Computer Security Module@2022 - 23

AMBO UNIVERISTY
Hachalu Hundessa Campus

School of Informatics Electrical
Engineering
Department OF Computer Science
Computer Security Module Prepared
By:
Diriba Merera
Ambo , Oromia, Ethiopia

February, 2022 G.C
Computer Security module compiled by Mr: Diriba Merera @2023 A.Y ,Ambo University Page 1 of 51
Introduction
Computer security
The objective of computer security includes protection of information and property from theft,
corruption, or natural disaster, while allowing the information and property to remain accessible
and productive to its intended users. The term computer system security means the collective
processes and mechanisms by which sensitive and valuable information and services are protected
from publication, tampering or collapse by unauthorized activities or untrustworthy individuals
and unplanned events respectively.
The strategies and methodologies of computer security often differ from most other computer
technologies because of its somewhat elusive objective of preventing unwanted computer behavior
instead of enabling wanted computer behavior.
Computer Security - generic name for the collection of tools designed to protect data and to threat
hackers
Network Security - measures to protect data during their transmission
Internet Security - measures to protect data during their transmission over a collection of
interconnected networks
Why Security?
Computer security is required because most organizations can be damaged by Virus software or
intruders. There may be several forms of damage which are obviously interrelated. These include:
o Damage or destruction of computer systems, and internal data.
o Loss of sensitive information to hostile parties. Use of sensitive information
to steal items of monitory value.
o Use of sensitive information against the organization's customers which may
result in legal action by customers against the organization and loss of customers.
o Damage to the reputation of an organization.
Monitory damage due to loss of sensitive information, destruction of data, hostile use of sensitive
data, or damage to the organization's reputation
Basic Concepts
What is the difference among Computer, Network and Internet Security?
1. Computer Security - generic name for the collection of tools designed to protect data and to
thwart hackers.
2. Network Security - measures to protect data during their transmission.
3. Internet Security - measures to protect data during their transmission over a collection of
interconnected networks
Threats:
A threat is a potential violation of security. The violation need not actually occur for there to be a
threat. The fact that the violation might occur means that those actions that could cause it to occur
must be guarded against (or prepared for). Those actions are called attacks. Those who execute
such actions, or cause them to be executed, are called attackers. A threat is an object, person, or
other entity, that represents a constant danger to an asset.
A non-physical threat is a potential cause of an incident that may result in;
 Loss or corruption of system data
 Disrupt business operations that rely on computer systems
 Loss of sensitive information
 Illegal monitoring of activities on computer systems
 Cyber Security Breaches
 Others
The non-physical threats are also known as logical threats. The following list is the common
types of non-physical threats;
 Virus
 Trojans
 Worms
 Spyware
 Key loggers
 Adware
 Denial of Service Attacks
 Distributed Denial of Service Attacks
 Unauthorized access to computer systems resources such as data
 Phishing
 Other Computer Security Risks
Vulnerabilities, Threats, Attacks, and Controls
A computer-based system has three separate but valuable components: hardware, software, and
data. Each of these assets offers value to different members of the community affected by the
system. To analyse security, we can brainstorm about the ways in which the system or its
information can experience some kind of loss or harm.
For example, we can identify data whose format or contents should be protected in some way.
We want our security system to make sure that no data are disclosed to unauthorized parties.
Neither do we want the data to be modified in illegitimate ways. At the same time, we must ensure
that legitimate users have access to the data. In this way, we can identify weaknesses in the system.
Threat - A threat is something that may or may not happen, but if happens it has the potential to
cause serious damage. Threat is a possible danger that might exploit a vulnerability to breach
security and therefore cause possible harm. A threat can be either "intentional" (i.e. hacking: an
individual cracker or a criminal organization) or "accidental" (e.g. the possibility of a computer
malfunctioning, or the possibility of a natural disaster such as an earthquake, a fire, or a tornado)
or otherwise a circumstance, capability, action, or event.
Vulnerability-vulnerability is a security risk in a software program that puts the program or
computer at danger of malicious programs. It is a weakness in the security system, for example,
in procedures, design, or implementation that might be exploited to cause loss or harm.
Example: may be vulnerable to unauthorized data manipulation because the system does not verify
a user's identity before allowing data access
Attack (or exploit) – An action taken that uses one or more vulnerabilities to realize a threat. This
could be someone following through on a threat or exploiting a vulnerability.
