTAVE Phases - Overview
• Uses three-phase approach to examine organisational
and technology issues
• OCTAVE-S
• organizations ≤ 300 employees
• OCTAVE-Allegro
• Focuses on information assets
OCTAVE-S
• Developed in 2003 to cater smaller organization
• Requires:
• Small organisation with a simple hierarchical structure
• Small interdisciplinary analysis team (3-5 employees)
• Understanding of organization’s business & security
processes
OCTAVE-S Deliverables
• Organization-wide protection strategy – strategy outlines
direction with respect to information security practice
• Risk mitigation plans – are intended to mitigate risks to
critical assets by improving selected security practices
• Action list – includes short-term action items needed to
address specific weaknesses
• A listing of important information-related assets
supporting the organization's business goals and objectives
• Survey results showing the extent to which the
organization is following good security practice
• A risk profile for each critical asset depicting a range of
risks to that asset
OCTAVE-S Scope
OCTAVE-Allegro
• Developed in 2007
• Unlike previous OCTAVE approaches, it focuses on
information assets (e.g. data, hardware and
software)
• How they are used
• Where they are stored, transported, and processed
• How they are exposed to threats, vulnerabilities,
and disruptions as a result
• Suitable to perform risk assessment without
extensive organizational involvement , expertise,
or input.
OCTAVE-Allegro
Image: http://www.isaca.org/
OCTAVE-Allegro Pros & Cons
• Pros:
• Well-documented through published academic papers
• Flexible: Organisations choose to implement portions that
they find appropriate for them
• Comprehensive
• Focuses on important and relevant risks
• Cheap: it is self-led
• Cons:
• Needs extensive preparation
• Complexity – exhausting processes
• Qualitative methodology– OCTAVE does not allow organizations
to mathematically model risks
• Risk Analysis is done on a single asset– slower results which
affects organizations
• Difficult to capture futuristic threats & risks
OCTAVE – Discussion
• Flexible
• OCTAVE provides organizations an option to only choose
required parts from the framework. On one hand, this
might be good in terms of reducing cost, time and effort
while on the other hand, some misinterpreted required
parts might be missed!
• Risk analysis is performed using internal staff – not
suitable for organizations interested in expertise more
than lower cost
• Uses no mathematical calculations
• Uses Expected Value Matrix to determine a risk’s
expected value
• Values simplicity over accuracy
INTRODUCTION TO
CRYPTOGRAPHY
Classification of the Field of Cryptology
Cryptology
Cryptography Cryptanalysis
• Symmetric ciphers: All encryption schemes from ancient times until 1976 were
symmetric ones.
• Hybrid Schemes: The majority of today‘s protocols are hybrid schemes, i.e., the
use both
• symmteric ciphers (e.g., for encryption and message authentication) and
• asymmetric ciphers (e.g., for key exchange and digital signature).
Symmetric Cryptography
• Alternative names: private-key, single-key or secret-key cryptography.
Oscar
(bad guy)
Unsecure
channel
(e.g. Internet)
Alice Bob
(good) x x (good)
• Problem Statement:
1)Alice and Bob would like to communicate via an unsecure channel (e.g., WLAN or Internet).
2)A malicious third party Oscar (the bad guy) has channel access but should not be able to
understand the communication.
Symmetric Cryptography
K K
Key Generator
Secure Channel
• x is the plaintext
• y is the cipher-text
• K is the key
• Set of all keys {K1, K2, ...,Kn} is the key space
Symmetric Cryptography
• Encryption and decryption are inverse operations if the same key K is used on both
sides:
dK(y) = dK(eK(x)) = x
• Important: The key must be transmitted via a secure channel between Alice and Bob.
• The secure channel can be realized, e.g., by manually installing the key for the Wi-Fi
Protected Access (WPA) protocol or a human courier.
• However, the system is only secure if an attacker does not learn the key K!
The problem of secure communication is reduced to secure transmission and
storage of the key K.
Cryptanalysis
• The only way to have assurance that a cipher is secure is to try to break it (and fail) !
