Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
UNIT-II
INFORMATION MANAGEMENT
Program Security, Malicious code and controls against threats; OS level
protection; Security – Firewalls, Network Security Intrusion detection systems.
Data Privacy principles. Data Privacy Laws and compliance.
S.no Topic
1 Program Security
Malicious code
Non Malicious code
2 Controls against threats
3 OS level protection
Memory Protection
File Protection
User Authentication
General object Protection
4 Firewalls
Types
Configuring firewall
5 Network Security
6 Intrusion detection systems
7 Data Privacy principles
8 Data Privacy Laws and compliance
IT6701 INFORMATION MANAGEMENT RMDEC
Program Security:
• Error: When a human makes a mistake, called an error, - syntax error –logical error etc
• Fault: incorrect step, incorrect command, incorrect process, or incorrect data definition in a
computer program.
PROGRAM SECURITY
Fixing Faults
• “if 100 faults were discovered and fixed it is better than another in which only 20 faults were
discovered and fixed”
• "penetrate and patch,“ where analysts searched for and repaired faults. The patch efforts were
largely useless, making the system less secure rather than more secure because they frequently
introduced new faults.
• The inadequacies of penetrate-and-patch led researchers to seek a better way – check if code
meets its security requirements. One way to do that is to compare the requirements with the
behavior.Program security flaw; whether they behave as their designers intended or users
expected. Such unexpected behavior a program security flaw.
• Program security is making "vulnerability" and "flaw" do not map directly to faults and failures
IT6701 INFORMATION MANAGEMENT RMDEC
sample[i] = 'A';
sample[10] = 'B'
Malicious Code
Trojan horse
Logic bomb
IT6701 INFORMATION MANAGEMENT RMDEC
Worms
Rabbit
Trapdoor
• Appended Viruses
• Document Viruses
IT6701 INFORMATION MANAGEMENT RMDEC
Appended Viruses
Document Viruses
IT6701 INFORMATION MANAGEMENT RMDEC
• The most popular virus type is what we call the document virus, which is implemented within a
formatted document, such as a
• The commands are part of a rich programming language, including macros, variables and
procedures, file accesses, and even system calls.
• The writer of a document virus uses any of the features of the programming language to perform
malicious actions.
One-Time Execution
Memory-Resident Viruses
In application program
In libraries
IT6701 INFORMATION MANAGEMENT RMDEC
Virus Signatures
virus cannot be completely invisible. Code must be stored somewhere, and the code must be in
memory to execute. Each of these characteristics yields a telltale pattern, called a signature
Patterns of Virus
• Storage Patterns
• Execution Patterns
• Transmission Patterns
• Polymorphic Viruses
IT6701 INFORMATION MANAGEMENT RMDEC
• Brain Virus
• Internet worm
• Code Red
• Web bugs
• The so-called Brain virus was given its name because it changes the disk label to brain.
• have originated in Pakistan, attacks PCs running an old Microsoft operating system.
Via passwords
Via trapdoors
Code Red
• It is a 2 step process
• Step-1 :=To infect a server, the worm takes advantage of a vulnerability in Microsoft's IIS. It
overflows the buffer in the dynamic link library idq.dll to reside in the server's memory.
• Step-2:=to propagate, Code Red checks IP addresses on port 80 of the PC to see if that web server
is vulnerable.
Web Bugs
• A web bug, sometimes called a pixel tag, clear gif, one-by-one gif, invisible gif, or beacon gif, is a
hidden image on any document that can
display HTML tags, such as a web page, an HTML e-mail message, or even a spreadsheet. Its creator
intends the bug to be invisible,
• unseen by users but very useful nevertheless because it can track the activities of a web user.
Salami Attack--- a salami attack merges bits of seemingly inconsequential data to yield
Interface Illusions--- An interface illusion is a spoofing attack in which all or part of a web
page is false.
Man-in-the-Middle Attacks--- malicious program interjects itself between two other programs.
