Network Security 網路安全. Lecture 1 February 20, 2012 洪國寶

Transcription

1 Network Security 網路安全 Lecture 1 February 20, 2012 洪國寶 1

2 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2

3 Course information (1/6) Instructor: Professor Gwoboa Horng Basic assumption It is assumed that students in this course have a basic understanding of complexity theory. Some knowledge of modular arithmetic will be helpful but not required. Course web page: 3

4 Course information (2/6) Textbook Cryptography and Network Security, 4/E by William Stallings, Prentice Hall, ( 開發圖書公司 ) Cryptography and Network Security: Principles and Practices, 5/E by W. Stallings, Prentice Hall, ( 開發圖書公司 ) Textbook web page: raphy/index.html 4

5 Course information (3/6) 參考書籍近代密碼學及其應用賴溪松韓亮張真誠松崗旗標出版社 5

6 Course information (4/6) The objective of this course is to examine both the principles and practice of cryptography and computer network security. Our focus is on Internet Security which consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. The course material is of use to computer and communication engineers who are interested in embedding security into an information system. 6

7 Course information (5/6) This class is Not a lab or programming course Not a math course, either 7

8 Course information (6/6) Grading (Tentative) Homework 15% (You may collaborate when solving the homework, however when writing up the solutions you must do so on your own. No typed or printed assignments.) Project 20% (Presentation and/or paper required) Midterm exam 25% (Open textbook and notes) Final exam 30% (Open textbook and notes) Class participation 10% 8

10 Motivation Some real examples of security incidents 10

11 Some real examples (1/12) 11

23 Some real examples (Recapitulation) Security incidents Hacker intrusion Password compromise (access control) Spam/hoax (data integrity) Program security Virus Denial of service 23

24 Incidents reported 24

26 Background Information Security requirements have changed in recent times traditionally provided by physical and administrative mechanisms computer use requires automated tools to protect files and other stored information use of networks and communications links requires measures to protect data during transmission 26

27 Definitions Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks 27

28 Security Trends 28 growth in sophistication of attacks contrasting with decrease in skill & knowledge needed to mount an attack

29 Security Goals The goal of security is to institute controls that preserve secrecy: assets are accessible only by authorized parties; integrity: assets can be modified only by authorized parties; availability: assets are available to authorized parties. 29

30 Security Goals Confidentiality Integrity Availability 30

31 Services, Mechanisms, Attacks need systematic way to define requirements consider three aspects of information security: security attack security mechanism security service consider in reverse order 31

32 Security Service is something that enhances the security of the data processing systems and the information transfers of an organization intended to counter security attacks make use of one or more security mechanisms to provide the service replicate functions normally associated with physical documents eg. have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed 32

33 Security Mechanism a mechanism that is designed to detect, prevent, or recover from a security attack no single mechanism that will support all functions required however one particular element underlies many of the security mechanisms in use: cryptographic techniques hence our focus on this area 33

34 Security Attack any action that compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems have a wide range of attacks can focus of generic types of attacks note: often threat & attack mean same 34

35 Security Services (X.800) Authentication - assurance that the communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication 35

36 Security Services (X.800) Authentication - assurance that the communicating entity is the one claimed Peer Entity Authentication Used in association with a logical connection to provide confidence in the identity of the entities connected. Data-origin Authentication In a connectionless transfer, provides assurance that the source of received data is as claimed. 36

37 Security Services (X.800) Access Control - prevention of the unauthorized use of a resource The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 37

38 Security Services (X.800) Data Confidentiality protection of data from unauthorized disclosure Connection Confidentiality: The protection of all user data on a connection. Connectionless Confidentiality: The protection of all user data in a single data block. Selective-Field Confidentiality: The confidentiality of selected fields within the user data on a connection or in a single data block. Traffic-flow Confidentiality: The protection of the information that might be derived from observation of traffic flows. 38

39 Security Services (X.800) Data Integrity - assurance that data received is as sent by an authorized entity Connection Integrity with Recovery: Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. Connection Integrity without Recovery Selective-Field Connection Integrity: Provides for the integrity of selected fields within the user data of a data block transferred over a connection. Connectionless Integrity: Provides for the integrity of a single connectionless data block. Selective-Field Connectionless Integrity 39

40 Security Services (X.800) Non-Repudiation - protection against denial by one of the parties in a communication Nonrepudiation, Origin: Proof that the message was sent by the specified party. Nonrepudiation, Destination: Proof that the message was received by the specified party. 40

41 Security Mechanisms (X.800) Specific security mechanisms: May be incorporated into the appropriate protocol layer in order to provide some of the OSI security services. encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Pervasive security mechanisms: Mechanisms that are not specific to any particular OSI security service or protocol layer. trusted functionality, security labels, event detection, security audit trails, security recovery 41

42 Security Mechanisms (X.800) Specific security mechanisms Encipherment: The use of mathematical algorithms to transform data into a form that is not readily intelligible. Digital Signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the recipient). Access Control: A variety of mechanisms that enforce access rights to resources. Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of data units. 42

43 Security Mechanisms (X.800) Specific security mechanisms (cont.) Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of information exchange. Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. Routing Control: Enables selection of particular physically secure routes for certain data and allows routing changes. Notarization: The use of a trusted third party to assure certain properties of a data exchange. 43

44 Security Mechanisms (X.800) Pervasive security mechanisms Trusted Functionality: That which is perceived to be correct with respect to some criteria (e.g., as established by a security policy). Security Label: The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource. 44

45 Security Mechanisms (X.800) Pervasive security mechanisms (cont.) Event Detection: Detection of security-relevant events. Security Audit Trail: Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities. Security Recovery: Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions. 45