Remark: It is tempting to assume that a cipher is „more secure“ if its details are kept secret.
However, history has shown time and again that secret ciphers can almost always been
broken once they have been reversed engineered. (Example: Content Scrambling System
(CSS) for DVD content protection.)
Cryptanalysis: Attacking Cryptosystems
• Classical Attacks
• Mathematical Analysis
• Brute-Force Attack
• Implementation Attack: Try to extract key through reverese engineering or
power measurement, e.g., for a banking smart card.
• Social Engineering: E.g., trick a user into giving up her password
Brute-Force Attack (or Exhaustive Key Search) against Symmetric Ciphers
• Example (ciphertext):
iq ifcc vqqr fb rdq vfllcq na rdq cfjwhwz hr bnnb hcc
hwwhbsqvqbre hwq vhlq
• How secure is the Substitution Cipher? Let‘s look at attacks…
Attacks against the Substitution Cipher
• Q: Can we now conclude that the substitution cipher is secure since a brute-
forece attack is not feasible?
• A: No! We have to protect against all possible attacks…
2. Attack: Letter Frequency Analysis (Brute-Force Attack)
• Letters have very different frequencies in the English language
• Moreover: the frequency of plaintext letters is preserved in the ciphertext.
• For instanc, „e“ is the most common letter in English; almost 13% of all letters in a
typical English text are „e“.
• The next most common one is „t“ with about 9%.
L e tte r f re q ue nc ie s in E ng lis h
14. 00 00
12. 00 00
10. 00 00
8. 00 00
Frequencyin%
6. 00 00
4. 00 00
2. 00 00
0. 00 00
E T A O I N S H R D L C U M W F G Y P B V K J X Q Z
Letters
Breaking the Substitution Cipher with Letter Frequency Attack
• Let‘s retun to our example and identify the most frequent letter:
iq ifcc vqqr fb rdq vfllcq na rdq cfjwhwz hr bnnb hcc
hwwhbsqvqbre hwq vhlq
• By further guessing based on the frequency of the remaining letters we obtain the
plaintext:
WE WILL MEET IN THE MIDDLE OF THE LIBRARY AT NOON ALL
ARRANGEMENTS ARE MADE
• In practice, not only frequencies of individual letters can be used for an attack, but
also the frequency of letter pairs (i.e., „th“ is very common in English), letter
triples, etc.
CAESAR CIPHER
• WHEN JULIUS CAESAR SENT MESSAGES TO HIS
GENERALS, HE DIDN'T TRUST HIS MESSENGERS.
Blaise de Vigenère
Plaintext: ATTACKATDAWN
Key: LEMONLEMONLE
Ciphertext: LXFOPVEFRNHR
Period: ?
Key
Columnar Transposition
• ENIGMA Explained
Stream Ciphers in the Field of Cryptology
Cryptology
Cryptography Cryptanalysis
• Stream Ciphers
• Encrypt bits individually
• Usually small and fast common in embedded devices (e.g., A5/1 for
GSM phones)
• Block Ciphers:
• Always encrypt a full block (several bits)
• Are common for Internet applications
Encryption and Decryption with Stream Ciphers
Plaintext xi, ciphertext yi and key stream si consist of individual bits
xi si yi
0 0 0
0 1 1
1 0 1
1 1 0
Stream Cipher: Throughput
Source: Zhao et al., Anatomy and Performance of SSL Processing, ISPASS 2005
BLOCK CIPHERS
Cryptology
Cryptography Cryptanalysis
• Claude Shannon: There are two primitive operations with which strong encryption
algorithms can be built:
1. Confusion: An encryption operation where the relationship between key
and ciphertext is obscured.
Today, a common element for achieving confusion is substitution, which is
found in both AES and DES.
Example:
Speed Medium
Time to crack The EFF's DES cracker (Deep Crack) breaks a DES key in 56 hours
• Recommendations:
• Change keys frequently to help prevent brute-force attacks.
• Use a secure channel to communicate the DES key from the sender to the
receiver.
