The Information Security Assurance Markup Language - Computer…

  • 5,984 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
5,984
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
12
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Extracts of the Minutes of Fifth ExecCom (2006-’07) held on 31st March, 2007 at Delhi (Venue : Guru Gobind Singh Indraprastha University, Delhi) Eleven ExecCom Members, nine President informed the ExecCom take it forwardSpecial Invitees and one from the that DSIR, Delhi has recently granted New CSI Student Branches :Secretariate attended the meeting. recognition to CSI as a scientific and ExecCom approved formation Mr. Lalit K Sawhney, President, research organisation for the 3 year of the CSI Student Branches at thecalled the meeting to order. He period 2006 to 2009 based on which following institutions:welcomed Prof. K K Aggarwal, the CSI will seek to get approval of Director i) AISSMS College of Engineering,incoming President, and his newly General of Income-Tax (Exemptions), Puneelected team, and all others present, Kolkata to avail of income-tax exemption ii) Anil Neerukonda Inst. of Tech. &to the fifth meeting of the ExecCom as in the past. Sciences, Vishakapatnamfor the year 2006-07. He thanked Education Directorate Budget iii) G H Raisoni College of Engineering,all the outgoing members of the Update: Mr S Sudharssanam, Advisor, NagpurExecCom and others concerned for their CSI Education Directorate, apprised iv) K S R College of Engineering,active cooperation and assistance in members the actual performance and Coimbatorecollectively carrying out the objectives achievements of the CSI Education v) Valliammai Engg. College, Chennaiof the Society during his tenure as Directorate vis-à-vis the budget for the ExecCom also ratified formation ofPresident. period 1st April 2006 to 28th March the CSI Student Branch at IIM, Indore The items on the agenda were 2007 and mentioned that there was with less than 75 student membersthereafter taken up for consideration. significant improvement compared to approved by OBs earlier. President briefly gave some the same period of last year.highlights of the efforts made during Membership status and new International Activities:the year in different areas, especially in membership: Mr Satish Babu, Hon IFIP : CSI bid to host Worldimproving the infrastructure, focussed Secretary and Chairman, Membership Computer Congress-2010: Ms Prasoona,to enhance the visibility and image Committee, informed that the new Manager, Conf. Mgmt. Services gaveof a resurgent CSI. He mentioned software for membership database is in a presentation on CSI’s bid to IFIP tothat the situation has significantly place and the problems faced earlier host the World Computer Congress-changed in the country during the have been overcome to quite an extent. 2010 in India and mentioned that alast few years and the Society need Further improvements are expected two-member Site Inspection Committeebe fully geared to face the present and barring unforeseen problems. He gave of IFIP will be coming on a two-dayemerging challenges and expectations the figures of membership as on 22nd visit to India during 3rd week of Mayof the membership and that he was March 2007, which indicated that the 2007 to see the sites offered by CSI andquite confident that Prof K K Aggarwal total membership including students other infrastructure available. The finaland his new team will accept the have increased at the end of 31st outcome of CSI’s bid will be knownresponsibilities with greater vigour. March, 2006. only after the committee completes its President referred to the minutes Mr. Satish Babu also read out the visits to all the bidding countries andof the last meeting of the ExecCom membership status of those chapters IFIP takes a final decision.held on 8th January, 2007 at Hyderabad whose membership had fallen below 75 SEARCC : President apprisedand invited comments if any from when the ExecCom decided that: the ExecCom efforts made by CSI tomembers. There being no comments Ujjain Chapter should be revoked. continue SEARCC in the back drop offrom any member ExecCom approved Hosur Chapter should be attached suggestions made by some SEARCCand confirmed the minutes and took to Bangalore Chapter and efforts made members like Australia and Newthem on record. to reactivate the Chapter. Progress Zealand to dissolve the organisation. As CSI-2007 update : Prof Swarnalatha should be reviewed after a year. a result of our efforts the whole focusRao gave a power point presentation MOU with Institution of Engineers has now turned to continue SEARCCon the CSI-2007 Annual National (IEI) : Members were informed of the and conduct its activities. A finalConvention proposed to be held at MOU signed with IEI the gist of which decision on these issues will be taken atBangalore. was read out by Mr Bipin Mehta and the next SEARCC Annual Convention HQ Budget Update: Mr. Satish explained to them. scheduled in Bangkok in August 2007.Doshi, Hon Treasurer, apprised members MOU with Microsoft : Mr. Bipin Status of AIC : President mentionedthe actual income and expenditure Mehta gave a gist of the MOU and that as proposed by CSI it has beenfigures of various items for the period explained the benefits arising out of decided to dissolve AIC and disburse its1st April 2006 to 28th February 2007 the MOU to CSI, especially to the CSI funds to its members who will continuevis-à-vis the budget and mentioned Student Members. with SEARCC as both AIC and SEARCCthat though there were some items ExecCom decided that Director are having similar objectives.of concern, overall there has been (Education), the Chairman, Division- CSI Education Directorate :considerable improvement in the V (Education & Research) and theperformance and achievement compared National Student Co-ordinator will be Status of CSI’s Chennai Buildingto the same period of last year. responsible for acting on the MOU and Mr S Sudharssanam informed that (Contd. on pg.60)
  • 2.    Executive Committee 2007-08/09President Vice-President C o n t e n t s Vol. 31 August 2007 No. 5Prof. K K Aggarwal Mr. S Mahalingampresident@csi-india.org vp@csi-india.orgHon. Secretary Hon. Treasurer Special Theme Issue : Information SecurityMr. Satish Babu Mr. Ajit Kumar Sahoo Information Security – Transcending Technology…...................................................... 4secretary@csi-india.org treasurer@csi-india.org Dr. Rama K SubramaniamImmd. Past President Establishing Secured HMAC Protocol toMr. Lalit Sawhney Enhance Broadcast Authentication in Wireless Sensor Networks ................................. 6lalit.sawhney@gmail.com Mr. B Paramasivan, Dr. S RadhaKrishnan & Ms. S AthilakshmiRegional Vice-Presidents Cryptography-based Secure Authentication Watermarking for Binary Images . ............. 13Mr. M P Goel (Region I) Mr. M Venkatesan, Mrs. P MeenakshiDevi, Dr. K.Duraiswamy & Dr. K Thyagarajahrvp1@csi-india.org Teganography – Art of Hiding Information. ............................................................... 16 .Mr. Rabindra Nath Lahiri (Region II)rvp2@csi-india.org Kuldeep SinghProf. S G Shah (Region III) Information Security Issues in Wireless Networks .................................................... 18rvp3@csi-india.org Kaleem A. Usmani & Dr. Nupur PrakashDr. Himansu K Mohanty (Region IV) Towards More Effective Virus Detectors................................................................... 21rvp4@csi-india.org Raghunathan Srinivasan & Partha DasguptaMs. Sudha Raju (Region V)rvp5@csi-india.org Captcha – A Case for Accessible Design of Information Security Systems. .................. 24 .Mr. Milind Kshirsagar (Region VI) Sambhavi Chandrashekar & Harish Kumar Kotianrvp6@csi-india.org Information Security Auditing................................................................................. 29 .Dr. S Arumugam (Region VII) R Anusooya, S A V Satya Murty, S Athinarayanan, P Swaminathanrvp7@csi-india.org Information Assurance Markup Language – IAML. .................................................... 34 .Ms. Lynette Saldanha (Region VIII) Vicente Aceituno Canalrvp8@csi-india.org Information Security- Normalized Risk Assessment and treatment methodology. ......... 36 .Division Chairpersons S Velmourougan & Dr. S MuttanProf. Swarnalatha Rao Division-I (Hardware) Implementing Information Security Policies – the people perspective.......................... 40div1@csi-india.org P PrasannavadananMr. H R Mohan Division-II (Software) Information and Network Security Aspects in e-Governance Framework...................... 42div2@csi-india.org Dr. Durgesh Pant & M K SharmaMr. Deepak Shikarpur Division-III (Sc. Appln.) Managed Security Services – A Perspective............................................................ 47div3@csi-india.org M P BadrinathDr. C R Chakravarthy Division-IV Incident handling and Management........................................................................ 50div4@csi-india.org (Communications) Brian HonanProf. H R Vishwakarma Division-V Cyber Crime : A Criminological and Victimological Paradigm...................................... 56 .div5@csi-india.org (Edu. & Research) Dr. R Thilagaraj & Dr. S LathaNominations CommitteeDr. R K Datta Chairman DEPARTMENTSrkdatta_in@yahoo.comMr. H S Sonawala Member Community Talk...................................................................................................... 2hss@hinditron.com President’s Desk. ................................................................................................... 3 .Mr. Suresh Chandra Bhatia Memberdrscbhatia@sify.comChairman Publications Committee CSI TOPICSMr. S Srinivasan, ss@srasys.co.in Extracts of the Minutes of Fifth ExecCom (2006-’07). .................................. 2nd Cover .Dr. T V Gopal - Chief Editor, gopal@annauniv.edu Revised Schedule for Young Talent Search .............................................................. 41Adviser, Education DirectorateMr S Sudharssanam, diredu@csi-india.org CSI Calendar 2007............................................................................................... 55Executive Secretary Extracts of the Minutes of First ExecCom (2007-’08). ............................................. 60 .Ms. Priyalata Pal, csi@bom2.vsnl.net.in CSI Chapter News. ............................................................................................... 63 .Published byMs. Priyalata PalFor Computer Society of India C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 
  • 3. Community Talk What is information?Community  Talk This is one of the big questions computer scientists are asking. The researchers worldwide are studying several fundamental aspects of information such as its analysis and dynamics, semantics, intelligence, nature and values. Representing, transmitting and receiving information are proving to be relatively simpler problems. Philosophy of Information is a new specialization that is examining the notion of information in its entirety. The disappearance of network boundaries is adding a new dimension to the way the information economy evolves. The socio-cultural aspects of information are becoming crucial in the global village. The strange facet of security is that everything appears secure until there is a breach. Information Security is thus a very intriguing theme. Information security is simply defined as the process of protecting data from unauthorized access, use, disclosure, destruction, modification, or disruption. It is obviously connected to Computer Security and Network Security. Accessibility, Affordability and Assurance form the three major pillars of the process providing Information Security. The accessibility of information factors issues related to authentication, confidentiality and integrity. Risk management is an integral part of the Information Security process. The ISO-17799:2005 Code of practice for information security management recommends the following be examined during a risk assesment: security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management, business continuity management, and regulatory compliance. Almost all businesses keep sensitive information in their files on their computers. A sound information security plan is built on five key principles: • Take Stock: Know what information is stored in the files of your computers • Scale Down : Categorize the information based on its importance • Lock it : Protect the important information • Pitch it : Dispose information that is not needed • Plan Ahead: Anticipate information security breaches and prevent them from occuring It is of little wonder therefore that the field of information security has grown and evolved significantly in recent years. It has become a career choice with many ways of gaining entry into the field. Universities all over the world are offering specialised programmes in this area. National and International standards are evolving. However, it is always useful to have an appropriate Information Security Oversight process defined to take care of incorrect classification of information. The Information Security Breaches Survey 2006, managed by Pricewaterhouse Coopers on behalf of the UK Department of Trade and Industry (DTI) reveals that 62% of UK companies had a security incident during the year 2006. Three fifths of these companies do not have a security policy. The scenario is not likely to be different in other countries. In India, it may be worse. There are many independent consultants and professional bodies that are extending help and advice to individuals and businesses. Information Security Forum [http://www. securityforum.org/html/frameset.htm] is one of the worlds leading independent forums on information security. Dr. Rama K Subramanian is one of the leading professionals in this area. I wish to place on record my sincere thanks to him for devoting quality time to compile the content for the theme section. Gopal T V Chief Editor gopal@annauniv.edu  C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 4.     From the President’s Desk From the President’s Desk From : aggarwal_krishan@hotmail.com Subject : President’s Desk Date : 1st August, 2007Dear Members,Through this issue of CSI Communications, I would like to compliment one and all IT enthusiasts who are associated with ComputerSociety of India which is a premier body of IT Professionals. Their dedicated efforts towards the fulfillment of CSI Vision: IT for Massesis very appreciable. As you are aware, the promotion of Information Technology as a profession is our top priority, our efforts towardsthis objective for conducting and organizing conventions, conferences, lectures, talks/tutorials, training programmes and workshops andvarious competitions etc. for the benefit of young IT Professionals, academicians and student members of CSI, must be reinforced fromtime to time.There is an urgent need to create a robust and continuous pipeline of talent for the IT Sector. There is also a need for transformation ofa trainable workforce into an employable workforce for this growing sector. Taking into consideration the recent and rapid technologicaladvances and innovative applications of the Internet, the ICT has impacted our daily life. As per the forecast (from NASSCOM, Wikipediaand other courses), sales of wireless multimedia enabled devices including personal computers, home networking gears, is expected togrow from 2.5 million units in 2006 to 5.2 million units by the year 2010. The Indian IT BPO Sector may also clock $60 billion in exportrevenue and $13-15 billion in domestic revenue by 2010. Consequently a large trained workforce of IT Professionals is required to meetthe IT Industry challenges in India. CSI has a very vital role to play to meet this challenge.Over the period of several decades, CSI has grown to a formidable society, spreading its activities all over India with 65 chapters andnumber of student branches in all leading engineering colleges, besides an increasing organizational membership base. Our five divisionsi.e. Hardware, Software, Applications, Communications, and Education & Research in association with CSI chapters, student branchesand number of Special Information Groups (SIGs) and in collaboration with other engineering institutions / organizations and societies arecoordinating various technical activities. Some of the Divisions, Regions, Chapters and the students branches are doing extremely well inorganizing the national as well as regional level conventions, seminars, workshops and competitions with the active participation of largenumber of young IT professionals and student members. I am happily tracking the activities planned by various student branches, CSIchapters, CSI divisions in various regions and the SIGs.However, there is more felt need for collaborative and team activities involving several stake holders concurrently. More workshops maybe planned, designed and organized by other Divisions / Regions for the benefit of IT professionals, practitioners and student memberspreferably conducted jointly in associations with other engineering societies / institutions. This will definitely help in understanding thecurrent and urgent need of the IT professionals, academicians and IT / ITES industry to enable them to address some of the importantproblems related to Software Engineering, Hardware Engineering, Database, Enterprise System and Networking, Internet and WebTechnologies, IT Security, VLSI design / embedded and real time systems etc.For the forthcoming National & Regional level conventions / conferences / workshops / seminars / technical talks on various themes whichhave already been planned and tutorials at the level of CSI student branches on various technical topics, I would suggest that ‘DivisionalChairpersons, Regional Vice Presidents, Chapter Chairmen and Student Coordinators to interact with Directors / Principals of variousengineering colleges and senior representatives from the IT industry in the respective Region for the active and whole hearted support andparticipation of the members in these events. This will ensure participation of senior IT professionals / practitioners, computer scienceengineers, young IT professionals from industry, Govt institutions, academicians and student members of CSI as well as members of localsocieties / institutions to the full capacity.CSI Divisions / Regions, chapters and student branches, which have yet to plan the activities in their respective region, may accord toppriority to this aspect. I feel some of the technical events on various themes already organized by other Divisions / Regions, Chapters andStudent branches of CSI can even be repeated and organized by other chapters / student branches of CSI, depending upon the present andfuture needs of IT industry. By organizing such activities regularly and ensuring maximum active participation / audience in all the events,we can translate the vision of CSI : “IT for Masses” to Reality.Though, a lot has been discussed / debated and presented in the past National / Regional level conferences / seminars / conventions /workshops on the e-governance and IT security / Cyber security we may repeat these topics at other locations for the benefit of otherIT professionals / members of CSI, who could not make it to attend and participate in the lectures / discussion by the experts on thesubjects.With warm regards,Prof. K K Aggarwal C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 
  • 5.     Guest EditorialInformation Security –Transcending Technology…Dr. Rama K Subramaniam personally think not.Chief Executive Officer, Valiant Technologies Security today is a combinationrama@valiant-technologies.com of a number of attributes– products, processes, technology, people and attitudes. When famous bot-herds like 0x-80 say that they do not feel bad about When I was honored with the shared their perceptions of information attacking people who have no rightprivilege of being the Guest Editor security in this issue. to be on the Internet when they dontof this issue devoted to information Early 2000. I came back to India know how to put in basic defenses, wesecurity, I set for myself one simple armed with a CISSP credential after are talking of attitudes. A large numberobjective. It was to make the contents writing my examination in Washington of security surveys including the oneof this issue demonstrative of the fact DC. My friends in the profession asked by FBI/CSI now in its eleventh year ofthat information security is not just me why I wasted time and money publication talk of security infractionstechnology; that it is a combination on something that was management due to a variety of reasons; these clearlyof a number of factors including, and not technology and volunteered show us that security transcendsof course, technology. The various their genuine advice that I should not technology.contributors to this issue have more have traveled to the US but should The authors who have graciouslythan made me feel that the objective is have spent time on understanding contributed papers for publication inwell met. Thank you, all contributors security technology by learning to this issue have brought out the factto this issue, for bringing out a strong configure firewalls and AV systems. that you cannot secure an informationmessage that information security is Many then believed that security was system unless you take a holistic viewmulti-dimensional and has multiple uni-dimensional and it was all about of the need and the process coveringperspectives. technology. what has come to be broadly referred Almost ten years ago, a consular Even today, a very small percentage to as security. Papers by Paramasivanofficial of a EU nation was interviewing in the profession insists on seeing et al and by Venkatesan et al bring outme to determine whether or not to give the non-existent difference between the hard technological dimensionsme a visa to visit his country and started technology and management when it of security. Both these papers haveby asking the customary ice breaker comes to information security. These recommended harnessing the power– What do you do? I told him that I was people are certain that you cannot of security technology to address somean information security professional. manage security unless you know the key issues that is attracting the attentionUnable to hide his amusement, he syntax for, let us say, configuring a given of many researchers and practitionershowever demonstrated his knowledge of router in a particular way. I often get in this area. Papers by Kuldeep Singh,the subject and asked “Oh! You are the amused when I meet people, who insist Usmani and Prakash, and by Srinivasanguys who do firewalls?” I responded that security is directly proportional to and Dasgupta provide an excellentrather hastily that firewalls were one the amount of investment in security insight into some of the oft-discussedof the things that we looked at. It products placed on different points areas in the realm of informationlooked very inappropriate to me to be in their information network. They security. The contents of these paperstold that security is all about a security also ask me to recommend candidates clearly present the threat that surroundsproduct even though it was almost who are strong technically and not to our data and points to directions fora decade ago when products clearly worry about sending them people who relief.dominated the scene. That intrigued know more of the management part of Chandrasekar and Kotian, whohim and he wanted to know what security! When I ask them what does have provided an eye-opener to many“exactly” I was doing beyond firewalls. the management part of security mean, of us who have hardly considered theThat was a time when anything to do most dont know how to articulate, security implications when informationwith information security had to be being victims of pedagogues who technology is to be used by personstechnology driven and security was no themselves perhaps did not know how with visual impairment, bring out aexception to that. Have we gone beyond to see beyond technology; especially unique and new dimension to securitythat? Let us see as we go along and read when it came to security. of information systems. Anusooyathe contributions of experts who have Does such a dichotomy exist? I et al provide an insight into the process  C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 6.    of auditing information security while concerns and benefits of outsourcing place and the security cycle extendsVicente presents IAML as an alternative security processes; a hotly debated to collection of digital evidence andto conventional control framework topic today. Well; our best efforts carrying out of a digital forensicassessment process. These two papers, have failed and a security infraction investigation on any attempt to violatealong with a paper on risk assessment has occurred. What is the response? security. The need to make multi-by Velmourougan and Muttan complete Honan has presented a detailed step- perspective studies on cyber crime anthe E and C segments of the ECA by-step guide to what needs to be done integral part of information security[Evaluation-Certification-Accreditation] when an incident has occurred and the study is a strong plea that I would likeprocess. Prasannavadanan who has paper by Thilagaraj and Latha examine to make. I also want to use this forum toclearly argued for the people dimension security infraction from a refreshingly point to the absence of a comprehensivein information security policies presents different angle – criminological and and verifiable national level surveynon-technology factors comprised in victimological. on information security infractionsthe A of the ECA process. The ECA Most of us in the security business in India; something on the lines ofprocess has supported successful today are convinced that the cycle of annual surveys carried out in the UK,implementation of many e-commerce security operations and management the US, Australia and Scandinavianmodels and the need to focus on trust does not end with an assurance report countries. If the contents of this themewhile accrediting a system, especially that a good ISMS is in place; it is issue will motivate one or more peoplewhen it involves e-governance, is adequately supported by best of breed to structure a study to determinearticulated by Pant and Sharma technology, well trained staff and the nature and extent of information Should we get into this complex validated processes. Despite the best security infractions in the country, thisthing called security or do we outsource combination of people, process and theme issue would have done a yeomenit? Badrinath has addressed the technology, cyber infractions do take service to the information security segment of the IT industry.About the Guest Editor Dr. Rama Subramaniam is Chief Executive Officer of Valiant Technologies Pvt Ltd, an information security and cyber forensics consulting and educational services company. He holds a Masters Degree in Information Technology Management from University of Lincoln, UK and a doctorate in Cyber Crime Management from the University of Madras, India. He also has the FCA, CISSP CISA, CISM, , CSQP CEH, CHFI, Security+ and MCSE credentials. He was former Global Chair of Education and Awareness Expert Group of GAISP , a US based initiative and is currently Global Chair of Accreditation process of OISSG, UK. He is Indias country representative to TC-11 of International Federation of Information Processing. He is Chairman of ISCCRF, a not-for-profit trust devoted to research in the areas of information security and cyber crimes and Vice Chairman of Indian Society of Criminology. “I believe in our free Society, as you seek rights and privileges in that Society, then we have to know who you are. We’re going to need to establish the identity of who you are as an individual. And then, for the greater good of Society, be able to determine whether or not you should be extended that right or privilege.” – Derek Smith, ChoicePoint CEO C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 
  • 7.    Establishing Secured HMAC without any infrastructure support [1]. These features lead to many attractive applications like military and civilianProtocol to Enhance Broadcast operations. But these deployment natures are more prone to malicious attacks. So, security issues becomeAuthentication in Wireless one of the major concerns. Broadcast authentication enables a sender to broadcast critical data and/or commandsSensor Networks to sensor nodes in an authenticated way such that an attacker is unable to forge any message from the sender. However, due to the resource constraints on sensor nodes, traditional broadcastMr. B Paramasivan, M.E1, Dr. S RadhaKrishnan2, authentication techniques such asMs. S Athilakshmi, M.E 3 public key based digital signatures are not desirable. Through compromised nodes, an adversary may launch security attacks against the sensor1, 3 Dept of CSE, National Engineering College, Kovilpatti, Tamilnadu. network ranging from the physical1 Email id: bparamasivan@yahoo.co.in, 3risath_02@yahoo.co.in layer to the application layer. Due to the2 Dept of CSE, Arulmigu Kalasalingam College of Engineering, Srivilliputhur vast variety and novelty of attacks, weEmail: radhakrishnan@akce.ac.in believe no single solution can address all the attacks. In our previous work With the progression of computer networks extending boundaries [13] we developed an H-MAC protocol and joining distant locations, wireless sensor networks (WSN) to address the security vulnerabilities of emerge as the new frontier in developing opportunities to collect a denial of sleep attack against leading and process data from remote locations. Due to this deployment energy-efficient Medium Access Control (MAC) protocols, which uses the Hash- nature of Wireless Sensor Networks are more vulnerable to based cluster Head selection scheme malicious attacks. The Security offered by the current software rather than using a passive method and hardware implementations of MAC protocols are insufficient of determining the next gateway by to protect a WSN from a Denial of Service attack and against calculating an election contention broadcast messages. Our current work focuses on enhancing backoff period based upon a nodes security in broadcast messages using broadcast authentication as available resources. Though it has been well makes use of hash-based scheme for cluster head selection. proven in terms of resilience towards A revocation tree based scheme and a proactive distribution denial of sleep attack, an issue like based scheme, are used to revoke the broadcast authentication broadcast authentication is not properly addressed. We proposed a scheme capability from compromised senders. Simulation results prove Secured HMAC based on mTESLA that that these techniques are efficient and achieve better Information overcomes the difficulties arises in security in Wireless Sensor Networks. Broadcast Authentication. Our scheme has two parts (i) a Index terms – Broadcast Authentication, Denial of Service, MAC, revocation tree based scheme and (ii) Revocation Tree. a proactive distribution scheme. The former constructs a Merkle hash tree to revoke compromised senders, while the latter proactively controls the1. Introduction distribution of broadcast authentication A Wireless Sensor Networks (WSN) sensed data and communicates with capability of each sender to allow thetypically consists of a large number of base stations as well as other nodes revocation of compromised senders.resource constrained sensor nodes and through its immediate neighbor nodes. Simulation results indicate that thepossibly a few powerful control nodes The control nodes may further process proposed techniques are efficient(base stations). A sensor node usually the data collected from sensor nodes, and practical, and can achieve betterhas one or few sensing components, disseminate control commands to sensor security.which sense physical phenomenon nodes, and connect the network to a The remainder of this paper is(e.g., temperature) from its immediate traditional wired network. Sensor nodes organized as follows. In Section 2surroundings, and a processing and are expected to be deployed densely in we discuss related works. In Sectioncommunication component, which a large scale and communicate with 3 we introduce the techniques forperforms simple computation on the each other through wireless links the establishment of broadcast  C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 8.    authentication and for revocation ofcompromised nodes. In Section 4 weperform implementation and evaluationwith leading sensor networks MACprotocols. In Section 5 we make ourconclusions and future work.2. Related Work Confidentiality protects againstthe improper disclosure of information;data integrity protects the informationagainst improper modifications; andservice availability prevents denial ofsystem services. Perrig et al. proposedto use an earlier key chain to distributethe next key chain commitment [3].Several multi-level mTESLA schemes Fig. 1 : Example of a parameter distribution treewere proposed in [3, 4] to distribute thekey chain commitments. However, these attacks that target at disrupting parameters {S1, ...,Sm} .Figure 1 showstechniques suffer from DOS attacks the distribution of initial mTESLA a parameter distribution tree for eightduring the commitment distribution. parameters to the gateway node in the mTESLA instances, where K1 = H(S1),A number of key pre-distribution HMAC protocol to the functioning K12 = H(K1|| K2), K14 = H(K12||techniques have been proposed to of broadcast authentication. And the K34), etc.establish pair-wise keys in sensor gateway node is itself responsible to The gateway node also constructs anetworks [5, 6, 7, 8, 9]. Wood and distribute parameters to its cluster parameter certificate for each mTESLAStankovic identified a number of DOS nodes. In this section, we propose instance. The certificate for the mTESLAattacks in sensor networks [10]. Karlof to authenticate and distribute these instance consists of the set Si ofand Wagner analyzed the vulnerabilities mTESLA parameters using a Merkle parameters and the values correspondingas well as the countermeasures for a hash tree [12]. This method removes to the siblings of the nodes on the pathnumber of existing routing protocols the authentication delay as well as the from the i-th leaf node to the root in[11]. Hu et al. use Merkle tree to vulnerability to Denial of Service attacks the parameter distribution tree. Forauthenticate multiple key chains for during the distribution of mTESLA example, the parameter certificate forauthentication in routing protocols parameters because the packets are only the 3rd mTESLA instance in Figure[12]. sent to gateway node of HMAC. 1 is ParaCert3 = {S3, K4, K12, K58}. Assume a sensor network For each sender that will use a given3. Proposed Work mTESLA instance, the gateway node application requires m mTESLA In this section, we develop a series instances, which may be used by distributes the mTESLA key chain andof techniques to revoke broadcast different senders during different the corresponding parameter certificateauthentication capabilities from periods of time. For convenience, to the node.compromised senders. The proposed assume m = 2k, where k is an integer. The gateway node also pre-technique uses the mTESLA broadcast Before deployment, the gateway node distributes the root of the parameterauthentication protocol [2] as building pre-computes m mTESLA instances, distribution tree e.g., K18 in Figureblocks with the clocks of the sensor each of which is assigned a unique, 1) to regular sensor nodes, whichnodes loosely synchronized. integer-valued ID between 1 and m. are potentially receivers of broadcast3.1 The Basic Approach For the sake of presentation, denote messages. When a sender needs to The multi-level mTESLA technique the parameters (i.e., the key chain establish an authenticated broadcastuses higher-level mTESLA instances to commitment, starting time, duration channel using the i-th mTESLA instanceauthenticate the parameters and thus of each mTESLA interval, etc.) of the (during a predetermined period of time),inherits the authentication delay. The i-th mTESLA instance as Si. Suppose it broadcasts a message containing theconsequence of such authentication the central server has a hash function parameter certificate ParaCerti. Eachdelay is that an attacker can launch H. The central server then computes receiver can immediately authenticateDenial of Service attacks to disrupt Ki = H(Si) for all i ? {1, ...,m}, and it with the predistributed root ofthe distribution of initial mTESLA constructs a Merkle tree using {K1, the parameter distribution tree. Forparameters. Moreover, they cannot ...,Km} as leaf nodes. Specifically, K1, example, if ParaCert3 = {S3, K4, K12,handle a large number of senders and ..., Km are arranged as leaf nodes of K58} is used, a receiver can immediatelydue to the low bandwidth in sensor a full binary tree, and each non-leaf authenticate it by verifying whethernetworks, the number of data packets node is computed by applying H to H(H(K12||H(H(S3)|| K4))|| K58)buffered during d time intervals is the concatenation of its two children equals the pre-distributed root valueusually small. Thus, in this paper, we nodes. We refer to such a Merkle tree K18. As a result, all the receivers canonly focus on the Denial of Service as a parameter distribution tree of get the authenticated parameters of this C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 
