Uploaded by23017156038
PPT, PDF52 views

Network security in computer network for BS

The document provides an overview of network security essentials, including: 1. Symmetric encryption uses a shared secret key between sender and receiver to encrypt and decrypt messages. Common symmetric algorithms include the Shift Cipher and Caesar Cipher. 2. The Caesar Cipher replaces each letter with the letter three positions further down the alphabet, encrypting "ET TU BRUTUS" to "HW WX EUXWXV". 3. Network security concepts like confidentiality, integrity, and availability are discussed alongside security attacks, services, and mechanisms defined in the X.800 standard. Models for providing network and access security are also introduced.

Education◩

Embed presentation

Download to read offline
Network Security Essentials Lecture 1 By Usman Zia
The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu
 The combination of space, time, and strength that must be considered as the basic elements of this theory of defense makes this a fairly complicated matter. Consequently, it is not easy to find a fixed point of departure. — On War, Carl Von Clausewitz
Computer Security  The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) [NIST 1995]
Key Security Concepts
Three Key Objectives  Confidentiality ïŹ Data confidentiality ïŹ Privacy  Integrity ïŹ Data integrity ïŹ System integrity  Availability  Additional concepts ïŹ Authenticity ïŹ Accountability
Levels of Impact  3 levels of impact from a security breach ïŹ Low ïŹ Moderate ïŹ High
Examples of Security Requirements  confidentiality – student grades  integrity – patient information  availability – authentication service
Computer Security Challenges 1. not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms and secret info 5. must decide where to deploy mechanisms 6. battle of wits between attacker / admin 7. not perceived on benefit until fails 8. requires regular monitoring 9. too often an after-thought 10. regarded as impediment to using system
OSI Security Architecture  ITU-T X.800 “Security Architecture for OSI”  defines a systematic way of defining and providing security requirements  for us it provides a useful, if abstract, overview of concepts we will study
Aspects of Security  3 aspects of information security: ïŹ security attack ïŹ security mechanism: detect, prevent, recover ïŹ security service  terms ïŹ threat – a potential for violation of security ïŹ attack – an assault on system security, a deliberate attempt to evade security services
Passive Attacks (1) Release of Message Contents
Passive Attacks (2) Traffic Analysis
 Passive attacks do not affect system resources ïŹ Eavesdropping, monitoring  Two types of passive attacks ïŹ Release of message contents ïŹ Traffic analysis  Passive attacks are very difficult to detect ïŹ Message transmission apparently normal ‱ No alteration of the data ïŹ Emphasis on prevention rather than detection ‱ By means of encryption
Active Attacks (1) Masquerade
Active Attacks (2) Replay
Active Attacks (3) Modification of Messages
Active Attacks (4) Denial of Service
 Active attacks try to alter system resources or affect their operation ïŹ Modification of data, or creation of false data  Four categories ïŹ Masquerade ïŹ Replay ïŹ Modification of messages ïŹ Denial of service: preventing normal use ‱ A specific target or entire network  Difficult to prevent ïŹ The goal is to detect and recover
Security Service ïŹ enhance security of data processing systems and information transfers of an organization ïŹ intended to counter security attacks ïŹ using one or more security mechanisms ïŹ often replicates functions normally associated with physical documents ‱ which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
Security Services  X.800: “a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”  RFC 2828: “a processing or communication service provided by a system to give a specific kind of protection to system resources”
Security Services (X.800)  Authentication - assurance that communicating entity is the one claimed ïŹ have both peer-entity & data origin authentication  Access Control - prevention of the unauthorized use of a resource  Data Confidentiality –protection of data from unauthorized disclosure  Data Integrity - assurance that data received is as sent by an authorized entity  Non-Repudiation - protection against denial by one of the parties in a communication  Availability – resource accessible/usable
Security Mechanism  feature designed to detect, prevent, or recover from a security attack  no single mechanism that will support all services required  however one particular element underlies many of the security mechanisms in use: ïŹ cryptographic techniques  hence our focus on this topic
Security Mechanisms (X.800) specific security mechanisms: ïŹ encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization pervasive security mechanisms: ïŹ trusted functionality, security labels, event detection, security audit trails, security recovery
Model for Network Security
Model for Network Security  using this model requires us to: 1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service
Model for Network Access Security
Model for Network Access Security  using this model requires us to: 1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources
Standards  NIST: National Institute of Standards and Technology ïŹ FIPS: Federal Information Processing Standards ïŹ SP: Special Publications  ISOC: Internet Society ïŹ Home for IETF (Internet Engineering Task Force) and IAB (Internet Architecture Board) ïŹ RFCs: Requests for Comments
Summary  topic roadmap & standards organizations  security concepts: ïŹ confidentiality, integrity, availability  X.800 security architecture  security attacks, services, mechanisms  models for network (access) security
Network Security Essentials Lecture 2 By Usman Zia
Symmetric Encryption  or conventional / private-key / single-key  sender and recipient share a common key  all classical encryption algorithms are private-key  was only type prior to invention of public- key in 1970’s  and by far most widely used
Some Basic Terminology  plaintext - original message  ciphertext - coded message  cipher - algorithm for transforming plaintext to ciphertext  key - info used in cipher known only to sender/receiver  encipher (encrypt) - converting plaintext to ciphertext  decipher (decrypt) - recovering ciphertext from plaintext  cryptography - study of encryption principles/methods  cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key  cryptology - field of both cryptography and cryptanalysis
Symmetric Cipher Model
 Requirements
 Each letter we identify with a number  A = 0  B = 1  C = 2  ...  Z = 25  The key k is a number in the range 0 − 25  Encryption is add k onto each letter modulo 26.  Use the key k = 3.  HELLO becomes  KHOOR Shift Cipher
 ROT-13 cipher (2)
 Earliest known substitution cipher and first attested use in military affairs  The Roman emperor Julius Caesar used to substitute each letter in his diplomatic communications with the letter that was three letters further along in the alphabet.  Replaces each letter by 3rd letter on  p : ABCDEFGHIJKLMNOPQRSTUVWXYZ  F(p) : DEFGHIJKLMNOPQRSTUVWXYZABC Caesar cipher
 Example:  Plaintext : ET TU BRUTUS  Ciphertext : HW WX EUXWXV Caesar cipher (2)
 Can define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C  Mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25  Then have Caesar cipher as: c = E(p) = (p + k) mod (26) p = D(c) = (c – k) mod (26) Caesar cipher (3)
 Caesar cipher (4)