Example: An attack means when you test any computer system, one of your jobs is to imagine
how the system could malfunction. Then, you improve the system's design so that the system can
withstand any of the problems you have identified. In the same way, we analyze a system from a
security perspective, thinking about ways in which the system's security can malfunction and
diminish the value of its assets
Countermeasure – Addresses a vulnerability to reduce the probability of an attack or the impact
of a threat. They do not directly address threats; instead, they address the factors that define the
threats. Countermeasures range from improving application design, or improving your code, to
improving an operational practice.
Risk – Measure the Attacks, Computer security risks can be created by malware that can infect
your computer and put system and organization in a huge damage.
Denial of service Attack
Man in the middle Attack
Goals of Security:
 Confidentiality:
Confidentiality is a set of rules that limits access to information.
Confidentiality is the term used to prevent the disclosure of information to unauthorized
individuals or systems.
Measures undertaken to ensure confidentiality are designed to prevent sensitive information
from reaching the wrong people, while making sure that the right people can in fact get it.
Training can help familiarize authorized people with risk factors and how to guard against them.
Further aspects of training can include strong passwords and password-related best
practices and information about social engineering methods.
Access control mechanisms support confidentiality. One access control mechanism for
preserving confidentiality.
Resource hiding is another important aspect of confidentiality. Sites often wish to conceal their
configuration as well as what systems they are using; organizations may not wish others
to know about specific equipment
All the mechanisms that enforce confidentiality require supporting services from the system
The terms privacy and secrecy are sometimes used to distinguish between the protection of
personal data (privacy) and the protection of data belonging to an organization (secrecy).
For example, a credit card transaction on the Internet requires the credit card number to be
transmitted from the buyer to the merchant and from the merchant to a transaction processing
network. The system attempts to enforce confidentiality by encrypting the card number during
transmission, by limiting the places where it might appear (in databases, log files, backups,
printed receipts, and so on), and by restricting access to the places where it is stored. If an
unauthorized party obtains the card number in any way, a breach of confidentiality has occurred.
Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose
personal information a system holds.
Preserving authorized restrictions on information access and disclosure, including means for
protecting personal privacy and proprietary information. A loss of confidentiality is the
unauthorized disclosure of information. “Prevention of unauthorized disclosure of
information”.
 Integrity:
Integrity is the assurance that the information is trustworthy and accurate.

Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over
its entire life cycle.Data must not be changed in transit, and steps must be taken to ensure that
data cannot be altered by unauthorized people (for example, in a breach of
confidentiality).This goal defines how we avoid our data from being altered. MiTM (Man in
the middle attacks) is the example threat for this goal.
Integrity is about making sure that everything is as it is supposed to be, and in the context of
computer security, the prevention of unauthorized modification of information. In Computer
security, integrity means that data cannot be modified undetectably. Guarding against improper
information modification or destruction, and includes ensuring information non-repudiation and
authenticity. A loss of integrity is the unauthorized modification or destruction of information.
Prevention of unauthorized modification of information.
Integrity mechanisms fall into two classes: prevention mechanisms and detection mechanisms.
Prevention mechanisms seek to maintain the integrity of the data by blocking any
unauthorized attempts to change the data or any attempts to change the data in unauthorized ways.
The distinction between these two types of attempts is important. Then an unauthorized user has
tried to violate the integrity of the accounting database.). Adequate authentication and access
controls will generally stop the break-in from the outside, but preventing the second type of attempt
requires very different controls.
Detection mechanisms do not try to prevent violations of integrity; they simply report that
the data’s integrity is no longer trustworthy. Detection mechanisms may analyze system events
(user or system actions) to detect problems or (more commonly) may analyse the data itself to see
if required or expected constraints still hold. The mechanisms may report the actual cause of the
integrity violation (a specific part of a file was altered), or they may simply report that the file is
now corrupt.
 Availability:
It means that assets are accessible to authorized parties at appropriate times.
Availability is very much a concern beyond the traditional boundaries of computer security.
We want to ensure that a malicious attacker cannot prevent legitimate users from having
reasonable access to their systems.
Availability refers to the ability to use the information or resource desired. Availability is
an important aspect of reliability as well as of system design because an unavailable system
is at least as bad as no system at all.
The aspect of availability that is relevant to security is that someone may deliberately
arrange to deny access to data or to a service by making it unavailable. System designs
usually assume a statistical model to analyse expected patterns of use, and mechanisms
ensure availability when that statistical model holds.
