SECURITY

Security is the condition of being protected against danger or loss. In the

general sense, security is a concept similar to safety.
Security is often cited as a major barrier to electronic commerce.
Prospective buyers are leery of sending credit card information over the
web.
Prospective sellers worry that hackers will damage their systems.

Internet security is the process of protecting data and privacy of devices

connected to internet from information robbery, hacking, malware infection
and unwanted software.
 5 WAYS TO PROTECT YOURSELF IN CYBERSPACE

O. Install a Virus Protection Software and a Firewall.

2. Be careful with the information you give.
3. Clean very often your memory cache.
4. Download information, only, when you trust the sender.
5. Check Privacy & Security policies of websites you visit.
 Basic Security Issues

4 What kinds of security questions arise?

± From the user¶s perspective:
4 ow can the user be sure that the Web server is owned
and operated by a genuine company?
4 ow does the user know that the Web page and form do
not contain some malicious or dangerous code or
content?
4 ow does the user know that the owner of the Web site
will not distribute the information the user provides to
some other party
4 What kinds of security questions arise?
± From the company¶s perspective:
4 ow does the company know the user will
not attempt to break into the Web server or
alter the pages and content at the site?
4 ow does the company know that the user
will not try to disrupt the server so that it is
not available to others?
4 What kinds of security questions arise?
± From both parties¶ perspectives:
4 ow do both parties know that the network
connection is free from eavesdropping by a
third party ³listening´ on the line?
4 ow do they know that the information sent
back-and-forth between the server and the
user¶s browser has not been altered?
 Cornerstones of Security
Authenticity
the sender of a message is who he, she or it claims to be
Privacy
the contents of a message are secret and only known to the sender
and receiver
Integrity
the contents of a message are not modified (intentionally or
accidentally) during transmission
Non--repudiation
Non
the sender of a message cannot deny that he, she or it actually sent
the message
 á


Encryption is the conversion of data into a

secret code, that cannot be easily understood
by unauthorized people.
Encryption makes information useless to
hackers
 =á


Decryption is the process of

converting encrypted data back
into its original form, so it can be
understood.

 


The process of converting a

message into a secret code and
changing the encoded message
back to the regular text.


There are two primary cryptography techniques.
which are used to encrypt text, graphics, and other
information in a form that can be recovered by
someone who has an appropriate key.
 



  


A single key is used to encrypt and decrypt

information. This technique is called symmetric
key encryption.
 $  $


! 

 " 
á =
#!  
 =á#!!
%=á#&
O. The most widely used symmetric encryption algorithm is the
DES.
2. DES was developed by the National Institute of Standards &
Technology (NIST).
3. This algorithms specifies both enciphering and deciphering
operations which are based on a binary number called a key.
4. The DES key consist of 64 binary digits (³0´s or ³O´s).
 

Public-key cryptography, also known as
asymmetric encryption, uses two different keys: a
public key and a private key

$'  $'

 


! 

 " 
á =
#!  
  (#)(! !)
%# &
O. The most popular algorithm with public-key cryptography is the RSA.
2. This Algorithm has never been broken by hackers, so it is seen as the
safest encryption method known to date.
3. Ronald Rivest, Adi Shamir, and Leonard Adleman developed the RSA
system in O

4. RSA key lengths ranging from 5O2 to O024 bits.
5. RSA is the most widely used algorithm for encrypting email messages.
6. The main problem with public-key algorithm is their speed.
O. The public key is known to all authorized users.
2. The private key is known only to one person ± the owner.
3. The sender encrypts the message with the receiver¶s public key.
This requires that the receiver¶s public key be delivered in
advance.
4. The message encrypted in this manner can only be decrypted
with the receiver¶s private key.
5. The most popular algorithm with Public-key cryptography is the
RSA.
CIP ER TEXT
The encoded message is called ciphertext or scrambled
message.
PLAIN TEXT
The un-encoded message is called plaintext.
The original message in human readable form.

ENCRYPTION ALGORIT 

The mathematical formula used to encrypt the plain text

into ciphertext and vice versa.
 = *# +á
In cryptography, a digital signature or digital signature scheme is a type of
asymmetric cryptography used to simulate the security properties of a
signature in digital, rather than written, form. In cryptography, a digital
signature or digital signature scheme is a type of asymmetric cryptography
used to simulate the security properties of a signature in digital, rather than
written, form.
A digital signature is an electronic signature that can be used to authenticate
the identity of the sender of a message or the signer of a document
Digital signatures are based on public-key cryptography.
 á á,#,= *# +á

These following are the common reasons for applying a digital

signature to communications:

O. Authentication
2. Integrity
 $'  $'
 

 
" "

!
"
# á = #

#!  $' $  

#! '#!
The basic idea is that messages encrypted with a private key can
only be decrypted with a public key.