More Related Content

PPTX
cns unit 1.pptx
bySaranya Natarajan
 
PPT
ch01 cryptographyand network security.ppt
byalwaseimostafa2
 
PPT
ch01.pptch01.pptch01.pptch01.pptch01.ppt
bykelumsd
 
PPT
Lecture-01,02.ppt introduction to INFORMATION SECURITY, WEEK 1 , basics
bykashafzia775
 
PPT
NETWORK SECURITY
byTouseeqHaider11
 
PPT
Lecture-01,02-1 Information security introduction.ppt
byNasirAli233814
 
PPT
ch01_overview.ppt
byDrVASAVIBANDE
 
PPT
ch01_nemo-Pendahuluan.ppt
byYusufYusufKurniawan
 
cns unit 1.pptx
bySaranya Natarajan
 
ch01 cryptographyand network security.ppt
byalwaseimostafa2
 
ch01.pptch01.pptch01.pptch01.pptch01.ppt
bykelumsd
 
Lecture-01,02.ppt introduction to INFORMATION SECURITY, WEEK 1 , basics
bykashafzia775
 
NETWORK SECURITY
byTouseeqHaider11
 
Lecture-01,02-1 Information security introduction.ppt
byNasirAli233814
 
ch01_overview.ppt
byDrVASAVIBANDE
 
ch01_nemo-Pendahuluan.ppt
byYusufYusufKurniawan
 

Similar to Network security in computer network for BS

PDF
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
PPT
Ch01
byJoe Christensen
 