Someone may be able to manipulate use (or parameters that control use, such as network
traffic) so that the assumptions of the statistical model are no longer valid. This means that
the mechanisms for keeping the resource or data available are working in an environment
for which they were not designed. As a result, they will often fail
Figure - . Relationship Between Confidentiality, Integrity, and Availability.
Security Policy and Mechanism

Critical to our study of security is the distinction between policy and mechanism.
A security policy is a statement of what is, and what is not, allowed. Policies may be presented
mathematically, as a list of allowed (secure) and disallowed (non secure) states. For our purposes,
we will assume that any given policy provides an axiomatic description of secure states and
nonsecure states.
A security mechanism is a method, tool, or procedure for enforcing a security policy. Mechanisms
can be nontechnical, such as requiring proof of identity before changing a password; in fact,
policies often require some procedural mechanisms that technology cannot enforce.
Strategies of Security
Given a security policy’s specification of “secure” and “nonsecure” actions, these security
mechanisms can prevent the attack, detect the attack, or recover from the attack. The strategies
may be used together or separately.
Prevention means that an attack will fail. For example, if one attempts to break into a host
over the Internet and that host is not connected to the Internet, the attack has been prevented.
Typically, prevention involves implementation of mechanisms that users cannot override and that
are trusted to be implemented in a correct, unalterable way, so that the attacker cannot defeat the
mechanism by changing it. But some simple preventative mechanisms, such as passwords
(which aim to prevent unauthorized users from accessing the system), have become widely
accepted. Prevention mechanisms can prevent compromise of parts of the system;
Detection is most useful when an attack cannot be prevented, but it can also indicate the
effectiveness of preventative measures. Detection mechanisms accept that an attack will occur; the
goal is to determine that an attack is under way, or has occurred, and report it. The attack may be
monitored, however, to provide data about its nature, severity, and results. Detection mechanisms
do not prevent compromise of parts of the system, which is a serious drawback. The resource
protected by the detection mechanism is continuously or periodically monitored for security
problems.
Recovery has two forms. The first is to stop an attack and to assess and repair any damage
caused by that attack. As an example, if the attacker deletes a file, one recovery mechanism would
be to restore the file from backup tapes. In practice, recovery is far more complex, because the
nature of each attack is unique. Thus, the type and extent of any damage can be difficult to
characterize completely. This type of recovery is quite difficult to implement because of the
complexity of computer systems
Assurance is Trust cannot be quantified precisely. System specification, design, and
implementation can provide a basis for determining “how much” to trust a system. This aspect of
trust is called assurance. It is an attempt to provide a basis for bolstering (or substantiating or
specifying) how much one can trust a system. Assurance in the computer world requires specific
steps to ensure that the computer will function properly.
Basic Cryptography Terms
➢ Encryption is the process of turning a clear-text message (Plaintext) into a data stream
which looks like a meaningless and random sequence of bits (cipher text).
➢ The process of turning cipher text back into plaintext is called decryption.
➢ Cryptography deals with making communications secure.
➢ Crypto analysis deals with breaking ciphertext, that is, recovering plaintext without
knowing the key.
➢ Cryptology is a branch of mathematics which deals with both cryptography and crypto
analysis.
➢ Symmetric algorithms use the same key for encryption and decryption. These algorithms
require that both the sender and receiver agree on a key before they can exchange messages
securely.
➢ Some symmetric algorithms operate on 1 bit (or sometimes 1 byte) of plaintext at a time.
They are called stream ciphers. Other algorithms operate on blocks of bits at a time. They
are called block ciphers.
➢ Public-key algorithms (also known as asymmetric algorithms) use two different keys
(a key pair) for encryption and decryption.
Conventional Encryption
 Referred conventional / private-key / single-key.
 Sender and recipient share a common key
All classical encryption algorithms are private-key was only type prior to invention of
public
key in 1970‟plaintext - the original message.
Here the original message, referred to as plaintext, is converted into apparently random
nonsense, referred to as cipher text. The encryption process consists of an algorithm and a key.
The key is a value independent of the plaintext. Changing the key changes the output of the
algorithm. Once the cipher text is produced, it may be transmitted. Upon reception, the cipher
text can be transformed back to the original plaintext by using a decryption algorithm and the
same key that was used for encryption. The security depends on several factors.First, the
encryption algorithm must be powerful enough that it is impractical to decrypt a message on the
basis of cipher text alone. Beyond that, the security depends on the secrecy of the key, not the
secrecy of the algorithm.