  • 9.    mTESLA instance, and the sender mayuse it for broadcast authentication.3.2 Security According to the analysis anattacker is not able to forge any messagefrom any sender without compromisingthe sender itself. However, the attackermay launch Denial of Service attacksagainst the distribution of parametersfor mTESLA instances. Fortunately, theparameter certificates in our techniquecan be authenticated immediately Fig. 2 : Example of Fragmentationand are immune to the Denial ofservice attacks. When more senders are the DOS attacks if each parameter This process will continue untilcompromised, additional techniques are certificate is delivered in one packet, the sensor node receives all authenticrequired to remove these compromised since a receiver can authenticate fragments. For example, in Figuresenders. such a certificate immediately upon 1, ParaCert3 consists of 4 values, receiving it. However, due to the low {K58,K12,K4,S3}. Assume each3.3 Overhead bandwidth and small packet size in fragment can carry 3 hash values and In this approach, each sensor sensor networks, a certificate may be S3 consists of 1 key chain commitment.node (as a receiver) only needs to store too large to be transmitted in a single Using the above technique, the firstone hash value, and remember the packet. As a result, it is often necessary packet includes { K58, K12, K34}, andparameters for those senders that it may to fragment each certificate and deliver the second packet includes K4,S3. If acommunicate with. This is particularly it in multiple packets. A straightforward sensor node receives the first fragment,helpful for those applications where approach is to simply split those values it can authenticate the fragment bya node only needs to communicate in a certificate into multiple packets. verifying whether H(H(K12| K34)| K58)with a few senders or there are only a However, this simple idea suffers from equals the pre-distributed root value.few senders staying in the network at Denial of Service attacks, where an Once the first fragment is authenticatedone time. Each sender needs to store attacker sends a large number of forged successfully, the second fragment can bea parameter certificate, the key chain, certificates and forces a sensor node to authenticated by verifying if H(H(S3)|and other parameters (e.g., starting perform a lot of computations to identify K4) equals the hash value K34, which istime) for each instance it has. To the right one from those fragments. To contained in the first fragment.establish an authenticated broadcast deal with this problem, we fragmentchannel with nodes using an instance 3.6 Revocation a parameter certificate in such a wayj, a sender only needs to broadcast the In hostile environments, not only that a sensor node can authenticatecorresponding pre-distributed parameter sensor nodes but also broadcast senders each fragment independently instead ofcertificate, which consists of +logm+ may be captured and compromised trying every combination.hash values and the parameter set Sj . by adversaries. Once a sender is Assume a parameter certificateThis is practical, since such distribution compromised, the attacker can forge then consists of L values {h1, h2, …,only needs to be done once for each any broadcast message using the hL}, and each packet can carry b values.instance. After receiving this parameter secrets stored on this sender and As shown in Figure 2, in the first stepcertificate, a sensor node only needs convince other sensor nodes to perform of fragmentation, we put the first b-11++logm+ hash functions to verify the unnecessary or malicious operations. values in the first packet, the secondrelated parameters. Thus, it is necessary to revoke the b-1 values in the second packet, and so broadcast authentication capability3.4 Comparison on, until there are no more values left. If from compromised senders. We use In our Secured HMAC scheme, the last packet only includes one value, a revocation tree to take back theunlike multi-level mTESLA schemes, we move it to the previous packet and broadcast authentication capabilitya sender does not have to compete remove the last packet. The previous from compromised senders, and awith malicious attackers, since it can packet then becomes the last packet, proactive refreshment to control theimmediately authenticate the parameter containing b values. In the second step, broadcast authentication capability ofdistribution message instead of keeping we append in every packet other than each sender.it in the buffer for future authentication. the last one the sibling (in the parameterIn other words, with the proposed distribution tree) of the last value in this (i) Revocation Tree :approach, it is sufficient for a receiver packet. By doing this, the first fragment When a sender is detected to haveto receive one copy of each parameter can be authenticated immediately once been compromised, the central serverdistribution message. the sensor node receives an authentic broadcasts a revocation message with fragment. After authenticating the first the IDs of the sender. This message3.5 Distributing Parameter Certificates fragment, the second fragment can be has to be authenticated; otherwise, an As we mentioned earlier, the also authenticated immediately using attacker may forge such messages toproposed technique is resistant to the values in the first fragment.  C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 10.    revoke non-compromised senders. The a non-compromised sender will not be they will be revoked from the networkmain idea of this method is to construct revoked. This is because the revocation after a certain period of time. Thea Merkle tree[12] similar to parameter of a sender requires a revocation authentication keys for each sender cana distribution tree, which is called a certificate, which is only known to the be distributed in a proactive way, sincerevocation tree, since its purpose is central server. we can predetermine the time when ato revoke broadcast authentication An attacker cannot forge any key will be used. Specifically, duringcapabilities from compromised senders. revocation certificate without access the pre-distribution phase, the gatewayThe revocation tree is built from sender to the random numbers kept in the node in HMAC protocol distributes theIDs and random numbers. If the sender leaves of the revocation tree, due to parameter certificates to each sender.ID j and the corresponding random one-way function used to generate the Before the current mTESLAnumber is disclosed in an authenticated revocation tree [6]. In this approach, instance expires, the gateway nodeway, sender j is revoked. each sensor node needs to store an in HMAC distributes the key used Assume there are potentially m additional hash value, the root of the to derive the next mTESLA keysenders. For simplicity, we assume revocation tree. To revoke a sender, the chain to the sender through a keym = 2k for an integer k. The central central server distributes a revocation distribution message encrypted withserver generates a random number r certificate, which consists of 1++logm+ a key shared between the gatewayj for each sender with ID j, where 1 values. To authenticate the revocation node and the sender, provided that<= j< = m. The central server then certificate, a sensor node needs to the sender has not been detected toconstructs a Merkle tree where the j- perform 1++logm+ hash functions. have been compromised. The senderth leaf node is the concatenation of ID The revocation tree approach has may then generate the next mTESLAj and r j. We refer to this Merkle tree several limitations. First, due to the key chain accordingly. To increase theas the revocation tree. The central unreliable wireless communication and probability of successful distributionserver finally distributes the root possible malicious attacks (e.g., channel of authentication keys in presence ofof the revocation tree to all sensor jamming); the revocation messages communication failures, the gatewaynodes. We assume the central server are not guaranteed to reach every node may send each key distributionis physically secure. Protection of sensor node. As a result, an attacker message multiple times.the central server is an important but can convince those sensor nodes that As mentioned earlier, the revocationseparate issue; we do not address it in missed the revocation messages to do of a compromised sender is guaranteedthis paper. When a sender j is detected unnecessary or malicious operations (with certain delay) in the proactiveto have been compromised, the central using the revoked mTESLA instances. refreshment approach when it isserver broadcasts the ID j and the Second, each sensor node needs to detected to have been compromised.random number r j . To authenticate store a revocation list, which introduces However, the broadcast authenticationthese values, the central server has to additional storage overhead, especially capability of a sender is not guaranteedbroadcast the sibling of each node on when a large number of senders are if there are message losses. A senderthe path from “ j|| r j” (i.e., the leaf revoked. Note that the above approach may miss all key distribution messagesnode for j in the revocation tree) to the can also be used to tell sensor nodes that carry new authentication keys dueroot. This is exactly the same as the that the corresponding sender has to unreliable wireless communicationparameter certificate technique used to stopped broadcast so that they can erase and malicious attacks. Thus, a senderauthenticate mTESLA parameters. its parameters to save memory space for may have no keys to authenticate new To distinguish from parameter other senders. data packets. Moreover, there may be acertificate, we refer to the above set (ii) Proactive Refreshment of long delay between the detection andof values as a revocation certificate, Authentication Keys the revocation of a compromised sender,denoted RevoCert j. With RevoCert j, To deal with the limitations of and the compromised sender may stillany sensor node can recompute the root the revocation tree approach, we have keys that can be used to forgehash value, and verify it by checking present an alternative method to revoke broadcast messages.if it leads to the predistributed root the authentication capability from In the proactive refreshmentvalue. If a sensor node gets a positive compromised senders. The basic idea is approach, instead of storing nj mTESLAresult from this verification, it puts the to distribute a fraction of authentication instances, a sender j only needs tocorresponding sender into a revocation keys to each sender and have the store a few of them. Thus, the storagelist, and stops accepting broadcast gateway node to update the keys for overhead is reduced. However, themessages from the sender. To deal each sender when it is necessary. communication overhead betweenwith message loss, the distribution A clear benefit is that if a sender the gateway node and the senders isof a revocation certificate may be is compromised, the gateway node increased, since the central serverrepeated multiple times. The revocation only needs to stop distributing new has to distribute keys to each sendertree approach cannot guarantee authentication keys to this sender; there individually. There are no additionalthe revocation of all compromised is no need to broadcast a revocation communication and computationsenders in presence of communication message and maintain a revocation overheads for sensor nodes.failures, though traditional fault list at each sensor node. In addition, In practice, these two optionstolerant techniques can provide high this approach guarantees that once may be combined together to provideconfidence. However, it guarantees that compromised senders are detected, better performance and security. The C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 
  • 11.    revocation certificates from the gateway 4. Simulation and Evaluation key disclosure delay is 2 mTESLAnode can mitigate the problem of We have simulated the proposed time intervals, the zduration of eachthe delay between the detection and techniques on Network Simulator mTESLA time interval is 100 ms, andthe revocation of a compromised 2, to evaluate the performance. Our each mTESLA key chain consists ofsender, while the proactive refreshment evaluation is focused on the broadcast 600 keys. Thus, the duration of eachtechnique guarantees the future of data packets and the distribution mTESLA instance is 60 seconds, withrevocation of a compromised sender if of mTESLA parameters. We adopt 200 mTESLA instances, which cover upthe compromise is detected. a setting similar to [5] the mTESLA to 200 minutes in time. Fig. 3(a) : Successive Authentication Rate Fig. 3(b) : Rate of distribution of packets per minute Fig. 4(a) : Average Failure Recovery Delay. Fig. 4(b) : Storage Overhead Fig. 5 : Communication Overhead Fig. 6 : Throughput 10 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 12.     Each parameter set Sj,i only authenticating CDM messages. immune to the Denial of servicecont a i n s a m T E S LA ke y c h a i n Fig. 4(a) shows the average failure attacks to enhance H-MAC protocolcommitment. This means that each recovery delay for both schemes. Result in terms of secured broadcastparameter certificate contains 9 shows that the average failure recovery authentication. Several practicalhash values. And each hash value, delay of the Secured HMAC Scheme broadcast authentication techniquescryptographic key or MAC value is 8 increases with the channel loss rate. were developed to distribute parametersbytes long. The parameter certificate However, the recovery delay of the for mTESLA instances, and revoke thecan be delivered with 4 packets, each multilevel mTESLA scheme increases broadcast authentication capabilities ofof which contains a sender ID (2 bytes), rapidly when there are severe Denial of compromised senders in wireless sensora key chain index (2 bytes), a fragment service attacks. In contrast, our secured networks. Our analysis and experimentindex (1 byte), and three hash values (24 HMAC scheme is not affected by Denial show that the proposed techniquesbytes). As a result, the packet payload of Service attacks if the attacker does are efficient and practical, and havesize is 29 bytes. not jam the channel completely. Since better performance than previous To investigate the authentication the channel loss rate is usually a small approaches.rate and the distribution rate value, the tree-based scheme has shorter Referencesunder Denial f Service attacks and recovery delay than the multi-levelcommunication failures, we assume mTESLA scheme in most cases. [1] I . F. A k y i l d i z , W. S u , Y.the attacker sends 200 forged parameter Fig. 4(b) shows the impact of storage S a n ka r a s u b r a m a n i a m , & E .distribution packets per minute and overhead on the average failure recovery Cayirci,(2002).Wireless sensorthe channel loss rate is 0.2. Figure delay. The average failure recovery networks: A survey, Computer3(a) illustrates the authentication rate delay of the multilevel mTESLA scheme Networks, vol. 38, no. 4, pp. 393–for both schemes as the frequency increase quickly when the number 422.of parameter distribution packets of buffers for parameter distribution [2] A. Perrig, R. Szewczyk, V. Wen,increases. packets decreases, while the Secured D. Culler, and D. Tygar,(2001), With 20 CDM buffers at each HMAC scheme has shorter delay and is “SPINS: Security protocols forreceiver end, we can see that our not affected by the number of buffers for sensor networks,” in ProceedingsSecured HMAC scheme always has parameter distribution packets. Figure5 of Seventh Annual Internationala higher authentication rate than the illustrates the rate of communication Conference on Mobile Computingmulti-level DOS-tolerant mTESLA overhead for those three schemes as and Networks,.scheme. The reason is that in the the frequency of number of packets [3] D . L i u a n d P. N i n g , ( 2 0 0 3 ) ,Secured HMAC scheme a sensor increases. Figure 6 shows the impact “Efficient distribution of keynode is able to authenticate any of throughput on the end-to-end packet chain commitments for broadcastbuffered message once it receives a delay. Figure 7 shows the comparison authentication in distributedlater disclosed key, since different key of the Lifetime of the Networks, which sensor networks,” in Proceedingschains are linked together. Though in adopts different protocols. H-MAC with of the 10th Annual Network andthe multi-level DOS-tolerant scheme, the broadcast authentication (Secured Distributed System Securitylower-level key chains instances are HMAC Scheme) proves that it has Symposium (NDSS03), pp. 263–also linked to the higher-level ones, a increased network lifetime than G-MAC 276.sensor node may have to wait for a long & H-MAC. [4] D . L i u a n d P. N i n g , ( 2 0 0 4 ) ,time to recover an authentication key “Multi-level mTESLA: Broadcastfrom the higher-level key chain when 5. Conclusion authentication for distributed sensorthe corresponding lower-level key chain In this paper we have introduced networks,” ACM Transactions incommitment is lost due to severe Denial the efficient techniques that are Embedded Computing Systemsof service attacks. During this timeperiod, most of previous buffered datapackets are already dropped. Figure 3(b)shows the authentication rate for bothschemes. We can see that the multi-level DOS-tolerant mTESLA scheme 800 G-MAChas to allocate a large buffer to achievecertain authentication rate when there 600 H-MACare severe Denial of service attacks, 400while our Secured HMAC can achieve H-MAC with broadcasthigher authentication rate without any authentication 200additional buffer. The reason is that inour scheme, a sensor node can verify 0a parameter certificate immediately Broadcast Authentication attackand thus there is no need to buffercertificates, while in the multi-levelDOS-tolerant mTESLA scheme, a sensor Fig. 7 : Performance of Secured HMAC Protocolnode has to wait for a while before C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 11
  • 13.     (TECS), vol. 3. networks,” in Proceedings of the Johnson,(2003), “Efficient security[5] H. Chan, A. Perrig, and D. 9th ACMConference on Computer mechanisms for routing protocols,” S o n g ( 2 0 0 3 ) , “ R a n d o m ke y and Communications Security, pp. in Proceedings of the 10th Annual predistribution schemes for sensor 41–47. Network and Distributed System networks,” in IEEE Symposium on [9] D. Liu and P. Ning (2003), Security Symposium, pp. 57–73. Research in Security and Privacy, , “Establishing pairwise keys in [13] Paramasivan.B, Athilakshmi. pp. 197–213. distributed Sensor networks,” S, and Radhakrishnan.S,(2006)[6] W. Du, J. Deng, Y. S. Han, S. Chen, in Proceedings of 10th ACM “Energy Efficient H-MAC Protocol and P. Varshney,(2004), “A key Conference on Computer and to enhance Security & Lifetime management scheme for wireless Communications Security (CCS03), of Wireless Sensor Networks” sensor networks using deployment pp. 52–61. in proceedings of the second knowledge,” in Proceedings of IEEE [10] A. D. Wood and J. A. Stankovic International Conference on INFOCOM 04. (2002), “Denial of service in sensor WCSN06, published by Macmillan[7] W. Du, J. Deng, Y. S. Han, and P. networks,” IEEE Computer, vol. 35, India Ltd, pp 71-78 Varshney,(2003) “A pairwise key no. 10, pp. 54–62. [14] Paramasivan.B, Radhakrishnan. pre-distribution scheme for wireless [11] C. Karlof and D.Wagner,(2003) S,(2006) “An Enhanced Reliability sensor networks,” in Proceedings of “Secure routing in wireless scheme for WSN using PSFQ”, 10th ACM Conference on Computer sensor networks: Attacks and in proceedings of International and Communications Security countermeasures,” in Proceedings S y m p o s i u m o n Ad h o c a n d (CCS03), pp. 42– 51. of 1st IEEE International Workshop Ubiquitous Computing, Published[8] L . E s c h e n a u e r a n d V. D . on Sensor Network Protocols and by IEEE Press, pp: 106-111. Gligor,(2002) “A key-management Applications. scheme for distributed sensor [12] Y. Hu, A. Perrig, and D. V. oooAbout Authors Prof. B. Paramasivan is working as Assistant Professor, Department of Computer Science & Engineering, National Engineering College, TamilNadu. He is currently pursuing his Ph.D in the area of Wireless Sensor Networks. He has published several research papers in various International and National Conferences. His area of interest and research includes the Security, Routing, Energy Efficiency issues in Wireless sensor Networks. He is an active member of CSI. Dr. S RadhaKrishnan is working as Professor & Head of department of Computer Science & Engineering, Arulmigu Kalasalingam College of Engineering, Srivilliputhur. He is guiding several Ph.D scholars. His area of interest includes Network Engineering, and Adhoc Networks. He has published several research papers in International Journals. He is an active member of CSI. Ms. S. Athilakshmi is working as a Lecturer in Department of Computer Science & Engineering, National Engineering College, TamilNadu. She is currently working towards, to constantly update the issues & trends in the area of Sensor Networks. Her research focuses on wireless networks, especially on the security issues in Wireless Sensor Networks and wireless Adhoc Networks. IFIP TC-8 meeting IFIP TC-8 meeting held during June 18th – 19th, 2007 at BCS, London was attended by Steve Elliot (Australia), Josef Basl (Czeeh Republic), Jan Pries-Heje (Denmark), Juhani Livari (Finland), David Avison (France), Maria Raffai (Hungary), Barbara Pernici (Italy), Tetsuya Uchiki (Japan), Maria-Ribera Sancho (Spain), Dewald Roode (South Africa), Marcus (Switzerland), Bill Olle (United Kindom), George M. Kasper (USA – ACM), Erich Neuhold (USA – IEEE), Lida Xu (WG 8.9 Chair USA), Nancy Russo (USA), Patrick Humphreys (UK) and Ashok Agarwal (India) 1. Barbara Pernici was elected as chair from July 2007 onwards and George M. Kasper as Vice Chair. 2. Proposals for possible funding for speakers / participants from developing countries to conferences ; contact Prof. D Y Kim dykim@ajou.ac.in 3. Next meeting scheduled on September 5th June 2008 at Milan. Dr. Ashok Agarwal CSI IFIP TC-8 Rep. 12 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 14.    Cryptography-based Secure An AS contains information about the host image content that may be checked to verify its integrity. However,Authentication Watermarking inserting the MAC/DS alters the image and consequently alters its MAC/DS, invalidating the watermarking. Tofor Binary Images avoid this problem, for continuous-tone images, many authentication techniques compute the AS from the image clearing the least significant bits (LSBs) andMr. M Venkatesan1, Mrs. P MeenakshiDevi2, Dr. K.Duraiswamy3 & insert the AS in LSBs. In other words,Dr. K Thyagarajah4 those bits where the watermark is to be inserted are not taken into account when computing MAC/DS. A possible use of this technique1 Asst. Prof., Dept. of Computer Applns., K S Rangasamy College of Tech., is to send faxes and documents overE-mail : venkatesh.muthusamy@gmail.com networks and the Internet. In this case,2 Asst. Prof., Dept of Information Tech., K S Rangasamy College of Tech., the receiver of a document can verify itsE-mail : div_pri@yahoo.com integrity for a given originator.3 Dean (Academic), K S Rangasamy College of Technology,Tiruchengode,E-mail : ksrctt@yahoo.com 2. Data Hiding and Authentication4 Principal, PSNA College of Engg. & Technology, Dindical, E-mail : principal@psnacet.org Watermarking In the literature, there are many In image authentication watermarking, hidden data is inserted authentication-watermarking techniques into an image to detect any accidental or malicious image for continuous-tone images [1-5]. Also, there are many techniques for data alteration. In the literature, quite a small number of cryptography hiding in binary and halftone images based secure authentication methods are available for binary [6-10]. However, quite a small number images. In a cryptography based authentication watermarking, of secure authentication watermarking a message authentication code (or digital signature) of the whole techniques are available for binary and image is computed and the resulting code is inserted into the halftone images. image itself. However, inserting the code alters the image and The proposed paper is consequently its authentication code, invalidating the watermark. cryptography-based secure This paper proposes a new authentication watermarking method authentication watermarking technique for binary images. It can detect any alteration while maintaining (CSAWT) to insert MAC/DS of a binary image. The original image is good visual quality for all types of binary images. The security of partitioned into m x n sub blocks. The AS is generated for the whole image1. Introduction represented as F. But, before calculating Data hiding represents a class of the hash value (AS) of the image, the purposes. They cannot be easilyprocesses used to embed data, such sub blocks used for inserting the AS removed and should resist commonas copyright information into various are made to be zeros. The hash value image-manipulation procedures. Onforms of media such as image, audio, is calculated for the new image. In the the other hand, fragile watermarks (oror text with a minimum amount of original image, the AS is not inserted authentication watermarks) are easilyperceivable degradation to the “host” consecutively in one area. Instead, corrupted by any image processingsignal; its goal is not to restrict or The AS is divided into segments and is procedure. However, watermarks forregulate access to the host signal, but stored in a scattered way. A secret key checking the image integrity andrather to ensure that embedded data shared by the two parties identifies the authenticity can be fragile because if theremains inviolate and recoverable. positions of each segment. watermark is removed, the watermark A watermarking technique makes detection algorithm will correctly report 3. The CSAWTuse of a data-hiding scheme to insert the corruption of the image. In secure authenticationsome information in the host image, in In a cryptography based watermarking using some data hidingorder to make an assertion about the authentication watermarking, an technique for binary image, one mustimage later. In this paper, data hiding authentication signature (AS) is compute a hashing function of thescheme simply means the technique to computed from the whole image binary image F, obtaining the hashembed a sequence of bits in a still image and inserted into the image itself. In value H = H(F). After encryption, itand to extract it afterwards. cryptography, an AS is called message becomes MAC/DS. This MAC/DS must Watermarking techniques can be authentication code (MAC) using a be inserted into F itself, obtaining theclassified as either “robust” or “fragile.” secret-key cipher or digital signature marked image F2 . The problem is that,Robust watermarks are useful for (DS) using a public/private-key cipher. with the insertion of watermark, thecopyright and ownership assertion C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 13
  • 15.    image F changes and consequently its the image received. ASR is separated, as follows:hash value also changes. That is, H(F) encrypted AS inserted in that are‘“ H(F2 ). retrieved and decrypted using the secret- In CSAWT, only a few bits are or public key ks, obtaining the AS. Thenmodified and the positions of sub blocks in the original image, ASR is made zero.containing those bits are known both in It is the expected IZR. Compute H(IZR)the insertion and extraction phases. and if H(IZR)=AS, then image integrityConsequently, these sub blocks can be is verified. Otherwise, image has beencleared before computing the hashing modified or a wrong key was used.function, just like clearing LSBs for In Fig. 1, the image division isgrayscale image. shown. Each box represents an m x n3.1 Image Division sub block. Sequences of sub blocks are Let k be the length of the adopted reserved for inserting segments of AS.AS. Before insertion, the AS is split Here the value of h is 5.into segments of size h. To insert k bitsof AS, it needs k, mxn blocks in the 3.2 Block Data Hiding Methodimage. This technique ensures that for The image is divided into two any bit that is modified in the hostregions based on a secret key shared image, the bit must be adjacent tobetween the sender and receiver. One another bit that has the same value asregion (IZR – Image with Zeros inserted the formers new value. Thus, theat AS Region) is used to calculate the AS existence of secret information in theand the other (ASR- AS Region) is used host image is difficult to detect. Thento insert the AS. Actually, we are not parity of each m × n block is calculateddividing the image into two exactly at and it is compared with the data toone point; instead we use the secret key be embedded. Based on the parityto identify the positions in the image and data, either one bit is modified or Both F2 and F3 differ from F infor inserting each segment (h bits) of none of the bits are modified to store one bit. It is clear that F’ looks similarAS. The secret key contains a sequence one bit information. Specifically, for to F than F3 does. Because F2 differsof positions in the image where the each m × n block of host image one bit from F in a location which is adjacentsegments of AS are to be inserted. So information is stored. to an area of 1s. The modified 1 in F3 isthat, the ASR consists of k/h segments more visible. 3.2.1 Controlling the Image Quality afterof each having at least h, mxn blocks in To formulate the above observation, Data Hidingthe original image; the IZR is actually given an image F, Neighbour matrix A completely black or blank hostthe whole image with zeros in ASR. Neighbour (F), is defined. It is an integer block will not be used to hide data.Now, the hash value is calculated for matrix of the same size as F. Each bit in Also, if a bit has to be changed, it isIZR, encrypted using the secret- or the image matrix has eight Neighbours. expected that its location be very closepublic key ks, obtaining the MAC/DS For each bit (i,j) the Neighbour values to a bit which shares the same valueand is inserted in ASR. For insertion, are found. The elements of Neighbour as the formers new value. Otherwisethe forth-mentioning technique is matrix are calculated as follows: changing any bit in the image mayfollowed. 1. Complement the bit Fi,j in image easily be detectable. Consider an image At the receiving side, the receiver matrix F,say it as C. F represented by a matrix, which isuses the same secret key to divide 2. Count the Neighbours of Fi,j, which modified into two images F2 and F3, are same as C. 3. Step2 will give [Neighbour(F)]i,j. The matrix will later be used to reflect the priority in choosing a bit to be modified. For example, for the above image F, we have the following Neighbour(F) matrix. From the above Neighbour matrix, the location to hide can be easily found. The element which has the highest value reflects that when the corresponding bit in Fi,j is complemented, it has the same value as many of its Neighbours. 3.2.2 The Data Hiding Scheme Step 1: If Fi is completely black or blank, simply keep Fi intact (not hidden Fig. 1 Image division with data) and skip the following steps. 14 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 16.     the two parties to identify the “O b j e c t M o d i f i c a t i o n f o r D a t a sequences of sub blocks within the Embedding through Template Ranking,” image F.It is named as ASR –AS Xerox Invention Proposal, 1999. 4] Y.-C. Tseng, Y.-Y. Chen and H.-K. Region. Pan, “A Secure Data Hiding Scheme 4. Clear all the sub blocks that belongs for Binary Images,” IEEE Trans. on to ASR, obtaining IZR. Communications, Vol. 50, No. 8, Aug. 5. Compute the hash vale H=H(IZR). 2002, pp. 1227-1231. 6. Encrypt H using the secret- or 5] M. U. Celik, G. Sharma, E. Saber and A.Otherwise, perform the following: public key ks, obtaining the digital M. Tekalp, “Hierarchical Watermarking signature S (MAC/DS). for Secure Image Authentication with Step 2: Find the parity of Fi by Localization,” IEEE Trans. Imagecomputing (SUM(Fi ) mod 2), Where 7. Insert S into ASR as per the above Processing, vol. 11, no. 6, pp. 585-595,SUM means sum of all elements in the said data hiding scheme. 2002.matrix. The CSAWT extraction algorithm 6] G.Pass, Y.J.Wu and Z..h Wu, “ A Step 3: If (SUM(Fi) mod 2 = 0), it is: Novel Data Hiding Method for Twois even parity. 1. Let F* be the watermarked image – color Images “ , Lecture Notes in If (SUM(Fi) mod 2 = 1), it is odd received. Computer Science Information andparity. 2. Partition the image F into mxn size Communications Security, Springer- sub blocks. . Verlag, Nov. 2001, PP. 261-270. One bit is complemented if the 7] Min Wu, Member, IEEE, and Bedefollowing condition is met: 3. Use the same secret key shared Liu, Fellow, IEEE, “Data Hiding in [(SUM(Fi)mod2= 0) and Dj=1] or between the two parties to identify Binary Image for Authentication and [(SUM(Fi)mod2 = 1) and Dj=0] the sequences of sub blocks within Annotation”, IEEE Transactions On For the other two cases no change is the image F*. It is named as ASR*. Multimedia, Vol. 6, No. 4, Augustmade to the image block Fi, but still one 4. Extract the watermark from F* 2004.bit information is hidden in that. by locating ASR* and decrypt 8] M. Wu, E. Tang, and B. Liu, “Data hiding Step 4: The following steps are the result using the secret- or in digital binary image,” IEEE Int. Conf. public key ks, obtaining the digital Multimedia & Expo (ICME’00), Newused to find the suitable position: York, 2000.(i) Find the Neighbour matrix, signature S* 9] Wen-Yuan Chen and Chen-Chung Liu, Neighbour(Fi). 5. Clear all the sub blocks that belong “Robust watermarking scheme for binary(ii) F i n d index, (i,j) of to ASR*, obtaining IZR*. images using a slice-based large-cluster MAX(Neighbour(Fi)), where MAX 6. C o m p u t e t h e h a s h v a l e algorithm with a Hamming Code”, returns the maximum value in the H*=H(IZR*). Optical Engineering – January 2006- Neighbour(Fi) matrix. If more than 7. If S* and H* are equal the Volume 45, Issue 1, 017005  (10 pages) one maximum value is there, first watermark is verified. Otherwise, 10] Hae Yong Kim, Amir Afif, “A Secure the marked image F* has been A u t h e n t i c a t i o n Wa t e r m a r k i n g occurrence is selected. for Halftone and Binary Images”,(iii) (i,j) is the suitable location to hide modified. International Journal of Imaging the information. The corresponding 4. Conclusion Systems and Technology, Volume 14, Fi,j is complemented. This paper has proposed Issue 4, Pages 147-152. Step 5: In some cases, after a cryptography-based secure 11] Jeanne chan, Tung-shan chen, Meng-embedding, the block might become wen cheng “A New Data Hiding authentication watermarking forcompletely black or blank. To avoid Method in Binary Image”, Proc. IEEE binary images (CSAWT). The proposed Fifth International Symposium onthis, the complemented bit is changed technique is suitable to watermark most Multimedia Software Engineeringto its original value and to maintain binary images with excellent visual (ISMSE ’03). 2003.parity, any one of its neighbours is quality without causing a noticeable 12] M S Fu and O C Au, “Data Hidingcomplemented. loss of quality. It can be applied to by Smart Pair Toggling for Halftone Step 6: On receiving the block Fi, provide basic proof of copyrights Images,” IEEE Int. Conf. Acoustics,the receiver computes the parity of ownership and to electronically sign Speech and Signal Processing, vol. 4,Fi. If he/she gets even parity, the data pp. 2318-2321, 2000. binary documents.embedded is bit 0, and if he/she gets 13] M S Fu and O. C. Au, “Data Hidingodd parity the data embedded is bit 1. 5. References Watermarking for Halftone Images,” 1] P. S. L. M. Barreto, H. Y. Kim and V. IEEE Trans. Image Processing, vol. 11,3.3 Authentication Watermarking Rijmen, “Toward a Secure Public-Key no. 4, pp. 477-484, 2002.The CSAWT insertion algorithm is: Block wise Fragile Authentication 14] S C Pei and J M. Guo, “Hybrid Pixel-1. Let F be a binary image to be Watermarking,” IEE Proc. Vision, Image Based Data Hiding and Block-Based and Signal Processing, vol. 149, no. 2, Watermarking for Error-Diffused Halftone watermarked, k be the length of AS pp. 57-62, 2002. Images,” IEEE Trans. on Circuits and and h be the size of each segment Systems for Video Technology, vol.13, 2] C. T. Li, D. C. Lou and T. H. of AS. no.8, pp.867-884, 2003. Chen, “Image Authentication and2. Partition the image F into mxn Integrity Verification via Content- 15] P W Wong, “A Public Key Watermark for size sub blocks. To insert k bits of Based Watermarks and a Public Key Image Verification and Authentication,” AS, it needs k, mxn blocks in the Cryptosystem,” IEEE Int. Conf. Image IEEE Int. Conf. Image Processing, 1998, image. Processing, 2000, vol. 3, pp. 694-697. vol. 1, pp. 455-459, (MA11.07).3. Use the secret key shared between 3] R. de Queiroz and P. Fleckenstein, C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 15
