Network Security- 8th semester (Unit 1)

Unit 1
The OSI Security Architecture: To assess the security requirements of an organization
the manager has to choose various products and define certain requirements and
characterize the approaches to satisfy these requirements. This is difficult for a centralized
data processing environment and the difficulty is compounded if there are LANs and
WANs. The ITU-T Recommendation X.800, Security Architecture for OSI defines such a
systematic approach to fulfill security requirements. It is an international standard.
Computer and communications vendors have designed their products to relate to these
security standards. OSI Architecture focuses on
(i)
(ii)
(iii)
(i)

Security Services
Security Mechanism
Security Attack.
Security Services:
(a) Data Confidentiality
(b) Authentication
(c) Data Integrity
(d) Non-repudiation
(e) Access Control
(a) Data Confidentiality
Protection of data from unauthorized disclosure.
1)

Connection confidentiality: Protection of all user data on a

connection.

2) Connectionless Confidentiality: Protection of all user data on a single

data block.
3) Selective field confidentiality: Confidentiality of a selected field in
user data on a connection or on a single data block.
4) Traffic flow confidentiality: Protection of information that might be
derived by observing the flow of traffic.
(b) Authentication: Assurance that communicating entity is the one that
it claims to be.

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Network Security- 8th semester (Unit 1)

1) Peer entity authentication: Used in association with the logical

connection to provide confidence in the identity of the entities
connected.
2) Data origin authentication: In connectionless transfer provides
assurance that the data is from the source it claims to be.
(c) Data Integrity: Assures that data is received as it is sent by authorized
entity.
1) Connection integrity with recovery: Provides for integrity of all user
data on a connection and detects any modification, insertion, deletion and
replay and attempts recovery if detected.
2) Connection integrity without recovery: Provides for integrity of all
user data on a connection and only detects modification, replay, insertion
and deletion with no attempt to recovery.
3) Selective field connection integrity: Provides for integrity of selected
fields in the user data in a block in a connection and takes the form of
determination of modification, insertion, deletion and replay in that field.
4) Connectionless integrity: provides for integrity of user data in a single
connectionless block and takes the form of determination of modification
and retain degree of detection of replay.
5) Selective field connectionless integrity: provides for integrity in
selected fields in connectionless data block and takes the form of
determination of modification in that field.
(d) Non-repudiation: Provides against denial of one of the entities involved in
communication having participated in part or in all of the communication.
1) Non-repudiation , Origin: Proof that message was sent by
specified party.
2) Non-repudiation , Destination: Proof that message was received
by specified party.
(e) Access Control: Prevention of unauthorized use of resources. (Controls
who can have access to the resources, under what conditions access can be
given, and what those accessing the resources are allowed to do).
ii) Security Mechanisms: There is no single mechanism which can
provide all the services mentioned above but there is one technique which

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Network Security- 8th semester (Unit 1)

underlies all mechanisms and that is cryptographic technique. Encryption or
encryption-like transformations of information are the most common means
of providing security.
iii) Security Attacks: The classification of attacks can be characterized by
viewing the function of a computer system as providing of information.
There is flow of information from a source such as a file or a region of main
memory to a destination such as another file or a user. The normal flow is as
depicted below.

Information source

Information destination

Four types of attacks are depicted below

i)
ii)
iii)
iv)

Interruption
Interception
Modification
Fabrication.

i)

Interruption:

The computer system assets are made unusable or unavailable or destroyed. This is an
attack on availability. Examples are, destroying pieces of hardware like the hard disk,
cutting the communicating line or destroying the file management system.
ii) Interception:

An unauthorized party gains access to the computer system assets. This is an

attack on confidentiality. The authorized party could be a person, program or

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Network Security- 8th semester (Unit 1)

computer. An example is wiretapping to capture the data in a network and illicit
copying of files or programs.

iii) Modification:

Unauthorized party not only gains access to the assets but also tampers with it. This is
an attack on integrity. For example, changing values in a data file, altering a program
so that it performs differently, modifying the contents of messages being transmitted in
a network.
iv) Fabrication:

An unauthorized party inserts counterfeit objects into the system. This is an attack on
authenticity. For example, this involves insertion of spurious messages into the network or
addition of records in a file.