46 Relationship between security services and mechanisms 46

47 Security Attacks 47

48 Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modification: This is an attack on integrity Fabrication: This is an attack on authenticity 48

49 49

50 Classify Security Attacks as passive attacks - eavesdropping on, or monitoring of, transmissions to: obtain message contents, or monitor traffic flows active attacks modification of data stream to: masquerade of one entity as some other replay previous messages modify messages in transit denial of service 50

51 Passive Attack: release of message contents 51

52 Passive Attack: traffic analysis 52

53 Active Attack: replay 53

54 Active Attack: denial of service 54

55 Examples of security attacks Social engineering 55

56 Examples of security attacks Impersonation 56

58 Advantages of computer networks Resource sharing Increased reliability Distributing the workload Expandability 58

59 Network concepts Terminology: node, host, link, terminal Media: cable, optical fiber, microwave Type of network: LAN, WAN, internet Topology: common bus, star or hub, ring Protocol: ISO reference model, TCP/IP 59

60 The Physical Organization of Networks Node: The generic name given to all devices hooked up to a network. Each node must have a unique address assigned to it by the network. Networks are either direct-connected or those that are not directly linked. Direct-connected network: Those whose nodes have direct connections through either physical or wireless links. Point-to-point: Simplest version of direct-connected network. Connecting two computing systems.» Example of point to point: Home to ISP. Example of a network that is not directly linked: Internet. 60

61 The Physical Organization of Networks The bus network - A continuous coaxial cable to which all the devices are attached. All nodes can detect all messages sent along the bus. The ring network - Nodes linked together to form a circle. A message sent out from one node is passed along to each node in between until the target node receives the message. Linking nodes: 61

62 The Physical Organization of Networks The star network - Each node is linked to a central node. All messages are routed through the central node, who delivers it to the proper node. The tree network - (hierarchical network) Looks like an upside-down tree where end nodes are linked to interior nodes that allow linking through to another end node. Linking nodes: 62

63 The Physical Organization of Networks The fully connected network - All nodes are connected to all other nodes. Linking nodes: Internetworking - Connecting together any number of direct-connected networks. The largest: Internet. 63

64 Software Architecture of Networks Problem: Connect several different machines running different operating systems (Windows, OS/2, MacOS, UNIX, VMS...) Now, try to: send , data or files between them. Solution: Create a standardized set of rules, or protocols, that, when followed, will allow an orderly exchange of information. Protocol = set of rules governing data communication between peer entities, i.e. format and meaning of frames/packets. A collection of these programs is called a protocol suite. Must be on all computers or nodes in the network. In order to send data over the network, the necessary programs must be executed. 64

65 The concept of protocol layering Protocols are stacked vertically as series of layers. Each layer offers services to layer above through an interface, shielding implementation details. Service = set of primitives provided by one layer to layer above. Service defines what layer can do (but not how it does it). Layer n on one machine communicates with layer n on another machine (they are peer processes/entities) using Layer n Protocol. The entire hierarchy is called a protocol stack The OSI seven-layer model TCP/IP 65

66 The OSI Reference Model OSI Reference Model an internationally standardised network architecture. An abstract representation of an ideal network protocol stack; not used in real networks. OSI = Open Systems Interconnection. Specified in ISO (ISO = International Organization for Standardization) Model has 7 layers. 66

67 The OSI Model Layer 7 Layer 6 Layer 5 Layer 4 Layer 3 Layer 2 Layer 1 Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer 67

68 Lower/Upper Layers Layers 1-4 often referred to as lower layers. Layers 5-7 are the upper layers. Lower layers relate more closely to the communications technology. Layers 1 3 manage the communications subnet. the entire set of communications nodes required to manage comms. between a pair of machines. Layers 4 7 are true end-to-end protocols. Upper layers relate to application. 68

69 Internet Protocols vs OSI Application 7 5 Application Presentation 6 Session 5 4 TCP Transport 4 3 IP Network 3 2 Network Interface Data Link 2 1 Hardware Physical 1 69

70 Internet Protocols The Architecture of the Internet Four-layer architecture: FTP HTTP NV TFTP TCP UDP IP Network #1 Network #2 Network N 70

71 TCP/IP Protocol Layering Host A Application Layer Message Host B Application Layer Transport Layer Internet Layer Network Interface Layer Packet Datagram Frame Transport Layer Internet Layer Network Interface Layer Physical Network 71

72 Protocol Layering and Routing Host A Application Layer HTTP Message Host B Application Layer Transport Layer TCP Packet Transport Layer Internet Layer Router Internet Layer Internet Layer IP Datagram IP Datagram Network Interface Ethernet Frame Network Layer Ethernet Frame Network Interface Physical Network Physical Network 72

74 Model for Network Communication Security 74

75 Model for Network Communication Security using this model requires us to: design a suitable algorithm for the security transformation generate the secret information (keys) used by the algorithm develop methods to distribute and share the secret information specify a protocol enabling the principals to use the transformation and secret information for a security service 75

76 Model for Network Access Security

77 Model for Network Access Security using this model requires us to: 1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources 77

79 Outline of the course Introduction (Chapter 1) Conventional encryption: classical techniques, modern techniques, algorithms, confidentiality using conventional encryption (Chapters 2 7) Public-key encryption and hash functions: public-key cryptography, number theory, message authentication and hash functions, hash and MAC algorithms, digital signatures and authentication protocols (Chapters 8 13) 79

80 Outline of the course (Cont.) Network security practice: authentication applications, IP security, Web security, anonymous communications (Chapters 14 17) System security: intruders, viruses, and worms, firewalls (Chapters 18 20) Other topics: Wireless network security, Searchable encryption, Client puzzles, 80

81 Questions? 81

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Network Security 網路安全. Lecture 1 February 20, 2012 洪國寶