  • 17.    Steganography –  thieving of confidential information by concealing them in files and transferring through a normal email. For terroristArt of Hiding Information purposes, Steganography can be used for covert communication. Steganography is best used with other information hiding methods as a part of layered security approach. TheKuldeep Singh other methods could be Encryption, Hidden directories (windows), Hiding Directories (Unix), Covert channels (eg.,Sun Microsystems, Email: k.s@sun.com LOKI). r Encryption - Encryption is theIntroduction process of passing data or plaintext Steganography is the art of sending through a series of mathematical Greek word steganos, which meansinformation in a manner that the operations that generate an alternate secret or concealed, and graphy,very existence of the message is form of the original data known as which means writing or drawing.unknown. Steganography plays a ciphertext. The encrypted data can Steganography is known to be morevital role in security. It supplements only be read by parties who have abused than used.cryptography. This article will offer been given the necessary key to Steganography is defined bya brief introductory discussion of decrypt the ciphertext back into its “Markus Kahn” as follows:steganography; what it is, the impact on original plaintext form. Encryption “Steganography is the art and scienceinformation security and future trends. doesn’t hide data, but it does make of communicating in a way which hides it hard to read!Background the existence of the communication. r Hidden directories (Windows) - The study of Steganography dates In contrast to cryptography where the Windows offers this feature, whichback to 440 BC by Hetrodotus a great enemy is allowed to detect, intercept allows users to hide files. UsingHistorian. Steganography has been and modify messages without being this feature is as easy as changingaround since the times of ancient able to violate certain security premises the properties of a directory toRome. guaranteed by a cryptosystem, the goal of “hidden”, and hoping that no one Romans used invisible inks, which steganography is to hide messages inside displays all types of files in theirwere based on natural substance such other harmless messages in a way that explorer.as fruit juices and milk. This was does not allow any enemy to even detect r Hiding directories (Unix) - inaccomplished by heating the hidden that there is a second message present.” existing directories that have a lottext, thus revealing its contents. During For example, in ancient Rome and of files, such as in the /dev directorythe 15th and 16th century, many writers Greece, text was traditionally written on a Unix implementation, orincluding Gaspari Schotti wrote on on wax that was poured on top of stone making a directory that starts withsteganographic techniques such as tablets. If the sender of the information three dots (...) versus the normalcoding techniques for text, invisible wanted to obscure the message - for single or double dot.ink, incorporating hidden messages in purposes of military intelligence, for r Covert channels - Some tools canmusic. instance-they would use steganography; be used to transmit valuable data in Between 1883-1907 further the wax would be scraped off and the seemingly normal network traffic.development can be attributed to message would be inscribed or written One such tool is Loki. Loki is a toolthe publications of Charles Briquet directly on the tablet, wax would that hides data in ICMP traffic (like(author of less filigranes). The book then be poured on top of the message, ping)was mostly about cryptography but thereby obscuring not just its meaning There are various tools andcan be attributed to the foundation of but its very existence. methods of detecting Steganography.steganographic systems. Steganography is used for legitimate These include Stegdetect, Stegbreak In the digital world of today and illegitimate reasons. and Steganography Analyzer Real-timeSteganography is being used all over the Legitimate reasons are like Scanner (StegAlyzerRTS).world on computer systems. Many tools watermarking images for copyright Stegdetect is a host-based intrusionand techniques have been created that protection. Digital watermarking also detection system deployed on computerstake advantage of old steganographic known as fingerprinting used specially to help identify anomalous storage oftechniques such as Null Cipher, coding in copyrighting material is similar to image and/or video files.in images, audio, video and microdot. steganography in a way that information Stegbreak, a companion toWith research this topic will now see is overlaid in files which appear to be a stegdetect decrypts messages encodeda lot of great applications, in the near part of the original file and which is not in a suspected steganographic file oncefuture. easily detectable by an average person the stego has been detected. to avoid sabotage, theft or unauthorizedMain Focus of the Article StegAlyzerRTS detects insiders viewing. Steganography is derived from the downloading digital steganography Illegitimate reasons could be 16 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 18.    applications widely available as encoded into them, and, if possible, a t h t t p : / / e n . w i k i p e d i a . o rg / w i k i /freeware on the Internet as well as recover the hidden information. Steganography; Accessed on 11 Junecommercially licensed steganography The challenge of steganalysis is that 2007. 2. Johnson, N. F., Jajodia, S. Exploringapplications. StegAlyzerRTS also the suspect information stream, such as Steganography: Seeing the Unseen.detects attempts by insiders to use a signal or a file, may or may not have [online] . Available at http://www.jjtc.steganography applications that may hidden data encoded into them. The com/pub/r2026.pdf; Accessed on 13have been installed on the network hidden data, if any, may have been June 2007.prior to deployment of StegAlyzerRTS. encrypted before being inserted into the 3. Rude, T. J. Steganography - DisappearingThe exclusive signature scanning signal or file. Some of the suspect signal Cryptography. [online] CRAZYTRAIN.approach allows StegAlyzerRTS to or file may have noise or irrelevant data COM . Available at http://www.detect insider attempts to upload carrier encoded into them, which can make crazytrain.com/rudedude.pps; Accessed on 14 June 2007.files containing hidden information analysis very time consuming. 4. Hyperdictionary. Discrete cosineonto external websites, send files Unless it is possible to fully recover, transform. [online] 2007. Availablecontaining hidden information as an e- decrypt and inspect the hidden data, at http://www.hyperdictionary.com/mail attachment, and even detects use often one has only a suspect information computing/discrete+cosine+ transform;of a technique known as spam mimicry stream and cannot be sure that it is Accessed on 14 June 2007to conceal information by converting it being used for transporting secret 5. Johnson, N. F., Jajodia, S. Steganalysisinto a form that appears to be spam. information. of Images Created Using Current As per the excerpt from “The Hindu Unlike cryptanalysis, where it is Steganography Software. [online] . Available at http://www.jjtc.com/ihws98/Business Line” of Sep 17, 2002, terrorist evident that intercepted encrypted jjgmu.html; Accessed on 01 June 2007.attacks have overtaken traditional wars. data contains a message, steganalysis 6. Ke s s l e r, G . A n O v e r v i e w o fMost countries are now equipping generally starts with several suspect Steganography for the Computerthemselves with technologies to combat information streams but with Forensics Examiner. [online]. Availableterrorism. Intelligence, without any uncertainty whether any of these at http://www.garykessler.net/library/doubt, is the most important weapon contain hidden message. The steganalyst fsc_stego.html; Accessed on 10 Mayto combat terrorism, especially external starts by reducing the set of suspect 2007.terrorism. Intelligence obtained by information streams to a subset of most 7. Computerworld. Steganography: Hidden Data. Quickstudy by Deborah Radcliff.tracing the wireless communication of likely altered information streams. This [online]. Available at http://www.the terrorists has proved most useful. is usually done with statistical analysis computerworld.com/securitytopics/The US Air force has a `Detection and using advanced statistics techniques. security/story/0,10801,71726,00.html;Recovery Tool Kit’ developed at the Air Accessed on 02 June 2007. Conclusionforce Research Laboratory, New York. 8. Wired . Bin Laden : SteganographyThis can detect covert messages. Hence, Steganography is a fascinating and Master [online]. Available at http://the days of Indian agencies piecing effective method of hiding data that has w w w. w i r e d . c o m / p o l i t i c s / l a w /together information gathered from been used throughout history. Many news/2001/02/41658 Accessed on 04cellular conversations of terrorists are methods can be employed to uncover June 2007. such devious tactics, but the first step 9. USA Today : Terror groups hidepast; combating terrorism will require behind Web encryption : [online].more modern tools and a continuous is the awareness that such methods even exist. There are many good reasons Available at http://www.usatoday. com/updating to at least keep pace with the tech/news/2001-02-05-binladen.htmterrorists. India is, unfortunately, in a as well to use this type of data hiding, Accessed on 09 June 2007.situation where it will have to protect including watermarking or a more 10. Wired : Secret Messages Come in . Wavsitself against different types of terrorism secure central storage method for such [online]. Available at http://www. wired.for many years. things as passwords, or key processes. com/politics/law/news/2001/02/41861 This technology is easy to use and Accessed on 10 June 2007.Future Trends difficult to detect. The more you know 11. R & D t o c o m b a t t e r r o r i s m An important distinction that about its features and functionality, the [ O n l i n e ] . Av a i l a b l e a t http://should be made among the tools more ahead you will be in the game. w w w. b l o n n e t . c o m / 2 0 0 2 / 0 9 / 1 7 / stories/2002091702470900. htmavailable today is the difference between Acknowledgements : Accessed on 20 June 2007.tools that do steganography, and toolsthat do steganalysis, which is the The Author thanks his family–method of detecting steganography his mom Monika & sister kavitaand destroying the original message. with unhesitating support and encouragement to pursue his passion for About the Author :Steganalysis focuses on this aspect,as opposed to simply discovering writing . During his writing he has been Kuldeep Singh is an Enterpriseand decrypting the message, because disruptive to them in terms of time and IT Architect & Security Ambassadorthis can be difficult to do unless the absence from home , and he is forever APAC and currently works in Sunencryption keys are known. The goal grateful for their love and support . Microsystems India Pvt. Ltd. He canof steganalysis is to identify suspected References be reached at k.s@sun.com. Blogs:information streams, determine whether 1. Wikipedia - The Free Encyclopedia. http://blogs.sun.com/ks/or not they have hidden messages Steganography. [online] . Available C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 17
  • 19.    Information Security Issues in parties to protect the body of a transmitted frame of data. [2]Wireless Networks This increases the probability that a user might leak the key ac- cidentally or intentionally. b) Brute Force AttackKaleem A. Usmani* & Dr. Nupur Prakash** Brute Force attack is the most basic attack used to decrypt packets sent on an encrypted network. This*Lecturer, CDAC School of Advanced Computing, University of Mauritius, Mauritius, attack is initiated by intercepting the TKaleem@csac.mu communications occurring on the**Professor & Dean, University School of IT, GGS Indraprastha University-Delhi, India, network. It is possible to interceptnupurprakash@rediffmail.com the data because wireless data is broadcast to everyone within range of the access point. Once the data has been intercepted, it is a matter of he wireless networking which was once a rarity is now very guessing keys until the attack finds the popular in the midst of large number of Internet users. This right one. This is the process of trying popularity has led to an increase in the availability of a large all possible combinations of values number of wireless networking products and protocols for home until the correct key is found. With a and business use. However the wireless technology is not limited 40-bit secret key, there are a total of 2 to authorized users only, as unauthorized users also can take 40 = 1,099,511,627,776 possible secret undue advantage of the wireless transmissions. The IEEE802.11 keys. If a computer could check 50,000 different secret keys per second, it standard offers a reasonable level of protection known as the would take over 250 days to find the Wired Equivalent Privacy (WEP) protocol. WEP was designed to correct key [4]. The time required give wireless networks the equivalent level of privacy protection to brute force a 40-bit secret key can as a comparable wired network. However, it did not take long be brought down to under a minute to discover that the WEP protocol has many inherent flaws. This due to a flaw in the random WEP paper highlights the security issues related to WEP protocol and key generation programs that was also enumerates some of the available solutions to overcome the discovered by Tim Newsham . It can be WEP vulnerability. deduced that the feasibility of this attack depend on the length of key used. A 104 bit key would take a single computerIntroduction about 1019 years to crack doing 60,000 WEP was designed to offer guesses per second [5]. wireless network. It relies on a secrethigh degree of security by offering key that is shared between a wireless c) Weak IV (Initial Vector) Attackimpregnable resistance to eavesdroppers/ station and an access point. The secret When an IV is reused, it is calledhackers. According to Borisov, Goldberg key is used to encrypt packets before a collision. When collision occurs, theand Wagner, WEP was intended to they are transmitted and an integrity combination of the shared secret andenforce three security goals, which are check is used to ensure the packets the repeated IV results in a key streamConfidentiality, Access Control and Data are not modified in transit. The 802.11 that has been used before. Since the IVIntegrity [1]. However, as the wireless standard does not state how the shared is sent in clear text, an attacker whonetworks began to grow in popularity, key is established. In practice, most keeps track of all the traffic can identifymany flaws were discovered in the installations use a key that is shared when collisions occur. A number oforiginal WEP design. Despite these between all stations and access points attacks become possible upon theflaws WEP is still more effective than [2]. WEP uses the stream cipher RC4 discovery of IV collisions. An example isno security at all. The main goal of this for confidentiality and the CRC-32 a key stream attack, which is a methodpaper is to highlight the security threats checksum for integrity. of deriving the key stream by analyzingto WLAN using WEP protocol and the two packets derived from the same IV.possible solutions to overcome the WEP 3. Limitations of WEP However, XORing the two cipher textsvulnerability. This section briefly describes the together will equal XORing the two limitations of wired equivalent privacy plain texts together.2. The WEP Algorithm protocol and the security attacks it can WEP is an algorithm that is used be subjected to d) The FMS Attackto secure wireless communications The FMS attack is the most well a) Static Keyfrom eavesdropping and modification. known attack on WEP. It has beenA secondary function of WEP is to WEP relies on a secret key named after Scott Fluhrer, Itsik Mantin,prevent unauthorized access to a shared between the communicating 18 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 20.    and Adi Shamir [6]. The basis for this for ALL authentication responses. The algorithm so that it is no longerattack is a weakness in the way RC4 attacker now has all of the elements linear will help mitigate suchgenerates the keystream. Specifically: to successfully authenticate to the attacks [7, 9].1. The Initialization Vector (IV) that is target network without knowing the e) D y n a m i c k e y m a n a g e m e n t always attached to the key prior to shared secret K. The attacker requests techniques the generation of the keystream by authentication of the access point it In most setups using WEP, the the RC4 algorithm is transmitted in wishes to associate / join. The access shared key is not changed for long cleartext. point responds with an authentication periods of time thereby increasing2. The IV is relatively small (three challenge in the clear. the vulnerability factor. Moreover, bytes) which results in a lot of Now, the attacker responds with a there is mechanism to change repetitions as the relatively small valid authentication response message, the keys dynamically. Adding a number of unique IVs is re-used to and he associates with the AP and joins dynamic key management scheme encrypt packets. the network. . via the use of temporal keys, as3. Some of the IVs are “weak” in the specified in the TKIP (Temporal 4. Solutions to WEP Security sense that they may be used to Key Integrity Protocol), wherein the betray information about the key. Several solutions are suggested to encryption keys are changed after The key scheduling algorithm strengthen the WEP Security transmitting every 10,000 packets,in WEP uses either a concatenation a) Changing encryption keys for every could help prevent the currentlyof the 40-bit shared key and the 24- packet known attacks against WEP [7,9].bit IV making a 64-bit packet key Hashing the concatenation of the f) Changing the Initialization Vectoror a concatenation of the 104-bit initialization vector (IV) and the (IV)shared key and the 24-bit IV making shared key before feeding it to The size of the IV can be increaseda 128-bit key to set up the RC4 state a RC4 stream generator would by using a flag in the currentarray S. This array state S, which is a prevent the IV from revealing any header to indicate that additionalpermutation of {0….255}, is used by useful information about the shared IV bits are there in the data frame.the output generator (PRGA) to create key [9]. Not only will this increase thea pseudorandom sequence. The attack b) Dropping the initial bytes from the range of currently available IVutilizes only the first word of output RC4 output values (which is capped at 16from this pseudorandom sequence. The The probabilistic correlation million because of the current 24-attack is based on the fact that there is a between some bits of the shared bit size) but also make it impossiblestrong probabilistic correlation between key and some bits of the output for an attacker to determine thesome bits of the shared key and some cipherstream (for a large class entire initialization vector withoutbits of the output stream for a large class of weak keys) is one of prime knowing the shared key since a partof weak keys [7, 10]. vulnerabilities of the RC4 of it would be encrypted as part of implementation in WEP. This can the payload [7,9].e) Shared Key Authentication Flaw be easily countered by dropping The current protocol for shared some initial bytes (say 128 or 256) 4. Conclusionskey authentication is easily exploited of the RC4 stream cipher since this In this paper, the security holesthrough a passive attack by the will mitigate any such correlation in wired equivalent privacy protocoleavesdropping of one leg of a mutual between the bits of the shared key are reviewed and the security flawsauthentication. The attack works and the output cipherstream [7,9]. are discussed. Several solutions tobecause of the fixed structure of the c) Firmware modifications overcome these flaws are presented.protocol (the only difference between The firmware for the 802.11b based Organizations that choose or alreadydifferent authentication messages is the wireless cards can be modified so have chosen to deploy WLAN shouldrandom challenge), and the previously that the “weak” IVs (all of which consider the current existing problemsreported weaknesses in WEP [3,8]. The have been identified by now) are of WEP protocol and secure theirattacker first captures the second and skipped and no longer sent out as network accordingly.third management messages from an part of a WEP encrypted packet.authentication exchange. The second References: Though its actual implementationmessage contains the random challenge is a non-trivial issue on account [1] Craiger J. Philip (June 2002),in the clear, and the third message of the large installed base of the 802.11, 802.1x, and Wirelesscontains the challenge encrypted with current cards, this approach would Security. Retrieved June 15, 2007,the shared authentication key. easily mitigate any attack based on from SANS Website: http://www. The size of the recovered pseudo- the RC4 based vulnerability [7, 9]. sans.orgrandom stream will be the size of d) Modifying the CRC algorithm [2] Borisov, N. Goldberg & Wagnerthe authentication frame because all The currently used 32-bit CRC D(July 2001).Interceptingelements of the frame are known: algorithm is linear and is easily Mobile Communications:algorithm number, sequence number, determined by any attacker thereby Insecurity of 802.11, Publishedstatus code, element id, length, and making it very vulnerable to bit- in the proceedings of 7th Annualthe challenge text. Furthermore, all but flipping attacks. Modifying the CRC International Conference onthe challenge text will remain the same Mobile Computing & Networking, C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 19
  • 21.     Pages:180-189, Rome, Italy. WEP Encryption and the Cavalier Retrieved on July 3, 2007.Website:[3] Technical Report. Part 11, Wireless Wireless Network .Retrieved on h t t p : / / g r o u p e r. i e e e . o rg / LAN medium access control July 1,2007. groups/802/11/Documents/ (MAC) and physical layer (PHY) We b s i t e : h t t p : / / a b s t r a c t . c s . DocumentHolder/0-362.zip. specifications. IEEE Computer washington.edu/~sammyg/UVa/ [9] Madhur Joshi, Sawhney Nimit Society.LAN MAN Standards CS551/paper.pdf (2002), A Tool to Demonstrate Committee,1999.Retrieved on July [6] Scott Fluhrer, Itsik Mantin, & Adi Weaknesses in Wired Equivalent 3,2007.Website:http:// www.csse. Shamir(August 2001). Weaknesses Privacy, Technical Report-18-849 uwa.edu.au in the key scheduling alogirthm of Security and Cryptography Project,[4] Michael Sthultz , Jacob Uecker & RC4. In Eighth Annual Workshop Carnegie Mellon University. Hal Berghel (Access from September on Selected Areas in Cryptography, [10] Adam Stubblefield, John Ioannidis, 2005). Wireless Insecurities, pages 1-24, Toronto, Canada. & Aviel D. Rubin(2002). Using the Center for Cybermedia Research [7] William A. Arbaugh, Narendar fluhrer, mantin, and Shamir attack , University of Nevada , Las Shankar, and Y.C. Justin Wan(2002). to break wep. Symposium on Vegas. Retrieved on June 16,2007. Your 802.11 wireless network Network and Distributed System Website:http://www.berghel.net/ has no clothes. IEEE Wireless Security. publications/wifi_vul/wifi_vul. Communications, 9(6):44-51. [11] Hao Yang, Fabio Ricciato, Songwu php#5 [8] J. Walker(March 2000).Unsafe at Lu and Lixia Zhang(Feb 2006).[5] Technical Report. Sam Guarnieri, any key size: an analysis of the WEP Securing a Wireless World, Willow Noonan, Dave Paci_co, encapsulation,” Technical Report proceedings of the IEEE, Vol.94, and Ben Taitelbaum (Nov,2005). 03628E, IEEE 802.11 committee, No.2. ooo Mr. Kaleem Usmani is working as Lecturer in CDAC School of Advanced Computing (CSAC), University of Mauritius, Mauritius since 2003. He is current enrolled at GGS Indraprastha University for his PhD. in ‘Secure Wireless Networks’. Prior to joining CSAC he worked as Analyst Programmer at Leisure Garments Limited [ESQUEL Group-Hong Kong], Malaysia and Mauritius. He has also served Net4india, New Delhi as Software Engineer for two years and extensively worked in Server Side Programming. He obtained his Bachelor of Science & Engineering (Mechanical) degree in 1997 and MCA (Masters in Computer Applications) in 2000 from Aligarh Muslim University, Aligarh (UP). His areas of interest are Information Security, wireless Networks and Network Programing. Dr. Nupur Prakash, Dean and Professor, School of IT, University School of IT, GGS Indraprastha University, Delhi, India. Email:nupurprakash@rediffmail.com Dr. Nupur Prakash holds a PhD degree in Engg. and Technology from Punjab University, Chandigarh in 1998. She received her M.E in Computer Science and Technology in 1986 and B.E in Electronics and Communication in 1981 from University of Roorkee. She has worked as scientist in a CSIR lab called Central Scientific Research Organisation (CSIO), Chandigarh on microprocessor based cross correlation flowmeter. She has also headed the department of Computer Science and Engineering at Punjab Engineering College, Chandigarh. She has been the Principal of Indira Gandhi Institute of Technology, Delhi for 4 Years. Presently, She is Dean, USIT,GGSIPU. Her research interest is Wireless Comm, Mobile Computing, Network Security and cryptography. She has authored 50 research papers at various National & International journals and conferences. Forthcoming Special Theme Issues Month Theme Guest Editor Sept 07 Embedded Systems Dr. Rajkamal, India Oct 07 Systems Thinking Dr. K S Narendra, USA Nov 07 Internet Governance Mr. Nitin Desai, India Dec 07 Storage Technologies Mr. Sudhakar Rao, IndiaNote : The content of the theme section will be finalized by the 20th of the preceding month. 20 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 22.    Towards More Effective Virus disruptions by wiping out hard drives and deleting files. Recent malwares are aimed at stealing information suchDetectors as bank account numbers, credit card information. The payload of a malware has also undergone changes. It may contain a virus, rootkit and a passwordRaghunathan Srinivasan* & Partha Dasgupta** logger. Malwares are a big threat in today’s computing world.Arizona State University AV s o f t w a r e h a s e v o l v e d*raghus@asu.edu continuously with malware**partha@asu.edu (Nachenberg, 1997; Sanok, 2005). AV products have made it tougher for1. Introduction viruses to escape detection. The virus Viruses (or malware) are a scourge, completely secure OS is unlikely (Basili writers have responded by creating awith potentially unlimited fraudulent & Perricone, 1984). The problem of new trend. Malicious programs disableuses. Smart viruses can hide, mutate and preventing infections is made difficult the AV and other security relateddisable detection methods. Computers by the fact that most hackers rely on processes in the system.are an important part of everyday life human error (social engineering) to The SpamThru Trojan gets installedto many people across the world. The compromise systems. It can be inferred on a host system by social engineering.Internet has revolutionized everyday from above that it is hard to prevent an It patches the running AV to blocklife. The Internet has also brought an infection since it is difficult to foresee updates and prevent its detection. Itugly side of computers: a plethora of the exact error a user may commit. installs a pirated and patched copymalware. Home computers are most Hence, security software rely on of a popular AV to scan the system tovulnerable to attacks by malicious detection instead of prevention. remove other malwares. This is done toprograms and hackers. This is because Software such as Anti-Virus (AV) ensure that there are no competitors formany home users are less equipped to solutions, and firewalls offer some system resources. It runs a root kit toprevent or counter an infection. Even protection against computer attacks; conceal its own files from the scannerif the user possesses the required skills, however, they are not completely and system (Naraine, 2006). Beast isa smart virus that appropriately hooks effective. Virus detection is surprisingly a backdoor Trojan horse; it works as aonto the system can hide its presence hard, it has been shown that there is Remote Administration Tool. It injectson the machine, and remain undetected. no algorithm that can perfectly detect its DLL’s into explorer and winlogon.These compromised machines are the presence of malicious code (Cohen, Once it infects a system, it shuts off thevulnerable to hackers who steal secret 1993). Since the AV relies on definitions AV, Firewall, and the attacker obtainsdata or even install additional software or known behavioural patterns of control of the system (The Beast,that enables the use of the machine malicious programs, a code that is new (n.d.)).as part of a botnet to launch Denial of in design can effectively use the zero This list is not limited to onlyService attacks on servers, or to intrude day exploit (Schneier, 2003). these two; Klez, Bugbear and Lirvaon government agencies. The AV and other security software are other examples of viruses that Virus writers use a variety of suffer from several shortcomings. The disable AV programs. This is knowntechniques to attack a machine. They AV is a user level application that can be as Armoring (Chen, 2003). Armoringcan be enumerated as follows: killed by any process with administrator marks a significant change in virusn Social engineering privileges, or it can be infected by behaviour. Till now any infection couldn Spamming viruses, due to which the detection be contained and cleaned by the AVn Exploitation of software engine is rendered useless. Like a virus, after the arrival of an update, however, vulnerabilities the AV software may attempt to hide the latest trend of killing the AV processn Code Injection itself, but such attempts to hide can also threatens to make their presencen Cross Site Scripting be detected. inconsequential. This means that theren Pharming Software in most machines is is an urgent necessity to protect the AV Elimination of software identical (genetic uniformity). Due to from rogue programs.vulnerabilities requires the this, an attacker can use one machine This paper presents a softwareimplementation of secure OS and to carry out experiments and find out based solution to prevent malwaresecure coding. Both the issues have ways to exploit vulnerabilities, and use from disabling security software. Thisbeen researched heavily but have the information to carry out the same problem is similar to that of preventingbeen ineffective in practice, mainly attack on other machines. By making infections and also similar to thedue to the abundance of legacy code. programs dissimilar on every machine problems faced by virus writers inThe OS kernel consists of millions of the complexity and cost of an attack can hiding their programs from the AV. Itlines of code, and writing a secure OS be increased. is not possible to provide a solutionwould require that the entire kernel Motivations behind malwares that will hide the AV from a malwareis bug free. Writing bug free code is a have changed constantly over time. completely; however, this paper aims tovery complex problem. Creation of a Early viruses were designed to cause make the process of locating and killing C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 21
  • 23. the AV difficult. use of code injection occurs when a user implemented on the Windows 2000 changes the behaviour of a program to platform.2. Related Work meet system requirements. This is done a) Installing the Program Hiding information is used for when the cost of modifying the softwaremalicious and benevolent purposes. Viruses are known to insert sections is a costly process and it is cheaper andThe benevolent uses are to hide of their code in other programs to hide convenient to inject code in the programpasswords, credit card information and their presence. A similar trick can be to achieve the desired functionality. Incode obfuscation for DRM. Malicious used to hide the AV. Writing part of this paper, code injection is used as oneuses are typically to hide the presence the AV code on an executable is not of the means to hide the AV process inof malware. To achieve this, the a good solution as it would be too the system.malware monitors and intercepts the much virus like. Instead, the AV isstate and actions of the compromised 3. Threat Model installed as a different program. Thissystem. A Rootkit is a popular tool All security related problems cannot involves replicating the directoryused by hackers to hide the presence have a single universal solution. Each structure and file names of the softwareof malicious entities in the system. solution lives up to a threat model. A being replicated. The installation suiteShadow Walker (Sparks & Butler, 2005) threat model describes the assumptions contains the list of commonly usedis a rootkit designed to deceive in and factors considered while making a software in consumer computers.memory signature scanners. It hooks solution. It also describes the problems During installation, the suite finds outon to the page fault handler and the that are addressed by the solution. The the software in the list have not beenpage table entries in the system. It assumptions made in this paper are: installed on the machine. The suite thendetects the read requests made by the The AV will get installed on a clean provides the truncated list to the user toscanners and provides fake values for machine. The virus will not attempt choose the software in whose name andthe corrupted section of memory to to kill all processes, or delete all files structure the AV should be installed.remain hidden. SubVirt (King & Chen, in the system. The virus will allow On obtaining the response, the suite2006) and Bluepill (Rutkowska, 2006) some application to upgrade to newer proceeds to replicate the directory, fileare Virtual Machine (VM) based rootkits versions. Rootkits are not installed structure and registry entries of thethat take advantage of the fact that the on the system. This solution works chosen software. By obtaining userlower layers in a system can effectively effectively against malware that attempt response, the solution ensures that thecontrol the upper layers. SubVirt and to identify the AV by scanning the name and directory structure of the AVBluepill install themselves between system registry, process table entries is different in every user machine. Thisthe hardware and the operating system and file system for the presence of provides the genetic diversity that helpsto control the machine. These rootkits known AV software solutions. This in cloaking the AV system.cannot be detected by processes running solution also works effectively against b) Starting the Processwithin the system. The exact sequence programs that identify the AV by the The first step in hiding the AV is toof events in the installation process for files and libraries used by it. cloak the point from where the processthe rootkits is beyond the scope of this 4. Design loads. Malware search registry entriespaper. To evade detection by malicious to find values that match the names It can be seen that use of a rootkit programs, the AV should remain of popular AV software. The registryensures that a process remains hidden hidden from all processes in the entry containing information about thein the system from other system system. The reason for this is that location of start up items is vulnerableprograms, hence may be used to hide any program on the machine may be to attacks; hence this entry has to bethe AV in the system. However, the infected. To effectively hide a program, cloaked or removed. This is achieved byproblem with this approach is that if in its file structure, registry entries and forcing another process to start the AV.any eventuality a virus patches on to the process table entries have to be hidden. The best choices for the starter processAV software then the virus can never be These issues are addressed by a two are system programs that load on boot.removed, also the aim of this paper is to fold process. The first step involves This part of the solution washide the AV from malicious code, and installing the program as a different implemented by inserting a call tonot the system administrator. program on the machine. This serves load the AV program inside the code Another reason for not using any to hide the file structure and registry of msgina.dll, a library used by theapproach similar to rootkits is that it entries, and also ensures each copy of system process winlogon. If this processwould involve placing the AV inside the AV looks different. The next step is different in every machine, then itthe kernel of the OS. The AV requires involves using code injection to migrate would be very difficult for a malware tofrequent updates. Updating the kernel or the program code and library into other detect where the start up information ofa VM is a tedious process; hence, the AV processes. Migration of code serves to the AV is stored.process must remain as an application hide process table entries from all otherin the user space. c) Execution of the Process system components. By performing code Code Injection is a technique used injection and the subsequent migration In the previous two sections, it hasto introduce code into a process from an after certain time intervals, another been made fairly difficult for malwareoutside source during execution. These threat is addressed. It becomes difficult to identify and disable the AV; however,techniques are very popular in system for malware to locate where the AV there exists a threat that a program mayhacking and cracking. Kc, Keromytis resides currently even if it finds where identify the AV by taking the snapshotand Prevelakis (2003) describe code the AV resided previously. of the system at any given time andinjection methodologies for various The design of the solution is analyse the result to identify the AV.languages and platforms. Benevolent illustrated in Figure 1; this solution was To make it tougher for the malware to 22 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 24. disable the AV, code injection is used the size of such a database would be program is detected on the machine,to move the AV code and libraries from very large and computing results would the user can be prompted to identify it.one process space to another. require extremely high storage and If the user cannot identify the program, To achieve this, the scheme computational complexity. A malware is it can be discarded or quarantined. Adescribed by Kuster, R (2003) to inject typically a light-weight program that is combination of white-lists and blacklistscode and library into another process. designed to work without catching the can serve to make consumer computingThe user is requested to enter a random user’s attention; hence, this technique secure, and should be incorporated insequence every time the machine boots. would be infeasible. This issue is also Anti-virus solutions.The AV process chooses a target process partially solved by making the watch Referencesrunning in the system using the entered threads perform integrity check during • Basili, V.R. and Perricone, B.T. (1984).value after time period ‘x’. Once this system shut-down. Software errors and complexity: anprocess is chosen, the libraries and code 5. Conclusion and Future Work empirical investigation 0. Communicationsare injected into it. This process occurs of the ACM. 27, 42-52.after every ‘x’ period of time, it must be This paper highlighted the growing • Cohen, F.B. (1993). Operating systemnoted that ‘x’ is a value that can be set problem of malicious programs protection through program evolution.by the system administrator on every disabling the security software and Computers and Security, 12. 565 – 584system. the need to tackle it. A software based Schneier, B. (2003). Attack trends: 2004 solution was presented to hide the AV and 2005. Q focus: security, 3(5). 52 - 53.d) Watch Processes program in the system from malware. • Nachenberg, C. (1997). Computer virus- Malicious programs run a system The solution provided protection from antivirus coevolution, Communications ofquery to identify the AV process. The malware that scan the registry entries, the ACM, 40. 46-51same technique is used to monitor • Sanok. Jr, D.J. (2005), An analysis of how file structure, and process table entries antivirus methodologies are utilized inwhether the Anti virus is running for the presence of the AV by installing protecting computers from malicious code.on the system or not. A standalone it as a different program and cloaking InfoSecCD ’05, 142-144process can monitor whether the AV its start up information. The solution • Naraine, R. (2006). Spam Trojan Installsis disabled, or for better results, ‘N’ also provided migration of code to Own Anti-Virus Scanner. Retrieved Oct.different processes can monitor the AV. counter malware that may attack 20, 2006. Website:http://www.eweek.com/Each of these monitors the AV process the AV program by taking a system article2/0,1895,2034680, 00.aspby receiving the name of the AV and the snapshot and computing offline results. • The Beast. (n.d.). Retrieved October 13,random sequence provided by the user 2005. Website:http://lists.virus.org/dshield- Finally, multiple watch processes were 0310/msg00337.htmlas a start up parameter. These processes introduced to monitor the AV and • Chen, T.M. (2003). Trends in Viruses andlocate the AV program in the injected perform some shut down events that Worms. The Internet Protocol Journal, 6(3).processes with the aid of the random are critical to maintaining the integrity 23-33sequence, and restart the program with of the AV. • Sparks, S., & Butler, J. (2005). Shadowhuman supervision in case the AV is As seen in section 1, most malware Walker: Raising the bar for windowsdisabled. In addition, each process also successfully use the zero day exploit. rootkit detection. Black Hat.receives the name of the other ‘N-1’ The reason for this is that AV uses • King, S.T., & Chen, P.M. (2006). SubVirt:processes so that every watch process implementing malware with virtual Blacklists to identify malicious code. machines. Security and Privacy, IEEE, ppcan be monitored. The watch processes If AV solutions migrate to using a 14-28.also compute and store the hash values list of known good programs (White- • Rutkowska, J. (2006). Subverting Vistaof the known good copy of the installed list), then the zero day exploit can be Kernel for Fun and Profit. Black Hat.AV software and the modified system countered and many viral infections • Kc, G S, Keromytis, A.D., and Prevelakis, V.library files. Prior to shutdown, the can be prevented. The only argument (2003). Countering Code-Injection Attackswatch processes check if any files have against usage of white-lists is that there With Instruction-Set Randomization. ACMbeen modified, if so, the user is notified are too many good programs around. CCS, 272-280.to perform a re-installation of the AV. • Kuster, R. (2003). Three ways to inject However, all of them are not likely to your code into another process. www. This was implemented by reside on every system. The AV program codeproject.comusing 3 processes to monitor the AV. can scan the system on installation toEach process calls the system API store a white-list. Every time a newGetProcessId to find whether the AV andthe other watch processes are executing.If a watch process is disabled, thenit is started immediately. If the AV isdisabled, then the user is prompted tostart the AV. If the user declines to startthe program, the answer is stored inmemory to avoid prompting at a latertime. It can be argued that a malwaremay store the integrity values of allknown software, binaries and libraries,and compare these values with thefiles in a target system to identify thepossible presence of the AV. However, Fig. : Design for hiding the Anti-virus from malware C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 23