Passive threats
Passive attacks and Active attacks:
Interception

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Release of message Content

4
Traffic analysis

Network Security- 8th semester (Unit 1)

Active threats

Interruption
(Attack on availability)

Fabrication
Modification
(Attack on authenticity)
(Attack on
integrity)
Passive attacks use interception. Interception has two goals. One is the release of message
content. An email or a telephone conversation or a transmission of a file may contain
sensitive information. We should prevent the opponent from learning the contents of the
transmissions. Traffic analysis is more subtle and it is very difficult to detect. The
messages can be masked by using encryption, so that even if the opponent could access the
messages it would not be useful. Still, he can guess the nature of the message by getting to
know the location and identity of the hosts communication and the length and frequency of
the messages being transmitted. Emphasis is given to prevention rather than detection.
Active attacks are of four types.
1. Masquerade
2. Replay
3. Modification of the message
4. Denial of service.
1. Masquerade: One entity pretends to be another different entity. One entity
with few privileges captures the authentication sequences of another entity
and replays it thus enabling the entity with few privileges to gain more
privilege by impersonating the entity who has those privileges.
2. Replay: Replay is the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Network Security- 8th semester (Unit 1)

3. Modification of the message: Some portion of the legitimate message is
altered or it is delayed or recorded. For example, a message such as, Allow
John Smith to read confidential file accounts can be modified to read
Allow Jacob Brown to read confidential file accounts.
4. Denial of Service: Prevents or inhibits the normal use or management of a
communication facility. It may have a particular target. For example, the
security service audit. Another form of service denial is disrupting an entire
network with messages so as to degrade performance.
A model for Network Security:

Principal

Trusted third party

(Arbiter, distributor of secret information)

Principal

Message
L
og
ic
al
in
fo
r
m
ati
on
ch
an
ne
l

Message

Secret information

Secret information

Opponent

Computing resources
(processor, memory, I/O)
Data
Opponent
-human
(ex. Cracker)

Processes

-software
Gate Keeper function
(ex. Virus,
Bindu
worm)
M.N. Department
of E & C, K.V.G.C.E., Sullia.
Access Channel

Internal Security Controls

Software

Network Security- 8th semester (Unit 1)

The message is transferred from one party to another. The two parties involved are called
the principals. The communication link over which the message is transferred is called the
logical information channel. There should be an agreement between the two parties for the
communication to take place. The agreement is done in the form of a common protocol
such as the TCP/IP. The communication link is also called the internet. The logical
information channel is established by finding a route through the internet from the source
to the destination.
The security aspect comes into consideration when we want to protect the information
being transmitted over the channel from the opponent. The two aspects are:
1. Encryption: This is a method used to protect the information from being understood by
the opponent. It involves scrambling of the message before transmitting and descrambling
on reception. Also a code is introduced which identifies the sender.
2. Encryption Key: This is a common information shared by the sender and receiver or
the two principals and hopefully not known to the opponent. The key is used in conjunction
with transmission to scramble the message and to unscramble it at the receiving end.
A trusted third party is also involved in distributing the shared secret information
called the key and also to solve disputes between the two principals regarding authenticity.

The general model for security service performs the following major tasks:
1. Generates an algorithm to perform security related transformation. The algorithm
should be so designed such that the opponent cannot defeat its purpose.
2. Generating shared secret information by the two principals used with the algorithm.
3. Methods to distribute and share the secret information.

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Network Security- 8th semester (Unit 1)

4. Specify a protocol to be used by the two principals who make use of the algorithm and
the shared secret information to achieve a particular security service.
Another model, as shown in figure 2 above, provides security to a computer system
which can be accessed over a network. The security is provided against hackers, who have
no malignant intention except the satisfaction of breaking into a computer system, against a
disgruntled employee who has intentions of breaking into the system to do harm, or a
criminal who exploits the computer assets for financial gain. For example, illegal transfer
of money or obtaining credit card numbers.
Another type of unwanted access is the placement of a logic in a computer system
which can affect the computer application or the editor and compiler. Two kinds of threats
are presented by the programs.
1. Information access threats intercept and modify data on behalf of a user who should not
have access to that data
2. Service threats exploit services flaws and inhibits the use of the computer by legitimate
users.
Virus and worms are examples of unwanted logic which can be introduced into a
computer system through a diskette or over the network. Because it can be introduced over
the network the security mechanism can be broadly classified into two categories. One is
the gate keeper function which provides access to user based on a password. Once the
unwanted logic gains entry into the system the internal security control monitors the
activity and analyses the stored information in an attempt to detect the presence of
unwanted intruders. The virus is a concealed unwanted logic in otherwise useful software.

Unit 1 questions
1. List and describe the Services, Attacks and Mechanisms of the OSI Security
Architecture.

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.

Network Security- 8th semester (Unit 1)

2. How are Attacks classified?
OR
List and describe active attacks and passive attacks.
3. With a diagram explain the model for Network Security.

Bindu M.N. Department of E & C, K.V.G.C.E., Sullia.