PPT
Module-1.ppt cryptography and network security
byAparnaSunil24
 
PPT
Ch01
byssusere796b3
 
PPTX
CRYPTOGRAPHY & NETWORK SECURITY [Autosaved].pptx
byasjadzaki2021
 
PPT
CH01.ppt
byShahidMehmood285010
 
PPT
Ch01
byn C
 
PPTX
Cryptography Introduction Classical Encryption
byRajarajanS15
 
PPT
ch01 cryptography1cryptography1cryptography1
bykavyams22
 
PPT
ch01_overview_nemo.ppt
byssuser6602e0
 
PPT
ch01_overview.ppt
byDrVASAVIBANDE
 
PPT
Chapter 1.ppt
byTamer Nadeem
 
PPT
ch01_overview_nemo.ppt
byvikasVEVO
 
PPT
computer architecture.ppt
byPandiya Rajan
 
PPT
Intro-2013.pptIntro-2013.pptIntro-2013.ppt
bytahirnaquash2
 
PPT
ch01.ppt
byssuser4198c4
 
PPT
Ch01 overview nemo
byMrNitinJainSETAssist
 
PPT
ch01_overview_nemo (1)ch01_overview_nemo (1)ch01_overview_nemo (1)ch01_overvi...
byShanmuganathan C
 
PPT
ch01_overview_nemo.ppt
byNithyasri Arumugam
 
PPTX
Introduction of network security
bysneha padhiar
 
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
Ch01
byJoe Christensen
 
Module-1.ppt cryptography and network security
byAparnaSunil24
 
Ch01
byssusere796b3
 
CRYPTOGRAPHY & NETWORK SECURITY [Autosaved].pptx
byasjadzaki2021
 
CH01.ppt
byShahidMehmood285010
 
Ch01
byn C
 
Cryptography Introduction Classical Encryption
byRajarajanS15
 
ch01 cryptography1cryptography1cryptography1
bykavyams22
 
ch01_overview_nemo.ppt
byssuser6602e0
 
ch01_overview.ppt
byDrVASAVIBANDE
 
Chapter 1.ppt
byTamer Nadeem
 
ch01_overview_nemo.ppt
byvikasVEVO
 
computer architecture.ppt
byPandiya Rajan
 
Intro-2013.pptIntro-2013.pptIntro-2013.ppt
bytahirnaquash2
 
ch01.ppt
byssuser4198c4
 
Ch01 overview nemo
byMrNitinJainSETAssist
 
ch01_overview_nemo (1)ch01_overview_nemo (1)ch01_overview_nemo (1)ch01_overvi...
byShanmuganathan C
 
ch01_overview_nemo.ppt
byNithyasri Arumugam
 
Introduction of network security
bysneha padhiar
 

More from 23017156038

PPT
lecture_18class_diagrams.ppt
by23017156038
 
PPT
Week_01-Intro to Software Engineering-1.ppt
by23017156038
 
PPT
Ppt IT Infrastructure.ppt
by23017156038
 
PPTX
class5jf.pptx Block cipher in information security
by23017156038
 
PPTX
ch5.pptx CUP Scheduling and its details in OS
by23017156038
 
PDF
COCOMO 1 Model ppt AR-1.pdf
by23017156038
 
PDF
Datacenters.pdf
by23017156038
 
lecture_18class_diagrams.ppt
by23017156038
 
Week_01-Intro to Software Engineering-1.ppt
by23017156038
 
Ppt IT Infrastructure.ppt
by23017156038
 
class5jf.pptx Block cipher in information security
by23017156038
 
ch5.pptx CUP Scheduling and its details in OS
by23017156038
 
COCOMO 1 Model ppt AR-1.pdf
by23017156038
 
Datacenters.pdf
by23017156038
 

Recently uploaded

PDF
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
PDF
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PPTX
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
PPTX
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
PDF
Analyzing the data of your initial survey
byThelma Villaflores
 