Storage Channel
Timing Channel
• Use virus detectors (often called virus scanners) regularly and update them daily
• Development Controls
IT6701 INFORMATION MANAGEMENT RMDEC
• Administrative Controls
Development Controls
• Good specification(SRS)
• Good Implementation
• Adequate testing
• Proper reviews
• Proper training
• Good documentation
• Easy Maintenance
• Modularity,
• Encapsulation, and
• Information Hiding
IT6701 INFORMATION MANAGEMENT RMDEC
OS level Protection
OS supports multiprogramming so OS s/m designers must come up with mechanism to protect one user’s
computation from malicious code as well other user’s program
Memory Protection
File Protection
User authentication
• The Basis of OS level protection is Seperation keeping one user’s object separate from others
– physical separation,
– temporal separation,
– cryptographic separation
Fence
Base/Bounds Registers
Tagged Architecture
Segmentation
Paging
The fence was a predefined memory address, enabling the operating system to reside on one side and
the user to stay on the other.
• Disadvantage:predefined amount of space was always reserved for the operating system,
whether it was needed or not. If less than the predefined space was required, the excess space
was wasted.
IT6701 INFORMATION MANAGEMENT RMDEC
Each time a user program generated an address for data modification, the address was utomatically
compared with the fence address. If the address was greater than the fence address (that is, in the user
area), the instruction was executed; if it was less than the fence address .
IT6701 INFORMATION MANAGEMENT RMDEC
• Fence registers provide a lower bound (a starting address) but not an upper one.
• To overcome this difficulty, a second register is often added, called a bounds register, is an upper
address limit,
• In this way, a program's addresses are neatly confined to the space between the base and the
bounds registers.
Tagged Architecture
• An alternative is tagged architecture, in which location of memory has one or more extra bits to
identify the access rights to that location
Segmentation
• Code or data item within a segment is addressed as the pair <name, offset>
• A process can access a segment only if that segment appears in that process's segment translation
table.
• The operating system can place any segment at any location or move any segment to any location,
even after the program begins to execute.
IT6701 INFORMATION MANAGEMENT RMDEC
Paging
• The program is divided into equal-sized pieces called pages, and physical memory is divided into
equalsized units called page frames.
• Each address in a paging scheme is a two-part object, this time consisting of <page, offset>
• The operating system maintains a table of user page numbers and their true addresses in memory.
• The page portion of every <page, offset> reference is converted to a page frame address by a
table lookup; the offset portion is added to the page frame address to produce the real memory
address.
IT6701 INFORMATION MANAGEMENT RMDEC
2.File Protection
• Individual permission
– Persistent Permission(token/ticket)
• Memory
• A directory of files
• A hardware device
Directory Access
IT6701 INFORMATION MANAGEMENT RMDEC
4.USER AUTHENTICATION
1.Passwords as Authenticators
– Fingerprints,
– Fingers),
– Voice,
– Handwriting,
Attacks on Passwords
• Try all possible passwords.
• Try frequently used passwords.
• Try passwords likely for the user.
• Search for the system list of passwords.
• Ask the user
Password Strength
IT6701 INFORMATION MANAGEMENT RMDEC
Firewall
What Is a Firewall?
A firewall is a device that filters all traffic between a protected or "inside" network
and a less trustworthy or "outside" network.
For example, the policy might be to prevent any access from outside (while still
allowing traffic to pass from the inside to the outside).
Alternatively, the policy might permit accesses only from certain places, from
certain users, or for certain activities.
Design of Firewalls
Issue Description
1. always invoked By carefully positioning a firewall within a
network, we can ensure that all network
accesses that we want to control must pass
through it.
2. tamperproof A firewall is typically well isolated, making it
highly immune to modification.
Usually a firewall is implemented on a separate
computer, with direct connections only
with the outside and inside networks.
3. small and simple enough for rigorous And firewall designers strongly recommend
analysis keeping the functionality of the firewall
simple.