  • 25.    Captcha – A Case for HIP protocols operate successfully over a network without requiring passwords, biometrics, special mechanical aids, orAccessible Design of special training [3]. CAPTCHA (Completely Automated Turing Test To Tell Computers andInformation Security Systems Humans Apart) is an RTT security solution to counter bots, which uses HIP protocols. Luis von Ahn and his group at the Carnegie Mellon University (CMU) [1] coined this termSambhavi Chandrashekar* & Harish Kumar Kotian** in 2000. They developed the first CAPTCHA to be used by Yahoo, based on images of text distorted randomly.*60, Harbord Street, #512C, Toronto (ON) M5S 3L1. CANADA. Email: sambhavi. Concurrent with the CAPTCHAchandrashekar@utoronto.ca project at CMU, a group at the Georgia TReserve Bank of India, Hyderabad. Email: hpkotian@rbi.org.in Institute of Technology proposed a** Reserve Bank of India, 6-1-56, Secretariat Road, Saifabad, Hyderabad-500004, similar authentication scheme calledIndia. Mandatory Human Participation (MHP) using a character-morphing algorithm to generate character recognition tests he need to protect resources on the Web from undesirable [21]. The term CAPTCHA, however, is access through malicious Web robot programs cannot be used more commonly for such tests. overemphasized. A popular genre of security solutions is based on Currently, about 60 million CAPTCHAs are being solved around the world every tests that try to determine whether the request for resource was day [14]. initiated by a computer or a human being. CAPTCHA (Completely Automated Turing Test To Tell Computers and Humans Apart) is Authentication through CAPTCHA one such solution. CAPTCHA implementations based on visual The four steps to authentication recognition of distorted text in an image are easy to deploy using CAPTCHA are: and are therefore becoming ubiquitous. However, they pose (i) Initialization: user expresses interest to be authenticated by the access barriers to a sizeable population who cannot see due to server, vision impairment but who can actively access the Web using (ii) CAPTCHA Challenge: server assistive technology solutions that read out the Web content to generates a challenge and issues it them. This paper provides a description of available CAPTCHA to user, solutions, explains how popular implementations based on visual (iii) User Response: user keys in the recognition are not universally accessible, suggests available right answer and returns it to alternatives that are more accessible and finally presents a server, paradigm of multimodal design as a key to universally accessible (iv) Verification: server verifies user response. If it matches the rightIntroduction answer it grants access to user; else it rejects the transaction. Web robots (or bots) are malicious algorithms for security solutions. The In this authentication scheme,computer programs that attempt concept of RTT, first suggested by Naor the server asks the question “Areto exploit online services intended in 1996 [9], differs from the original you human?” instead of “Who arefor human users. They consume Turing test in two respects. First, the test you?” and, upon receiving the correctresources, harass users, make attempts is automatically generated and graded answer to this question, concludesto guess passwords, steal and re-purpose by a computer instead of a human the user to be a human being insteadcopyrighted content, and invade privacy being. Second, the goal of the test is the of a computer program. In the caseby reconstructing sensitive data from reverse of the original Turing test, i.e., to of a visual CAPTCHA, the challengepublic views. Therefore, there is a need differentiate bots from humans, instead issued by the server is an image offor automatic methods to tell whether of proving that a bot is as intelligent a morphed character string createdthe entity attempting to access a service as humans. In other words, humans through a character morphing algorithmis a human or a machine. This is should be able to pass it with ease, but in such a way that a human beingaccomplished through a Reverse Turing machines should have a low probability won’t have any problem recognizingTest (RTT). of passing. This has given rise to a new the original string, while a computer In 1950 Alan Turing raised the research area called Human Interactive program (such as an Optical Characterquestion, “Can machines think?” Proofs (HIP), whose goal is to defend Recognition program) will not be ableSince then, the Turing’s test [16] for services from malicious attacks by to decipher it or make a correct guessartificial intelligence has inspired many differentiating bots from human users. with significant probability. Character 24 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 26.     to interact with the computer and other technological devices, such as mobile phones. It is a software program that mediates between the user and the operating system/applications and assists in interpreting the user interface. A screen reader can read aloud the content displayed on the screen using a voice synthesizer, or it can provide output to the user through a refreshable Braille display. This way, the program converts the information from visual modality to audio or tactile modality. Using a screen reader, persons with severe vision impairment are able to access digital material through a computer, including content on the Web. Thus, this way they have independent and easy access to more information today than during the times without a computer when they had to depend on print material to be read out to them or provided to them in Braille format. However, a screen reader can only readrecognition has been a grand challenge attribute of the interface that denotes to text because it is designed to convertproblem that provides an excellent RTT what extent it facilitates the interaction the text on the screen into synthesizedsolution readily satisfying security and for persons with disabilities. The speech. It can process images only if,system requirements. Unfortunately World Wide Web Consortium (W3C), while coding the page, the programmersuch systems mandate recognition to through its Web Accessibility Initiative had provided alternative text describingbe done visually, which may not be (WAI) [19], has provided guidelines for the image to make it accessible. In thepossible for persons with severe vision design of Web content in an accessible case of a visual CAPTCHA, since theimpairments. manner. These guidelines form the screen reader cannot make sense of the Given below is a screen shot basis of regulations in several countries image, and since providing alternativeof a website demanding CAPTCHA under which it would be a legal offence text for it will defeat the very purposeauthentication. to have non-conforming content on of CAPTCHA, persons with vision The website belongs to VFS Global one’s website. Although it is equally impairments are practically denied all[17], the primary office in India for important to make resources on the resources (including services) that areobtaining visa for travel to the United Web accessible to all people regardless protected using CAPTCHAs, be it visaStates. Since it authenticates prospective of the type of disability, there is greater application, online banking or personalvisa applicants using visual-only discussion about visual disability blogs.CAPTCHA, people who cannot see are in the context of Web access. This It is understandable for Web sitesprevented from independently applying is because interaction with the Web with resources that are too valuable tofor a US visa. The theme for this is predominantly visual and vision be compromised to ensure that they canpaper, in fact, emerged from a recent impairment results in a significant offer their service to individual userspersonal experience of the second reduction in ability in this context. without having their content harvestedauthor with this website while making Disability, unlike impairment, is not or otherwise exploited by Web robots.an unsuccessful attempt to complete associated with a person but arises These days, however, even smaller sitesthe US visa application procedure when the interaction between a person use technologies such as CAPTCHA.independently. It is interesting to note and the environment results in the In many cases, these systems make ithere that in the United States, all inability to do something. Using a wheel impossible for some users to createFederal agencies are mandated under chair, for example, may not pose the accounts, write comments, or makeSection 508 (29 U.S.C. ‘ 794d) of the same degree of disability for Web access purchases on these sites because theRehabilitation Act “to provide disabled as being blind does. CAPTCHA fails to recognize them asemployees and members of the public While deploying security solutions human. CAPTCHA is now in frequentaccess to information that is comparable on the Web, it would be helpful to use in the comment areas of messageto the access available to others” [21]. consider that people with certain forms boards and personal weblogs; any other of impairment use assistive technologies more accessible method of commentAccessibility of CAPTCHA spam control might serve the purpose to enable computer access. A screen Accessibility, in the context of reader is an assistive technology used by for smaller Web sites [18].human-computer interaction, is an persons with severe vision impairment Accessible systems ensure that C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 25
  • 27.    all users can use them. Securitysolutions using CAPTCHA are basedon the ability to respond to computingquestions. However, all human beingsmay not be able to respond in a standardmanner to a computing question. It ispossible that some people are devoidof some physical, sensory or cognitive Fig 2. Paypal audio-visual CAPTCHAfunctionality due to impairment or dueto environmental factors in a mannerthat restricts their computing capability.Information security solutions aresometimes designed withoutconsideration for such restrictionspossibly because most designers arecapable of unrestricted computingcapability and, in the absence of otherinputs, designers can be expected todesign only for themselves. According to the W3C report on Fig 2. Paypal audio-visual CAPTCHA“Inaccessibility of CAPTCHAs” [18],banking site ING Direct’s “PIN Guard” over a noisy background. The PayPal (TTS) to generate tests, and exploits theuses a visual keypad to associate and Google websites, for example, limitations of state-of-the art automaticletters on the keyboard with numbers enable audio as well as visual testing. speech recognition (ASR) technology.in a user’s pass code. Users who While Paypal provides the same set Human perception of speech in noisycannot see the code, or understand of characters both for visual and environments is fairly robust. Normal-the juxtaposition of letters and audio testing, Google provides a set of hearing listeners need a signal-to-noisenumbers, would be unable to access characters for the visual test and a set ratio (SNR) of approximately 1.5 dBtheir own financial data on this site. of numbers for the audio test. to recognize speech [13], while ASREven though such problems appear However, going by the large number systems require a much more favorableto be insurmountable, designing to of websites using visual CAPTCHA, the SNR of 5 to 15 dB [21].accommodate differing abilities may awareness about, or inclination to use, Re s e a r c h e r s o n RT Ts h a v enot always be difficult or impossible. audio-visual CAPTCHA appears to be reported other solutions based onAs an example, if we consider the minimal among those who implement facial features and handwriting, both ofpopular security measure of automatic CAPTCHA on their websites although which are based on visual recognition.transaction session expiry after a given the CMU CAPTCHA website [14] has ARTiFACIAL (Automated Reverse Turingshort period of time, this might not the following posting recommending test using FACIAL features) [11] is basedafford the required time to complete implementation of accessible on recognition of facial features in anthe transaction for a person with motor CAPTCHAs: image and clicking on different pointsdifficulties. However, if data relating “CAPTCHAs must be accessible. on the face. The Handwritten CAPTCHAto special needs are also accepted at CAPTCHAs based solely on reading system by Rusu and Govindaraju [12]the time of creating the login profile, text-or other visual-perception tasks- provides snippets of handwrittenit may not be technically unfeasible to prevent visually impaired users from words in image form and exploits theprovide a longer session time based on accessing the protected resource. differential in the proficiency betweenthe individual’s login profile and it will Such CAPTCHAs may make a site humans and computers in readingmake the system more accessible. incompatible with Section 508 in the handwritten word images.Alternatives to visual CAPTCHA United States. Any implementation of Another alternative, though The W3C Note on “Inaccessibility a CAPTCHA should allow blind users futuristic, is based on collaborativeof CAPTCHA” [18] examines several to get around the barrier, for example, filtering. While the CAPTCHAspotential solutions to test in a way that by permitting users to opt for an audio deployed currently are based onis accessible to all people that the users CAPTCHA”. objective questions such as textare human and not bots. But not all of In the context of audio CAPTCHA, recognition or image recognition, thisthem may be commercially feasible. The Kochanski, Lopresti, & Shih [7] have new class of CAPTCHAs proposedCMU CAPTCHA website offers another proposed an RTT based on speech. This by Chew and Tygar [6] work throughWeb-based service called reCAPTCHA uses a test that depends on the fact that collaborative filtering. They ask[15], which provides an alternative human recognition of distorted speech questions that have no absolute answertest based on sound recognition. Audio is far more robust than automatic and are graded by comparison toCAPTCHAs ask users to type back a speech recognition techniques. This other people’s answers. Collaborativesequence of characters that is read system uses text-to-speech synthesis filters, or recommender systems, use a 26 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 28.    database of user preferences to predict Modality Input to computer Output from computeritems or topics a new user might likeor find useful, such as how Amazon Visual Mouse monitormakes recommendations. Here the user Audio microphone speakersis correct so long as enough knownhumans agree. Collaborative filtering Tactile Keyboard refreshable Braille displaysis a way to aggregate data from many Table 1. Modalities associated with computer input/outputsdifferent human users so that new datacan be easily compared. (or environmental condition) [5]. The Designing and deploying multimodalDesigning universally accessible relationship between impairments, solutions for systems involving human-information technology solutions the resulting restrictions in computing computer interaction will go a long way The aim of universal accessibility capability and the special needs that in meeting this responsibility becauseis to produce systems that can be derive therefrom are summarized in multimodal design promotes universalused by anyone, irrespective of their Table 2. accessibility [10].physical, sensory and cognitive abilities This information can provide a The Web is for all. In the wordsand disabilities. During the design of basis for design decisions involving of Tim Berners-Lee, the father of theuniversally accessible information human-computer interaction. It could be World Wide Web, “As we move towardstechnology solutions, the special included in user login profiles or even a highly connected world, it is criticalcomputing needs of various user groups used as metadata about user interfaces. that the Web be usable by anyone,have to be taken into consideration. A system could accommodate different regardless of individual capabilities andThese needs are associated with disabilities by enabling interaction disabilities”.various factors, including speech, through any chosen modality. Affording Acknowledgementsmotor, hearing, and vision impairments, interaction in alternative modalitiescognitive limitations, emotional and essentially means adopting a multimodal The authors wish to place onlearning disabilities, as well as aging. design paradigm. record their sincere thanks to the GuestEnvironmental factors could also cause Editor for providing an opportunity Conclusion to present a point of view from thesimilar special needs. A person workingon a computer that has no sound It is widely accepted that the human angle about information securitycard would need captions on videos problems of spam and bots have solutions involving human-computeras much as a person with profound become a nuisance and must be interaction.hearing loss would. Likewise, a person defended against. Whereas individual Referencesaccessing directions from a GPS system anti-spam preventive measures and email address filtering may be used as [1] Ahn, L.V., Blum, M.,& Langford,while driving would need speech J. (2002). Telling Humans andoutput as much as a person with vision short-term solutions, there is a definite need for more effective solutions Computers Apart (automatically)impairment would. or How Lazy Cryptographers do AI. Thus, special needs with reference such as CAPTCHAs. While this paper recognizes the importance of existing Technical Report TR CMU-CS-02-to information technology arise out 117, February 2002.of the inability to interact with the security solutions, it attempts to provide a perspective about the implications of [2] Amedi A, Raz N, Pianka P, Malachcomputer through certain modalities and R, Zohary E. Early ‘visual’ cortexthey manifest as the need for interaction some current designs with reference to disabilities and emphasize the activation correlates with superiorthrough alternative modalities. The verbal memory performance in thethree modalities currently used to importance of multimodal design in this context. Viewing disabilities in terms blind. Nature Neuroscience, July,interact with computers are visual, 6(7), 758-66. 2003.audio and tactile and these can be of restrictions to computing capability could help designers to work with a [3] Baird, H., & Popat, K. Humanmapped to the input and output devices interactive proofs and documentof a computer as given in Table 1. set of rules to create more accessible information technologies. Technologists image analysis. Proceedings of the Again, special needs result due to IAPR 2002 Workshop on Documentrestrictions in computing capability have a social responsibility to design universally accessible solutions. Analysis Systems, 2002because of the effect of some impairment [4] Chan, N. “Abstract of sound oriented CAPTCHA,” in Proc. of the Workshop on Human Interactive Modality Input to computer Output from computer Proofs, Palo Alto, CA, January 2002, p. 35. Visual Mouse monitor [5] Chandrashekar, S. Accessibility vs. Audio microphone speakers Usability - where is the dividing Tactile Keyboard refreshable Braille displays line? MSc Thesis. University College London, London, United Table 1 : Modalities associated with computer input/outputs Kingdom. (Unpublished), 2005. [6] Chew, M. & Tygar, J.D. Collaborative Filtering CAPTCHAs, Lecture Notes C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 27
  • 29.     in Computer Science, Springer: Automated Reverse Turing Test 460, 1950 Berlin / Heidelberg, 2005. Using Facial Features. Proceeding 17] VFS Global India website https://[7] Kochanski, G., Lopresti, D., & of the 11th ACM international www.vfs-usa.co.in/Home.aspx (last Shih, C. A reverse turing test conference on Multimedia, accessed on June 30, 2007). using speech. Proceedings of the November 2003. 18] W3C report on “Inaccessibility of International Conference on Spoken 12] R u s u , A . , G o v i n d a r a j u , V. CAPTCHA”, http://www.w3.org/TR/ Language Processing, September Handwritten CAPTCHA: using turingtest/ (last accessed on June 2002. the difference in the abilities of 30, 2007).[8] Lopresti, D., Shih, C., & Kochanski, humans and machines in reading 19] Web Accessibility Initiative (WAI) G. “Human interactive proofs for handwritten words. Proceedings of http://www.w3c.org/WAI (last spoken language interfaces,” in the 9th Int’l Workshop on Frontiers accessed on June 30, 2007). Proc. of the Workshop on Human in Handwriting Recognition (IWFHR- 20] Woudenberg, E., F. K. Soong, and J. Interactive Proofs, Palo Alto, CA, 9 2004), 226- 231, 2004. E. West, “Acoustic echo cancellation January 2002, pp. 30–34. 13] Stuart, A. & Phillips, D. P. “Word for hands-free ASR applications in9] Naor, M. “Verification of a human recognition in continuous and noise,” in Proc. of the Workshop on in the loop or Identification via interrupted broadband noise by Acoustic Echo and Noise Control, the Turing Test”, unpublished young normal-hearing, older 1999, pp. 160–163. manuscript (1996). Online version normal-hearing, and presbyacusic 21] http://www.section508.gov/ (last available at: http://www.wisdom. listeners,” Ear & Hearing, vol. 17, accessed on June 30, 2007). weizmann.ac.il/<“naor/PAPERS/ pp. 478–489, 1996. 22] Xu,J., Lipton, R., Essa, I., Sung, human.ps 14] The CAPTCHA project http://www. M.&Ahu, Y. Mandatory Human10] Obrenovic, Z., Abascal, J. & captcha.net/ (last accessed on June Participation: A New Authentication Starcevic, D. Universal access 30, 2007). Scheme for Building Secure Systems. as a multimodal design issue, 15] The reCAPTCHA project http:// Proceedings of the 12th International Communications of the ACM,Volume recaptcha.net/ (last accessed on Conference on Computer 50, Issue 5 (May 2007), 83 – 88, June 30, 2007). Communications and Networks, 2007. 16] Turing, A. Computing machinery 2003. ICCCN 2003, 547- 552, 2003.11] Rui, Y., & Liu, Z. Artifacial: and intelligence. Mind, pp. 433–About the authors Sambhavi Chandrashekar is a Deputy General Manager with the Reserve Bank of India, currently on study leave and pursuing Ph.D. program with the Faculty of Information Studies, University of Toronto, Canada. She has a Masters degree in Chemistry from the Indian Institute of Technology, Madras and a second Masters degree in Human-Computer Interaction and Physical Ergonomics from University College London, U.K. Her research interests focus on inclusive design of information technologies. She also works with the Adaptive Technology Resource Centre associated with the University of Toronto on projects aimed at making the World Wide Web a more inclusive domain. She has presented several research papers at conferences in the United States, Canada, Europe and the United Kingdom. Harish Kumar Kotian is a Manager with the Department of Information Technology, Reserve Bank of India in Hyderabad. Commencing his work with computers in 1983, when assistive technology was not available locally, he became the first blind programmer in the country. In 2005, he received the Helen Keller award from the President of India. He is Ex-president of Blind Graduates Forum of India and a member of the syllabus committee on computer training for the National Institute for Visually Handicapped. In March 2007, he presented a paper at the 22nd Annual CSUN Technology and Disabilities Conference in Los Angeles, CA, on technology use in India by persons with vision impairments CSI Elections-2007 CSI Elections for the various elected offices for 2007-08 are scheduled to be conducted in November/December 2007 by Electronic Ballots as in past 2 years. To ensure successful conduct of these online elections, all voting members of CSI are requested to communicate their current email address to CSI HQ (membership@csi-india.org) latest by 30th September, 2007. 28 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 30.    Information Security Auditing the security objective of the organization should be identified. It should be deployed in such a way that it should provide the appropriate levels of security, performance, scalability and quality of service.R Anusooya, S A V Satya Murty, S Athinarayanan, P Swaminathan 4. Processes – Deployment of security technologies must be supported byIndira Gandhi Centre for Atomic Research, Kalpakkam continuous monitoring, testing andE-Mail:anusooya@igcar.gov.in adaptation of the network. 5. Pe o p l e – S k i l l e d s e c u r i t y administrators should manage these continuous Plans, Products,1. Introduction Processes. The last three decades have seen a and validate that systems are operating By considering the above Securityphenomenal growth in the utilization of according to the organization’s Strategies, Security Auditing has tocomputers in various important services security policies and system security be done periodically to ensure theand information handling. With the requirements. The primary reason effectiveness of the Enterprise Networkincrease in number of computers, their for auditing is to identify potential Security. It is a continuous process andnetworking has become a necessity vulnerabilities and subsequently correct should be done without fail. If any newfor access to servers and for the them. Auditing allows an Organization changes are made to the network setupdissemination of information. During to view its Network the same way or at the host level, security auditingthe same period the internet had an attacker does as well as allows should be done before placing it ongrown beyond everybody’s forecast, an organization to accurately assess the network. In the following sectionsand is being used beyond everybody’s their systems security position. There we will see briefly about the Securityimagination. Though the technological are many Commercial and Freeware Auditing Methodologies, Technologiesprogress is widely appreciated, the Security Auditing Tools available for used by Security Auditors for auditingmisuse of internet in gaining access to measuring the effectiveness of the a system, Security Audit Tools and itsunauthorized information is assuming Security. usage.alarming proportions. 2.2 Key Elements of Security Strategies 3. Audit Methodology This necessitates a comprehensive Every Organization would frame Auditing encompasses a widemethodology to secure the information its own security policies according variety of different activities, whichfor confidentiality, integrity and to the needs of the Organization. To includes executing audit programs,availability. Towards this many security meet its requirements and to protect recording of event data, examinationmechanisms in Router, through Firewall, its resources from any threats it should of data, the use of event alarm triggers,Intrusion Detection system, Host level follow security strategies. There are and log analysis. After identifying anysecurity are implemented. However new five key elements for a robust security events or occurrences in the system,security vulnerabilities are found on strategy. They are Alarm or Triggers should be sent toa regular basis like in kernel, services, 1. Policies – Clear Security Policies the Administrators for further testingprotocols, application packages etc., that should be consistent with and verification. A report can beThese vulnerabilities have to be plugged the business objective of the generated after analyzing these eventsat the earliest to continue to be secure. organization. According to the goals and necessary actions should be takenTo ensure the security of the various of the Organization, Security Policy according to that report. The followingservers and systems, the security should be drafted and it should be picture shows the Audit Methodology.has to be assessed through proper disseminated to all the employeesaudit tools. Hence security auditing of the Organization. The security System Identification andplays as important role for security policy should be followed by all data gatheringimplementation to ensure information without any exception.security. 2. Plans – After making the security2. Security Auditing p o l i c y, t h e m e t h o d o l o g y t o implement it should be clearly2.1 Measuring Security Testing and Verification worked out. Security infrastructure Security Auditing is a process of should be designed in order toensuring the Confidentiality, Integrity protect and support all resourcesand Availability of an organization’s in the network including wirelessinformation. Network Security LAN devices.Auditing should be integrated into 3. Products – Key technologies, Report Generation andan organization’s security program to products and services required Analysisevaluate system security mechanisms to execute the plan and meet C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 29
  • 31.    4. How do we do Security Auditing? Administrators for further improvement the network to the target device or Security Auditing should always of the network information security. system)be done with the latest version of 5.2.2 Red Teaming g) Queso (can be used for operatingSecurity Audit Tools. These tools may system fingerprinting) Reports of this team will also bebe commercially available or freeware sent to the System administrator but 5.3.3 Vulnerability testingas free download from Internet. Before they will conduct the security auditing Vulnerability testing is used toan Auditor begins Security Auditing, without any prior intimation to the determine the security holes andhe should have a thorough knowledge Organization. They will have their own vulnerabilities in the target networkabout the Policies of the Organization, security Audit tools for doing this kind or host(s). The Security Auditor willOrganization’s network setup and about of Auditing. identify machines within the targetthe application packages running in the network of all open ports as well asservers. 5.3 Phases of Penetration testing running applications, including the After making thorough study of all There are three phases involved operating system, patch level, andthe above things, Auditor should decide during penetration testing. They are, service pack applied.whether he is going to conduct In-house 1. Reconnaissance, After successful scanning via nmapAuditing or Penetration test Auditing. 2. Scanning, or other scanning tools, the vulnerabilityThese techniques will be discussed in 3. Vulnerability Testing. testing phase is started. Nmap, athe following section. 5.3.1 Reconnaissance scanning tool, will identify whether the5. Security Auditing Techniques The art of gaining preliminary host is alive or not and what ports and Security Auditing Techniques are information about the target host or services are open and running, evenclassified as network is known as reconnaissance. if ICMP is completely disabled on the1. In-House Auditing This can be accomplished by visiting target network. Vulnerability scanners2. Penetration Testing the target web sites or using any other will identify if any security holes are public resources of an organization. found in the target host(s) or Network5.1 In-house Auditing: Administrator There are various tools used for gaining and also the solutions to rectify them. initiated and conducted this kind of information, some of them Some of the best vulnerability This kind of Auditing is initiated are mentioned here scanners like Nessus and SARA areby the Auditor in compliance with the a) nslookup / dig available as a free download fromsecurity policies of the Organization. b) whois the Internet and ISS is a commercialThis should be done from inside the c) Target Web Site product for vulnerability testing. Wecampus network in any of the LANs and will see the detailed description of some 5.3.2 Scanningdoing whole network auditing. There of these tools in the coming sections.are numerous Security Audit Tools After gaining enough informationavailable for doing this kind of auditing. about the target host(s) or network, 6. Security Audit ToolsIf any security violations are found the next step in penetration testing There are wide varieties of securityduring auditing it will be intimated to is to scan the entire Network or tools available in the market andthe System Administrator for further hosts. This scanning process can give Internet for conducting a Securityaction. This kind of actions will improve important information such as open Audit. Classification of those tools isthe Network and Information security of ports of the servers, available services shown belowthe Organization. and applications on hosts or network Types of Security Audit Tools appliances and the version of the5.2 Penetration Testing 6.1 Network Mapping Tools operating system or application. Some If the system is highly complex, of the common tools used for scanning Network mapping involves a testcritical Penetration testing can be are mentioned below: using a port scanner. This scannerplanned to evaluate the security. This a) Telnet (Can report information identifies all active hosts connectedis done by initiating the whole network about an application or service; i.e., to an organization’s network, Networkauditing from outside the campus version, platform) service operating on those hosts,network. The purpose of penetration b) Nmap (powerful tool available for specific applications running on thattesting is to identify the methods of Unix that finds ports and services hosts etc., Some commonly used toolsgaining access to a system by using tools available via IP) are mentioned below. They are freewareand techniques developed by hackers. c) Hping2 (powerful Unix based tool products, available as downloads from Penetration testing is done in two used to gain important information the internet or it may be a commercialways about a network) one.1 Overt - Blue teaming d) Netcat (others have quoted this Some of the Freeware products2 Covert - Red teaming application as the “Swiss Army used for network mapping are knife” of network utilities) a) NMAP 5.2.1 Blue Teaming e) Ping (Available on all most every b) Superscan Blue teaming is the team which Some of the Commercial productswill give prior information about platform and operating system to test for IP connectivity) used for network mapping arethe Security Auditing. Reports of a) Solarwindsthis team will be sent to the System f) Traceroute (maps out the hops of 30 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 32.    b) GFI LAN GUARD Example for how to do a SYN Scan: patches or System upgrades etc.,6.1.1 NMAP [root@Auditpc root] # nmap -sS It utilizes the database of known 192.168.1.10 vulnerabilities. Nmap is a Powerful, flexible, free, The above run of Nmap (Fig-1) Vulnerability Assessment Scannersopen-source port scanner available for shows that the machine is having open are eitherboth UNIX and Windows. Nmap is used ports of ftp, ssh, telnet, http, https etc. a) Host Based to find out what services are listening It means all the services are running b) Network basedon each specific port, fingerprinting, in the machine. Other scanning types Some of the common Vulnerabilitywhich gives an idea on what operating can also be done using their respective A s s e s s m e n t S c a n n e r To o l s a r esystem the machine is running. It has options. mentioned belowa graphical front-end, NmapFE, and 6.2 Perimeter Security Tools a) ISSsupports a wide variety of scan types. b) SARA The following section shows how to Routers are devices designed c) NESSUS install Nmap and some of the scan types to provide connectivity betweenused by Security Auditor. organization’s networks to service 6.3.1 Internet Security System (ISS) Nmap software can be downloaded provider through proper routing. Since – Internet Scanner Softwarefreely from the following site http:// the router represents an entry point Internet Security System providesinsecure.org/nmap/download.html. into the network, it is important to the Internet Scanner Software whichNmap and NmapFE (front-end) are implement security mechanisms in the minimizes the risk by identifying theavailable in the following formats: Tar router. For measuring the security level security holes, or vulnerabilities, inball format, in Gunzip format or in RPM of the router, many Router Audit Tools the network when plugged. It allowsformat. are available in the market. One of the auditors to customize policy based In UNIX platforms install the RPM freely available tools is Router IOS scanning of the Network.file using the following command: Benchmark tool from Center for Internet 6.3.2 SARA – Security Auditor’s Research# rpm –ivh nmap-4.20-1.i386.rpm security. Assistant# rpm –ivh nmap-frontend-4.20-1.i386. 6.2.1 CIS Router IOS Benchmarking Tool SARA is a freeware, vulnerabilityrpm Center for Internet Security assessment tool which finds the securityThe two basic scan types used most in provides free benchmark, scoring tools holes in the hosts. It is available forNmap are: to improve the security mechanisms both UNIX and Windows platforms.1. TCP connect() scanning [-sT] and in the Router. This Benchmark and The CVE (Common Vulnerabilities and2. SYN scanning (also known as half- related scoring are intended to be tools Exposures) standard support of SARA open, or stealth scanning) [-sS]. to assist in risk analysis and mitigation. is very useful in identifying the security Other Scan types commonly used The recommendations and tool should holes of the host and remedies to rectifyare FIN, Null, Xmas Tree Scans, Ping be properly applied after thorough them.Scan, UDP Scan [-sF, -sN, -sX, -sP, -sU]. understanding of organization goals and 6.3.3 NessusThe FIN scan sends a packet with only how technologies are applied to meetthe FIN flag set, the Xmas Tree scan Nessus is a freely downloadable the goals. It is a good tool for analyzingsets the FIN, URG and PUSH flags and vulnerability assessment scanning tool router configuration. It is a passive testthe Null scan sends a packet with no available in the Internet. It’s a Client/ tool.flags switched on. Ping scan lists the Server based program. Server process The following are the importanthosts within the specified range that does the scanning and vulnerability points that CIS Router IOSis responding to a ping. UDP Scanning assessment testing. Client user interface Benchmarking tool provides,is used for finding out the open UDP retrieves the data from server and 1. Analyzes Router Policy of theports. generates reports. The Nessus is most organization frequently used tool. The detailed 2. Identifies the OS version installation and testing procedure is 3. Ensures that any known given below. vulnerabilities or patches posted Generated Report will contain the by the vendor are applied detailed Information of discovered 4. Ensures that adequate filtering is vulnerabilities and guidance to rectify configured using ACL those vulnerabilities. Scanners can have 5. Verifies that the Password for a high false positive error rate. So only a all Interfaces are set with strong qualified person like Security Engineer passwords encrypted or Security Auditor can assess as well as 6. Also ensures that unnecessary interpret the results. network services and interfaces are disabled Nessus Server Installation 6.3 Vulnerability Scanning Tools One of the features of Nessus is its client server technology. Servers can Vulnerability Assessment Scanners be placed at different locations in a help in identifying out of-date software Fig. 1 network and allowed to perform various versions, Vulnerabilities, Applicable C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 31