O. Essentially, the sender creates a signature (like Asim Iftikhar) and

encrypts with his private key.
2. This signature is then attached to the message and the combined
message is encrypted with the recipient public key.
3. Upon receipt, the message is first decrypted with the recipient private
key and the signature is decrypted with the senders public key.
4. If the phrase is successfully decrypted, the the recipient knows that the
message could have only been sent by the holder of senders private key.
O. To sign a document, sender will crunch down the data into just a few lines by a process
called ³ ashing´. These few lines are called ³essage Digest´. (it is not possible to
change a message digest back into the original data from which it was created).
2. Sender then encrypts the message digest with his private key. The result is ³Digital
Signature´.
3. Finally sender appends the digital signature to document and the combined message is
encrypted with the recipient public key. The result is ³Digital Envelope´.
4. Upon receipt, the message is first decrypted with the recipient private key and the
signature is decrypted with the senders public key (changing it back to message digest).
If this worked, then it proves that sender signed the document.
5. Receiver then hashes the document data into message digest.
6. If the message digest is the same as the message digest created when the signature
was decrypted. Then receiver knows that the signed data has not been changed.
Digital Signatures

AS
A mathematical computation that is applied to a message, using a
private key, to encrypt the message

ESSAGE DIGEST
A summary of a message, converted into a string of digits, after the
hash has been applied

DIGITAL ENVELOPE
The combination of the encrypted original message and the digital
signature, using the recipient¶s public key
á
ibit : Digital Signatures
 á#á-á

A web server is a computer with special

software to host web pages and web
applications. Web server's traditional
function has been to serve static TL
(and more recently XL) pages.
 á#á-á./%
&
Functions:
O. service TTP requests
2. provide access control, determining who can access particular
directories or files on the Web server
3. run scripts and external programs to either add functionality to
the Web documents or provide real-time access to database
and other dynamic data
4. enable management and administration of both the server
functions and the contents of the Web site
5. log transactions that the user makes
 



• A part of SSL (Secure Socket Layer) is available on

customers¶ browsers
it is basically an encryption mechanism for order taking, queries
and other applications
it does not protect against all security hazards
it is mature, simple, and widely used

• SET ( Secure Electronic Transaction) is a very

comprehensive security protocol
it provides for privacy, authenticity, integrity, and, or repudiation
it may be abandoned if it is not simplified/improved
 



#á%#á& ##*%##*&

)" #)

#á!!! ##*'

))/ )
"%&/
#á!)0 ##*)
!!')') '(
)(!! )1/#(
!')( )! 
 /) !')!
!?


 !!')(
!
!)/
 SECURITY INCIDENTS
A security incident is any network-related activity with negative
security intentions. This usually means that the activity violates
security policy.
Incidents come in all shapes and sizes. They can come from
anywhere on the Internet, although some attacks must be
launched from specific systems or networks and some require
access to special accounts. An intrusion may be a comparatively
minor event involving a single site or a major event in which tens
of thousands of sites are compromised.
 TYPES OF INCIDENTS
Incidents can be broadly classified into several kinds:
O. PROBE
2. ACCOUNT COPROISE
3. ROOT COPROISE
4. PACKET SNIFFER
5. DANIEL OF SERVICE
6. INTERNET INFRASTRUCTURE ATTACKS
. ALICIOUS CODE
PROBE
A probe is characterized by unusual attempts to gain
access to a system or to discover information about
the system.

ACCOUNT COPROISE
An account compromise is the unauthorized use of a
computer account by someone other than the
account owner, without involving system-level or
root-level privileges. An account compromise might
expose the victim to serious data loss, data theft, or
theft of services.
ROOT COPROISE
A root compromise is similar to an account compromise,
except that the account that has been compromised has
special privileges on the system. The term root is derived
from an account on UNIX systems that typically has
unlimited, or "superuser", privileges.

PACKET SNIFFER
A packet sniffer is a program that captures data from
information packets as they travel over the network. That
data may include user names, passwords, and proprietary
information that travels over the network in clear text.
DENIAL-OF-SERVICE
The goal of denial-of-service attacks is not to gain
unauthorized access to machines or data, but to
prevent legitimate users of a service from using it

INTERNET INFRASTRUCTURE ATTACKS

These rare but serious attacks involve key
components of the Internet infrastructure rather than
specific systems on the Internet. Examples are
network servers, network access providers, and
large archive sites on which many users dependa
ALICIOUS CODE
alicious code is a general term for programs that,
when executed, would cause undesired results on a
system. Users of the system usually are not aware
of the program until they discover the damage.
alicious code includes Trojan horses, viruses, and
worms.
ð
 


O. Define the following terms and O e.g each:

4 acker
4 Virus
4 Spoofer
4 Sniffing
4 alicious software

2. What is the difference between SPYWARE and ADWARE

3. Write a detailed note on FIREWALL?