Download Security - Computer Operating Systems - Lecture Slides and more Slides Operating Systems in PDF only on Docsity!
Lecture 22
Chapter 15: Security
Aspects of Security
• Security Services
– Enhance the security of data processing systems and
information transfers of an organization.
– Counter security attacks.
• Security Attack
– Action that compromises the security of information
owned by an organization.
• Security Mechanisms
– Designed to prevent, detect or recover from a security
attack.
Security Services
• Confidentiality
– Protection of data from unauthorized disclosure
• Integrity
– Assurance that data received is as sent by an
authorized entity
• Non-Repudiation
– Protection against denial by one of the parties in a
communication
Security Attacks
Information source
Information destination
Normal Flow
Denial of Service
Internet
Perpetrator Victim
ICMP echo (spoofed source address of victim) Sent to IP broadcast address ICMP echo reply
ICMP = Internet Control Message Protocol
Innocent reflector sites
Smurf Attack
1 SYN
10,000 SYN/ACKs – Victim is dead
Security Attacks
Information source
Information destination
Interception
Attack on confidentiality
(concealment of information)
Security Attacks
Information source
Information destination
Fabrication
Attack on authenticity
(identification and assurance of origin of information)
IP Address Spoofing
• IP addresses are filled in by the originating host
• Using source address for authentication
– r-utilities (rlogin, rsh, rhosts etc..)
- Can A claim it is B to the
server S?
- ARP Spoofing
- Can C claim it is B to the
server S?
Internet
2.1.1.1 C
A 1.1.1.1^ 1.1.1.2 B
1.1.1.3 S
TCP Session Hijack
• When is a TCP packet valid?
– Address / Port / Sequence Number in window
• How to get sequence number?
– Sniff traffic
– Guess it
• Many earlier systems had predictable Initial Sequence
Number
• Inject arbitrary data to the connection
Security Attacks
Message interception
Traffic analysis
eavesdropping, monitoring transmissions
Passive attacks
Masquerade Denial of service
some modification of the data stream
Active attacks
Replay Modification of message contents
Cryptography as a Security Tool
• Broadest security tool available
– Source and destination of messages cannot be
trusted without cryptography
– Means to constrain potential senders ( sources )
and / or receivers ( destinations ) of messages
• Based on secrets ( keys )
Encryption
- Encryption algorithm consists of
- Set of K keys
- Set of M Messages
- Set of C ciphertexts (encrypted messages)
- A function E : K → ( M → C ). That is, for each k ∈ K , E ( k ) is a function for generating ciphertexts from messages. - Both E and E ( k ) for any k should be efficiently computable functions.
- A function D : K → ( C → M ). That is, for each k ∈ K , D ( k ) is a function for generating messages from ciphertexts. - Both D and D ( k ) for any k should be efficiently computable functions.
- An encryption algorithm must provide this essential property: Given a ciphertext c ∈ C , a computer can compute m such that E ( k )( m ) = c only if it possesses D ( k ). - Thus, a computer holding D ( k ) can decrypt ciphertexts to the plaintexts used to produce them, but a computer not holding D ( k ) cannot decrypt ciphertexts. - Since ciphertexts are generally exposed (for example, sent on the network), it is important that it be infeasible to derive D ( k ) from the ciphertexts
Symmetric key cryptography
symmetric key crypto: Bob and Alice share know same (symmetric) key: K
- e.g., key is knowing substitution pattern in mono alphabetic substitution cipher
- Q: how do Bob and Alice agree on key value?
ciphertext plaintext
K
A-B
encryption algorithm
decryption algorithm
A-B
K
A-B
plaintext
message, m K (m) A-B
K (m) A-B
m = K ( ) A-B