Introduction To Security and

Forensic Technologies
Security Concepts, Models and
Protocols

Learning Outcome
At the end of this session you should be
able to explain: Basic concepts of security
Several terms in basic security

Module Code and Module Title

Title of Slides

Basic Security Terms

Classic security concerns deal more with
data:
Confidentiality
data only available to those authorised,
Availability
you can get it when you want it,
Integrity
data has not been changed.
Module Code and Module Title

Title of Slides

Basic Security Terms

Additional concerns deal more with people
and transactions:
Trust
who you are and what you are authorized to do,
Non-repudiation
you cant deny doing something you did,
Auditability
I can check what you did to the data,
Reliability
the system does what I want, when I want it to,
Privacy
within certain limits no one should know who I am or what I do.
Module Code and Module Title

Title of Slides

Security Objectives
Confidentiality: prevent/detect/deter
improper disclosure of information.
Integrity: prevent/detect/deter improper
modification of information.
Availability: prevent/detect/deter improper
denial of access to services.

Module Code and Module Title

Title of Slides

Relationship Between Confidentiality,

Integrity, and Availability

Module Code and Module Title

Title of Slides

AAA
What is Authentication?
How does it work?
How can it fail?

What is Accounting?
How does it depend on Authentication?
What is its utility?

What is Authorisation?
How does it depend on Authentication?
Where and how do authorization systems work?

Module Code and Module Title

Title of Slides

Authentication
The process by which a person or other entity proves
that it is who (or what) it says it is.
Want to authenticate the person or entity that you are
dealing before transferring something valuable, such as
information or money, to or from, it.
Authentication is achieved by presenting some unique
identifying entity to the endpoint that is undertaking the
process:
An example of this process is the way you authenticate yourself
with an ATM: here you insert your bank card (something you
have) and enter your personal identification number (PIN,
something you know).
Module Code and Module Title

Title of Slides

Computer Identification
How we identify a human to a computer?
Username/Passwords (common),
Token, e.g. ATM card,
Cryptographic protocols,
Combinations, e.g. token and password,
Biometrics, e.g. face recognition, finger prints,
and retina/iris scans.

Module Code and Module Title

Title of Slides

Passwords
Most common identification technique:
Variants: such as PIN (number), memorable
date, mothers maiden name.

Problem: we are not well-suited to

remembering passwords:
Especially rarely used ones,
We can also confuse passwords used in
similar contexts.

Module Code and Module Title

Title of Slides

Vulnerabilities

Users reveal passwords to outsiders.

Users reuse passwords.
Users choose easy to guess passwords.
Password observed on entry.
Password obtained from system files.

Module Code and Module Title

Title of Slides

Tokens and Smart Cards

Tokens (One-Time Passwords)
Smartcards
Memory Smart Cards strore information
(such as a Digital Certificate)

Module Code and Module Title

Title of Slides

Biometric Identification
Passwords are pretty useless at
identifying people.
Biological authenticators, based on some
physical characteristic of the human body
such as a fingerprint, the pattern of a
person's voice, or a face (picture).

Module Code and Module Title

Title of Slides

Authorisation
Is the act of providing the rights to perform some action:
Typically based on what are known as Access Control Lists
(ACLs), which for some set of resources, a list of user names
and their rights are provided.

For example, the mere possession of a security badge

does not grant you the right to enter a restricted area,
such as the administration room:
An examples could be a guest list for an event or a door lock
that reads your badge.

Module Code and Module Title

Title of Slides

Setting Up Access Rights

Classify users into groups:
Patients, doctors, chemist, lab, admin,

Classify resources into groups:

Prescriptions, blood test results, diagnoses, patient contact
details,

Classify access rights:

Read, write, delete, modify, append,
Domain specific: number AIDS cases per region.

Module Code and Module Title

Title of Slides

Access Control Lists (ACL)

Specify the access permissions of each group for each
resource (or resource type):
(doctors, blood-test.db) read access.
(lab, blood-test.db) - read, write access.

Program-specific permissions:
Allows application-specific restrictions:
(NHS, blood-test.db, SPSS) AIDS/region

Module Code and Module Title

Title of Slides

Accounting
Accounting refers to the tracking of the

consumption of network resources by users

It used for management, planning, billing, or
other purposes.
Real-time accounting refers to accounting
information that is delivered concurrently with
the consumption of the resources.
Batch accounting refers to accounting
information that is saved until it is delivered at
a later time.

Module Code and Module Title

Title of Slides

Accounting
Typical information that is gathered in
accounting may be:
the identity of the user,
the nature of the service delivered,
when the service began, and when it
ended.

Module Code and Module Title

Title of Slides

Trust
Trust is the assured reliance on the character, ability,
strength, or truth of someone or something.
A distributed environment requires explicit statements of
trust, such as:
who is trusted to do what,
Also obligations of all the parties involved in the trust
relationship.

Trust percolates through almost every stage of todays

security infrastructure and can be seen as a key issue
with the world of information assurance.

Module Code and Module Title

Title of Slides

Integrity
This is the assurance that the data has not changed
since it was written:
e.g., prevent a potential intruder-in-the-middle from changing
messages.

Data integrity can be checked using:

A check-sum, which is a simple error-detection scheme where
each transmitted message is accompanied by a numerical value
based on the number of set bits in the message:
Checked by the receiving station - if different the receiver can
assume that the message has been garbled.

Hash functions, any one-way function that reduces variable

sized data to a fixed length hash code:
If the hashes of two documents differ, then the documents differ.
Module Code and Module Title

Title of Slides

Confidentiality
This is the act of ensuring no one but authorised parties
(who know some secret) can understand the data.
There are two mechanisms used to ensure data
confidentiality, the more common encryption, and
steganography:
With encryption an algorithm or function (encrypt) that
transforms plain text to cypher text where the meaning is hidden,
but which can be restored to the original plain text by another
algorithm (decrypt).
Steganography, on the other hand is where a message is hidden
in another message or image:
It is used when it is necessary to conceal the fact that a secret
message is being transmitted.
Module Code and Module Title

Title of Slides

Summary
Basic concepts of security
Several terms in basic security
- CIA
- Trust
- AAA

Module Code and Module Title

Title of Slides