Alternatives to DES
• It takes a 64-bit block of data and performs three des operations in sequence:
• Encrypts, decrypts, and encrypts.
• Requires additional processing time.
• Can use 1, 2, or 3 different keys (when used with only one key, it is the same as des).
3DES SCORECARD
Description Triple Data Encryption Standard
Speed Low
Time to crack
(Assuming a computer could try 255 keys 4.6 Billion years with current technology
per second)
Speed High
Time to crack
(Assuming a computer could try 255 149 Trillion years
keys per second)
Resource
Low
Consumption
RC ALGORITHMS
Type of Algorithm Block cipher Stream cipher Block cipher Block cipher
Variable key-size block Most widely used stream A fast block cipher that has An AES finalist (Rijndael
cipher that was designed as cipher based on a variable a variable block size and won).
a "drop-in" replacement for key-size Vernam stream key size.
DES. A 128-bit to 256- bit block
cipher. It can be used as a drop-in cipher that was designed
It is often used in file replacement for DES if the by Rivest, Sidney, and Yin
Use encryption products and block size is set to 64-bit. and is based on RC5.
secure communications, such Its main design goal was to
as within SSL. meet the requirement of
The cipher can be expected AES.
to run very quickly in
software and is considered
secure.
Public Key
Cryptography
Kavinga Yapa Abeywardena
AGENDA
K K
Everyone can drop a letter Only the owner has the correct
Public Key Cryptography
key to open the box
Public Key Cryptography
• Principle: Split up the key.
• During the key generation, a key pair Kpub and Kpr is computed
KpubB KprB
Only Bob can Decrypt!
KpubB KprB
Alice Bob
KEY KEY
• Discrete Logarithm (Diffie-Hellman, Elgamal, DSA, …): Given a, y and m, find x such that ax = y mod m
(Exponentiation ax : easy)
• Elliptic Curves (EC) (ECDH, ECDSA): Generalization of discrete logarithm Note: The problems are
considered mathematically hard, but no proof exists (so far).
The RSA Cryptosystem
• Martin Hellman and Whitfield Diffie published their landmark public- key paper in 1976
• Ronald Rivest, Adi Shamir and Leonard Adleman proposed the asymmetric RSA
cryptosystem in1977
• Until now, RSA is the most widely use asymmetric cryptosystem although elliptic
curve cryptography (ECC) becomes increasingly popular (Faster)
• RSA is mainly used for two applications
• Transport of (i.e., symmetric) keys
• Digital signatures
RSA Cryptosystem
Diffie–Hellman Key Exchange
▪Proposed in 1976 by Whitfield Diffie and Martin
Hellman
▪Widely used, e.g. in Secure Shell (SSH), Transport Layer Security
(TLS), and Internet Protocol Security (IPSec)
• How can Bob prove towards a judge that Alice has ordered a pink
car? (And that he did not fabricate the order himself)
Alice Bob
KpubB KpubB
(KpubB,KprB) = K
Verification Message
Messag
Message
Function e
Signature Signature
Signature KprB
Function
Digital Signatures
• For a given message 'x', a digital signature is appended to
the message (just like a conventional signature).
• Only the person with the private key should be able
to generate the signature.
• The signature must change for every document.
The signature is realized as a function with the
message 'x' and the private key as input.
The public key and the message 'x' are the inputs to the
verification function.
CERTIFICATES
▪ In order to authenticate public keys, all public keys are digitally signed by a central trusted authority.
▪ Such a construction is called certificate
certificate = public key + ID(user) + digital signature over public key and ID
▪ In its most basic form, a certificate for the key kpub of user Alice is:
▪ The party who receives a certificate, e.g., Bob, verifies Alice‘s public key using the public key of the CA
CERTIFICATES IN REAL WORLD
▪ In real world certificates contain much more information
than just a public key and a signature.
1.Users communicate which other whose certificates are issued by different CAs
− This requires cross-certification of CAs, e.g.. CA1 certifies the public-key of CA2. If Alice trusts her CA1,
cross-certification ensures that she also trusts CA2. This is called a "chain of trust" and it is said that trust
is delegated.