Types of Firewalls
Packet filtering gateways or screening routers
Statefull inspection firewalls
Application proxies
Guards
Personal firewalls
Packet Filtering Gateway
A packet filtering gateway or screening router is the simplest and most effective type of
firewall. A packet filtering gateway controls access to packets on the basis of packet address
(source or destination).
A separate firewall behind (on the local side) of the router can screen traffic before it gets to the
protected network. Figure (1) shows a packet filter that blocks access from (or to) addresses in one
network; the filter allows HTTP traffic but blocks traffic using the Telnet protocol.
IT6701 INFORMATION MANAGEMENT RMDEC
Example, suppose a company has three LANs at three locations throughout the world, The
company might want communication only among the three LANs of the corporate network. It
could use a screening router on the LAN at 100.24.4.0 to allow in only communications destined to
the host at 100.24.4.0 and to allow out only communications addressed with address 144.27.5.3 or
192.19.33.0.
Figure(2)
A packet filter sits between the inside network and the outside network, so it can know if a packet
from the outside is forging an inside address, as shown in Figure(3).A screening packet filter might
be configured to block all packets from the outside that claimed their source address was an inside
address.
In this example, the packet filter blocks all packets claiming to come from any address of
the form 100.50.25.x (but, of course, it permits in any packets with destination 100.50.25.x).
IT6701 INFORMATION MANAGEMENT RMDEC
Disadvantage:
Packet filters do not "see inside" a packet; they block or accept packets solely on the basis
of the IP addresses and ports. Thus, any details in the packet's data field is beyond the capability of
a packet filter.
Traditional packet filter firewalls do not examine higher layer context(i.e inside packet). Stateful
packet filters address this need .They examine each IP packet in context. Hence are better able to
detect bogus packets out of context .
A proxy gateway is a two-headed device: It looks to the inside as if it is the outside (destination)
connection, while to the outside it responds just as the insider would.
Eg-A company wants to set up an online price list so that outsiders can see the products and prices
offered. It wants to be sure that no outsider can change the prices or product list. So the firewall is
designed to act as the server giving pricelist ,so even if an intruder posing as clients tries to destroy
the server it only destroys the firewall and not the original server.
Circuit-level gateways/proxies
Tailored to TCP,UDP
Fig-Circuit-level gateways/proxies
IT6701 INFORMATION MANAGEMENT RMDEC
Guard
A guard is a sophisticated firewall. The guard decides what services to perform on the user's behalf
.Eg- A company wants to allow its employees to fetch files via ftp. However, to prevent
introduction of viruses, it will first pass all incoming files through a virus scanner. The firewall
acts as an virus scanner. Combining a virus scanner with a personal firewall is both effective and
efficient.
Personal Firewalls
Firewall Configurations
Disadvantage: If the firewall router is successfully attacked, then all traffic on the LAN to which
the firewall is connected is visible and subjective to attack.
To reduce this exposure, a proxy firewall is often installed on its own LAN. In this way the only
traffic visible on that LAN is the traffic going into and out of the firewall.
For even more protection, we can add a screening router to proxy firewall. The proxy firewall
filters traffic according to its proxy rules and only the traffic to the proxy firewall is visible not any
of the sensitive information on the internal protected LAN.
IT6701 INFORMATION MANAGEMENT RMDEC
Firewalls can protect an environment only if the firewalls control the entire perimeter.
Firewalls do not protect data outside the perimeter
Firewalls are the most visible part of an installation to the outside, so they are the most
attractive target for attack
Firewalls must be correctly configured, that configuration must be updated as the internal
and external environment changes, and firewall activity reports must be reviewed
periodically for evidence of attempted or successful intrusion.
Firewalls are targets for penetrators. so that even if a penetrator breaks it, the firewall does
not have further tools, such as compilers, linkers, loaders, and the like, to continue an
attack.