  • 33.    tests. Single Client or multiple clientsat different locations can have controlon all the servers. Server portion isavailable only for the flavors of Unixbut Client portion is available for bothUnix and windows flavors. The Nessusserver performs the actual testing whilethe client provides configuration andreporting functionality. Before upgrading the package,stop the nessusd service by using thefollowing command:killall nessusd This command will kill all nessusdservices and will stop any on-goingscans Then, install Nessus with thefollowing command depending on theversion of the OS: Fig. 2rpm –ivh Nessus-3.0.3-es3.i386.rpmOnce the upgrade is complete, restart Use the Filter button to search for security warning when a mild flaw isthe nessusd service with the following specific plugin scripts. For example, it detected. Items that have the no-entrycommand: is possible to search for vulnerability symbol next to them suggest a severe/opt/nessus/sbin/nessusd -D checks that have a certain word in security hole. According to the severity their description or by the CVE name of the warning or security holes,Nessus Client Installation of a specific vulnerability. And click necessary steps should be taken againstIn the Nessus client installation, a the hosts or network. “Enable all plug-ins” or just “Enable allnew user can be added by the nessus- The Fig.4 shows the Nessus Report but dangerous plug-ins” tab. There areadduser command. Authentication of a host: instances where the plug-in causes aof the user is performed simply by Denial of Service but it is not listed as 6.4 System Benchmarking Toolsusing the password given for the user. dangerous, so be cautious in selecting Benchmarks are designed to makeRestriction of user account queries the plug-ins tab. it possible to compute an overall scoreshould be configured or leave it blank. The typical Nessus Client Window for security for each system. This canA certificate also needs to be generated while connecting to the Nessus Server be done manually or with the aid of aas well to be used to encrypt the traffic is shown in Fig-2 scoring tool. The Center for Internetbetween the client and server. The After connecting to the server, security provides scoring tools whichnessus-mkcert command accomplishes Scanning will start. Fig-3 shows the are available from the Internet at freethis. scanning screen of the Nessus Client. of cost. It evaluates all types of OS likeThe following command shows how toadd a new user and to make certificate: Generating Reports AIX, LINUX, WINDOWS etc.,/opt/nessus/sbin/nessus-add-first-user After scanning is finished, reports 6.4.1 CIS Benchmarking Tools – For Linux,Add a new nessusd user can be saved in variety of formats like Windows etcLogin : admin HTML (with or without graphics), It is a Passive tool executed atPassword : *********** XML, LaTeX, ASCII, and NBE (Nessus the host level for identifying theDN : BackEnd). In order to improve the vulnerabilities and improving theRules : security of the hosts or network the security of the system when theIs that ok ? (y/n) [y] y items with a light bulb next to them will vulnerabilities are plugged. It showsuser added. give the notes or tips. The items with the loop holes in OS Configuration andNow start Nessus by typing : an exclamation next to them suggest a gives recommendations. Using those/opt/nessus//sbin/nessusd –DThe following command is used forcreating the Client certificate/opt/nessus/bin/nessus-mkcert-clientStarting a Nessus Scan After connecting the Nessus clientto the server check the differentplugins available in the Plugins tab. Fig. 2 32 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 34.     mode or not, checks for lastlog deletions, checks for wtmp deletions, checks for signs of LKM Trojans, checks for signs of LKM Trojans, quick and dirty strings replacement. Download the tar file from the above site and Install using the following command tar -zxvf chkrootkit.tar.gz make sense8 ./chkrootkit | more When executed the report will be generated. Ensure that there are no errors. If there is any error, makerecommendations we need to securely support exists. If the system is not corrections and run until no errorsconfigure our systems. It has a scoring listed, the following command is used: displayed in the report generated.value ranges upto 10. The higher the make clean generic 6.7 Dial-up Vulnerability Analysisscoring value, higher the security. This will create the executables for Tools6.5 Password cracking Tools John and its related utilities under the To ensure that no dial up modems “run” directory. John the Ripper can be are connected in the network without Password cracking programs are started using the following command: the knowledge of System Administrator,useful for identifying weak passwords. cd ../run for uploading information, these toolsWeak passwords are the common entry ./john --test help in finding out whether any dialfor the attackers. So a strong password Running the John the Ripper: up modem is connected at that pointshould be used in all the systems used For running John the Ripper, some of time. The following are some of thein the Network. One time password, password files must be supplied and commonly used Dial-up VulnerabilityEncrypted password, Finger print cracking mode should be specified. Analysis tools:authentication should be used in the For Example, if “passwd” is the copy v PhoneSweepNetwork for improving the security. of password file then the following v TeleSweep Password cracking can be done in command is used for running the v ToneLoctwo ways: password file:1. By getting password hashes or 7 Conclusion john passwd2. An automated password cracker With the increased popularity of Cracked passwords will be printed rapidly generates hashes until a PC’s, networks and internet, users are to the terminal and saved in the file match is found. able to get the benefits of easy access called $JOHN/john.pot The following are the two possible to information and faster information ($JOHN is the home directory ofways to generate the Hashes, dissemination. However, the network JOHN)a) Dictionary Attack - security also has become a big challenge To retrieve the cracked passwords, It uses all words in a dictionary or for the Administrators. There are many run: text file. This is the fastest way of security mechanisms to protect the john – show passwd generating hashes valuable information resources. The Like this all the weak passwordsb) Hybrid Attack - effectiveness of the security mechanisms can be found out easily. This builds on the dictionary has to be tested periodically with method by adding numeric symbol 6.6 Trojan / Backdoor/Root-kit Analysis various vulnerability testing tools. character to dictionary words Tool Hence security auditing plays a vitalThe following are the commonly used These tools are used for analyzing role in identifying the vulnerabilitiespassword cracking tools: any Trojans or Backdoor activities found and the administrator has to take thea) L0pht Crack in the system. Some of the commonly corrective action immediately to secureb) John the Ripper available tools are mentioned below. the systems. It is a continuous process6.5.1 John the Ripper a) Chkrootkit and with proper administration, the b) Anti-trojan network and systems can be made fairly John the Ripper is a fast passwordcracker. It is available for many flavors 6.6.1 Chkrootkit secure.of Unix, DOS, and Windows. Its Chkrootkit is a tool to locally Referencesprimary purpose is to detect weak Unix check for signs of a rootkit. It is freely http://www.nmap-tutorial.compasswords. downloadable from the following site http://www.nessus.orgCompilation of John the Ripper: http://www.chkrootkit.org. It contains http://www-arc.com shell script that checks system binaries http://www.sans.org/readingroom Compile the source code for rootkit modification. This kit is http://www.openwall.com/john/distribution of John using the make carrying out various tests. It checks http://www.chkrootkit.orgcommand. This will obtain the list of whether the interface is in promiscuous ooooperating system for which specific C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 33
  • 35.    Information Assurance 11. Precision, relevance (up-to-date), completeness and consistency of repositories should exceedMarkup Language – IAML Customer needs; Are the old and these new concepts compatible? Can you think in terms of Confidentiality, Integrity, Av a i l a b i l i t y, N o n Re p u d i a t i o n ,Vicente Aceituno Canal Compliance, Reliability, Access Control, Authentication, Identification, Authorization, Privacy, Anonymity, DataCalle Olimpico Fco Fdez Ochoa 9 esc B segundo B, 28923 Alcorcon (Madrid), Spain Quality and Business Continuity andEmail: vac@zenobia.es this list? You can, and IAML can help you to get there. Security objectivesCopyright with author. This paper is reprinted by special permission fall in three categories; Business Needs and Limitations, Compliance Needs and Limitations and Technical NeedsIntroduction trademarks) should be and Limitations. We will describe them Information security is complex, accessible to authorized users presently.isn’t it? Confidentiality, Integrity, only; Businesses Needs and LimitationsAv a i l a b i l i t y, N o n Re p u d i a t i o n , b. Pe r s o n a l i n f o r m a t i o n o f are objectives directly linked to businessCompliance, Reliability, Access clients and employees should needs.Control, Authentication, Identification, be accessible for a valid • Security Objectives 1 to 6 areAuthorization, Privacy, Anonymity, purpose to authorized users achieved using Access ControlData Quality and Business Continuity only, should preserve their techniques. The Access Controlare some concepts that are often used. anonymity if necessary, and paradigm represents usersThe ISM3 Consortium has developed should not be held for longer in information systems usingthe Information Assurance Markup than required; user accounts or certificates andLanguage to help companies to cut c. Secrets (industrial, trade) implements digital equivalentstrough this complexity. should be accessible to to guarded doors, records and The ISM3 Consortium understands authorized users only; signatures. For Access Control tosecurity not as a mix of all the concepts d. Third party services and be effective, User Registration,mentioned above, but as the consistent repositories should be Authentication, Authorization andaccomplishment of the mission of the appropriately licensed and be Recording need to be implementedorganization. For example a yogurt accessible only to authorized in a as robust and non tamperablemaker delivers with quality when users; manner as possible.customer expectations are met or 2. Users should be accountable for • Security Objectives 6 to 8 areexceeded for the price; it delivers with the repositories and messages they normally achieved usingsecurity when despite of accidents, create or modify; backup and enhanced reliabilitydisaster, attacks and errors, yogurts are 3. Users should be accountable for techniques. Protected services,delivered with the same quality. their acceptance of contracts and interfaces and channels can be U s i n g t h i s p o i n t o f v i e w, agreements. classified according to securitya definition of an incident is not 4. Users should be accountable for objectives for priority. In a multi-company-independent. While for a their use of services. tiered information system, thecompany trade secrets will be key for 5. Accurate time and date should be priority of higher level servicestheir success, other company will have reflected in all records; is propagated to the lower levelno secrets at all. While a company won’t 6. Availability of repositories, services services they depend on.survive for three days without their and channels should exceed • Security Objectives 9 and 10information systems, it will take only Customer needs; are normally achieved usingeight hours for other company to go out 7. Reliability and performance of archival and clearing techniques.of business. services and channels should be The durability of a repository The following is a list of generic exceed Customer needs; is the length of its planned life-or implicit security objectives that are 8. Volatility of services and channels cycle. Retention periods are oftencommon to many organisations: should be within Customer needs; determined by business purpose1. Use of services and physical and 9. Repositories should be retained or by legal and fiscal requirements. logical access to repositories and at least as long as Customer Retention of repositories implies systems should be restricted to requirements; either keeping available the systems authorized users; 10. Expired or end of life-cycle used to access them or copying a. Intellectual property (licensed, repositories should be permanently the data to newer repositories copyrighted, patented and destroyed; and format that are accessible by 34 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 36.     available systems. • Personal information must not be patches are released to fix those• Security Objective 11 is normally disclosed without the agreement of weaknesses. For these reasons there achieved using quality control the information owner. are security objectives related to techniques. The information quality • Personal information owners will keeping information systems as free of a repository is a measure of how have means to make data collectors as possible of visible weaknesses fit the repository is to fulfil security accountable for their use of his to potential attackers, and within objectives. personal information. proper environmental conditions: Compliance Needs and Limitations The same techniques used to • Systems should be as free of are obligations set by laws or control information quality can be weaknesses as possible. regulations and certifications used to control compliance, but • Systems should be visible to trusted sought by the organization on business related and compliance systems only. contractual, ethical and fair use related security objectives don’t • Systems that need to be visible to grounds, for example: necessarily match. not trusted systems should be the• Third party services and repositories Technical Needs and Limitations least visible possible. need to be appropriately licensed. are related to weaknesses and • Systems should run trusted services• Personal information completeness requirements of using information only. must be proportional to its use. systems based on the Von-Neumann • The electricity, temperature and• Personal information can’t be kept architecture. Most weaknesses in humidity where systems operate for longer than needed. modern systems are related to the should exceed the systems needs.• Tax records must be kept for a following facts: You can express security objectives minimum number of years. • A byte can be data, an address using IAML, but what is IAM good for,• Personal information must be or a machine instruction. This is really? If a security professional focuses protected using certain security exploited, for example by buffer information security as the set of measures depending on the type of overflow attacks; security processes and controls in place, personal information. • Most user systems consider by he will wonder what to make of IAML.• The owner of Personal information default that all code sitting in their IAML doesn’t say what controls you must agree for it to be collected and repositories, or even remotely is should implement, it doesn’t perform he has the right to check it, fix it legitimate. This is exploited by a risk assessment, and doesn’t by itself and approve how it will be used if malware; reveal what are the vulnerabilities in ceded. • Mobile repositories are essentially your systems. What IAML does is to• Re p o s i t o r i e s w i t h Pe r s o n a l passive and can be read without express the security objectives of the information have to be registered any access control from any organization, at the business unit, with a Data Protection agency. system; network environment, application or• Encryption must be used under • Once a repository is written, the system level. Only when you know what legal limitations. information remains for long after your objectives are (instead of using• Secrets must be kept according to it stopped being used. a predefined set like confidentiality, the terms of agreed Non Disclosure Technical limitations (rather than availability, and integrity) you can Agreements. needs) are not directly linked to design and protect your information• The owner of Personal information businesses objectives, but are a systems in a cost effective manner, and will be given notice when his data fact of life of the use of information explain WHY you are choosing that is being collected, including who is systems. Information systems need design and that protection. collecting the data. electricity and certain temperature IAML can be downloaded from• Personal information must be used and humidity conditions to work http://www.ism3.com/index.php? for the purpose agreed with the properly. New weaknesses are option=com_docman&task=cat_ information owner. discovered all the time, and view&gid=1&Itemid=9 © Vicente Aceituno Canal 2007 – ISM3 Consortium, Ingeniero Técnico en Telecomunicaciones (Universidad Politécnica de Madrid) is the Vice-President of ISSA in Spain, has 15 years experience in IT and security consulting (http://en.wikipedia.org/wiki/User:Vaceituno), leads the F.I.S.T information security conferences in Spain (www. fistconference.org), authored the ISM3 (Information Security Management Maturity Model www.isecom.org/ISM3), published his first book “Seguridad de la Información”, ISBN: 84-933336-7-0 last year, and maintains a Web site on personal computer’s security (www.seguridaddelainformacion.com) C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 35
  • 37.    Information Security- and 133 security controls as listed in the figure 1.0 (Refer ISO/IEC 27001 standard for more detail). It covers allNormalized Risk Assessment aspects of information security like Security policy, Organizational security,and treatment methodology asset classification, Personnel security, Physical and environmental security, Communications and operations management, Access control, Systems development & maintenance, Business continuity management, incidentS Velmourougan* & Dr. S Muttan** management, Compliance etc., 3. Key activities of ISMS (General)*Scientist, CFR, MCIT, Chennai-India 1. Define scope and policyvelmourougan@gmail.com 2. Undertake risk assessment and**Assistant Professor, Anna University, Chennai-India risk treatment to select appropriatemuttan_s@annauniv.edu control 3. Undertake Business impact analysis and prepare Business continuity plan1. Introduction information asset. 4. Define policy/procedure to establish Information systems need to be and maintain the security controls 2. Information Security managementsecure if they are to be dependable 5. Periodically audit the management system (ISMS)and reliable. Since many businesses process for corrective actionare critically reliant on their Information security management From the above, the activity listedinformation systems for key business system (ISMS) being the hot topic is as sl.no 2 is the most technical andprocesses (e.g. webs sites, production not only restricted to the IT industries critical activity to be performed toscheduling, transaction processing, but is also applicable to any industry/ establish the ISMSprivacy information storage), security firm / organization required to secure 1. Identification of all the assetscan be seen to be a very important their vital information; for example, covered in scopearea for management to get it right. organizations like defense, space, 2. Asset valuation based on CIAInformation security management is a telecommunication, railways, medical ratingsvital activity to be carried out in the or chemical industries etc,. Similar 3. Rating of threats and vulnerabilitiesmodern IT world. The information to ISO 9000 which deals with quality associated to the assetsis available in the form of hardware management system, ISO/IEC 27001 4. Calculating the risk of the assetand software. The attention paid to deals with the Information security 5. Determination of acceptable riskthese information is based on who is management system (ISMS). ISO/IEC 6. Treating of risk upon the selectionallowed to use the information, when 27001 is a risk based management of appropriate security controlsthey are allowed to use it, what they system covering various aspects of listed in ISO/IEC 27001are allowed to do (different groups may exhaustive security controls to assure 7. Preparation of RA/RTP report andbe granted different levels of access), information security. Widely it is Statement of applicability (SOA)procedures for granting access to the covered with 10 different domainsinformation, procedures for revokingaccess to the information (e.g. when anemployee leaves) and what constitutesacceptable use of the information.Appropriate security controls arerequired to ensure its confidentiality,Integrity and Availability (CIA). CIAplays a major role in assessing the riskof the asset to determine the level ofsecurity to be provided to the specificasset holding the information. Thispaper presents the introduction toinformation security managementsystems and a methodology to carryout risk assessment and risk treatmentto select appropriate controls to ensurethe level of security required for the Fig. 1 : Structure of ISO/IEC 27001, ISMS Standard 36 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 38.    4. Normalized Risk Assessment and Table 1 : Asset Valuation in terms of confidentially: treatment methodology Step 1. Identification of Assets & Asset Value Class DescriptionOwners 1 Publicly available Non-sensitive, available to public All department/functional headswill identify and prepare a list of all 2 For internal use Non-sensitive information restricted to internalimportant information assets within only usetheir spheres of activities. 3 Restricted use only Varying restrictions within the organization The information assets fall under 4 In-Confidence Available only on need to know basisany one of these categories:• Physical Assets 5 Strictly Available only to top management and strictly• Information Assets Confidential on need to know basis• Software Assets• Services Table 2 : Asset Valuation in terms of Integrity:Step 2. Asset valuation based on CIA Asset Value Class Descriptionratings The assets are assigned a value on 1 Very Low Integrity Business Impact is negligiblea qualitative scale of 1 to 5, where 1 is 2 Low Integrity Business Impact is minorlow and 5 is high, based on its potential 3 Medium Integrity Business Impact is significantimpact to organization / business, in theevent of breach of: 4 High Integrity Business Impact is Major• Confidentiality 5 Very High Integrity Business Impact could lead to serious or total• Integrity failure of business process• Availability Assets of similar type having same Table 3 : Asset Valuation in Terms of Availability:sensitivity/criticality level and havingsame threats and vulnerability can be Asset Value Class Descriptiongrouped to simplify valuation of assets.The values assigned form the basis for 1 Very Low Availability is required for about 25 % ofrisk value calculation Availability business hours Asset Value = N (Confidentiality * 2 Low Availability Availability is required for about 50-60 % ofIntegrity * Availability ( C*I*A)) business hours Normalization of Asset Value 3 Medium Availability is required for about 75-80 % ofIf C*I* A = 1 then Asset Value = 1 Availability business hoursIf 1<C*I*A>8 then Asset Value=2If 9<C*I*A>27 then Asset Value = 3 4 High Availability Availability is required every day at least 95If 27<C*I*A>64 then Asset Value=4 % of the timeIf 65<C*I*A>125 then Asset Value=5 5 Very High Availability is required every day at least 99.5Step 3. Rating of threats and Availability % of the timevulnerabilities associated to the assets Table 4. Threat ValuationThreat Value Assessment Threats exploit the vulnerabilities Asset Value Class Descriptionassociated with the assets so as to causedamage/interruption. For each asset, 1 Very Low Threat represents very low probability of occurrenceidentify threats that could exploit its T<50vulnerabilities. (Actually this is a threat/ 2 Low Threat represents low probability of occurrencevulnerability pair.) For each threat 50<T>60identified, estimate a threat value on a 3 Medium Threat represents medium probability of occurrencescale of 1 to 5 as shown in Table.4 60<T>80Vulnerability Value Assessment 4 High Threat represents high probability of occurrence Vulnerabilities are weaknesses 80>T<95associated with assets. These weakness 5 Very High Threat Represents very high probability of occurrenceare exploited by threats causing loss T>95or damage or harm to the assets.Vulnerability in itself does not causeharm until exploited. C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 37
  • 39.     Table 5 : Vulnerability Valuation Selection of control objectives and controls: Asset Value Class Description After the risk values are calculated, appropriate controls are identified 1 Very Low represents very secure environment for those assets whose risk value is ‘8 Vulnerability or above’. The implementation of the 2 Low Vulnerability represents secure environment controls so selected will reduce the risk 3 Medium represents presence of security but needs value to an acceptable level of risk. Vulnerability improvements 5. Conclusion 4 High Vulnerability Inadequacy or absence of security and needs The ISMS standard do not specify to improve any hard and fast rule to carryout the risk assessment and treatment but 5 Very High Highly inadequate or absence of security and this paper discusses the best practices Vulnerability needs to improve strongly. to be followed to effectively estimate the risk pertaining to the specific orStep 4 Calculating the risk of the asset • Reduce the risk by applying group of information assets. Moreover The risk value is a function of appropriate controls there are many handholding tools,the Asset Value, Threat Value and • Risk Avoidance which can ease out the risk assessmentVulnerability Value and is calculated o By not performing the activity process. Different tools adopt differentas a sum of these three (Asset Value + o Moving assets away from an methodology to estimate the risk andThreat Value + Vulnerability Value) area of risk similarly to optimize the risk. Risk = Asset Value + Threat Value o Deferring a decision until more References+ Vulnerability Value information is obtained • Risk Transfer (1) Zella G. Ruthberg, “Handbook ofStep 5 Determination of acceptable level Information Security Management” o By Outsourcingof risk: Harold F. Tipton, CISSP, Editors, o By Insurance To start with, the acceptable level • Risk Acceptance 1993Auerbachof risk value can be taken as ‘7 and o Accept the risk (2) Hal B. Becker, “Informationbelow’. The reason being that the o Situation is unavoidable Integrity: A Structure for Itshighest value of asset is 5 and with o Risk is tolerable Definition and Management”appropriate controls in place the • Ignore the Risk where the impact is 1983,McGraw-Hill,ISBN 0-07-threat and vulnerability values are 1 minimal 004191-1each and the risk value is 7. Any risk The objective of the Risk Treatment (3) Phillip E. Fites and Martin P Kratz. .J.value above this value needs to have Plan is to implement controls to achieve “Information Systems Security:treatment, which means implementation the degree of assurance required by the A Practitioner’s Reference ” 1996,of additional controls to mitigate the Management. International Thomson Computerrisk value to 7 or below. The risk, which Press ISBN 1-85032-828-5remains after treatment is referred to asresidual risk. Note that the managementshould be aware of the acceptable levelof risk as well as residual risk. Hencethese require the approval of securityforum. The advantage of normalizingthe asset value is to determine theacceptable level of risk; else it leads tothe confusion on what is the appropriateacceptable level of risk. Someone say125 and the other claims 85 which leadsto confusion and ambiguity. Since theproduct of CIA is likely to vary from 1to 125 and the assessors do not have anyoption to modify the asset value once itis decided, it is easy task to determine 7as the acceptable level of risk.Step 6 Treating of risk upon the selectionof appropriate security controls listed inthe ISO/IEC 27001 The options available for risktreatment are Fig. 2. : Risk treatment cycle 38 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 40.    (4) Micki Krause, CISSP, Harold F. of Information Security Managem 9974-2 Tipton, CISSP, Editors, “Handbook ent”1999,Auerbach,ISBN 1-8493- (5) ISO/IEC 27001 standard About the Authors S. Velmourougan is presently working as Scientist at Centre For Reliability (CFR-Chennai), STQC Directorate, Ministry of Information Technology, Govt. of India. He is working in the field of Information security and application security assessment, Software Reliability Estimation, Reliability allocation, System Reliability Analysis, Failure Analysis, and Reliability development/Growth testing. He has developed various Windows based user- friendly software packages that are being used by over 200 major organizations in India. He is a “Certified Ethical Hacker (CEH)” certified by Eccouncil, USA, Qweb Lead assessor, IQNET, ISMS-Lead Auditor, IRCA-UK also he is a “Certified Reliability Professional (CRP)” and “Certified Software Test Manager (CSTM)”, He has presented various technical papers in conferences, journals and Magazines. Dr. S Muttan, Asst. Professor, School of ECE, Anna University, Joint secretary of Indian Association of Biomedical Scientists and also a Life member of Biomedical society of India, Life Member in ISTE. He has been guiding UG and PG students and research scholars on various fields in Electronics communications and Information Technology. He has published many research papers in both National and International conferences and Journals. He completed his PhD. in Evolution and Design of Integrated Cardiac Information system in Multimedia. Information Security – Case Study Last week (from 21st July 2007) the following was tmp files’ error messages. I deleted ~w*.doc files, the word happening at my PC at home. It is worth telling you for your started behaving nicely. But the downloaded word files by or your colleagues benefit. OE5, I was still unable to read. I noticed that Norton Antivirus Corporate edition was This was enough to frustrate me, make my BP high and opening very slowly. Slowly this time started increasing. feeling so sad as if some relation caught Cancer. For 12 hours I have to put on the computer after starting the I called the Company Engineer. Engineer said I have to anti virus. In 12 hours it found 1700 viruses, quarantined format my disk. I said I will try, save my files on CDs and get and backup these. After this, I ran antivirus again. It found it formatted on July 31, 2007. none after 4 hour run. Today morning at 3 AM I thought and got the solution. I After this Outlook Express 5 started getting autoshut deleted all quarantined and backup files in Norton Antivirus down after few seconds.I looked into Microsoft site for Corporate edition. Each of the above problem magically the trouble shooting. All suggested methods applied none solved. worked. After that I thought of reinstalling OE5 using mail The case study presented is an example of how a client of IE5. The OE5 started working, started downloading security system blocked files in temp folders that choked mails and sending mails. But the downloaded attachments the running of the system itself. were showing error during opening. After some time, I found I am unable to read pdf files Dr. Raj Kamal including the ones sent by you. So wrote a mail to send your Ex-Vice Chancellor & Senior Professor and Faculty at pdf files again. You sent these again. But these were also Computer Science and Electronics not opening. I tried to download Acrobat Reader again. It Devi Ahilya Vishwavidyalya, Khandwa Road Campus downloaded but with errors. All pdf attachments I have to Indore 452001,MP, India read in my office and could not read at PC in home. web:www.rajkamal.org After that Word manuscripts were sometimes saving e-mail: dr_rajkamal@hotmail.com; on the disk and I got some times ‘disk full error and delete professor@rajkamal.org C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 39
