|Notice: Exam Form BE IV/II & BAR V/II (Back) for 2076 Magh|
|Routine: BE IV/II & BAR V/II - 2076 Magh|
|Result: BCE I/II exam held on 2076 Bhadra|
|Result: All (except BCE & BEI) I/II exam held on 2076 Bhadra|
|Notice: Exam Center for Barrier Exam (2076 Poush), 1st Part|
|Electronics and Communication(BEX)|
- Security is the mechanism to protect the computer system and its resources like CPU, disks, files, etc against the various preaches or access by unauthorized users.
- Operation system security is the mechanism to protect the OS from threats, various or remote intrusions.
1. Threat: it is the processed potential for the occurrence of a harmful target.
2. Attack: It is the action taken in the target system in order to harm the target.
3. Vulnerability: it is the loop hole or weakness that a system processes that makes it susceptible for harmful attacks.
Principles of Security [hint = CIA]
1) Confidentiality: This principle is based on privacy, access control and authentication. Only authorized persons can access the system’s data. There may also be restriction for authorizes users to abstract the functionality which one does not need.
2) Integrity: This principle relates data accuracy. The authorized person must be able to access or modify data without any flow or error as per the terms.
3) Availability: The authorized person when needed must be able to access computer resources needed to access the data.
- Security breach is any incident that causes by passing of underlying security mechanism in other to gain unauthorized access to the system. It is also known as security violation. It is the earliest phase of a security attack.
Types of security breaches
1) Breach of confidentiality (Unauthorized access to confidential information)
2) Breach of integrity (Unauthorized destruction of data)
3) Breach of availability (Unauthorized destruction of data)
4) Theft of service (unauthorized use of resources)
5) Denial of service (preventing authorized user from accessing the system)
Levels of system protection
2) Human (phasing, dumpster, password, cracking)
3) Operating system
Types of Attack
1) Passive attack
- Port scan
- Idle scan
2) Active Attack (Interception, Fabrication and Modification)
- Denial of service
- Man in the middle
- ARP poisoning (after routing on a network)
- Ping flood
- Smurf attack (sending malicious ping to a computer)
- Buffer overflow
- Stack overflow
- Format string attack
- SQL injection
- Wiretapping is the monitoring of telephone or internet traffics by a third party.
- Port scan sends client requests to a range of server port address on a host to find the active port.
- Idle scan is a TCP port scan that sends spoofed packets to a computer to find what services are available.
- Dos attack is an attempt to make a network or machine resource unavailable t its intended user by flooding the target resource with requests in order to overload systems ad prevent legitimate requested from being served.
(distributed DoS, DRDoS)
- SQL injection occurs in database layer by passing SQL code into interactive web applications.
- Spoofing is a situation in which one program or person successfully masquerades as another by falsifying data.
- Attacks from inside
It is a malicious attack perpetrated on a network by a person with authorized system access.
- Logic Bomb
It is a code which is placed in a system by programmer that can be a activated only specific conditions.
- Trap Door
It is a logic created by system administrator to log into a system by using a default or no password.
Security Policy and Access Control
- Security policy is a well though and agreed document or statement of what is or is not allowed, when implemented provides high possibility of overcoming threats, and attacks.
- The security policy must include:
a) Scope who the policy applies to
b) Who does the actions defined by the policy
c) When defined actions are to be done
d) Where or on what equipment the policy applies to
e) Who enforces the policy
f) Consequences of failure to follow the policy
- It is the process of examining the system periofically to detect vulnerability. Is includes: -
a) Port scanning
b) Check for bad passwords
c) Check for vulnerability programs in system
d) Check for incorrect permissions
e) Check for unauthorized accounts
- Access control is the mechanism of controlling or restricting of system access to the authorized users to some extents. It indicates what type of access are permitted, under what circumstances, and by whom.
- Discretionary AC (based on identify of requestor)
- Mandatory AC (based on security clearance for security labels)
- Role based AC (based on roles that users have within the system)
- Cryptography is the mechanism of transforming an intelligible message into unintelligible form and retransforming back to its original form.
- Plaintext: original intelligible (accessible / readable) message
- Ciphertext: transformed message
- Cipher : algorithm used for transformation
- Key: critical information used by cipher.
Secret Key Encryption
- It is encryption algorithm in which secret key must be shared by both portities as same key is used for encryption and description.
- It is difficult to securely exchange the secret keys to each end.
- It is also known as symmetric key encryption.
Data encryption standard (DES)
- It uses 56 – bit keys with 8 bits for parity.
- It is archetypal block cipher with block size 64 bits.
- It consists of 16 identical stages of processing.
- It used Feistel scheme i.e. before each stage, the block is divided into two 32 bits salves and processed alternatively.
Advance Encryption Standard (AES)
- It used blocks of size 128 bits.
- The cryptographic keys are of 128,192 and 256 bits.
- Each round consists several processing of substitutions, transposition and mixing.
Public key Cryptographic
- Keys comes in pair.
- One key of each pair distributed widely (kp)
- One key of each pair kept secret (ks)
- Two keys are inverses of one another, but not identical.
- Same algorithm is used to encrypt and decrypt.
- Kp = (d₁ n ) and Ks _ (e, n)
Where, n = p * q (large primes)
d = random integer with GCD (d, (p-1) * (p-1) = 1
e = integer with (e * d) MOD (p – 1) * (q-1) = 1
- P and q are not published
- E (Kp, M) = Md MOD n
- Protection mechanism is a procedure, total or method to enforce security policy.
- It implements functions that help to prevent, detect and respond to recovery to security attacks.
- It provides a means to distinguish authorized and unauthorized usage of the system.
- Protection domain is a process that operates within that domain which specifies the resources that the process may access.
- Each domain contains a set of objects and the operations that can be performed on each object.
- The ability to execute an operation on an object is called access right.
- A domain is a collection of access rights as a ordered pair
- Two domains can share access rights.
- Domain can be realized as:
a) User as a domain
b) Process as a domain
c) Procedure as a domain
- The protection model can be viewed as a metrix.
- The rows reporesent domins
- The columns represent objects
- Authentication is the mechanism of identifying the authorized users and their associated executing programs.
- OS is responsible for creating authentication system.
- Authentication can be done by:
1. Username and Password
2. User Card / Key
3. User Attributes
OS Design Considerations For Security
1. Least privilege Every object should work within a minimal set of privileges. Access rights should be obtained by explicit request.
2. Economy of mechanism security mechanism should be simple and small
5. Open design
Access Control Lists and OS Support
- ACL is a list of access control entries.
- Each access control entry identifies a trustee and specifies the access rights allowed or denied for that trustee.
- It specifies which users or processes are granted access to objects and operations allowed on given object.
- It can allow one user to access a part of the system and prevent another user from accessing the same user.
- Each object consists of one ACL, maintained and checked by the kernel.
- Searching an ACL is done until a match of requesting user and access mode is located.
- A discretionary ACL identifies the users who can and can not access an object. It indicates ability of users on that object.
- A system ACL enables administrators to log attempts to access a secured object.
- It is a network security system that monitors and controls all the incoming and outgoing network traffic based on predetermined security rules.
- It establishes berries between secured internal network and outside network internet.
-by SURAJ AWAL