IT6701 INFORMATION MANAGEMENT RMDEC
Network Security
Ports are like little doors on your system. Most packets leaving /enter your machine using a certain
door(port). There are two different protocols that use ports: TCP and UDP. Each of these two
protocols has 65,536 different ports. Web servers usually listen on TCP port 80. Mail servers
usually listen on TCP door port 25.
An attacker launches a port scan to see what ports are open, on your machine. A port scan attack,
occurs when an attacker sends packets to your machine, varying the destination port. The attacker
can use this to find out what services you are running and to get a pretty good idea of the operating
system you have.
Eavesdropping
Eavesdropping is secretly listening to the private conversation of others without their consent.
IT6701 INFORMATION MANAGEMENT RMDEC
Fig-Eavesdropping
Wiretapping
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable
by overwhelming it with traffic from multiple sources.
Backdoor
Backdoors are essentially tunnels that lead into a computer ,which must be manually opened by an
attacker. A backdoor generally works like this:
1. The attacker sends a program on a channel that the backdoor is listening on.
2. The backdoor finds the program, downloads it, and executes it.
The program that the backdoor executes can be any form of malicious thing.It is an active attack
Packet sniffing
Packet sniffing is the act of capturing data flow of packets across a computer network.
Packet sniffing has legitimate uses to monitor network performance or troubleshoot problems
with network communications. However, it is also widely used by hackers and crackers to gather
information illegally about networks they intend to break into. Using a packet sniffer it is possible
to capture data like passwords, IP addresses, protocols being used on the network and other
information that will help the attacker infiltrate the network.
IT6701 INFORMATION MANAGEMENT RMDEC
Fig-Packet sniffing
Reconnaissance attack
Active reconnaissance is a type of computer attack in which an intruder engages with the targeted
system to gather information about vulnerabilities.
The word reconnaissance is borrowed from its military use, where it refers to a mission into
enemy territory to obtain information. In a computer security context, reconnaissance is usually a
preliminary step toward a further attack seeking to exploit the target system
Passive reconnaissance is an attempt to gain information about targeted computers and networks
without actively engaging with the systems.
DNS attack
A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain
name system (DNS).
DNS is a protocol that translates a user-friendly domain name, like abc.com, into the computer-
friendly IP address 206.19.49.154.
DNS attack is a computer hacking attack, whereby data is introduced into a Domain Name System
(DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic
to the attacker's computer (or any other computer).
Masquerade
Masquerade is a type of attack where the attacker pretends to be an authorized user of a system in
order to gain access to it or to gain greater privileges than they are authorized.
IT6701 INFORMATION MANAGEMENT RMDEC
Fig-masquerade attack
Session hijacking
Session hijacking, also known as TCP session hijacking.It is a method of taking over a user’s
session by illegally obtaining the session ID and masquerading as the authorized user. Once the
user's session ID has been accessed, the attacker can masquerade as that user and do anything the
user is authorized to do on the network.
SYN Flooding
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN
requests to a target's system in an attempt to consume enough server resources to make the system
unresponsive to legitimate traffic.
IT6701 INFORMATION MANAGEMENT RMDEC
Fig-SYN Flooding
IT6701 INFORMATION MANAGEMENT RMDEC
An IDS is a sensor, like a smoke detector, that raises an alarm if specific unwanted things
occur.
An IDS receives raw inputs from sensor(events). It saves those inputs, analyzes them, and takes
some controlling action.
Ideally, IDS should be fast, simple, and accurate, while at the same time being complete. It
should detect all attacks with little performance penalty. An IDS could use someor all of the
following design approaches:
TYPES OF IDS
Classification -1
o Signature based
o Heuristic based
Classification-2
o Network based
o Host based
Heuristic intrusion detection systems, is also known as anomaly based systems, It builds a model
of acceptable behavior as acceptable.
Instead of looking for matches, heuristic intrusion detection looks for behavior that is out of
the ordinary.
Helpful in understanding normal and abnormal behavior.(- this is refered to as Inference
Engine)
For example, one user might always start the day by reading e-mail, write many documents using a
word processor, and occasionally back up files. These actions would be normal. This user does not
seem to use many administrator utilities. If that person tried to access sensitive system
management utilities, this new behavior might be a clue that someone else was acting under the
user's identity.
State-based intrusion detection systems detect when the system has veered into unsafe modes.
Model-based intrusion detection systems try to map current activity onto a model of unacceptable
activity and raise an alarm when the activity resembles the unacceptable model
Network-based IDS
Network-based IDS is a stand-alone device attached to the network to monitor traffic throughout
that network;
Host-based IDS
a host-based IDS runs on a single workstation or client or host, to protect that one host.
Stealth Mode
The IDS uses the monitor interface as “input only”; it never sends packets out through this N/w
interface. Often, the interface is configured so that the device has no published address ; so, a
router cannot route anything to that address directly, because the router does not know such a
device exists.
If the IDS needs to generate an alert, it uses only the alarm interface on a completely separate
control network.
Such an architecture is shown in Figure bellow
Advantage:
(1) IDSs detect an ever-growing number of serious problems;And as we learn more about
problems, we can add their signatures to the IDS model. Thus, over time, IDSs continue to
improve.
(2) Cheaper and easier to administer.
Disadvantage:
An IDS does not run itself; someone has to monitor its track record and respond to its alarms.
Responding to Alarms
An intrusion detection system raises an alarm when it finds a match. The alarm can range from
something modest, such as writing a note in an audit log, to something significant, such as call the
system security administrator.
Privacy in Computing
Privacy is a human right. Privacy is an aspect of confidentiality
Privacy Concepts
Information privacy has three aspects:
(1) Sensitive data,
(2) Affected parties, and
(3) Controlled disclosure
Controlled Disclosure
What is privacy? privacy is the right to control who knows certain aspects about you, your
communications, and your activities. In other words, you voluntarily choose who can know things
about you and what those things are.
The problem is: Anyone who has access to an object(data) can copy, transfer, or propagate
object or its content to others without consent.
Sensitive Data
Example ; People usually consider data sensitive like financial status, certain health data.
Here are examples (in no particular order) of data many people consider private.
Identity, the ownership of private data and the ability to control its
disclosure
Finances, credit, bank details
Legal matters
Medical conditions, drug use, DNA, genetic predisposition to illnesses
Voting, opinions, membership in advocacy organizations
Preferences: religion
Biometrics, physical characteristics, polygraph results, fingerprints
Illegal activities, criminal records
Air travel data, general travel data, a person's location (present and past)
Affected Subject
Individuals, groups, companies, organizations,and governments all have data they consider
sensitive.
Eg-1:Companies consider product plans, key customers, profit margins, and newly
discovered technologies as private or sensitive.
Eg-2: schools, hospitals, or charities, may need to protect personal data of their students,
patients, or donors..
IT6701 INFORMATION MANAGEMENT RMDEC
Privacy Issues
Computers and networks with internet have increased the feasibility of unwanted disclosures.
Vulnernability- Public records, storage capacity, Search engines, openness of networks.
Collection limitation:
Data should be obtained lawfully and fairly.
Data quality:
Data should be relevant to their purposes only then u can collect data and the collected ,
data must be accurate, complete, and up-to-date.
Purpose specification:
The purposes for which data will be used should be identified and the data destroyed if no
longer necessary to serve that purpose.
Use limitation:
The data must be used for purposes other than those specified only with consent of the data
owner or by authority of law.
Security safeguards:
Procedures to guard against loss, corruption, destruction, or misuse of data should be
established.
Individual participation:
The data subject (either individual/company/organization) normally has a right to access
and to challenge data relating to her.
Accountability:
There must be strict privacy rules,laws and punishments
IT6701 INFORMATION MANAGEMENT RMDEC
Information collection: Data are collected only with knowledge and explicit consent.