  • 41.    Implementing Information focus should be on awareness and involvement rather than on finger- pointing, punishment or retribution.Security Policies –   This author’s experiences in managing and delivering information systems and applications in most of thethe people perspective African and South Asian countries in the last two decades have revealed that people do obey rules so long as they are made to understand and validate the same. It is just a question of how he is trained to own up his responsibilities.P Prasannavadanan There should be ample freedom to go to the basics and really get the personVice President - Banking Products Division embrace security as a part of his dailyi-flex solutions limited. workflow. Unfortunately securityp.prasannavadanan@iflexsolutions.com policies are seldom implemented that way and the users rarely realize how their work and career are so dependent on enterprise information security. Enterprise Information Security need of a given business unit. They are Information Security Policythreats can originate in people, not just rules to be simply framed and guidelines should be down-to-earthprocesses or technologies – in majority archived – they need to be read and and should clearly articulate theof the cases, the biggest and the most understood and of course implemented security dimensions for each of theserious threats are just basic and from in true letter and spirit. Here we are organizational roles. Most of thewithin. Many organizations consider not just looking at the appropriateness time, these documents are more legaltechnology itself as a means of defense of Security Policies but how it becomes and clinically logical than granularand that is where problems start. They ineffective if people do not understand or practical. Few people like to readconsider technology as the fortress them and put them in their daily lengthy and boring documents. Sothat could guard their systems and (business) systems and workflows as it is very important to design theprovide them “a sense of confidence, much as they can. most appropriate method of writingsafety and freedom from fear or anxiety, People are the weakest links in various security policy guidelines.particularly with respect to fulfilling the enterprise security infrastructure; There is always need for carefullyone’s present (and future) needs.” In people create security processes, and strategically masking informationfact the truth is that the biggest security frameworks and policies and they which could be irrelevant for a giventhreats/hazards originate from within also implement the same. One is target audience. It is important thereforepeople and processes and how one concerned here about people’s attitudes that the presentation style and formatsuses technology and not necessarily to security and security triggers. Few should be in such a way that it istechnology per se. will subscribe to the view that a certain appealing and coherent to an audienceThe focus therefore shifts to framing employee’s skill set or lack of it can put of varying degrees of knowledge andand implementing security policies, the organization at a certain competitive understanding.which have the following dimensions: disadvantage – but his negative attitudes Designing appropriate role-sensitive1. Monitoring of possible threats and insensitivities to security policies security awareness programs is the key2. Assessment of available Defense and practices can often put the entire enabler for successful security policy Systems/Mechanisms organization at great risks. implementation. These programs3. Balancing of Risks Vs Costs In order to understand, validate and should at least be two-pronged; one4. Risk Evaluation and Assessment of implement security policy, the users should provide a better insight into Security Maturity Models / Levels need to be aware of the consequences the information security templates Information Security Policies are of violating the guidelines and thus vis-à-vis one’s respective and definedsimply the complete set of rules to be exposing critical systems to serious (organizational) roles and the otherfollowed, which addresses all aspects hazards. Here it is more important should train them hands-on how to playof enterprise’s information security. It to advise the user how he is getting each one’s role in the overall securityis basically a plan, which takes stock insecure rather than telling how and framework. The message to be clearlyof an enterprise’s assets and spells why he should be punished for violating communicated here is that “informationout how they could be secured or the guidelines. The emphasis should security is everybody’s business”.protected. They are expected to be be in getting him acquainted with Enterprise level awareness shouldcomprehensive and cover the entire the policy in such a detailed manner not just end up just with a few traininggamut of security issues. They may and also letting him validate the programs. It should be an ongoingsometimes even contain very complex policy as well as his ingrained role episode with considerable homeworkcontrol requirements expressing the in implementing the same. So the necessary on the feedback received 40 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 42.    during such trainings. One should responsibly. The main objective of implementing security policies onealso evaluate a user’s understanding training on the other hand is “to give should categorically remember that anof his security responsibilities. In the the user, administrator, or owner of a enterprise’s greatest strength as welllight of frequent user-triggered security system the necessary skills to securely as weakness is its people. The Criticalbreaches, these ongoing education and use that system”. Success Factor in managing people invalidations should become an integral Last but not the least; the the information security context is topart of the core business processes. To organization should create the right make them aware and also own up theirquote National Institute of Standards environment for getting the best out security responsibilities by directing& Technology (NIST) description, of people in the matter of enterprise them to the right track. The challenge“Awareness is not training. The purpose information security. While too much is in imbibing and maintaining the rightof awareness presentations is simply to of organizational compulsions on attitude in people and continuouslyfocus attention on security. Awareness security norms may not really help, helping them to achieve organizationalpresentations are intended to allow the punch line should be on how an excellence through a system ofindividuals to recognize IT Security ordinary employee can be made to take information security awareness andconcerns and respond accordingly”. security as part of his daily business training campaigns and incentives.The cardinal objective of awareness routine. It all depends on how best he Bridging employee knowledge gapsis to “change the behavior of a user, is motivated to do his role. A system of on information security should beadministrator, or owner of a system to organizational reward and recognition an ongoing exercise. It finally boilsthat of a more secure behavior”. Here should evolve which would identify down to creating the right informationthe focus is on adequately improving such employees who excel in adopting security culture in the organization andand improvising people’s attitude to best practices in information security the epicenter of this exercise is peoplepreserving information security by and decorate them periodically. and people alone.encouraging them to behave more To conclude, while designing and ooo Revised Schedule for Young Talent Search in Computer Programming–2007 & SEARCC International Student Software Competition - 2007 Every year the Education Directorate has been conducting of SEARCC International Student Software Competition. Last year the teams from India bagged the `first’ and `third’ prize. The SEARCC-2007 International Competition is to be held in Bangkok-Thailand between 17.11.2007 to 20.11.2007. We have already despatched necessary communications to about 3000 High Schools/Higher Secondary Schools in the Country. Individual communications also have been sent to all CSI Chapters requesting to give adequate publicity among potential High Schools/Higher Secondary Schools in their geographical area. The complete details about the SEARCC International Student Software Competition has been uploaded in CSI Website (www.csi-india.org). It is hoped that the spirit of competition will cause lot of schools to register for the Contest, so that the Winners in the National level Competition can be sponsored by CSI for the International Contest. Revised Schedule Young Talent Search in Computer Programming 2007 (India) First Level Regional Competition in various centres across the country – 26th August 2007 - Sunday Final Level Competition in Chennai – 30th September 2007 - Sunday SEARCC International Student Software Competition 2007 (Bangkok, Thailand) Registration deadline for SEARCC 2007 – 1st October 2007 - Monday Arrival of participants (Bangkok, Thailand) – 17th November 2007 - Saturday Trial Competition – 18th November 2007 - Sunday Main Competition – 19th November 2007 - Monday Departure of participants – 20th November 2007 - Tuesday S. Sudharssanam Adviser, CSI Education Directorate C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 41
  • 43.    Information and Network Security Aspects ine-Governance FrameworkDr. Durgesh Pant* & M K Sharma***Reader & Head, Department of Computer Science, Kumoun University, Nainitaal (Uttarakhand) Email: durgesh_pant@yahoo.com** Senior Lecturer, Amrapali Institute, Haldwani (Uttarakhand) Email: sharma_mk_hld@sify.com The role of ICT in the public sector has changed dramatically over the past decade. The evolution of e-governance started with governments putting information into portals. e-governance strategies has changed in last 10 years with the new trends like some governments adopting Private Public Partnership (PPP) arrangements as is the case of Hong Kong ESDlife. e-governance has evolved to the point where governments are not only providing information directly to citizens, businesses and other governments; they are also interacting with citizens in terms of understanding licensing applications, taxes etc. Trust is a key factor for e-government projects. Any ICT infrastructure must be secure because citizen and business transactions contain significant confidential information. Secure network and identity authentication and verification technology must be in place together with privacy laws and governance to ensure privacy and confidentiality is protected. Finally, the ICT infrastructure must be reliable. The network, applications and processes must be reliable to ensure availability and integrity of the e-government services. Network and Information security is a major concern involved in implementing e-governance projects. Problems in ICT like hacking, virus, spamming, invasion, privacy issues can evolve from lack of security measures. Governments need to provide secure access to information, applications and services via networks. In this paper we will discuss various security needs of electronic systems like e-governance and e- commerce. We would discuss in detail various security mechanisms to address various threats. In this tutorial we will discuss about some intelligent security system based on mobile agents and forecasting mechanism. We will also discuss a few products existing in the market. There are many security related issues when we talk about e-governance. E-governance projects handle sensitive and important data. In e-governance there is a trade off between security and availability. Security rules are too harsh or too soft and tuning it as per the demand is necessary. We will also consider various options that can lead to better and secured e-governance. In this paper we will cover need and tools of forecasting security needs and dynamic rule setting for the same and how it can contribute in resolving security issues in e-governance. Keywords e-governance Secure network Information security Security threats Mobile Agents 42 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 44.    1. Introduction can see that applying ICT processes, some confidential information and ICT is a significant enabler of to improve the efficiency, speed and other applications online and thesuccessful e-governance projects, and transparency, ease of use and lowering best example of having most of suchcan be a new approach for touching the of the costs providing anywhere, any qualities and requirements are e-lives of the common man anywhere, time services to the citizens and the governance projects.any time. We need the technology businesses is very much essential but In some online application weand strategies for better e-governance not an easy task. e-governance therefore need transition of money, such asinitiatives that are benefiting the is a very complex mission.[csrprabhu] banking, shopping, gambling andmasses. The Indian central and various 1.2 e-governance models gaming. In e-governance frameworkstate governments are no strangers central government can transfer a huge Some popular e-governance modelsto the benefits of using ICT for e- fund to state government online. With are:governance. Many state governments the Information Technology (IT) Act, a) Broadcasting/Wider Disseminationand government based agencies have 2000 coming into effect from October modelrealized that ICT can add substantial 18, 2000, transactions on the Internet b) Critical Flow modelvalue by surmounting the usual have got legal validity in India. This c) Comparative Analysis modelchallenges of distance, slow speed of allows users to pay their bills for d) Mobilization and Lobbying model,operations, and lack of accuracy of utilities on the Web, at least on paper. andinformation. All these applications handle money e) Interactive Services model The Department of Revenue transactions whether it is transferring(Karnataka), National Crime Records 2. Why Securing e-Governance money through the online bank orBureau, National Highways Authority As India adopts e-governance with using credit cards. Either way, they’reof India, Konkan Railways, IRCTC and a vengeance, the need for Network interesting targets for criminals. Itthe governments of West Bengal, Punjab, and Information security measures to may be either through phishing scams,Haryana and Uttarakhand have been protect vital data will be a major part of trying to fool the users to give awayusing ICT to empower their activities. e-governance framework . financial and personal information or India has 600,000 villages. 70 To d e s i g n a n e - g o v e r n a n c e it may be through Distributed Denialpercent of Indians live in villages, framework, security has become a of Service (DoS) attacks. Either way,and 95 percent do not speak English. key issue that needs to be addressed. online transactions and their users areTherefore, e-governance models which Like any other on-line project, an e- at a higher risk of getting targeted bydo not support the rural delivery system governance project needs a network to digital attacks.will not contribute much for a good execute, but the major difference is that 3. Security Threatsgovernance. Therefore the goal of e- in an e-governance project considerable The complex network and largegovernance should be in a direction, amount of critical information could be size e-governance framework makewhich can benefit rural India and involved. Hence the need for securing it most vulnerable for the virus,should act as bridge to fill the gap of such information is must. spam and Trojan attacks. A lot ofurban and rural India. Security is critical in e-governance intrusion attempts can be there to to safeguard the confidentiality of1.1 What is e-governance crack the security, in that network transactions and information on the Ravi Kant, Special Secretary, IT, and information security is a greater network. Government documents andGovernment of West Bengal, likes challenge. With out having a proper other important material such as birthto describe e-governance as the use security architecture the e-governance and death registration, motor vehicleof information and communication framework will face many security license, land records, all of which havetechnology (ICT) to enhance information threats of a diverse nature. legal and legislative nuances have to beaccess and the delivery of government In such a complex environment like protected from unauthorized users inservices for the benefit of citizens, e-governance project we need complete case of e-governance projects. Hence,business partners, organizations and information security architecture. security is critical for their successfulgovernment functionaries. The architecture need to be further implementation. [3] “e-governance, however, is not complemented with proper tools and 2.1 Where Securing e-Governance solutions to keep itself away from anyreally the use of IT in governance butas a tool to ensure good governance. e- Security measures are required threat both at the network level and atgovernance does not mean proliferation wherever ‘authenticity,’ ‘validity,’ and the host level.of computers and accessories; it is ‘legal rights’ of digital content have Once a virus attack is detected,basically a political decision which to be protected from repudiation. All everything comes to a standstill. Untilcalls for discipline, attitudinal change digital content in form of applications the entire thing is cleaned up, workin officers and employees, and massive that need protection from tampering, doesn’t move further. “When there wasgovernment process re-engineering,” vandalism, decay and accident need an intrusion at network or host level, The Indian Government has about security . it took a long time to cure and a huge60 departments such as Agriculture, The role of network or information loss of money can be there. There wereIndustries, Health, Education, Social security is vital in every application, some inherent vulnerabilities like WebWelfare, Employment, Taxation, which collects or stores data, defacements, stealing of informationFinance, Pensions, etc. Thus, we interacts with an outsider, carries etc. C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 43
  • 45.     Industry Application Average cost per hour of downtime (US$) Financial Brokerage operations $7,840,000 Financial Credit card sales $3,160,000 Retail Home shopping (TV) $137,000 Transportation Airline reservations $108,000 Entertainment Tele-ticket sales $83,000 Shipping Package shipping $34,000 Financial ATM fees $18,000 Table 1: Financial cost of downtime of network because of security threats per hour Fig. 2 : e-governance Framework Source : Contingency Planning Research, 2002 Gathering data on citizens, businesses and other entities. 2. Storage Gathered data is stored for processing. 3. Processing Processing takes place at many servers level. 4. Communication Data collection and processing require a lot of Government to Citizen (G2C) and Government to Business (G2B) communication to happen. In this life cycle, each stage above carries security risks and on each stage we need a security of network as well as of information. Fig. 1 : Comparison curves for cost paid for security measures Vs Loss 4.3 e-governance Service Attacks and Threats • Unknown Outsider Attack4. e-governance framework • User Fraud One of the pillars of the e- 2. P r i v a t e c o r r e s p o n d e n c e o f • Insider Attackgovernance framework is a set of documents to Government • Privileged Insider Attackshared services that allow agencies to 3. Change of Personal status • False Identityshare key parts of their infrastructure, 4. Employment Application • Impersonationapplications and business processes 5. Information Search • Unauthorized Disclosurewithin the agency, with other branches 6. Electronic voting • Revoked rightsof government and with citizens. 7. Interdepartmental requests • Theft of Access TokensShared services may include improved 8. Granting permission to access • Duplication of Access Tokenssecurity features for e-mail, geographical services • Denial of Service Attacksinformation systems, electronic funds 9. E n r o l l m e n t / R e v o c a t i o n o f • M i s i n f o r m a t i o n andtransfers, government directories, Government employees Propagandacitizen databases, disaster databases, 10. Fraud Investigation • Breach of Anonymitybusiness databases and large data 11. Access to e-Government services • Breach of Accountabilitycenters. under delegated • Failure to Recover Business4.1 Information management life cycle in 12. Government to citizen services Information e-governance framework Before start to offer all that service • Theft on Monetary value we need to collect and process lot of 5. Security solutions market We can offer and deliver many information. For that a predefinedservices using a e-governance Anti-virus (AV) and firewalls system is required.framework, some of them are: occupied the largest market share in the1. Single and Multiple department 4.2 Information management life cycle security appliances business. However, Transactions 1. Collection the concept of a self-defending and self- 44 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 46.    healing network increasingly brought Leading Security Product Vendors ( 2004-05)intrusion detection and protection(IDP) solutions to the forefront. While Product Category Key vendorsanti-virus and firewalls are seen more Anti-virus Trend Micro, Symantec, Network Associates, MacAfeeas reactive security mechanisms, IDPsolutions are more proactive and get Firewalls Cisco, Checkpoint, Juniper, Nokiaactivated as soon as any abnormal Intrusion detection and prevention ISS, Cisco, Symantec, MacAfeebehavior is detected. Next table will Authentication RSAhelp us to find the name of somevendors, from which we can get security Multifunctional appliances WatchGuard, Sonicwall, Fortinet, CyberGuardsolutions. *Other includes e-mail management, content filtering, etc5.1 Security monitoring tools V&D estimates Source : CyberMedia Research If we look at the e-governanceprojects and the networks that are Table 2 : Security product vendorsbeing rolled out for these, networkor information security seems to be Top market leaders in network securityparamount. In an e-governance project,a substantial amount of documentation Rank Players Revenue (Rs crore) Growthis being done like maintenance of land 2004-05 2003-04 (%age)records, police records, court judgments 1 HCL Comnet 16 8.5 88and so on. Each department functionsindependently and has its own set of 2 Datacraft 12.5 8.4 49transactions to undertake. Hence havingsecurity measures in each department is 3 Wipro Infotech 8.4 6.5 29critical so that only authorized people 4 GTL 5 2.4 108get into the network and access theinformation. 5 Secure Synergy 4 — — The importance of security is highamong industry and government, but 6 Ramco 2 — —the awareness is low. An understanding 7 Network Solutions 1.5 — —of the security technology and the needfor its implementation is required for a Others 10.6 9.6 —safer and more secure IT environmentin the country. Securing public data Total 60 35.4 69and ensuring security of the government *Others includes Fortinet, Artek, Gemini, Vintron Communications, Sify, 3D Networks etc.Web sites are some applications wheresecurity solutions or monitoring tools V&D estimates Source : CyberMedia Researchare required. Some common processesof those tools are: Table 3 : Top market leaders in network security5.1.1 Vulnerability Assessment Network and information security e-governance information. Part of develop and deploy a comprehensiveassessment services review all aspects developing a secure network is crafting security policy.of the data and voice networks and a set of organizational security policies. 5.1.3 Wireless Network Analysisprovide recommendations to maximize These policies establish the rules and Wireless networks are inexpensive,security, reliability, and availability. guidelines that system and network simple to deploy and very attractiveFollowing can be deliverables: engineers can use when deploying for an increasingly mobile workforce• Identification of vulnerabilities that solutions. This policy would then guide and can be helpful to provide e- need to be immediately addressed how network engineers install and governance service in rural or remote• Verification of security products configure firewalls, intrusion detection areas. Unfortunately, wireless access and features already in place systems and other network equipment. points are designed for ease of use,• Prioritize security projects for Developing a useful, practical, and not security. A thorough risk analysis future implementation feasible network security policy provides an option for prioritizing and• Assess the real-world threat to document can be very time consuming, justifying future security expenditures. network assets especially if you are unsure about all Depending on the scope of the risk the possible technical and practical5.1.2 Security Policy Development analysis, the project may involve implications of certain decisions. Any security policy must assessing sensitivity, criticality, threat, Some automated tools like Colemansatisfy working objectives as well vulnerability, and susceptibility to Technologies, Inc. Managed Servicesas the technical aspects of securing penetration. tools can help any organization to C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 45
  • 47.    5.1.4 Successful Identity Authentication type, allergies, chronic diseases, etc.), across the globe. Protecting access to electronic and an e-cash function. The card can Referencesresources is not a simple process. also function as an ATM card, although it is MyKad’s least attractive feature 1. Security Aspects of e-GovernanceInternet is a standard medium for and banks have discouraged customers and Intelligent Security System, Dr.conducting operations in e-governance from using the card for such purpose. Parag Kulkarni, Capsilon Researchframework, within and without There are plans for adding additional Labs, Indiaorganizations. At present, there is a need applications for digital signatures for 2. Progress of e-Governance – anfor secured identity authentication, e-commerce transactions. overview, C. S. R. Prabhu,, Sr.verification, and protection technology Technical Director, Nationalwithin all industries. Tools like NIPP 7. Conclusion Informatics CentreSecure ID™ consists of a comprehensive Many citizen who have facility 3. MCA 21 (a project by the Ministryset of proven biometrics technology or infrastructure to access online of Company Affairs)compatible with various applications. information, want the convenience of 4. Securing e-Governance, digitally,This solution allows authentication and interacting with governments online, E x p r e s s c o m p u t e r , w w w.validation of any type of transaction but they also need reassurance that the expresscomputeronline.comin Government Agencies, Companies, personal information they share can 5. Network and Information SecurityMedical and Financial Institutions, be safely guarded. The viability of e- Standards for e-Governance- AnBanks, and Judicial Levels of any other governance projects ultimately depends Approach Paper-by: T.M.Rao,companies. on trust. Senior Technical Director, NIC6. Case Studies The information systems security 6. ‘ 2 0 m i l l i o n M ’ s i a n s t o g e t research should be one of the visions of smartcards’ ZDNet Asia, 66.1 E-voting e-governance to concentrate in the next September 2001 The ultimate test of e-governance few years to develop security techniques, 7. ‘PKI International Scan - April 2003’security and privacy may be electronic security technologies and products Public Works and Governmentvoting. In contrast to the obstacles of to be used for facing new challenges Services, Canada, April 2003paper-based elections, e-voting allows using open media for transactions 8. ‘Malaysia’s national smart cardcitizens to vote via mobile device or pertaining to Government, Industry underused: Report’, ZDNet Asia, 11electronically at a polling station. In and Business covering commercial, July 2003Madrid, HP and Scytl teamed up for financial and administrative aspects. 9. ‘MyKad with 8 applications, but itstwo electronic referendums in 2004. The security requirements are of full potential has yet to be explored’Approximately 135,000 citizens of dynamic phenomena and not a static Jaring Internet Magazine, Malaysia,Madrid voted on local issues via the phenomenon. The security management August 2003Internet and mobile phones in an is no longer technology oriented but 10. ‘Malaysia to fingerprint all new-event that became Europe’s largest e- management oriented for effective born children’ The Register, 4 Mayparticipation experience to date. implementation as well as, ascertaining 20056.2 MyKad information and systems as an asset 11. “Privacy of MyKad Holders to Be Since 1999, the Malaysian of the organization. The information Protected by Law,” New Straitsgovernment has begun gradually assurance involves people, processes Times, May 19, 2004, at 6.phasing in a multi-purpose national ID and technology. It has to be customized 12. “Wise Up to Role of Smart Card,”smart card, that it intends all Malaysians for every organization based on various The Star, December 15, 2002.to adopt by 2005. The card, known requirements which are static and 13. “Privacy of MyKad Holders to Beas “MyKad,” incorporates both photo dynamic and depending upon the Protected by Law,” supra. See alsoidentification and fingerprint biometric risk and challenges they are facing is “Free Upgrade of MyKad to 64K,”technology and is designed with six conducting, managing and transacting New Straits Times, June 16, 2004,main functions: identification, driver’s businesses within the country and at 5.license, passport information (although About Authorsa passport is still required for travel Dr. Durgesh Pant is working as Reader and Head, Department of Computer Science,overseas), health information (blood Kumoun University, Nainitaal (Uttarakhand). He has guided several Ph.D students .He has published several research papers. He is convener, Computer science courses of Kumoun University as well as member of Board of studies of several Indian universities. His area of interest and research includes Data compression, Algorithm analysis , Data warehouse & mining etc. Mahesh K. Sharma (M.Tech, pursuing his Ph.D) is working as Senior Lecturer, in Department of Computer Science, Amrapali Institute Haldwani (Uttarakhand). He has 10 years experience of academics and industry. He is coauthor of 5 books and published international and national research papers. He is content author for Chaudhary Devi Lal University, Sirsa and Uttarakhand Open University Uttarakhand. He is active member of Computer Society of India and Special Interest Group Fig. 3 : MyKad for e-Governance. 46 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 48.    Managed Security Services • Obtain current technology or capability that would otherwise have to be hired or acquired by– A Perspective • retraining, both at a potentially high cost. Remain abreast on the technical front • Third-party views bring inM P Badrinath objectivity and facilitate internal acceptanceSenior Manager, Risk and Business Solutions, Ernst & Young Pvt Ltd • Control operating costs or turn fixedMp.Badrinath@in.ey.com costs into variable ones through the use of predictable fees,. • Enhance organizational effectiveness by focusing on core competency • Acquire innovative ideas fromIntroduction experts in the field. Te c h n o l o g y h a s e n a b l e d time tasks (such as risk assessments, • Reduce response times whenconnectivity and facilitated ease of policy development, and architecture dealing with security incidents.communication. This has in some way pla n n ing); mid-term (including • Improve customer service to thosecontributed to diminishing ability of integration of functions into an existing being supported.organizations to protect their assets from security program); and long-range (such • Allow IT staff to focus on day-to-undesirable elements from within and as ongoing management and monitoring day or routine support work.outside the perimeter. Facing a shortage of security devices or incidents). The • Avoid an extensive capital outlayof resources with requisite skills and a majority of MSSPs fall into the third by obviating the need to invest indesperate need to prevent or detect and category and look to establish ongoing new equipment such as firewalls,correct from an attack, organizations are and perhaps long-term relationships servers, or intrusion detectionlooking for creative and effective ways with their customers. devices, depending on the type ofto protect the information and networks The other type of segmentation service chosen.on which their survivability depends. is based on the type of information Benefits of Outsourcing InformationThis article focuses on the reasons for protected or on the target customer Security to MSSPssecurity outsourcing, impact of such base. Some security services focus on The benfits can be broadlyoutsourcing, and the components that particular vertical markets such as the classified into the following areas:can be outsourced. financial (including banking) industry, • Lower Cost of Ownership: The costBackground the government, or the defense industry. of engaging a MSSP is typically Others focus on particular security less than hiring in-house, full-time Outsourcing is an arrangement devices and technologies, such as security experts.whereby one business hires another virtual private networks, or Intrusion • Leveraging Expertise: Qualifiedto perform tasks it cannot or does not Detection Systems, or firewalls, and professionals with the appropriatewant to perform by itself. In the context provide implementation and ongoing skill set and experience are notof information security, outsourcing support/ maintenance services or a available easily, hence the companymeans that the organization turns combination of these services. needs to recruit, train, compensateover responsibility for its informationsecurity to professional security service Reasons for Outsourcing Information and retain professionals. However,providers. This possibility is embodied Security while outsourcing the MSSP,in a new segment of the information The reasons for outsourcing the providing top-notch personnelsecurity market called Managed System information security services are varied becomes the responsibility of theSecurity Providers (MSSPs), which has and includes: service provider. This is one majorarisen to provide organizations with • Free up resources to be used for reason that will drive this market.an alternative to investing in their own other mission-critical purposes. • Ensuring high level of Service:systems security. • Maintain flexibility of operations When an organization outsources by allowing peak requirements to from MSSP’s it receives near realClassification of Security Service be met while avoiding the cost of time results 24 hours a day, 7 daysProviders hiring new staff. a week and 365 days a year. Since The security services market MSSP’s have strict contractual • Accelerate process improvement bycan be segmented in a number of agreement and must maintain their bringing in subject matter expertisedifferent ways. These services include reputation in the market, their to train corporate staff or to teachperformance of short-term or one- control measures are very stringent by example. in terms of documentation and C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 47
  • 49.     careful implementation. policies. However, development of such • Account management includingImpact of Outsourcing Information policies requires in-depth knowledge of account unlock, password reset,Security to MSSPs the organization as these policies define and token replacement the philosophy of the organization. • Assigning privileges based on The benefits as briefly discussed Training and Awareness requestabove of a Managed service provider • Documentation of the activitiescould be very attractive. For every Training and awareness programs performed such as backup logs andpotential benefit, there is a potential are often outsourced by organizations incident reportspitfall as well. They are: to security service providers. • Providing an overview to the• Exceeding Costs - either because the The outsourcing of this component customers of the organization and vendor failed to disclose them in starts right from preparation of course explain the security posture advance (hidden costs) or because material to delivering the training. The the organization did not anticipate training material range from standard Security Operations them course material (one for all) to custom Recent growth in managed security• Contract issues - lead to difficulties material to target specific security needs services included physical security in managing the service unless of the users and different categories (to manage and protect tangible driven by a well drafted Service of users within the organization. The assets) along with the security of Level Agreements (SLA). most common topics covered during the information assets. Managed security• Degradation of service training session include: Information service providers have started to mix• Losing control of basic business Classification and Labeling, Acceptable data and operational end of security resources and processes that now Use procedures, and General Security so that physical security is vastly belong to someone else Awareness. Sometimes the security enhanced and even tightly coupled with• Failing to maintain mechanisms for service provider also provides training security technology. Examples include effective provider management on technical specifics. Awareness monitoring and tracking the employees• Losing in-house expertise over a is a good defense against social using access cards and operating period of time engineering. CCTVs. It is also extended to facilities• Discovering conflicts of interest The outsourced security service management. between the organization and the provider leverages the knowledge and Network Operations outsourcer exposure obtained by providing various• Disclosing confidential data to an training programs across industries and Managed Security Service providers outside entity that may not have a delivers the topics to the users in a supervise, monitor and maintain the strong incentive to protect it well organized manner. The topics of network of the outsourcing organization.• Experiencing decline in productivity security awareness are provided in an The network operations specialty and morale of staff informative and entertaining manner focuses on:• Becoming dependent on inadequate by the security services provider and • Network troubleshooting, technology if the vendor does not thereby catching the attention of the • S o f t w a r e d i s t r i b u t i o n a n d maintain technical currency attendees. Organizations usually provide updating,• Becoming a “hostage” to the such training and awareness programs • Network Devices management, provider who now controls key on an annual or semi-annual basis to • Performance monitoring, and resources its employees and new employees are • Co-ordination with affiliated provided with induction trainings and networks.Components of Information Security that • Review of various logscan be Outsourced also refresher training. Usually the organization’s role in this outsourcing Incident Response Information security outsourcing of security education function is to: The incidence response componentcan be broadly divided into the Schedule the events; monitor the performed by the MSSP for thefollowing domains: participation level; and evaluate the organization contains the following:• Development of Security Policies service provider by obtaining feedback • Intrusion detection – Identification and their maintenance from the attendees. of intrusion attempt• Training and Awareness• Security Administration Security Administration • Employee misuse – Monitoring• Security Operations Development of security policies of employee misuse, evidence• Network Operations and training users on security awareness collection, and escalation of the• Incident Response provides the foundation for information same. security in an organization. The security • Crime and fraud – IdentificationDevelopment of Security Policies of crime or fraud using the administration component forms part The development of security organization’s systems. of the ongoing security function of thepolicies for an organization requires • Disaster recovery – Providing organization. The outsourced securityunique skill set which is possessed by disaster recovery services for the service provider creates, modifies, orthe MSSP. This is the major reason why outsourcing organization. removes the user accounts on behalf ofmany organizations employ MSSPs todevelop and maintain their security the outsourcing organization and also Future Trends performs the following activities: The first category of industries 48 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 50.    most likely to outsource security is defense research organizations. Taken 1.html.represented by those companies whose to the extreme, this can include military 2. George Hulme, Security’s bestkey assets are the access to reliable or national defense organizations. friend, Information Week, July 16,data or information service. Financial Ro u t i n e l y, t h i s w o u l d i n c l u d e 2001, http://www.informationweek.institutions, especially banks, securities technology research, legal, marketing, com/story/IWK20010713S0009.brokers, and insurance, health, or and other industries that would suffer 3. Jaikumar Vijayan, Outsourcesproperty claims operations, are severe reputation loss if their security rush to meet security demand,traditional buyers of security services. was found wanting. ComputerWorld, February 26,Recent developments in privacy have Conclusion 2001,added healthcare providers, financial Outsourcing the security of an h t t p : / / w w w. c o m p u t e r w o r l d .institutions/ services and associated organization’s information assets may com/cwi/story/0, 1199, NAV47_industries to that list. be the antithesis of the ancient “security STO57980,00.html. Hospitals, medical care providers, through obscurity” model. However, 4. Chris King, META report: arepharmaceuticals, and health-centered in today’s networked world, with managed security services readyindustries have a new need for solid planning in advance, a sound for prime time? Datamation, Julyprotecting the privacy of personal rationale, and good due diligence 13, 2002, http://itmanagement.health information and so also the and management and an excellent earthweb.com/secu/article/0,11953_customer information of banks and Service Level Agreement (SLA) , any 801181,00.html.financial institutions. HIPAA and organization can outsource its security. 5. Bruce, Glen and Dempsey, RobGLBA compliance enhances the need Outsourced security, or managed 1997. Security in Distributedfor security (privacy) compliance security services (MSS), will continue Computing, Hewlett-Packardproviders. to gain popularity and grow. Providers Professional Books, Saddle River, The third category of industry that of these services will be successful NJ.frequently requires outsourced security if they can translate technology into 6. Govindarajan, V. and Anthony,is the set of industries that cannot suffer real business metrics. Buyers of that R. N. 1995. Management Controlany downtime or show any compromise service will be successful if they focus Systems, Irwin, Chicago.of security are those providing logistics. on the measurement of the defined 7. Forrester Research, cited in WhenRailroads, cargo ships, and air traffic objectives that managed services can Outsourcing the Informationcontrol are obvious examples of the provide. A regulatory oversight to this Security Program is an Appropriatetypes of industries where downtime type of industry ,if and when feasible, Strategy, at http://www.hyperon.cannot be tolerated and continuous will provide comfort to the users of the com/outsourcing.htm.availability is a crucial element for service. 8. Corby, Michael J.,Considerations forsuccess. References Outsourcing Security Tipton,Harold The final category of industry that 1. Gary Kaiser, quoted by John F., & Krause, Micki., Auerbachmay need security services are those Makulowich, in Government Publicationsindustries that have as a basis of their o u t sour c ing , in Washing t on 9. McQuillan, Laurie H., How to worksuccess an extraordinary level of trust Technol., 05/13/97; Vol. 12, No. 3, with a Managed Service Provider,in the confidentiality of their data. http://www.washingtontechnology. Tipton,Harold F., & Krause, Micki.,This includes scientific, medical and com/news/12_3/news/12940- Auerbach PublicationsThe views expressed in this paper are the personal views of the author and does not reflect the views of his employers. Call For Papers IHN’07 1st Home Networking Conference 2007 IFIP TC6 Conference IEEE (Under request) Paris - France – December 10-12, 2007 Important Deadlines : September 5, 2007 Papers due September 30, 2007 Authors notified of acceptance October 15, 2007 Final papers due For more information please visit the web site at www.home-networking2007.org Information: home-networking2007@home-networking2007.org C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 49
  • 51.    Incident handling and o From customers or the public who may have noticed corruption toManagement their data, receiving a phishing email or noticed defacement on the company’s website. A process should be in place to notify the relevant personnel that the incident has occurred and a response isBrian Honan required. This process should ensure that the following information is passed onto the response team:Senior Consultant, BH Consulting, PO BOX 10995, Dublin 15, o The date and time the incidentIreland brian.honan@bhconsulting.ie occurred. o The date and time the incident wasCopyright with author. This paper is reprinted by special permission detected. o Who/what reported the incident. o Details of the incident including: o A description of the incident Security is only as effective as the security incidents quickly, efficiently o D e t a i l s o f t h e s y s t e m sresponse it generates. A structured and effectively. This will result in: involvedresponse ensures that an Incident is o The rapid and accurate assessment o Corroborating informationrecognised early and dealt with in the of security incidents and the most such as error messages, logmost appropriate manner. An incident appropriate response. files, etc.that is not responded to in a timely o Shortened recovery times to Prior awareness to the possibilitymanner can expose an organisation incidents and minimised business that an increase in the occurrence ofto many issues including, but not disruption. certain incidents may happen cannecessarily limited to: o The confidence to proceed with a be improved as a result of knowno D i s c l o s u r e o f c o n f i d e n t i a l disciplinary, legal or civil case as a intelligence. Alerts from computer information. result of using proper procedures virus companies of a new computero Prolonged recovery times due to and processes to gather evidence in virus will increase the awareness that an more extensive damage as a result response to an incident. incident as a result of that virus could of the ongoing incident. o Ensures that the company complies occur, alternatively hacking attempts areo The inability to proceed with a with local legal, regulatory and known to increase at the start of each criminal or civil case due to lack industry requirements. autumn as students start University and of evidence or inadequate evidence o A potential reduction in incidents as try their new skills online. gathered. the organisation is not considered ao N e g a t i v e i m p a c t t o t h e “soft target”. Incident Classification organisation’s image in the eyes o Provides accurate reporting and In order to ensure that incidents are of shareholders, customers and/or statistics to continuously improve responded to in a structured manner it partner organisations. the security of the organisation is essential that incidents are classifiedo The organisation may face potential into different levels so that high priority Incident Notification/identification legal and/or compliance issues incidents can be responded to quicker depending on the regulatory and The notification or identification than incidents of a lower nature. For legal requirements. that an incident is occurring can happen example excessive traffic on port 80o Exposure to legal cases from third in many different ways. Notification of on a firewall may indicate the start of party organisations impacted as an incident can happen: a Denial of Service attack and would result of the incident. o Automatically from specific security require a quick response to ensureo Exposure to legal/libel cases from devices such as an alert from a minimal disruption to the network and employees/individuals who may firewall. therefore would be classified higher have been dealt with unfairly by an o Automatically from non security than, say a rejected access attempt to inappropriate and/or cumbersome d e vices such as a network the personal directory of an employee. response. monitoring systems that observes The severity of the incident does An organisation that has a unusual network activity. not alone impact the classification.structured and formalised response in o From the manual review of system The potential target also impactsplace to internal and external IT security and security log files on network the classification. A rejected accessincidents demonstrates that it is taking and/or security devices. attempt to the organisation’s sensitiveits corporate and legal responsibilities o Staff noticing unusual or suspicious information will have a higher eventseriously and has a positive security activity on the computer system, or classification than a rejected accessposture. This security posture ensures staff noticing content in breach of attempt to unclassified information.that the organisation can deal with the company’s security policy on a Classifying incidents will depend colleague’s computer. 50 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 52.    on many factors such as; and has initiated the appropriate a number of people with knowledgeo The nature of the incident. incident response process, all care and skills in different areas. It mayo The criticality of the systems being must be taken to preserve and record be necessary to source certain skills impacted. all information and potential evidence externally to the organisation. Foro The number of systems impacted by in the incident a legal or civil case example, forensic gathering skills are the incident. ensues. not commonplace and are often bettero The impact the incident can have What response is required to an sourced from vendors who specialise on organisation from a legal and/or incident will depend on a mixture in this area. If this is the case then a public relations point of view. of business and technical drivers formulated process should be in placeo Legal and regulatory requirements as the type of response can impact to ensure that resource is available for disclosure. on employee, customer, and public when required. relations and may even have legal The Incident Response Team shouldIncident Response ramifications. It is therefore essential also have the full backing and support In order to implement an that clear, concise and accurate of Senior Management. This shouldappropriate incident response, the processes and procedures that have include giving the Incident Responseproper people and processes need to been approved by senior management Team the autonomy and authority tobe involved and the most appropriate are in place for all personnel to follow. make decisions and carry out actions inresponse subsequently developed. As a large majority of incidents may the absence senior management duringSome incidents will simply require happen outside office hours or when a critical incident.no response, others will require only key personnel are not immediately Typically an Incident Responsean automated response, e.g. drop a available, all staff must be given clear team will be made up of representativesconnection to a blocked port on a guidelines in how they report and of the following:firewall, whereas others will require a respond to incidents. o IT Securitymore complicated response involving Many incidents may simply require The core team members will bepersonnel from various parts of the an automated response. For example those from the IT Security team asorganisation and different levels of a known computer virus detected in a they are the most knowledgeablemanagement. file could be automatically deleted by with regards to managing and It is important to establish the the Anti-Virus software and not require dealing with computer securityappropriate levels of responses to an a further response. However an attack incidents.incident and also that the incident on the firewall will require a more o IT Operationsresponse has the necessary levels of measured response and may require As the operations team is veryauthorisation and autonomy. There is the involvement of senior management often the first line of defence/no point having senior management to decide whether to shut the firewall detection of incidents either viainvolved in a response to an incident down to minimise the damage to the monitoring tools or from reports tothat has minimal business impact. firewall or allow the attack to continue the support desk, it is essential that All personnel involved in so further evidence may be gathered representation from this team is onresponding to an incident must be in the incident a legal case may be the Incident Response Team.properly trained and versed in their required. o Physical Securityresponsibilities. If the skills are An Incident Response Log should While IT Security is arguablynot available in-house then they be kept where all actions and results of still in its infancy, the world ofshould be sourced elsewhere. In those actions are recorded accurately. physical security has been aroundaddition all policies and procedures Details as to who completed the for a much longer time. A lot ofshould be properly tested and reviewed actions, the time of the action and the experience and knowledge gainedon a regular basis to ensure their outcome need to be maintained. This in the physical world can beeffectiveness and applicability. A is to ensure that an accurate record applied to the virtual world. Inreview process should also be put of all action is taken in the event that addition, it may be necessary toin place to ensure that lessons are the incident leads to a civil or criminal involve the physical security teamlearnt from any incidents that require court case, or indeed these logs can be in the response to an incidenta response. Failure to take these used to determine the effectiveness of where there has been physicalsteps could adversely impact business the incident response procedures. access to compromised systems.operations leading to loss of revenue or o Human Resourcesmission effectiveness, legal ramifications Incident Response Team It is essential that a representativeor a loss of public trust. The Incident Response Team from the Human Resource team is The incident response methodology is responsible for managing the involved in the Incident Responsewill be dependant on the incident organisation’s response to an incident Team to ensure that processes andclassification. The response team will and how the organisation interacts with procedures comply with goodalso need to confirm that the incident third parties such as law enforcement Human Resource practice andhas occurred and if so what the most agencies, regulatory bodies, customers, do not impinge on industrialappropriate response to the incident is. employees and the media. relations. The result of an incidentOnce an incident has been confirmed The team should be made up of response may be to discipline a C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 51
  • 53.     staff member for breach of the be required. details of the incident. organisation’s acceptable usage o Review changes in legal and The Information Security Manager policy and this will require the regulatory requirements to ensure should then evaluate the incident and Human Resource team’s input to that all processes and procedures determine whether it should be treated ensure due process. are valid. as an Information Security incident oro Legal Department o Review intelligence data such whether it should be referred to the As with the Human Resource as information from log files, support desk and handled as a normal department, it is imperative that results from automated incident service incident. legal advise is taken both during responses, third party websites and The Information Security Manager the development of the processes industry seminars to determine should then escalate and notify the and procedures and in the response trends and changes in the IT appropriate members of the team to serious incidents. security landscape and where according to the classification of theo Public Relations future incidents could originate. incident. How information is communicated o R e v i e w a n d r e c o m m e n d Incident Classification to the public, customers, partners, technologies to manage and In order to ensure that incidents shareholders and press is a unique counteract incidents are responded to in a structured skill and one that is necessary o Establish relationships with the manner it is essential the Information to ensure the correct amount of local Law Enforcement Agency Security Manager classifies incidents information is disclosed at the right and the appropriate government into the appropriate levels so that high time to the right people. agencies. priority incidents can be respondedo External Expertise o Relationships with the Incident to quicker than incidents of a lower There will be times due to the Response Teams within key nature. It should be noted that based on nature of the information security partners and key suppliers, such additional information gathered during incident external expertise will be as the company’s ISP, need also be the response to an information security required. For example you may established. incident the classification of an incident need external expertise in computer The Incident Response Process can be changed appropriately. forensics or criminal investigations When an incident is reported the The severity of the incident does if those skills are not available in- steps below should be followed; not alone impact the classification. house. Incident Recording The potential target also impacts the Note, depending on the seriousness classification. A rejected access attemptand impact of an information security Details of the incident should be to sensitive data will have a higherincident it may be necessary to mobilise recorded accurately. The information event classification than a rejectedall or only part of the Information gathered should include; access attempt to non-sensitive systems,Security Incident Response Team. o The date and time the incident for example unauthorised access to a Once the Incident Response Team occurred. staff member’s home directory may bein place it should: o The date and time the incident was classified with a lower priority thano Develop/review the processes and detected. unauthorised access to the payroll procedures that must be followed o Who/what reported the incident. system. in response to an incident. o Details of the incident including: Classifying information securityo Develop/review guidelines for o A description of the incident incidents will depend on a number of incident classification. This should o D e t a i l s o f t h e s y s t e m s factors such as; not be solely the responsibility of involved o The nature of the incident. the Incident Response Team but o Corroborating information o The criticality of the systems being must involve the business owners such as error messages, log impacted. responsible for the systems and files, etc. o The number of systems impacted data being protected. Incident Notification by the incident.o Manage the response to an incident In order to ensure an effective and o The impact the incident can have and ensure that all procedures are appropriate response to a potential on the organisation from a legal followed correctly. information security incident the and/or public relations point ofo Review incidents to determine Information Security Manager should view. what lessons can be learnt and be contacted immediately and given the o Legal and regulatory requirements. what process improvements may 52 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 54.     Classification Explanation Example High An incident poses an immediate threat to all systems, • Network wide Virus/Worm outbreak the exposure of critical or sensitive systems, may • Active External/Internal unauthorised access to systems result in criminal charges, regulatory fines or may • Compromise of information resulting in serious data result in undue bad publicity for the organisation. disclosure • Serious breaches of the organisation’s Acceptable Usage Policy Medium An incident poses a threat to a limited number of systems, • In-active External/Internal unauthorised access to systems. may compromise non-critical or non-sensitive systems or • Localised Virus/Worm outbreak. involved time critical investigation into a staff member’s • Breach of the organisation’s Acceptable Usage Policy activities. Low An incident poses no immediate threat to systems. • Failure to download anti-virus signatures. • Request to review security logs. • Minor breaches of the organisation’s Acceptable Usage PolicyIncident Tracking Throughout the lifetime of the be tracked using alternative methods o Serious Breach of the organisationsinformation security incident it is such as manual recording or using a Acceptable Usage Policy.important that accurate records are standalone system not connected to the o Minor Breach of the organisationstaken of each action taken and the network. Acceptable Usage Policy.consequences of each action. This is During the information security o Defacement of the organisation’simportant from a number of points of incident all actions should be website.view; documented, time recorded and signed. o Denial of Service Attack ono To a i d i n t h e o n g o i n g If not already notified, notify the the organisation’s information troubleshooting and diagnosis of Support Desk with details of the processing systems, e.g. Internet the issue. information security incident. connection.o In the event the incident results Depending on the scale, impact and o Email Flood Attack on the in a criminal or civil case, the duration of the information security o r g a n i s a t i o n’ s i n f o r m a t i o n accurate recording of events may incident consideration should be given processing systems. be submitted as evidence regarding as to whether additional resources o C o m p r o m i s e o f i n f o r m a t i o n the investigation. may be required on the organisation’s processing services belongingo In the event the incident results support desk to deal with client queries. to third party partners, e.g. ISP, in a staff disciplinary case the For example a prolonged incident may supplier, hosting provider. accurate recording of events may result in the loss of business critical o D i s c l o s u r e o f c o n f i d e n t i a l be submitted as evidence regarding services which may result in a higher information. the investigation. volume of calls to the support desk. The above procedures should beo For post-mortem diagnosis of the constantly reviewed and tested for their Response incident to determine potential efficiency and new standard operating areas of improvement within the The type of information security procedures implemented when and processes and procedures relating incident will determine the way that the where required. It should be noted to information security incident information security response team will that from time to time information response. handle the incident. Standard operating security incidents may occur that fall Once the information security procedures should be developed and outside the scope of the above standardincident has been classified the method tested by the Incident Response Team. operating procedures and as a resultof tracking the issue needs to be These standard operating procedures they will need to be managed in ancarefully considered. If the network has should cover incidents such as, adhoc fashion.been compromised it is likely that the o Malware/Computer Virus infection Regardless as to whether anattacker may have access to all systems o External Unauthorised access to information security incident fallswithin the organisation and therefore systems within the scope of existing standardcould be alerted that a response is o Internal Unauthorised access to operating procedures or not, theunderway and take evasive, elusive systems following are the main steps within theand/or destructive action. Therefore o Theft of computer equipment and process;thought should be given as to whether related data. o Discovery of illegal content on Containmentor not information security incidents the organisation’s information Containment involves limiting theclassified as “High” should be recorded processing systems. scope and impact of the informationwithin the normal helpdesk system or C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 53
  • 55.    security incident. This is particularly that appropriate communications identifying the source of the incidentapplicable when responding to are maintained. This includes being from one of those companiesinformation security incidents as a communicating to the appropriate IT or requiring assistance from thoseresult of malware, such as a virus, due and business management levels on the companies to investigate or eradicateto the ability of such software to spread impact and progress of the incident. the incident.rapidly. During an information For example an attack on the The Information Security Manager security incident it is essential organisation’s Internet connections mayand/or the incident response team that confidentiality is maintained require the assistance of the providingshould decide on how best to contain throughout the incident’s lifecycle. In ISP in dealing with the attack. In thean incident. This decision will need the event of a high priority incident main, these types of communicationsto be taken with the objectives of no communication should occur over should be at an operational levelpreventing further systems compromise, existing information systems, such as and ideally relationships should beallowing adequate time and resources email, as they may be compromised and established previous to any incidents tofor investigating the incident, while at alert the attacker to the investigation. ensure an effective response.the same time restoring the systems to In addition, the nature of the Publicoperational status as soon as possible. incident may require confidentiality is Similar to press enquires all public The team should also have full maintained as it may involve a criminal enquiries regarding an informationauthority to conduct whatever actions case, the disciplining of a staff member security incident should be dealt withthey deem necessary to contain the or be publicly embarrassing to the by the Press Officer.incident up to and including putting organisation. Depending on where thecritical services and applications Where possible, information on organisation conducts business, legaloffline. information security incidents should and/or regulatory requirements mayEradication. be shared on a strict need to know require that affected customers are basis only. Ideally all updates from Eradicating an incident entails notified of the breach. The decision to the Incident Response Team to thoseidentifying and removing the root cause contact customers should be made by outside the team should come only fromof the information security incident. the Senior Management in consultation the Information Security Officer.Simply restoring a system to operational with the legal department. From time to time it may bestatus without identifying the root Staff necessary to communicate with externalcause of the compromise may result in parties during or as a result of an It is important that appropriatethe information security incident re- information security incident. The levels of communication are maintainedoccurring again at a later stage. following are the main contact points with staff during an incident not It is important to gather whatever and how they should be handled; withstanding the requirements forevidence available in a forensically Press enquiries maintaining confidentiality. Thissound manner. This means ensuring is particularly important when theall steps and actions are clearly All press and media enquiries incident involves the investigation ofdocumented with original media and should be strictly handled by the a staff member. In such a case it islog files digitally signed and stored organisation’s PR department. No other extremely important that the suspectedsecurely to prevent tampering. All member of staff should comment to staff member’s privacy and rights areinvestigations should be conducted on media or press enquiries regarding any maintained at all times. The Humanverified copies of the original media and information security incident. Resource department will play a keylog files. It may be necessary to engage Law Enforcement role in this regard.with external expertise to conduct the It may be necessary to instigate Information security incidentsforensic investigation. criminal proceedings as a result of an that impact directly on the availabilityRecovery information security incident. This of production systems will need to Recovery means restoring could be due to criminal activity be managed in such a way to keepa system(s) back to their normal conducted by users within the impacted staff updated as to when theoperational status. This may require organisation or the requirement to systems may be likely to be restoredrestoring system(s) from backups or prosecute an external unauthorised while at the same time maintain anyreinstalling from known and certified attacker. The decision to proceed with necessary confidentiality.original media. Part of the recovery a criminal case should be made by the Managementprocess should ensure that the integrity Senior Management in consultation Depending on the severity andof the backup being used for the restore with the legal department. the impact of the information securityoperation has been thoroughly verified Third Party Partners incident senior management may needand that the restore operation was Depending on the nature of the to be made aware and kept updatedsuccessful. information security incident it may on the progress of the issue. WhereCommunications be necessary to contact third party possible the escalation tree for the Throughout the information partners and suppliers to alert them of Information Security incident shouldsecurity incident it is essential the incident. This may be as a result be the same as that used for all service of the investigations into the incident issues. 54 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 56.    Legal o Service Incident Management Reporting Depending on the nature of the Process In order to improve the Informationincident and whether it will involve a o Disaster Recovery Management Security Incident Response Process it iscriminal prosecution or staff disciplinary Process essential that accurate records are keptproceedings, regular contact should be Post Information Security Incident Review of the change requests and reviewedmaintained with the legal expertise Subsequent to any information accordingly. Monthly reports reflectingwithin the Incident Response Team to security incident a thorough review of the following should be produced;ensure that the most appropriate steps the incident should occur. The purpose o Number of information securityare taken. of this review is to ensure that the incidents submitted, broken downIntegration with Other Processes steps taken during the incident were by priority. appropriate and to identify any areas o Number of information security Due to its nature, the Information that may need to be improved. Any incidents submitted, broken downSecurity Incident Response Process recommended changes to policies and/ by type.should be tightly integrated with other or procedures should be documented o Number of information securityexisting processes such as; and implemented as soon as possible. incidents resulting in serviceo Change Management Process requests ooo CSI Calendar 2007 CSI-National Events CSI National Students Convention Host : CSI, Bangalore Chapter during CSI-2007 August 2007 Theme : “GenNext India - Future Minds” National Conference on Recent Trends in IT (NCRTIT) Date : 29th November, 2007. Division-II & CSI Chennai Chapter & IEEE CS, Madras Chapter For details contact : Prof. Shantharam Nayak, Event (NSC), Co-chair Host : B.S.A. Crescent Engg. College, Chennai Email: shantaram_nayak@yahoo.com, csibc@dataone.in Date : August 22, 2007 Phone: 91-80-22860461 For details contact: Ms. Latha Tamilselvan Phone: (044) 22571374-50 Email: latha_tamilselvan@yahoo.com December 2007 CSI-SIGeGov announces the 5th International Conference on October 2007 E-Governance National Conference on Service Orinted Architecture Host : CSI-Special Interest Group on E-governance (CSI-SIGeGOV) SOA-2007 Date : 28-30 December 2007, Hyderabad, India Region-V & Division-II For details contact : Dr. Ashok K. Agarwal. Email: conf_chair@iceg.net Host : Sriji Collge, Maddiralapadu, Ongole, AP Date : 14th October, 2007 S Mahalingam For details contact: Dr. T Lakshmi, Chairperson, Sriji-Ongole Vice President & Chair, Conference Committee, CSI Email: lakshmitm@gmail.com CSI-Regional Students Convention National Conference on Computer Vision, AI & Robotics (NCCVAIR-07) August 2007 CSI Region VII Students Convention Sig AI, Div-II, CSI Chennai Chapter & IEEE CS, Madras Chapter Organised by: CSI Thanjavur Chapter and Periyar Maniammai College of Host : School of CSE, SRM University, Chennai Technology for Women, Vallam, Thanjavur. Date : 3-6 October, 2007 Theme: “Multi Media and Internet Technologies” For details contact: Prof. S S Sridhar, Tel.: 98405 17356 Date: 2nd & 3rd August, 2007 Email: sssridhar_srm@yahoo.co.in For details contact: Prof. D. Kumar, Organizing Chair, November 2007 E-mail: kumar_durai@yahoo.com Prof. K Ramar, RSC-VII, Phone: 04632222502  E-mail: rsc7@csi-india.org Telemedcon 07 2-3, Nov 2007, Chennai For details contact: Prof. K Ganapathy, Chairman, OC, Telemedcon 07 February 2008 CSI Regional Students Convention Tele Fax: 91-44-2829 5447 Organised by CSI, Ahmedabad Chapter and Changa Institute of Technology, Email: telemedcon07@gmail.com Changa, Distt. Anand, Gujarat H R Mohan, Chairman, Div-II, CSI, hrmohan@gmail.com Date : 8th and 9th February,2008 Dr. C R Chakravarthy. Chairman, Div-IV, CSI, dr_chakra@yahoo.com For details contact: Prof. S G Shah, RVP Region 3, CSI CSI-2007 Annual Convention Email: rvp3@csi-india.org, csiahd@icenet.net Host: Bangalore   Theme: GenNext India- Harnessing the Power of IT Phone : 91-2697-247500, 91-079-2656 8076 Date: 28th Nov.-1st Dec., 2007 Venue: Bangalore Bipin Mehta S Mahalingam For details contact: Mr. Iqbal Ahmed, Organizing Committee Chair National Student Coordinator, CSI Vice President, CSI and Chairman, Phone: 91-80-22860461  Email: csibc@dataone.in Conference Committee C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 55
  • 57.    Cyber Crime : A Criminological to control and prevent cyber crimes. Incidences of cyber crime are increasing day by day. The cyber crime cells inand Victimological Paradigm the metro cities report that there is a sudden spurt of cyber crime reporting, compared to previous years. But how many of them are investigated, detected, charge sheeted and finally convictedDr. R Thilagaraj* & Dr. S Latha ** in the trial court remains a question. There is a big gap between the policy on the cyber crime and social reality on*Professor & Head, Department of Criminology, University of Madras, Chennai 600 005. cyber crime.Email: rthilagaraj@gmail.com Sutherland in his Differential**Faculty, Department of Criminology, University of Madras, Chennai and Secretary, Association Theory (1934) has givenIndian Society of Criminology Email: lathasubramanian@gmail.com nine postulates on how a criminal behavior is learned. Probably all of them Cyber crime has various definitions, and crimes using modern technology. may apply to cyber criminals but onewhich are discussed all over the world. Strictly speaking the major differences of them viz., the need for strong driveCrimes against the computer system are the ‘modus operandi’ to commit a and motivation to learn crime appliesor accessing, denying, destroying crime and the ‘type of criminals’ who strongly to cyber criminals.or manipulating the information in are involved in committing such a The Opportunity Structure theorythe system, crimes committed with crime. The table below could give a by Cloward and Ohlin (1960) statesthe use and abuse of computers are generic idea about the same. that it is not just the opportunity thatcategorized as a few aspects of cyber Almost all the forms of conventional motivates an individual to commit acrime. Abuse of internet for criminal crimes are committed using computers crime but it is more of a situationalactivities either by the white collar instead of conventional modus operandi. opportunity that triggers the urge tocriminals, professional criminals, In conventional types of crimes, studies commit a crime. In the case of cyberorganized criminals or terrorist groups, have proved that the criminals are from criminals too, both the opportunity tocommitting crime through internet poor socio economic background with commit a crime and the motivation to doalso come under the purview of the little educational level. But the cyber so is quite strong. But as far as the cyberdefinition of cyber crime. When legally criminals are often elite, educated, crimes are concerned opportunities fordefined, any violation of criminal law employed persons with technological criminals to escape from the clutches ofthat involves knowledge of computer background. Recent reports reveal law are due to a number of factors; thetechnology for their perpetration, that engineers with strong motivation main being the fact that the offence isinvestigation or prosecution is also a are involved in terrorist activities. committed in one corner of the worldcyber crime. Finally crime committed This paper attempts to understand and the victim is in another location.using a computer and the Internet to cyber crime from criminological and Hence it is easy to commit a cybersteal or sell personal identity or sell victimological perspectives. crime as there would be no witness tocontraband or stalk victims or disrupt provide evidence in the court of law; A Criminological Paradigm of Cyber at least in the traditional sense. Whenoperations and malevolent programmes Crime:could all form part of a comprehensive there was a bomb blast threat through Emile Durkheim (1893) a e-mail to the Parliament of India anddefinition of cyber crime. French Criminologist stated that the Whatever be the definitions said US Consulate in India (2005) the top conventional laws are unable to cope brass of investigating police officersand wrote, cyber crime or computer with modern crimes and hence therecrime involves modern technology. along with a team of cyber crime exists a situation known as ‘anomie’. investigating experts from the CentralWhen it is discussed from the Despite efforts by UNICTRAL atperspective of criminal justice, it is Forensic Science Laboratory had traced international level and the Information the computer system from which theessential to understand the difference Technology Act at the national level,between the conventional type of crimes e-mail was sent through the IP address the criminal justice system is unable and visited Tirunelveli, in the Southern Cyber Crime Terminology Conventional Crime Technology part of Tamil Nadu. They traced the system in the net café through which Pornography Child Abuse / Pedophiles the criminal committed his offence, but it was difficult for them to trace the Intellectual Property Crimes Plagiarism person who had committed the same Impairing the security of a computer Break-in / Burglary as there is no foolproof mechanism to identify the exact user who committed Credit Card Frauds Frauds in Banks the crime. Such limitations always motivate the cyber criminals and Crimes Against Individual Identity Impersonation provide the opportunity to commit the 56 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 58.    crime. crime in comparison to the outsider the credit card systems. Proponents of An early work in the area of who may not have ready access to the effectiveness of formal surveillanceopportunities as a variable influencing system security parameter settings. argue that the potential offenders will becrime comes from the work of Cloward The availability of large deterred by the threat of being seen andand Ohlin (1959) who proposed numbers of free ware tools to launch a caught by police and private securityopportunity theory through development cyber attack on an information system agencies. In the case of cyber crimes,of an opportunity structure that is from outside the network has resulted the perpetrator commits a crime eitherattributable to such crimes. On a similar in the fading of any distinction between at his home or in his office or in a netline, Clarke and Cornish (2000) in their the insider and the outsider perpetrating cafe where formal surveillance is morerational choice theory synthesized and an attack from an opportunity view or less absent. In other words, theredeveloped the rational choice theory point. A google search in April 2007 is an absence of guardian to prevent awith a main focus on the rationalization for free hacking tools yielded 23.7 cyber crime.of pros and cons of any crime. Before million websites as a result. This clearly Gary Becker (1968) proposed thatcommitting a crime, the offender reveals that enormous opportunities the potential offender calculates thecompletely studies the target i.e. the are available for perpetrators of cyber opportunities of earning legitimatevictim and his vulnerable situations and crimes to learn new and sophisticated income, the amount of reward theythe opportunities not only to commit methodologies. offer, the amounts offered by illegitimatea crime but also for escaping from The work of Hitchings (1995) methods, the probability of arrestthe criminal justice process including establishes how the presence of an and the likely punishment. The basicpreventing a probable witness. The opportunity acts as a motivational factor principle behind the punishment laidstrongly motivated offender as pointed for a person considering committing a by the classical school of criminologyout by Sutherland is brought back crime. Forestor and Morison (1994) state is well brought out by Jeremy Bentham,in this theory of rational choice. The that ‘experts on computer fraud attest to who had stressed that the punishmentvulnerable situation of the victim the fact that the opportunity; more than should be sure, swift, effective andcoupled with the opportunity to commit anything else; seems to generate this should outweigh the benefit obtainedthe crime with reduced risk of being kind of behaviour’ while referring to the by the offence. In the case of cybermonitored and caught is often the motivational impact of opportunity to crimes in addition to the opportunity,main cause of any crime. As long commit cyber crimes. motivated offender and a suitableas there is a weak target, absence of If a target can be completely target, the certainty of getting caughtguardian, a motivated offender and removed instead of simply being and punished is very less, as the lawsclear opportunities to commit an protected even more effective results to prevent and punish are not quiteoffence with minimum risk of being are possible. Where valuable targets stringent. In addition, law enforcementcaught, the probability of committing like computers cannot actually be agencies in many countries are nota crime is quite high. This applies to removed, an alternative strategy lies equipped to detect and punish thecyber crimes also. in reducing their attraction to thieves. criminals mainly due to the technical The opportunity to commit crimes For example cheque books were more intricacies involved in it.can be seen in a number of forms. attractive to thieves before the growth of It could take the form of attackingan information system and gaining Suitable Targetadvantage out of such an attack. Theabsence of adequate security and (Victim)controls by themselves would providean opportunity to be exploited withrelative ease; other opportunities couldinclude using an cyber attack as part oflearning curve for launching attacks onmore complex networks; the sense ofsocial acceptance among peers and soon. As brought out by Subramaniam(2006), the differentiation as to whetherthe cyber attack was perpetrated byan outsider or an insider has a clearbearing on the kind of opportunity thathas influenced the crime process. Inthe case of an insider perpetrating acyber crime, it is fair to assume that theperpetrator’s proximity to the systemsand a relatively better understanding ofthe system security parameter provides Absence of Guardian Motivateda better opportunity for committing the (security) Offender C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 57
  • 59.     Victimologists have held that and victimology: A theory of delinquent gangs.in all crimes, the role of a victim in • Offender Characteristics (Causes– Glencoe, IL: Free Press.the crime process is clear and it is a psychological, social and • Durkheim, Emile (1893), ‘Thecontributory factor. To quote Hentig economical and motive etc) Division of Labour in Society”,(1948) who propounded the concept • Victim Characteristics (Translated by George Simpsonof penal couple viz., the victim and • Target Hardening (1947), New York: The Free Press.the offender, the victim is always a • E f f e c t i v e n e s s o f t h e l a w • Forestor, T. & Morrison, P. (1994),cause of crime even if the crime is enforcement agencies or private “Computer Ethics: Cauthionarymotivated for abstract reasons such security agencies in preventing, Tales and Ethical Dilemmas inas intellectual integrity, freedom of detecting, presenting evidence Computing”, MIT Press, Cambridge,religion, public health, the safety of before the Court of Law and MA.a nation. Going by Schafer (1997) all punishing the offender. • Hentig, Hans Von (1948), “Thecrimes necessarily have victims and References: Criminal and His Victim”, Newwhere the victim creates the possibility Haven: Yale U. Press • Becker, Gary S., (1968) “Crimeof a crime to be committed, it is referred • Hitchings, J. (1995), “Deficiencies and Punishment: An Economicto as ‘victim precipitated crime’. The of the Traditional approach to Approach,“ Journal. of Politicalactions of the victims of cyber crimes Information Security and the Economy 76: 169-2 17.have contributed significantly to the Requirements for a New • Clarke and Cornosh (2000),motivation to commit this crime but in Methodology ”, Computers & “Rational Choice”, in R. Paternostermany cases, the victim is unaware of its Security 14 (5): 377 - 383 and R. Bechman (eds.), “Explainingentire consequences. • Subramaniam, Rama K (2006), Crime and Criminals: Essays in These theoretical underpinnings “Cyber Crime: A Criminological, Contemporary Criminologicalhelp us to understand cyber crime Vi c t i m o l o g i c a l a n d L e g a l Theory”, Roxbury Publishingfrom a new paradigm and to evolve an Perspetive”, Unpublished PhD Company, Los Angles, CA.effective, modern and need based crime dissertation, University of Madras, • Cloward, R. (1959). Illegitimateprevention process. Chennai. means, anomie, and deviant To conclude, cyber crime should be • Schafer, S. (1977), “Victimology: behavior. American Sociologicalanalysed and prevented not only from The Victim and his Criminal”, Review, 24(2), 164-176.a technological perspective but should Reston, VA: Reston Publishing Co. • Cloward, R. & Ohlin, L. (1960).consider the following based on various Delinquency and opportunity: oootheoretical explanations of criminologyThe five aspects of Information Security- Information Security Forum [http://www.isfsecuritystandard.com/index_ie.htm] 58 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 60. C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 59
  • 61. ...Contd. from 2nd coverthe construction work for the extension Institutions) during 2006-’07. Details external vendor whereas in the newbuilding started on 13th September, of the scheme were uploaded in CSI website pages can be changed by CSI2006 is currently in progress and Website. Of the 9 applications received, in house.expected to be completed by July / 6 projects have been approved for Dr. Ravi Chamria of M/s SakshayAugust 2007. Immediately after the funding gave a presentation on the new websiteextension building is ready the existing CSI Website: Mr Satish Babu project and gave clarifications tobuilding will be vacated for carrying out briefed the ExecCom on the new members’ queries.major repairs. CSI website project currently under Presentation of Certificates : Renewal of Lease of CSI’s plot at implementation by M/s Sakshay, Delhi President thanked all the outgoingTaramani, Chennai : The 30 year lease who have already completed 90% of the members of the ExecCom for theiragreement with the Tamilnadu Govt., is coding with the balance 10% involving unstinted support and cooperationdue for renewal in 2008 and preliminary interaction with HQ staff expected to during the year and presented themsteps have been initiated for renewal of be completed soon. In the new website Certificates of Appreciation for theirthe agreement. all RVPs and Divisional Chairmen will contributions.Research Activity : have a page of their own which they President thanked Prof. K K can maintain individually. Also there is Aggarwal for the excellent arrangements ExecCom had approved on 22- a prominent page linked to Education for the meeting. The meeting ended11-2006 a scheme of R&D funding Directorate. The basic difference with a vote of thanks to the chairto help carry out minor research between the existing and new websitesprojects by Academicians / PG Students Priyalata Pal is that in the existing, any changes(Engineering Colleges and Technological Executive Secretary in the pages can be made only by an Extracts of the Minutes of First ExecCom (2007-’08) held on 1st April, 2007 at Delhi (Venue : Guru Gobind Singh Indraprastha University, Delhi) individual members of CSI. Fifteen ExecCom Members, seven President stressed the need for iv) C h a p t e r C h a i r m a n o r Vi c e -Special Invitees and one from the RVPs to be more proactive and involve ChairmanSecretariate attended the meeting. themselves fully in the activities of v) C o - o p t a n y l o c a l E xe c C o m Prof K K Agarwal, President, their Chapters since they are more membercalled the meeting to order He familiar with the ground realities of vi) Co-opt any other local expertswelcomed the ExecCom members and their regions.others present to the meeting. Formation of Statutory Committees: National Building Committee President in his inaugural address ExecCom discussed the formation of (i) Hon. Treasurer, CSItouched upon various aspects of the Statutory Committees and observed (ii) Any one of the other OBs of CSISociety, and in particular emphasised that most of the members are already (mainly on locational advantage)the need to increase membership and defined in the bye-laws. ExecCom (iii) Regional Vice-President (commonsuggested that : then authorised the President to notify link between two committees) There are over 4000 institutions the composition of these Committees (iv) Co-opt a common ExecComin the country imparting technical after obtaining the concurrence of the The Local Building Committeeeducation and we should target them for persons nominated. to forward the complete proposal/enrolment of their students and faculty. President has since finalized these options for the premises identified forInitiate new measures to increase value Committees (see page 62). acquisition, to the National Buildingaddition to members. Adhoc Committees: For acquisition Committee which will forward its As we have an MOU with of premises for Chapter offices, as recommendations to the CSI OfficeInstitution of Engineers which is hitherto the Local Building Committee Bearers who in turn will take a decisionhaving a large membership we should and the National Building Committee to be ratified further by the ExecCom.endeavour to enrol their members as will be formed whenever needed, on the ExecCom also decided that theCSI members. following basis. following core committee appointed Target large companies especially earlier for planning and construction Local Building Committeethose in the IT field to enrol as of the extension building of CSI at i) Chapter Treasurer Taramani, Chennai will continue asinstitution members of CSI. Also enlist ii) Chapter Secretary the building construction is currentlythe support of some seniors in those iii) Regional Vice-President under way.companies to enrol their employees as 60 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 62.    Core Committee will have 8 members, one of them from Branches.Mr. Lalit Sawhney CSI (secy, or area head). Currently, the More effective use of our MOUProf. C R Muthukrishnan committee consists of the following well with Microsoft will be made to benefitDr. S Arumugam known researchers : the students. Also, efforts will be madeMr. P R Rangaswami Prof Pankaj Jalote, IIT Delhi – Chair to collaborate with organisations likeMr. S Ram Mohan Dr Gautam Shroff, TCS IBM, CSI etc for conducting studentMr. G Ramchandran Prof. Sanjeev Kumar, IIT Kanpur activities.Mr. H R Mohan Prof T V Prabhakar, IIT Kanpur Prof. H R Vishwakarma hasMr. P Unnikrishanan Dr Sriram Rajamani, Microsoft Research, proposed a portal for CSI Adhyayan.Mr. S Sudharssanam Bangalore. Once the portal is ready CSI Adhyayan, The core committee will also have The focus of SIG-SE will be without printing, can be brought outthe responsibility to ensure renewal of to promote research in Software on quarterly basis for the benefit ofthe thirty-year land lease agreement Engineering in India through students.with Tamilnadu govt, for the CSI plot conferences, workshops, newsletters, ExecCom decided that Mr. Bipinat Taramani, Chennai. The lease tutorials etc Mehta and Prof. H R Vishwakarmaagreement is due for renewal in 2008. The committee will consist of should function in close co-ordination ExecCom nominated Mr Bipin V people who are / have been researchers and increase student activities. Also,Mehta, Immediate Past Vice-President (generally PhD with some research the proposal for the portal for CSIas the new CSI National Student Co- papers published), who are also Adhyanan was approved in principle.ordinator. willing to work and contribute to this President requested members to send Based on the recommendations of activity which is really a professional their suggestions on value addition tothe Regional Vice-Presidents concerned contribution to SE in India. students so that a concept paper canExecCom nominated the fo llowing as CONSEG will be revived. The near be prepared for further discussion andthe Regional Student Co-ordinators. term goal of SIG-SE is to organise one consideration.Region – I : Mr. Shiv Kumar, New yearly conference, the first one of which Plans for Educational Activities Delhi will be tentatively in Feb. 2008. during 2007-’08 : Mr. S SudharssanamRegion – II : Mr. Sushantha Sinha, Another objective is to get at least briefly gave details of plans for the Kolkata one good international conference a educational activities and mentionedRegion – III : Dr. Ashok Patel, Patan year to India, which SIG-SE will co- that the National Standard Examinations Gujarat sponsor / host . on new modules approved byRegion – IV : Mr. Sree Kumar, ExecCom appreciated the efforts the Academic Committee, will be Rourkela of Prof. Jalote and his committee held during the year. Also SQTCRegion – V : Mr. P S Basavaraju, members examinations and other examinations Bangalore SIG-eGOV : ExecCom considered will continue to be conducted and stepsRegion – VI : Prof. Manoj Bharat infrastructure and other requirements of will be initiated to increase the response Jhade, Nashik Dr Ashok Agarwal, SIG-eGOV Chair, to these examinations.Region – VII : Dr. K Ramar, Kovilpatti President requested that all RVPs Plans for Research Activities : It should hold Regional Meetings of was agreed that the Society’s researchPlans for the year : their Chapters to discuss and chalk activities need to be increased furthera) Focus on increasing Associate and out plan of activities for the year and higher financial allocations be Student membership significantly. and communicate the same to CSI made for the purpose. ExecComb) Work on enhancing value addition HQs at the earliest. As part of their decided to form a Research Committee to the membership as that will help commitments they should initiate and authorised the President to identify in attracting new members also. membership drive in their respective and nominate suitable members.c) Every RVP should target to conduct regions and strive to significantly at least 4 regional events. Approval of Resolutions for new increase CSI membership. signatories for CSI bank accounts:d) Every Divisional Chair should target to conduct at least 4 Divisional Plans for Student Activities during 2007- ExecCom approved the relevant events. ’08 : resolutions authorising new signatoriese) Increase student activities and Mr. Bipin Mehta mentioned that to operate the bank accounts of CSI. encourage formation of new Some of the Student Branches are Other items : Student Branches. dormant and efforts will be made during CSI Certification : President briefedf) Increase Education and Research the year to reactivate them. members on the discussions he had activities A Student Branch Manual will be with Nasscom which showed interest prepared soon and sent to all StudentSIG Activities : in CSI being a certifying agency for Branches. SIG-SE : Prof Pankaj Jalote, SIG- Nasscom. While on this, Mr Lalit Brochures and membershipSE Chair, gave a presentation to the Sawhney mentioned about the proposal enrolment forms will be sent toExecCom on the status and plans of mooted by the CSI Academic Committee educational institutions to enrol studentSIG-SE formed a few months back. He about one and half years ago to start members so as to increase the numbermentioned that the SIG-SE committee CSI certification of professionals. The of student members and Student C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 61
  • 63.    certification will be on the lines of those will be held through 100% Nominations Committee will meetbeing conducted by other societies like electronic voting . on 1st November, 2007 and prepare theSingapore Computer Society, Australian • President slate and present to ExecCom.Computer Society etc, but with some • Vice-President cum President Process for election to be completedmodifications to suit our requirements. elect and the results communicated by Mr. S Mahalingam expressed the • Secretary (N C proposed for December 31st, 2007.view that certification involves serious one year for 2008-’09) Dr Datta suggested that Chapterissues which need be considered and • Treasurer (NC proposal, 2008- elections for 2008-’09 / 10 should alsosolutions found. Hence, he suggested ’10) be held electronically simultaneouslyformation of a committee at the earliest • RVPs II, IV, VI & VIII (2008- with the national elections.to consider the proposal and give 10) Members thanked the Presidentrecommendations. • Divisional Chairpersons II & for the excellent arrangements for theb) CSI Elections for 2008-’09 / 10: IV for the period (2008-10) meeting and the hospitality extended. Dr. Rattan K Datta, Chairman, • Nominations Committee for The meeting ended with a vote of Nominations Committee put the period (2008-’09) thanks to the Chair. forward to the ExecCom the Call for nominations to appear following plan of action : in CSI Communications as well as on Priyalata Pal 1. Elections for the following website. Last date to receive nomination Executive Secretary elective posts for 2008-‘09/10 by 15th October, 2007. Statutory Committees of CSI for 2007-2008 1. Awards Committee 5. Publication Committee i) Mr. Lalit K. Sawhney Chairman i) Mr. S. Srinivasan Chairman ii) Mr. R.N. Lahiri RVP-II Members iii) Mr. H.R. Mohan Div. Chair-II ii) Prof. P.V.S. Rao iv) Dr. C.R. Chakravarthy Div. Chair-IV iii) Dr. T.V. Gopal iv) Prof. P S Grover 2. Academic Committee v) Mr. H.R. Mohan i) Mr. Lalit K. Sawhney Chairman vi) Mr. Deepak Shikarpur ii) Prof. K K Aggarwal President vii) Mr. P.R. Rangaswami iii) Mr. S. Mahalingam Vice President viii)Dr. Ashok Aggarwal iv) Prof. H.R. Vishwakarma Div. Chair-V ix) Dr. M. Chandwani v) Prof. R K Arora vi) Prof. P Trimurthy 7. Conference Committee vii) Dr. S.S. Aggarwal i) Mr. S. Mahalingam Chairman ii) Mr. Ajit Kumar Sahoo Treasurer 3. Finance Committee iii) Dr. C R Chakravarthy Div. Chair-IV i) Mr. Ajit Kumar Sahoo Chairman iv) Mr. Deepak Shikarpur Div. Chair-III ii) Prof. K K Aggarwal President v) Mr. H.R. Mohan Div. Chair-II iii) Mr. S Mahalingam Vice President vi) Ms. Sudha Raju RVP-V iv) Mr. Satish Babu Hon. Secretary v) Mr. Satish Doshi Immd. Past Treasurer 8. Disciplinary Committee i) Mr. P.R. Rangaswamy Chairman 4. Membership Committee ii) Mr. Satish Babu Secretary i) Mr. Satish Babu Chairman iii) Prof. Nupur Prakash ii) Mr. M P Goel RVP-I iii) Prof. S.G. Shah RVP-III 9. External Affairs Committee iv) Ms. Sudha Raju RVP-V i) Mr. H S Sonawala Chairman v) Dr. S. Arumugam RVP-VII ii) Dr. Rattan Datta Vice Chairman vi) Prof. Swarnalatha Rao Div. Chair-I iii) Dr. L M Patnaik vii) Mr. Deepak Shikarpur Div. Chair-III iv) Dr. S Ramani viii) Prof. H.R. Vishwakarma Div. Chair-V v) Dr. C R Muthukrishnan ix) Mr. S.R. Karode Past Secretary vi) Mr. R K Gupta vii) Dr. Yogesh Singh 10. Research Committee i) Prof. A K Pathak Chairman ii) Prof. Swarnalatha Rao iii) Prof. H R Vishwakarma 62 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 64.     Programme was attended by large number of participants from academia, From CSI industry including office bearers and managing committee members, other professional and student members of Chapters the Chapter. Mrs. Shailaja Gupta, Vice Chairman conducted the programme and vote of thanks was given Mr. S D Chaubey, Chapter Secretary. B angalore An evening talk on “Risks in the Digital Age” was held at the Chapter premises on 4th June 2007. About 35 members attended this talk. Mr.T.S.Sabapathy, immediate Past Chairman, CSI-BC welcomed the speaker and the members present and also introduced the speaker. Dr. Partha Dasgupta, Dept. of Computer Science, School of Computing informatics, Arizona State University. Dr. Partha Dasgupta’s core areas of expertise are in Computer Security, Operating Systems and Distributed Computing. His current research focus is the use of cryptography and secure software systems to provide security and dependability of consumer computing. Dr. Partha mentioned that theAllahabad : (L-R) Mr. D K Dwivedi, Chapter Chairman, welcoming Chief Guest and other Internet for the masses was deployedparticipants on the ocassion, Mr. A K Mehrotra, Mr. Anil Kumar Gupta and Mr. Rajeev about 9 years ago. Internet securitySaxena measures have been phased in over the next 3-4 years and today consist of aA llahabad Lecture programme on “Free/ Open expressed that Indian Judiciary is plethora of measures from SSL/IPSec to firewalls and antivirus software. Yet the e-commerce infrastructure is totallySource Software (FOSS)” was organized in urgent need of re-engineering its insecure from viruses, phishing attacks,by the Chapter on July 28, 2007 at processes, optimize the use of its scams, pharming, rootkits and a varietyUPTEC Library Hall. Mr. D K Dwivedi, human resources, and bring about of insidious methods. Identity theft andChapter Chairman, welcomed the Chief change management by harnessing financial embezzlement are increasingGuest, Speaker and other participants. the potentiality of the availability at an alarming rate.Dr. K K Bhutani, Fellow, CSI gave a brief Information and Communication The talk was well received and theintroduction about the CSI and its aims Technology to its fullest extent. The audience appreciated the same. Dr.& objectives. objective of this exercise is to enhance Sateesh Kannegala thanked the speaker Dr. Srinivasan of National Resource judicial productivity both qualitatively and the audience for attending the talk.Centre, Anna University- Knowledge and quantitatively as also make theBased Computing Research Centre,Chennai delivered a presentation aboutthe Free/ Open Source Software, Open justice delivery system affordable, accessible, cost effective, transparent and accountable. Similar objectives C handigarh The Chapter organized its AnnualSource foundation, Case studies about have been achieved in other parts General Body Meeting on July 14, 2007Open Source initiatives by developing of the world by use of technology in CSIO Sector 30 campus. Aroundcountries, FOSS systems, tools and but in India though its manpower is 20 corporate members attended theapplications, some common commercial known for its technology expertise, meeting. Director Pawan Kumar wassoftwares and their equivalent FOSS the Information and Communication also present at the AGM. A lectureoption & activities of NRCFOSS. Technology benefits could not be fully on “Free/open source software: An Hon’ble Justice Dilip Gupta explored and utilized in public service Innovative Model” by Dr. Anu Gupta,speaking as Chief Guest on the occasion sectors like judiciary and other organs Sr. Lecturer Deptt. of Computer Science of the State. & Applications Punjab University was C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7 63
  • 65.     the CSI organized lecture meeting on ‘Trends in Business Intelligence”. This event was co-organised with Seed Infotech ltd. The event was attended by over 100 IT professionals. The main points discussed by Mr. Suresh Katta were : For all the business managers, data compilation, analysis and reporting remains the most important result area per quarter. The data compiled for Sales, Investments, Resource Cost, Maintenance charges and expenses, gives the guidelines for planning, forecasting and taking corrective actions. These days a number of tools and software are being used to analyze and report, based on the collatedChandigarh : Dr. Pawan Kapur Director CSIO chairing the AGM of CSI Chandigarh Chapter. data, and the tools have to perform functions ranging from - Businessalso organized on this occasion. Networking and How to convert Ideas activity monitoring to Supply Chain A new student branch at UIET, into project and systems. All the Management; from Finance & BudgetingPunjab University has taken shape with Vocational Trainees expressed the view to Decision Support Systems (DSS) anda strength of nearly 150 students. that these lectures were excellent and forecasting, to be precise, the entire setH useful for them. of functions that come under Business L Intelligence. aridwar This has therefore led to the On 17th May 2007, the Chapter ucknow increase in the demand for nicheorganized a seminar on ‘Role Of The Chapter organized a visit to companies that could provide softwareComputers in Tool Engineering’ in New U.P. Irrigation Department (UPID)Data and services for Business Intelligence;Engineering Building Conference Hall, Centre, Kanpur Road, Lucknow to this has therefore resulted in theBHEL Haridwar. appraise the CSI members regarding increase in the requirement for trained Welcome address was delivered the working and need of Data Center in professionals in this area.by Chapter Chairperson, Mrs. Geeta their departments. Mr. Amitabh Tewari, The market dynamics have createdBhatnagar. Member MC coordinated this event. a demand for the much required Seminar was presented by guest Mr. Anoop Misra, Asst. Engg. industry – academia association tospeaker Mr. R K Goyal, Sr. Manager, and Mr. M.A.Siddiqui, Admn. Officer generate professionals in the BusinessTool Engineering, BHEL, Haridwar. In welcomed the CSI members. Mr. Intelligence arena.his presentation he mentioned about Misra explained the need of such datadifferent kinds of tools and also how centre in U.P. Irrigation Department. There was a concern expressedcomputerization in tool engineering has He told that UPID has approx 70000 at different forums in CSI and SEAPprovided access to more information employees and 550 offices in the U.P. about the gap between Academicsand more advanced decision aids. The department computerization started and Industry. Discussions were held The Seminar was attended by in year 1999 at EinC. For connecting with many academicians and industryaround 125 participants from different the Data Center 11 zonal offices has experts to know their views anddepartments of BHEL. been connected with 2Mbps leased suggestions about bridging this gap. The chapter also organized a one line and remaining with 64kbps leased Many suggestions and ideas came outday lecture series for vocational trainees lines. ISDN lines are used as backup as part of these discussions but oneof various Institutes of India on June lines. Comprehensive software is common concern which was expressed26, 2007. being developed which is having 26 by all the colleges was – Faculty do not The lecture series was inaugurated modules. have industry exposure and it will helpby Mrs Geeta Bhatnagar. In the Mr. Ashesh K. Agarwal, Hon. if some interaction between faculty andinaugural address she gave emphasis Secretary of the Chapter thanked the industry experts is started. With this inof using computers in Industry and its UPID Data Centre team and members. mind, the chapter thought of focusingimportance in increasing the overall Mr. Anil Srivastava, Mr. Harish Gupta on Faculty Training Program conductedexcellence. were also present. by the Industry Experts. P In this lecture Mr. Ajit Srivastava, Discussions were held withB H E L I n f o r m a t i o n Te c h n o l o g y une Board of Studies members of PuneDepartment delivered lectures on VPN, Mr Suresh Katta CEO Saama University and we identified “SoftwareNew and Immersing Technologies, Technologies was the chief guest for Architecture” as the subject in which 64 C S I   C o m m u n ic a t i o n s • AU G U S T   2 0 0 7
  • 66. immediate inputs were required as thiswas the new subject introduced by theUniversity. Dr. Anand Deshpande ofPersistent Systems who is also our PastChairman and Patron came forward tosupport this training. The annual event of the Chapterwas InCSights-2007 conducted on 15thand 16th of June 2007. A half day workshop – XP bootcamp was organized on the 15th atNIA. It was an extremely participativeworkshop on extreme programming andAgile methodology. About 45 professionals registered Tiruchirapalli : Dr A Vadivel, Assistant Professor, Dept. of Computer Applications, National Instituteand participated in this event. of Technology, Trichy is delivering the lecture & a section of Audience look on the same. The main program was on the 16th.This was a full day program conducted About 45 Participants attended & Parks of India Thruvananthapuramat Le Meridian. About 120 people got benefitted from the Lecture. organised a workshop on “The Role ofregistered for the event spanning across Mr. R Selvaraj, Secretary, CSI Trichy Institutional Involvement in Human25 IT companies. Chapter Welcomed the gathering. Resource Readiness:The current The sponsors for the event were scenario and new trends” at MascotPersistent Systems Pvt. Ltd., KPIT The Chapter organized a Lecture Hotel, Trivandrum.Cummins, Verisoft, Bladelogic and Programme on “Career Guidance for This one-day workshop had Prof.I2IT. Engineering Aspirants” in association Tharappan as a key resource person.t iruchirappalli The Chapter organized a Lecture with The Institution of Engineers Local Centre (IEI-TLC) T h e S p e a ke r ex p l a i n e d t h e The workshop was attended by Placement Co-ordinators from IT related academia, industry and trainingProgramme on “Biometric for Personal importance of core branches of schools.Identification” in association with Engineering namely Civil, Mechanical On 23 June as part of the initiativeThe Institution of Engineers (INDIA), and Electrical. The other Branches to increase academic – industryTrichirapalli Local Centre (IEI-TLC) like Electronics & Instrumentation, interaction, the chapter conducted a The Sp e a k e r e x pl a i ne d t he Electronics & Communication project presentation on “e3ware - Animportance of “Biometric for Personal Engineering, Computer Science, Academic Governance Tool” by Vijay P.Ide nt i f ic a t ion” w it h R e le v a nt Production, Bio-Technology etc are all Sankar & Syam Madhav, B.Tech. FinalExambles. the offshoots of the core branches. Year Students, College of Engineering, Biometric is found to be one of the The session was followed by inputs Trivandrum at Symphony, Computerimportant research domains of computer from Dr. K Palanisamy, Prof. & Head, Society of India, Trivandrum.Science and Engineering and fetching Dept of Civil Engg, NIT, Trichy and Dr. On 27th June the chapter organizedhuge attention from academia and G Swaminathan, Professor, Dept. of two programmes in association with IEIindustry. The biometric is effectively Civil Engineering,NIT, Trichy Kerala State Centre at The Institution ofused in Personal Authentication System About 45 participants attended & Engineers Hall, on “Systems Design for(PAS), which uniquely identify an got benefitted from the Lecture. Space” by Mr. Sagar Vidyasagar, Seniorindividual. The application areas Engineering Manager at Lockheed-of biometric based authenticationsystem are entry into protected area,baggage management system in airport, T RIVANDRUM On 19th July 2007 the Chapter in Martin Co., USA and on “Science & Technology Education - India at Cross Roads” by Dr. T.R.G. Nair, Trivandrum.attendance audit system, etc. association with Software Technology Both talks attracted good audience from Conventionally, textual and alphanumeric strings have been used forauthorizing users and such strings arecalled Password. However, passwordsare easy to break, since a typical patternof characters used as passwords can beinferred easily. In addition, there are lotchances that passwords can be easilystolen from dairies or any other similardocuments. Further, if one user needsto maintain large number of passwords,there is a possibility of cross firing.Thus, biometric can be effectively usedin personal authentication systems,which is found to be robust, invariantwith time and identification factor ishigh. Trivandrum: Inauguration of the workshop on “Good programming: Skills & Practices” at Trivandrum
  • 67. Licenced to Registered with Registrar of News Papers If undelivered return to :Post Without Prepayment for India - RNI 31668/78 CSI, 122, TV Indl. Estate,WEST-42 /2006-2008 Regd. No. MH/MR/WEST-76-2006-08 Mumbai - 400 030 on 11.07.07 exclusively for final year B.E, B.Tech, and M.C.A at the college premises. Ms. R Leena Sri, Student Counselor explained the semantics of Application Development Contest. 10 student teams were selected for the final demos. The students showed their innovation and creativeness through their developed package and inspired the audience. The Juries panels were formed by the experienced Teaching faculty members headed by Mr. K G Srinivasagan, AP/CSE. He gave a valuable sujjestion to the participants as well as audience. TPollachi : (L to R) Ms. Sathyapriya, Mr. Rajinikanth, Prof. A Rathinavelu, Mr. Shankar hiagarajar college of engg., maduraithe respective industry. students on Upcoming Technologies in The CSI Student branch organized On 30th June, the chapter in Networking. a Paper Presentation Contest with theAssociation with TechnoPark, IEEE, Prof. Gowrishankar, HOD-Dept. Theme Area “Information Security”. TenKerala Section and PMI, Trivandrum of Information technology gave the papers were selected to be presentedChapter organised a workshop on welcome address and introduced the from the total abstracts received.“Stress Management in IT Industry” guest to the gathering. Mr. T Chandirasekar & Mr. Nat Travancore Hall, Technopark, Mr. Rajnikant emphasized on the G Karthikeyan of III year CSE whoTrivandrum which was sponsored by changing challenges in the field of presented a paper on “An AnalysisMicrosoft. Networking. and the new technologies of cryptography and implementation On 11th July, the Chapter in HP is focusing which include Virus of an encryption algorithm based onassociation with IEI Kerala State Centre Throttling technique, The provision the results” won the First Prize. Ms.organized a talk on “Good Programming: ASIC chip and future NLAN architecture R.Vimala and Ms. S Suganya of IIISkills & Practices” by Mr. Abbas K. with coordinated wireless deployment. Year CSE won the second prize andSutarwala, Former Senior Faculty, And he addressed on the various Ms. S.Meenu and Ms.S.PriyadarshiniT.C.S. Corporate Learning Center and emerging technologies in networking. of III Year CSE won the third prize.Consultant, at Institution of EngineersHall. On 12th July, One-day Workshop N EC, Kovilpatti The Student Branch organized This Contest was helpful in identifying student’s creativity and hidden talents. oooon “Good Programming: Skills and an Application Development ContestPractices” was held at Hotel ResidencyTower was organized by the Chapterin association with IEEE ComputerSociety. The workshop drew heavily onthe rich experience of the instructor,Mr. Abbas K. Sutarwala, Life Memberof CSI. Student BranchesD r. MahalingamCollege of Engg., pollachi The MCET student branchinvited the Country Manager ofHP, Mr. Rajnikanth, to address the Thiagarajar College of Engg., Madurai : Judges at the Paper Presentation contest. Published by Priyalata Pal for Computer Society of India at 122, TV Industrial Estate, S K Ahire Marg, Worli, Mumbai-400 030 and Website: www.csi-india.org and printed by her at GP Offset Pvt. Ltd., Mumbai 059. Tel. : 2850 7766 • Email: kadam@gpoffset.com