Key Establishment
Cryptographic
Hash Functions
Content of this Chapter
Three Problems
• Computational overhead (256MB file need 1 Million 256bit RSA signatures)
• Message overhead (256MB file, total of 512MB must be transmitted)
• Security limitations (Can Replace/Remove Blocks)
Solution:
Instead of signing the whole message, sign only a digest (=hash)
Also secure, but much faster ☺
Needed:
Hash Functions! –> One short signature for an arbitrary length message
Digital Signature with a Hash Function
z = h(x)
s = sigKpr(z)
(x, s)
z' = h(x)
verKpub(s,z') = true/false
• Output of a hash function is of fixed length and independent of the input length.
1. Cryptographic checksum
A MAC generates a cryptographically secure authentication tag for a given message.
2. Symmetric
MACs are based on secret symmetric keys. The signing and verifying parties must
share a secret key.
3. Arbitrary message size
MACs accept messages of arbitrary length.
4. Fixed output length
MACs generate fixed-size authentication tags.
5. Message integrity
MACs providemessage integrity: Any manipulations of a message during transit will be
detected by the receiver.
6. Message authentication
The receiving party is assured of the origin of the message.
7. No nonrepudiation
Since MACs are based on symmetric principles, they do not provide nonrepudiation.
Security administrator
Access
Authentication
control
function
function
User
System resources
Auditing
Figure 4.1 Relationship Among Access Control and Other Security Functions
IT3070 - INFORMATION ASSURANCE AND SECURITY 4
Access Control Policies
An access control policy, which can be embodied in an authorization
database, dictates what types of access are permitted, under what
circumstances, and by whom. Access control policies are generally
grouped into the following categories:
DAC, MAC, and RBAC are not mutually exclusive. A system may
implement two or even three of these policies for some or all types of
access.
Each list for an object in ACL lists users and their access rights to access
the object
• ACL may contain a default or public entry to allow users that are not
explicitly listed to have a default access right
• Access rights should follow the least privilege or read-only access
• Elements in the list can be an individual or group users
Role 1
Role 2
Role 3
U6
U4 ROLES
U5
OBJECTS
R1 R2 Rn F1 F1 P1 P2 D1 D2
Workstation hijacking
• The attacker waits until a logged-in workstation is unattended.
• Countermeasures : automatically logging the workstation out after a
period of inactivity and Intrusion detection schemes can be used to
detect changes in user behavior.
IT3070 - INFORMATION ASSURANCE AND SECURITY 10
Vulnerabilities of Passwords
Exploiting multiple password use
• Attacks can also become much more effective or damaging if different
network devices share the same or a similar password for a given user.
• Countermeasures: policy that forbids the same or similar password on
particular network devices.
Electronic monitoring
• Passwords communicated across a network to log on to a remote
system is vulnerable to eavesdropping.
• Simple encryption will not fix this problem, because the encrypted
password is, in effect, the password and can be observed and reused
by an adversary
• The user must send a correct response f(r’, h(P’)) the host
• r’=r and P’ is the user’s password
• The host calculates f(r, h(P(U)) and compares it with the received f(r’,
h(P’))
More than half of small to medium-sized enterprises affected by 9/11 did not trade again!
Recovery Time: Terms
Interruption Window: Time duration organization can wait
between point of failure and service resumption
Service Delivery Objective (SDO): Level of service in Alternate
Mode
Maximum Tolerable Outage: Max time in Alternate Mode
Disaster
Recovery
Plan Implemented
Regular Service Regular
Service
SDO Alternate Mode
Time… Restoration
Interruption Interruption Plan Implemented
Window
Implementation
Cost
Mirrored Site
Remote Journaling
Hot Site
Cold Site
Recovery
Time
Mirrored Site
High Availability Solutions
•RAID: Local disk redundancy
•Fault-Tolerant Server: When primary server fails,
backup server resumes service.
•Distributed Processing: Distributes load over
multiple servers. If server fails, remaining server(s)
attempt to carry the full load.
