Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Security
CS-801D
IT-801D
Credits -3
Total Lectures – 38 (Defined)
Syllabus
• Module1: Attacks on Computers & Computer Security (5L)
• Introduction, Need for Security, Security approaches, Principles of Security, Types of attack.
• Module2: Cryptography: Concepts & Techniques (7L)
• Introduction, Plaintext & Cipher text, Substitution Techniques, Transposition Techniques, Encryption & Decryption,
• Symmetric & Asymmetric key Cryptography, Key Range & Key Size
• Module3: Symmetric Key Algorithm (8L)
• Introduction, Algorithm types & Modes, Overview of Symmetric Key Cryptography, DES(Data Encryption Standard)
• algorithm, IDEA(International Data Encryption Algorithm) algorithm, RC5(Rivest Cipher 5) algorithm.
• Module4: Asymmetric Key Algorithm, Digital Signature and RSA (5L)
• Introduction, Overview of Asymmetric key Cryptography, RSA algorithm, Symmetric & Asymmetric key
Cryptography
• together, Digital Signature, Basic concepts of Message Digest and Hash Function (Algorithms on Message Digest and
Hash
• function not required).
• Module5: Internet Security Protocols, User Authentication (6L)
• Basic Concepts, SSL protocol, Authentication Basics, Password, Authentication Token, Certificate based
Authentication,
• Biometric Authentication.
• Module6 : Electronic Mail Security (4L)
• Basics of mail security, Pretty Good Privacy, S/MIME.
• Module7: Firewall (3L)
• Introduction, Types of firewall, Firewall Configurations, DMZ Network
Books to study
• Text :
• 1. “Cryptography and Network Security”, William Stallings, 2nd Edition,
Pearson Education Asia
• 2. “Network Security private communication in a public world”, C. Kaufman,
R. Perlman and M. Speciner,
• Pearson
• 3. Cryptography & Network Security: Atul Kahate, TMH.
• Reference :
• 1. “Network Security Essentials: Applications and Standards” by William
Stallings, Pearson
• 2. “Designing Network Security”, Merike Kaeo, 2nd Edition, Pearson Books
• 3. “Building Internet Firewalls”, Elizabeth D. Zwicky, Simon Cooper, D.
Brent Chapman, 2nd Edition, Oreilly
• 4. “Practical Unix & Internet Security”, Simson Garfinkel, Gene Spafford,
Alan Schwartz, 3rd Edition, Oreilly
Introduction
• Why?
• What?
• How?
The Need for Security
• User id + password
• Not accessible for unauthorised
Data Transmission on the
Internet
• Data travels as clear text
• Functionality
• Cultural issues
• Legality
Need for Security
• Why???
Principles of Security
• Confidentiality
• Integrity
• Authentication
• Non-repudiation
Transmission of Credit Card
Details
Customer Id: 78910
Order Id: 90
Clien Item Id: 156 Serve
t Credit Card Number: r
1234567890
Issued By: Visa
Valid Till: Jan 2006
…
Server
Database
Security approaches (Models)
• No security
• Host security
• Network model
Confidentiality
• Also called as privacy
A Secret B
Sender Receiver
C
Attacker
Authentication
• Identifies the sender/receiver of a message
I am user A
A B
Sender Receiver
C
Attacker
Integrity
• Ensures that any changes to a message are
detected
A B
Transfer $100
Transfer
to C
$1000
to C
Actual route of the message
C
Sender Attacker Receiver
Non-repudiation does not allow
the sender of a message to refuse
the claim of not sending the
message
Access Control
Who should be able to access what
1. Role Management – Which user can do
what?
2. Rule Management – Which resource is
accessible, and under what circumstances?
Availability
• Resources/applications must be available to
authentic users all the time
A B
Sender Receiver
C
Attacker
Attacks A general view
• Criminal attacks
• Publicity attacks
• Legal attacks
Attack Technical view
• Interception –loss of confidentiality
• Fabrication: loss of authentication
• Modification- Loss of integrity
• Interruption-loss of avaiabilty
Types of Attacks
Attacks
Passive attacks
(Interception)
Active attacks
Security attacks in
practice
• Propagates as it damages
Phases of virus
• Dormant
• Propagation
• Triggering
• Execution
Diff types of virus
• Parasitic
• Memory-resident
• Boot sector
• Polymorphic
• Metamorphic
Example of Virus
Attacker
Deleting virus
• Detection
• Identification
• Removal
Anti virus type
• 1st generation – simple scanners
• 2nd generations- Heuristic scanners
• 3rd generation- activity traps
• 4th generations-Full-featured protection
Specific attacks
• Sniffing and spoofing
• A. Packet sniffing
• B. Packet Spoofing
• The attacker can intercept reply
• The attacker needs not see intercept
reply
• The attacker does not want reply
Phishing & pharming