PPTX
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
PPTX
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
PPTX
Overview of how to Create a Model in Odoo 18
byCeline George
 
PPTX
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
PDF
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PPTX
Introduction-to-Anatomy-and-Physiology.pptx
byAshish Umale
 
PDF
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
PDF
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
PDF
International Men's Day Event: Breaking the Silence: Embracing Vulnerability ...
byAssociation for Project Management
 
PDF
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
PPTX
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
PPTX
REVISED DEFENSE MECHANISM / ADJUSTMENT MECHANISM-FINAL
byShimla
 
PDF
Types of eggs and Egg membranes (Developmental Zoology)
bySudhandraKarthi
 
PPTX
Growth & Development MILESTONES (ADOLESCENTS ).pptx
byAneetaSharma15
 
PPTX
Semester 6 Unit 2 Club foot (talipes).pptx
bysachin7989
 
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
Analyzing the data of your initial survey
byThelma Villaflores
 
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
Overview of how to Create a Model in Odoo 18
byCeline George
 
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
Introduction-to-Anatomy-and-Physiology.pptx
byAshish Umale
 
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
International Men's Day Event: Breaking the Silence: Embracing Vulnerability ...
byAssociation for Project Management
 
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
REVISED DEFENSE MECHANISM / ADJUSTMENT MECHANISM-FINAL
byShimla
 
