Home  | About Us   | Products| Forum |  Electronics Resources |Contact Us  |
SPONSORED LINKS
 
 
Google
 
  A MODEL FOR NETWORK SECURITY

  A MODEL FOR NETWORK SECURITY
A model for much of what we will be discussing is captured, in very general terms, in Figure 14.1. A message is to be transferred from one party to another across some sort of Internet. The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. A logical information channel is established by defining a route through the Internet from source to destination and by the cooperative use of communication protocols (say, TCP/IP) by the two principals.
Model for network security.
   
Security aspects come into play when it is necessary or desirable to protect the information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on. All the techniques for providing security have two components:
(1) A security related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of the code based on the contents of the message, which can be used to verify the identity of the sender.(2) Some secret information should be shared by the two principals and it is hoped to be unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.
A trusted third party may be needed to achieve secure transmission. For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent. Alternatively, a third party may be needed to arbitrate disputes between the two principals concerning the authenticity of a message transmission.
This general model shows that there are four basic tasks in designing a particular security service:
(1) Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent cannot defeat its purpose.
(2) Generate the secret information to be used with the algorithm.
(3) Develop methods for the distribution and sharing of the secret information. (4) Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.
However, there are other security related situations of interest that do not neatly fit this model. A general model of these other situations is illustrated in Figure 14.2, which reflects a concern for protecting an information system from unwanted access. Most readers are familiar with the concerns caused by the existence of hackers, who attempt to penetrate systems. Such a person may have no malignant intention, but simply gets satisfaction from breaking and entering a computer system. Or, the intruder could be a disgruntled employee who wishes to do damage or a criminal who seeks to exploit computer assets for financial gain (for example, obtaining credit card numbers or performing illegal money transfers).
Network access security model.

Another type of unwanted access is the placement in a computer system of logic that exploits vulnerabilities in the system and that can affect application programs as well as utility programs, such as editors and compilers. Two kinds of threats can be presented by programs:

(1) Information access threats intercept or modify data on behalf of users who should not have access to that data.
(2) Services threats exploit service flaws in computers to inhibit use by legitimate users.
Viruses and worms are two examples of software attacks. Such attacks can be introduced into a system by means of a diskette that contains the unwanted logic concealed in otherwise useful software. They can also be inserted into a system across a network; the latter mechanism is of more concern in network security.
The security mechanisms needed to cope with unwanted access fall into two broad categories, as shown in Figure 14.2. The first category might be termed a gatekeeper function. It includes password-based login procedures that are designed to deny access to all but authorized users and screening logic that is designed to detect and reject worms, viruses and other similar attacks. Once access is gained, by either an unwanted user or unwanted software, the second line of defense consists of a variety of internal controls that monitor activity and analyze stored information in an attempt to detect the presence of unwanted intruders.
  General Vulnerabilities
Some of the general vulnerabilities are listed below and briefly described: Password sniffing: An intruder eavesdrops on a communication line to capture passwords that are transmitted unencrypted. Having captured a password, the intruder can use it to masquerade as a legitimate user.
The r-commands: The r-tools, where "r" stands for "remote", are UNIX system commands to provide services such as remote login (rlogin), remote shell for executing commands on another computer (rsh), remote copying (rcp). The r-commands, if configured improperly, can permit unauthorized access to accounts and commands. The r-tools use the philosophy of trusted host and trusted user. If one host trusts another host, then any user that has the same user name on both hosts can login from one trusted host to another computer without entering a password.
Software flaws:   Buffer overflows-a buffer overflow occurs when data is written past the end of memory buffer. The most common reason is that a check is not made on the length of the data before writing into the buffer. In some cases overflow corrupts the execution stack making it convenient for the attacker to execute his code. Shell escapes-string containing shell meta-characters are passed as input arguments to the shell to execute a command. This results in execution of two commands, a desired command and the one requested by the attacker. Malicious scripts-scripts containing commands that aid the attacker to exploit a known vulnerability, generally in the operating system.
X Window system:           The X Window system is a network transparent graphical user interface technology for bit-mapped displays. The server program listens and responds to requests from clients. The input activities are relayed to a client as messages called events such as keystrokes, pointer movements or colour changes. A client can request to be notified about all events for any window. As a result, a client can eavesdrop on the activities of any other client. In particular, a client can intercept keystrokes associated with login made from another window on a given display including login passwords.
Denial of service attacks:       The attacker renders the system unusable for legitimate users by "hogging" a resource so that it cannot be used by others. The most common form of attack is to flood the target with packets (message overloading) or service overloading. The attack is generally combined with source address spoofing to avoid detection.

Attacks on Internet Protocol
Some common forms of attacks on the Internet Protocol include:
Packet replay: Packet replay refers to recording and re-transmission of message packets in the network. Packet replay can be prevented by using timestamps.
IP spoofing: The attacker changes the IP address on message packets to that of another user or host machine. This can be used to masquerade as a trusted host when address based authentication is used. This lets the attacker execute operating system commands that may compromise the target system's security.
Source routing:      Source routing is a routing mechanism whereby the path to a target machine is determined by the source, rather than by intermediate routers. If an attacker has knowledge of some trust relationship between your hosts, source routing can be used to make it appear that the malicious packets are coming from a trusted host.
  Attacks on Internet Services Attacks on Internet Services include:
Telnet: The Telnet protocol allows a user to log into a remote system and use the system as though the user was sitting at the terminal that was directly connected. Logging into a system using telnet poses a security risk because the username and the password are transmitted in plain text. It is possible for an eavesdropper to capture the password.
File Transfer Protocol (FTP): FTP allows users to connect to remote system and transfer files back and forth. As with telnet, username and password are transmitted in clear text. Anonymous FTP allows users who do not have an account on the machine to transfer file to and from a specific directory. There is a threat of denial of service attack if too many files transfers are initiated simultaneously.
Trivial File Transfer Protocol (TFTP):     TFTP is a UDP based file transfer program that is frequently used to allow diskless hosts to boot over the network. TFTP has no user authentication and therefore it may be used to steal password files.
Attacks through e-mail:   E-mail bombing is characterized by repeatedly sending an identical e-mail message to a particular address. E-mail spamming refers to sendinge-mail to thousands of users. E-mail spoofing: email bombing/spamming may be combined with e-mail spoofing which alters the identity of the sender making it difficult to detect the originator.
Denial of service: E-mail bombing and spamming to a particular site results in denial of service through loss of network connectivity, system crash and failure of Seri-ice.

 

BACK
SPONSORED LINKS
 
Terms & Conditions | Privacy Policy and Disclaimer Career | Link Exchange | Copyright © 2007 electronicsrobotics.com, All Rights Reserved.