Computer Security

Computer Security
Computer Security refers to the protection given to computers and the
information contained in them from unauthorised access. It involves
the measures and controls that ensures confidentiality, integrity and
availability of the information, processed and stored by a computer.

 Confidentiality: ensures that information is available only to those

persons who are authorised to access it.

 Integrity: ensures that information cannot be modified in

unexpected ways, as loss of integrity could result from human
error, intentional tampering, or even catastrophic events.

 Availability: prevents resources from being deleted or becoming

inaccessible.

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 2

Security Threats
 Error and omissions

 Fraud and theft

 Loss of physical and infrastructure support

 Hacker and cracker

 Malicious code and software

 Foreign government espionage

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 3
Malicious Programs
 Virus

 Other destructive programs

 Affecting computer system

 Protecting computer system

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 4

Virus
Viruses are programs, which are designed to replicate, attach to other
programs, and perform unsolicited and malicious actions. It executes
when an infected program is executed. On MS-DOS systems, these
files usually have the extensions .exe, .com, or .bat.

 Boot sector virus

 File infecting virus

 Polymorphic virus

 Stealth virus

 Multipartite virus

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 5

Other destructive programs
 Worms: use n/w connections to spread from one computer
system, thus worms attack systems that are linked through
communication lines. To reproduce itself it uses n/w links like:
n/w mail facility, remote execution capability, and remote log in
capability.

 Trojan horse: it activates sometimes after a long time, can be in

the emails or free downloaded software.

 Logic bomb: it’s a program which gets activated when a certain

piece of code is executed i.e. date.

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 6

Affecting Computer System
 How virus spreads: viruses come through many
sources and because it is a software code, it can be
transmitted with any other software, for example, on
a disk, through network, or using email.

 System components affected by virus: two

conditions can cause a virus to attack on the
computer system i.e. executable file on the storage
disk, write-enabled disk (floppy disk, hard disk).

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 7

Protecting Computer System
 Using antivirus software:
antivirus software has normally built-in scanner,
which scans all files in the computer’s hard disk. It
looks for changes and activity in computers that are
typical in case of a virus attack.

Scanners look for particular types of code within

programs. The s/w generally relies on having prior
knowledge of the virus. As a result, frequent
updates to the tool are necessary.
Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 8
Cryptography
The art of protecting information by transforming
it (encrypting it) into an unreadable format,
called cipher text.

Only those who possess a secret key can

decipher (or decrypt) the message into plain text.

Encrypted messages can sometimes be broken

by cryptanalysis, also called code breaking,
although modern cryptography techniques are
virtually unbreakable.
Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 9

9
Cryptography
 Secret key cryptography

 Public key cryptography

 Hash function

 Digital signature

 Firewall

 Users identification and authentication

 Security awareness and policies

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 10

Cryptography Techniques

 Secret key cryptography

 Public key cryptography

 Hash functions

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 11

11
Secret Key Cryptography

• Single key used to encrypt and decrypt.

• Key must be known by both parties.

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 12

12
Public Key Cryptography
(a.k.a. asymmetric cryptography)

• Each entity has 2 keys:

 private key (a secret)
 public key (well known).

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 13

13
Hash Functions
 A hash function H is a transformation that takes a
variable-size input m and returns a fixed-size string,
which is called the hash value h (that is, h = H(m)).

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 14

14
Digital Signature

• Hash value of a message when encrypted with

the private key of a person is his digital
signature on that e-Document

 Digital
Signature of a person therefore varies from
document to document thus ensuring authenticity of
each word of that document.

 As the public key of the signer is known, anybody

can verify the message and the digital signature

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 15

15
Digital Signature
• Public key cryptography is also used to
provide digital signatures.

signing
plaintext signed message
private key

verification
signed message plaintext
public key

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 16

16
Firewall

 A firewall is hardware, software, or a

combination of both that is used to prevent
unauthorized programs or Internet users
from accessing a private network and/or a
single computer

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 17

17
Hardware vs. Software Firewalls

 Hardware Firewalls
 Protect an entire network
 Implemented on the router level

 Usually more expensive, harder to configure

 Software Firewalls
 Protect a single computer
 Usually less expensive, easier to configure

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 18

How does a software firewall work?

 Inspects each individual “packet” of data as it

arrives at either side of the firewall

 Inbound to or outbound from your computer

 Determines whether it should be allowed to

pass through or if it should be blocked

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 19

Firewall Rules
 Allow – traffic that flows automatically
because it has been deemed as “safe” (Ex.
Meeting Maker, Eudora, etc.)

 Block – traffic that is blocked because it has

been deemed dangerous to your computer

 Ask – asks the user whether or not the traffic

is allowed to pass through

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 20

What a personal firewall can do

 Stop hackers from accessing your computer

 Protects your personal information

 Blocks “pop up” ads and certain cookies

 Determines which programs can access the

Internet

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 21

What a personal firewall cannot do

 Cannot prevent e-mail viruses

 Only an antivirus product with updated definitions
can prevent e-mail viruses

 After setting it initially, you can forget about it

 The firewall will require periodic updates to the
rule sets and the software itself

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 22

Packet Filters

 It operates at the n/w layer to examine incoming and

outgoing packets. A border router configured to pass
or reject packets based on information in the header of
each individual packet

 can theoretically be configured to pass/reject based on any

field

 but usually done based on:

 protocol type
 IP address
 TCP/UDP port
 Fragment number
 Source routing information

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 23

Application-Level Gateway

pplication level gateway is an approach to firewall where the application

specific proxies filter the incoming and outgoing information packets
before copying and forwarding information across the gateway at the
level of the application layer of the OSI Model. The application specific
proxy means that, for instance, only a Telnet proxy can copy, forward,
and filter Telnet traffic. An application gateway is generally implemented
on a separate computer on the network whose primary function is to
provide proxy service.

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 24

24
Circuit-Level Gateway

This type of proxy server provides a controlled network connection between

internal and external systems (i.e., there is no "air-gap"). A virtual "circuit"
exists between the internal client and the proxy server. Internet requests go
through this circuit to the proxy server, and the proxy server delivers those
requests to the Internet after changing the IP address. External users only
see the IP address of the proxy server. Responses are then received by
the proxy server and sent back through the circuit to the client. While traffic
is allowed through, external systems never see the internal systems. This
type of connection is often used to connect "trusted" internal users to the
Internet

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 25

25
Users Identification and Authentication

There are three ways of authenticating users identity:

 Users requirement (Pin, Password, cryptographic key)

 Users possessions (ATM card or smart card)

 Users Biometric (Voice pattern, handwriting dynamics,

fingerprints)

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 26

26
Security Awareness and Policies
 Awareness
 Security Policy
 Components of security policy:
1. computer technology purchasing guidelines

2. privacy policy

3. access policy

4. accountability policy

5. authentication policy

6. information technology system and network maintenance policy

7. violations reporting policies

Nidhi Gautam Prabhakar, Assistant Professor, UIAMS, Panjab University Chandigarh 27

27