Types of eggs and Egg membranes (Developmental Zoology)
bySudhandraKarthi
 
Growth & Development MILESTONES (ADOLESCENTS ).pptx
byAneetaSharma15
 
Semester 6 Unit 2 Club foot (talipes).pptx
bysachin7989
 

Network security in computer network for BS

  • 1.
  • 2.
    The art ofwar teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu
  • 3.
     The combinationof space, time, and strength that must be considered as the basic elements of this theory of defense makes this a fairly complicated matter. Consequently, it is not easy to find a fixed point of departure. — On War, Carl Von Clausewitz
  • 4.
    Computer Security  Theprotection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) [NIST 1995]
  • 5.
  • 6.
    Three Key Objectives Confidentiality ïŹ Data confidentiality ïŹ Privacy  Integrity ïŹ Data integrity ïŹ System integrity  Availability  Additional concepts ïŹ Authenticity ïŹ Accountability
  • 7.
    Levels of Impact 3 levels of impact from a security breach ïŹ Low ïŹ Moderate ïŹ High
  • 8.
    Examples of Security Requirements confidentiality – student grades  integrity – patient information  availability – authentication service
  • 9.
    Computer Security Challenges 1.not simple 2. must consider potential attacks 3. procedures used counter-intuitive 4. involve algorithms and secret info 5. must decide where to deploy mechanisms 6. battle of wits between attacker / admin 7. not perceived on benefit until fails 8. requires regular monitoring 9. too often an after-thought 10. regarded as impediment to using system
  • 10.
    OSI Security Architecture ITU-T X.800 “Security Architecture for OSI”  defines a systematic way of defining and providing security requirements  for us it provides a useful, if abstract, overview of concepts we will study
  • 11.
    Aspects of Security 3 aspects of information security: ïŹ security attack ïŹ security mechanism: detect, prevent, recover ïŹ security service  terms ïŹ threat – a potential for violation of security ïŹ attack – an assault on system security, a deliberate attempt to evade security services
  • 12.
    Passive Attacks (1) Releaseof Message Contents
  • 13.
  • 14.
     Passive attacksdo not affect system resources ïŹ Eavesdropping, monitoring  Two types of passive attacks ïŹ Release of message contents ïŹ Traffic analysis  Passive attacks are very difficult to detect ïŹ Message transmission apparently normal ‱ No alteration of the data ïŹ Emphasis on prevention rather than detection ‱ By means of encryption
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
     Active attackstry to alter system resources or affect their operation ïŹ Modification of data, or creation of false data  Four categories ïŹ Masquerade ïŹ Replay ïŹ Modification of messages ïŹ Denial of service: preventing normal use ‱ A specific target or entire network  Difficult to prevent ïŹ The goal is to detect and recover
  • 20.
    Security Service ïŹ enhancesecurity of data processing systems and information transfers of an organization ïŹ intended to counter security attacks ïŹ using one or more security mechanisms ïŹ often replicates functions normally associated with physical documents ‱ which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
  • 21.
    Security Services  X.800: “aservice provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”  RFC 2828: “a processing or communication service provided by a system to give a specific kind of protection to system resources”
  • 22.
    Security Services (X.800) Authentication - assurance that communicating entity is the one claimed ïŹ have both peer-entity & data origin authentication  Access Control - prevention of the unauthorized use of a resource  Data Confidentiality –protection of data from unauthorized disclosure  Data Integrity - assurance that data received is as sent by an authorized entity  Non-Repudiation - protection against denial by one of the parties in a communication  Availability – resource accessible/usable
  • 23.
    Security Mechanism  featuredesigned to detect, prevent, or recover from a security attack  no single mechanism that will support all services required  however one particular element underlies many of the security mechanisms in use: ïŹ cryptographic techniques  hence our focus on this topic
  • 24.
    Security Mechanisms (X.800) specificsecurity mechanisms: ïŹ encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization pervasive security mechanisms: ïŹ trusted functionality, security labels, event detection, security audit trails, security recovery
  • 26.
  • 27.
    Model for NetworkSecurity  using this model requires us to: 1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service
  • 28.
    Model for NetworkAccess Security
  • 29.
    Model for NetworkAccess Security  using this model requires us to: 1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources
  • 30.
    Standards  NIST: NationalInstitute of Standards and Technology ïŹ FIPS: Federal Information Processing Standards ïŹ SP: Special Publications  ISOC: Internet Society ïŹ Home for IETF (Internet Engineering Task Force) and IAB (Internet Architecture Board) ïŹ RFCs: Requests for Comments
  • 31.
    Summary  topic roadmap& standards organizations  security concepts: ïŹ confidentiality, integrity, availability  X.800 security architecture  security attacks, services, mechanisms  models for network (access) security
  • 32.
  • 33.
    Symmetric Encryption  orconventional / private-key / single-key  sender and recipient share a common key  all classical encryption algorithms are private-key  was only type prior to invention of public- key in 1970’s  and by far most widely used
  • 34.
    Some Basic Terminology plaintext - original message  ciphertext - coded message  cipher - algorithm for transforming plaintext to ciphertext  key - info used in cipher known only to sender/receiver  encipher (encrypt) - converting plaintext to ciphertext  decipher (decrypt) - recovering ciphertext from plaintext  cryptography - study of encryption principles/methods  cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key  cryptology - field of both cryptography and cryptanalysis
  • 35.
  • 36.
  • 37.
     Each letterwe identify with a number  A = 0  B = 1  C = 2  ...  Z = 25  The key k is a number in the range 0 − 25  Encryption is add k onto each letter modulo 26.  Use the key k = 3.  HELLO becomes  KHOOR Shift Cipher
  • 38.
  • 39.
     Earliest knownsubstitution cipher and first attested use in military affairs  The Roman emperor Julius Caesar used to substitute each letter in his diplomatic communications with the letter that was three letters further along in the alphabet.  Replaces each letter by 3rd letter on  p : ABCDEFGHIJKLMNOPQRSTUVWXYZ  F(p) : DEFGHIJKLMNOPQRSTUVWXYZABC Caesar cipher
  • 40.
     Example:  Plaintext: ET TU BRUTUS  Ciphertext : HW WX EUXWXV Caesar cipher (2)
  • 41.
     Can definetransformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C  Mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25  Then have Caesar cipher as: c = E(p) = (p + k) mod (26) p = D(c) = (c – k) mod (26) Caesar cipher (3)
  • 42.