•Storage Area Network (SAN): disk network supports
remote backups, data sharing and data migration
between different geographical locations
Business Continuity Plan
Vs.
Firewall
Access Control Lists (ACLs)
Simple Packet Filtering
Stateful Packet Filtering
Firewall Topologies
FIREWALL
PART 1
FIREWALL
An Electronic “Checkpoint” between a (relatively) protected network/device and a
(relatively) untrusted network.
Protected
Host
Untrusted
Network
Software Firewall
(often packaged with Antivirus)
FIREWALL
Protected Network
Hardware Firewall
(Security Gateway)
Untrusted
Network
Host Devices may have
their own software
firewalls installed
“Defence in Depth”
FIREWALL
“Primary” Functions
Packet Filtering (Layers 3 and 4)
Stateful Inspection (Layers 3 and 4) Using Access Control Lists (ACLs)
Application Layer Inspection
“Secondary” Functions
Network Address Translation (NAT)
VPN Tunnelling
Proxy Server
PACKET
FILTERING
PART 2
PACKET FILTERING
Untrusted
Network 10.1.0.0/16
10.1.0.1
Untrusted
Network 10.1.0.0/16
10.1.0.1
Session
Allowed
on Port 80
10.2.12.12 All Other 10.1.1.2 10.1.0.20
(www.pornography.com) Outside Hosts (E-Mail) (Web)
Firewall Address (Stealth Rule)
Rule Source IP Source Dest. IP Dest. Protocol Access
Port Port
A * * 10.1.0.1 * * Deny
B 10.1.0.0 * 10.2.12.12 * * Deny
C 10.1.0.0 * * 80 TCP Allow
D * * 10.1.1.2 25 TCP Allow
E * * 10.1.0.20 80 TCP Allow
F * * * * * Deny
Cleanup Rule
Port 25 – SMTP (E-Mail)
Port 80 – HTTP (Web)
FIREWALL BENEFITS
Protect private network from outside attacks
Also separate departments
Protect connections between remote offices
Can be used within private network
Concentrate controls into one “choke point”
Like the gatehouse of a castle
Can generate alarms when attacks are attempted
Convenient location for other services
NAT
WWW/FTP Servers
FIREWALLS BENEFITS (CONTD.)
DoS attack protection
Attack packets destined for a specific host can be stopped at the outer gateway
of network
Logging of attacks and traffic
Blacklist maintenance
Trace connections
Set maximum connections limit for single host
Prevents half-open connections (“SYN flood” attack)
FIREWALLS DRAWBACKS
Filtering Router
Untrusted
Network
FIREWALLS - SCREENED HOST
Bastion Host
(Application Level
Gateway)
Untrusted
Network Filtering
Router
Information
Server (web, e-mail etc.)
Protected
Network
DEMILITARIZED ZONE (DMZ)
DMZ is a Screened-Subnet Firewall
Employs Two Filtering Routers
Screened subnet typically contains…
The Bastion Host
Information Server (IS)
Remote Access Server (RAS)
Other public servers
Protected at both ends by the secure routers
FIREWALLS - DEMILITARISED ZONE
Bastion Host
Packet
Filtering
Untrusted Router
Network
Packet
Filtering
Router
Information
Server
Protected
Network
DMZ FIREWALLS
• E.g.
• Log Rhythm (http://logrhythm.com)
• IBM Qradar (http://www.q1labs.com)
INTRUSION DETECTION SYSTEMS &
INTRUSION PREVENTION SYSTEMS
Typical functions:
IDS/IPS collect/log data about the incident
Trigger alerts to the key personnel involved in the system
security
Compile reports that summarize the events of interest
IDS ANALYSIS
Attacks
INTRUSION DETECTION
Alarm No Alarm
Authorized
User
Profile
Probability Density
Intruder
Profile
False False
Positive Negatives
s
Behaviour Parameter
VIRTUAL PRIVATE NETWORKS (VPN)
FIREWALL
FIREWALL TOPOLOGIES
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: