Security Mechanisms(X800 Encipherment -algorithmic/mathematical conversion Digital Signature -appending a secret signature Access Control Data Integrity Authentication Exchange Traffic Padding-appending extra chars to foil traffic analysis techniques Routing Control-selection of secure routeds through the network Notarization- use a trused 3rd party (like a notary public) 16
16 Security Mechanisms (X.800) • Encipherment – algorithmic/mathematical conversion • Digital Signature – appending a secret signature • Access Control - • Data Integrity • Authentication Exchange • Traffic Padding – appending extra chars to foil traffic analysis techniques • Routing Control – selection of secure routeds through the network • Notarization – use a trused 3rd party (like a notary public)
Other Security Mechanisms(non X 800) Trusted functionality That which is perceived to be true by some criteria (policy) Security label The marking of (bound to) a resource that names or designates the security attributes of the resource Event detection Intrusion detection Detection of specific hacks(detector hardware) Too many log in attempts Security audit trail Logging of all system events Security recovery Recovery based on requests from security mechanisms 7 and/or event handling
17 Other Security Mechanisms(non X.800) • Trusted Functionality – That which is perceived to be true by some criteria (policy) • Security Label – The marking of (bound to) a resource that names or designates the security attributes of the resource • Event Detection – Intrusion detection – Detection of specific hacks (detector hardware) – Too many log in attempts • Security Audit Trail – Logging of all system events • Security Recovery – Recovery based on requests from security mechanisms and/or event handling
The Compromises of security There is no absolute security! Race between attackers and defenders Constant innovation Well-funded, capable, determined attacker succeed ● Costs o Punishment Relative to target's value Hard at a distance Users inconvenience No international Users'acceptance legislation Poor domestic ● Detection legislation Rarely possible in real time Perceived"unethical" Works mostly for Freedom of expression old threats Intangibility
18 The Compromises of Security • There is no absolute security! ➢ Race between attackers and defenders ▪ Constant innovation ▪ Well-funded, capable, determined attacker succeed • Costs ➢ Relative to target’s value ➢ Users’ inconvenience ➢ Users’ acceptance • Detection ➢ Rarely possible in real time ➢ Works mostly for old threats • Punishment ➢ Hard at a distance ▪ No international legislation ▪ Poor domestic legislation ➢ Perceived “unethical” ▪ Freedom of expression ▪ Intangibility
Information security and cryptograph y Cryptography is the study of mathematical techniques related to aspects of information securI Cryptographic goals Confidentialit Data integrity Authentication Non-repudiation 19
19 Information security and cryptography • Cryptography is the study of mathematical techniques related to aspects of information security • Cryptographic goals – Confidentiality – Data integrity – Authentication – Non-repudiation – ……………
Cryptographical Building Blocks Secure Network protocols Data acy Authentication Integrity Repudiation MACs Encryption Challenge Smart Digital MICS Response Cards Signatures Symmetric Key Message IVs Nonces Secret Public Key Cryptography Digests Keys Cryptography Block Stream Pseudo Random Elliptic DH Ciphers CiphersFunctions Random S ources Curves RSA