This document discusses information security and provides definitions and concepts related to protecting information systems. It defines information security as measures taken to protect information from unauthorized access, modification, or denial of service. It then outlines key aspects of information security management including security policies, risk analysis, contingency planning and more. Finally, it describes various information security threats like viruses, Trojan horses, and worms as well as methods of protecting information systems through encryption, authentication, firewalls, and other technical controls.

2. 

The protection of information systems
against unauthorized access to or
modification of information, whether in
storage, processing or transit, and against
the denial of service to authorized users or
the provision of service to unauthorized
users, including those measures necessary to
detect, document, and counter such threats
The result of any system of administrative
policies and procedures for identifying,
controlling, and protecting from
unauthorized disclosure, information the
protection of which is authorized by
executive order

3. 
Information Security Management provides:
- a systematic approach to achieving effective
information security within an organization;
- a realistic understanding of information security risks
and issues facing organizations; and
effective techniques for matching information security
requirements with business requirements.
- consists of various facets : security policy, risk analysis,
risk management, contingency planning, and disaster
recovery

4. Information Security Threats
Software agents and malicious code
Virus :
A program which gets executed when ever a
program is run on computer
Trojan Horse :
A program which does its supposed job but also
includes unsuspected and undesirable
functions. e. g. deletion of desirable items
Worm :
A self replicating program, creates its own
copies and executes, works in networks.

5. Information Security Threats
contd
Threats to Servers on Networks
Hackers have potential access to large systems
with prospects of security holes
Hackers use popular UNIX programs to discover
account names and guess passwords
Hackers can use electronic eavesdropping to
trap user and un-encrypted passwords
Hackers can spoof or configure a system to
mimic some other system

6. Security Architecture
Business
Data and application security
Network Security
Authentication and Authorization
Physical Security
Procedural Security
External World

7. Information Security Architecture
Information Security
Authentication Message received by B has
actually come from A
Confidentiality Message is secured and not seen
by any snooper
Integrity
Message has not been distorted by
accident or design
Non repudiation B can make A legally responsible
for the message

8. Information Security
A
B
A sends a message to B

9. Information Security contd
Encryption and Decryption Technology
Transfer Rs. 10,000 to the account of X
Encrypt
bjqhiudiiodo
Send
Decrypt
Receive
Transfer Rs. 10,000 to the account of X

10. Information Security contd
Symmetric Encryption :
The sender encrypts a message by using a secret key
and
the receiver uses the same key for decryption
Useful where two parties are well known
Difficulties in sharing the keys especially in large
networks
DATA ENCRYPTION STANDARD ( DES )
• Secret Key, Symmetric Encryption
• 56 bit secret key which means 2^56 possibilities
(56 Bit DES recently broken in a few hours, 128 bit Okay)
• Triple DES uses 112 bit key
• Bigger the bit size larger amount it takes for decryption

11. Information Security contd
Public and Private Key encryption
Message
Decrypted with B’s private key
B
A
Encrypted with B’s public
key
Message
Both parties have one public key and one private key each
The public keys are known to each other, Private key is not.
Message is encrypted using B’s public key
It can be opened only when B uses its private key
CONFIDENTIALITY IS ENSURED
RSA ( Rivest Shamir Adleman) algorithm for public key 768 bit
RSA considered safe presently

12. Information Security contd
Public and Private Key encryption
Message
Encrypted with B’s public key
A
Decrypted with
A’s public key and
B’s private key
Message
B
Encrypted with A’s private key
Message is encrypted using B’s public key.
The packet of the message encrypted with B’s public key is further
encrypted by A using A’s private key.
It can be opened only when B uses the public key of A and its own
private key
CONFIDENTIALITY AND AUTHENTICITY IS ENSURED

13. Information Security contd
Digital signature and public key encryption
Message
Digital Signature using A’s
private key
Encryption with A’s private key
Encrypted with B’s Public Key
Digital Signature A Sum check number called
finger print (like Message
Authentication Code (MAC) as
used in banking industry) which
is included in the message to
ensure INTEGRITY
CONFIDENTIALITY, INTEGRITY AND AUTHENTICITY ENSURED
BUT REPUDIATION POSSIBLE

14. Information Security
contd
Digital Certificate
Issued by Certifying Authority links
the person with his public and private
key Standard X.509
VERSION
Certificate Serial No.
Signature Algorithm ID.
ISSUER
C.A.PRIVATE
KEY
VALIDITY Period
Subject
Subject Public KEY INFO.
ISSUER Unique Identifier
GENERATE
DIGITAL
SIGNATURE
Subject Unique Identifier
Extensions
C.A.DIGITAL Signature

15. Information Security contd
Public Key Infrastructure
Set of agreed upon standards, certification
authorities, structure between multiple authorities,
methods to discover and validate certification
paths,operational protocols, management protocols,
inter operable tools and supporting legislature
PKI Issues : Regulation
• Governments are producing legislation to govern
e-commerce
• Who regulates Certification Authorities
• C A Liability
• Revocation of certificates

16. Internet Security
• Internet provides global reach at very low
cost and
high speed but is not secure due to its inherent
weakness in TCP/IP
• Growth of the Internet Exponential results in
a rise
of security incidents
• Most ISP and user organisations use public
domain
software such as LINUX, Apache for Internet
that
are more prone to security threads
• Default network OS setting and access to

17. Security Threats to Internet
Types of Attack
• Password - Based Attack
- cracking, FTP, Telnet, etc/password
• IP Spoofing
- TCP/IP allows anyone to generate a message
claiming to be another machine
• Session Hijacking
- special type of IP Spoofing which an intruder is
able to determine the sequence used between
two parties
• Network Snooping / Packet sniffing Packets can easily
be intercepted at any point in the network

18. Internet Security
Web
Network level - Firewall
server
FTP server
External
Users
Inside
Gopher
server
Inbound traffic from the Internet to the internal
network
Outbound traffic from the internal network
Inbound traffic from the Internet to public services

19. Internet Security
Technology
Operational Technology
•One-Time passwords
•Network Monitoring Tools
•Network Security Analysis Tools
•Firewalls
Cryptography Policy based Technology
•Digital Signature
•PKI Policy

20. Security Architecture
Network Security - Firewall