Information usage: Data are used only for certain specified purposes.
Information retention: Data are retained for only a set period of time.
Information disclosure: Data are disclosed to only an authorized set of people.
Information security: Appropriate mechanisms are used to ensure the protection of the data.
Access control: All modes of access to all forms of collected data are controlled.
Monitoring: Logs are maintained showing all accesses to data.
Policy changes: Less restrictive policies are never applied after-the-fact to the already obtained
data.
Data Privacy Laws and Compliance
Notice:- Data collectors must disclose their information practices before collecting
personal information from consumers.
Choice:- Consumers must be given a choice as to whether and how personal information
collected from them may be used.
Access:- Consumers should be able to view and contest the accuracy and completeness of
data collected about them.
Security:-Data collectors must take reasonable steps to ensure that information collected
from consumers is accurate and secure from unauthorized use.
Enforcement:-. A reliable mechanism must be in place to impose sanctions for
noncompliance with these fair information practices.
Data Protection refers to the set of privacy laws, policies and procedures that aim to minimize
intrusion into one‟s privacy caused by the collection, storage and dissemination of personal data.
The (Indian) Information Technology Act, 2000 deals with the issues relating to payment of
compensation (Civil) and punishment (Criminal) in case of wrongful disclosure and misuse of
personal data and violation of contractual terms in respect of personal data.
Penalty for Damage-Section 43 of the IT Act, imposes a penalty of INR 10 million inter alia, for
downloading data without consent.
IT6701 INFORMATION MANAGEMENT RMDEC
Tampering with Computer Source Documents as provided for under the IT Act, 2000
Section 65 of the IT Act lays down that whoever knowingly or intentionally conceals,
destroys, or alters any computer source code used for a computer, computer programme, computer
system or computer network, when the computer source code is required to be kept or maintained
by law for the time being in force and shall be punish able with imprisonment up to three years, or
with fine which may extend up to INR 200,000, or with both.
Rule 1: mentions the list of things which will be treated as "sensitive personal data "under
the Act. It includes passwords, credit or debits card information, medical and biometric
records etc.
Rule 2: Body- Corporate to provide a privacy policy for dealing with personal information
and sensitive data. The policy shall include all the necessary details for e.g. type of
personal data collected, statements of practices, purpose of collection, provisions related to
disclosure and security practices etc.
Rule 3: it deals with provisions which govern the collection of information.
i. Body- Corporate shall not collect sensitive personal data without obtaining consent
in writing or by fax or e-mail form the provider regarding the purpose for which the
data is being collected.
ii. Any personal information or sensitive data shall not be collected unless and until it
is for a lawful purpose.
iii. The provider shall be made aware of the facts as to the information collected.
iv. The information collected shall be used only for the purpose for which it is
collected and shall not be retained for a period longer than which is required.
v. The provider shall be given an option to opt out of providing such information
along with an option to withdraw his consent at any later stage.
Rule 4: requires that the Body- Corporate shall seek the consent of the concerned provider
before disclosing the sensitive data to a third party,
Rule 5: clarifies that a body- corporate shall get their code duly approved by the Central
Government.
IT6701 INFORMATION MANAGEMENT RMDEC
The following important sections have been substituted and inserted by the IT Amendment Act
Sections Descriptions
Section 43A Compensation for failure to protect data
Section 66 Computer Related Offences
Section 66A Punishment for sending offensive messages through communication service,
etc
Section 66B Punishment for dishonestly receiving stolen computer resource or
communication device.
Section 66C Punishment for identity theft of information
Section 66D Punishment for cheating by person by or using computer resource
Section 66E Punishment for violation for privacy
Section 84C Punishment for attempt to commit offences
Government of India first serious Law towards privacy was "Information Technology was
(Reasonable Security Practices and Procedures and Sensitive Personal Data or Information)
Rules, 2011)