Two requirements for secure use of symmetric encryption:
1. A strong encryption algorithm
2. A secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)
 assume encryption algorithm is known
 implies a secure channel to distribute key
A source produces a message in plaintext, X = [X1, X2… XM] where M, are the number of
letters in the message. A key of the form K = [K1, K2… KJ] is generated. If the key is
generated at the source, then it must be provided to the destination by means of some secure
channel. With the message X and the encryption key K as input, the encryption algorithm forms
the cipher text Y = [Y1, Y2, YN]. This can be expressed as Y = EK(X).
The intended receiver, in possession of the key, is able to invert the transformation:
X =DK(Y)
An opponent, observing Y but not having access to K or X, may attempt to recover X or K
or both. It is assumed that the opponent knows the encryption and decryption algorithms.
If the opponent is interested in only this particular message, then the focus of effort is to
recover X by generating a plaintext estimate. Often if the opponent is interested in being
able to read future messages as well, in which case an attempt is made to recover K by
generating an estimate.
Classical Encryption Techniques
There are two basic building blocks of all encryption techniques: substitution and
transposition.
Substitution Techniques
 A substitution technique is one in which the letters of plaintext are replaced by other
letters or by numbers or symbols. If the plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns with cipher text bit patterns.
Caesar cipher (or) shift cipher
 The earliest known use of a substitution cipher and the simplest was by Julius
Caesar. The Caesar cipher involves replacing each letter of the alphabet with the
letter standing 3 places further down the alphabet.
e.g., plain text: pay more money
Cipher text: SDB PRUH PRQHB
Note that the alphabet is wrapped around, so that letter following „z‟ is „a‟. For each
plaintext letter p, substitute the cipher text letter c such that
C = E(p) = (p+3) mod 26
A shift may be any amount, so that general Caesar algorithm is
C = E (p) = (p+k) mod 26
Where k, takes on a value in the range 1 to 25. The decryption algorithm is simply
P = D(C) = (C-k) mod 26
Modern cryptography concerns with
1. Confidentiality - Information cannot be understood by anyone.
2. Integrity - Information cannot be altered.
3. Non-repudiation - Sender cannot deny his/her intentions in the transmission of the
information at a later stage.
4. Authentication - Sender and receiver can confirm each.
 Cryptography is used in many applications like banking transactions cards, computer
passwords, and e- commerce transactions.
Three types of cryptographic techniques used in general.
1. Symmetric-key cryptography
2. Hash functions.
3. Public-key cryptography
 Symmetric-key Cryptography: Both the sender and receiver share a single key. The
sender uses this key to encrypt plaintext and send the cipher text to the receiver. On
the other side the receiver applies the same key to decrypt the message and recover
the plain text.
 Public-Key Cryptography: This is the most revolutionary concept in the last 300-400
years. In Public-Key Cryptography two related keys (public and private key) are
used. Public key may be freely distributed, while its paired private key, remains a
secret. The public key is used for encryption and for decryption private key is used.
 Hash Functions: No key is used in this algorithm. A fixed-length hash value is
computed as per the plain text that makes it impossible for the contents of the plain
text to be recovered. Hash functions are also used by many operating systems to
encrypt passwords.
symmetric key cryptography

Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys
for both encryption of plaintext and decryption of ciphertext. The keys may be identical or there
may be a simple transformation to go between the two keys.
Stream cipher
A stream cipher is a symmetric key cipher where plaintext digits are combined with
a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is
encrypted one at a time with the corresponding digit of the keystream, to give a digit of the
ciphertext stream. Since encryption of each digit is dependent on the current state of the cipher, it
is also known as state cipher. In practice, a digit is typically a bit and the combining operation
an exclusive-or (XOR).
Block cipher
A block cipher is an encryption method that applies a deterministic algorithm along with a
symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in stream
ciphers. For example, a common block cipher, AES, encrypts 128 bit blocks with a key of
predetermined length: 128, 192, or 256 bits.
Difference between stream cipher and block cipher
• Stream cipher keys and algorithms are applied to each binary digit, one bit at a time
whereas block cipher keys and algorithm are applied to a block of data.
• Stream ciphers are less time consuming compared to block ciphers.
• Stream ciphers are faster than block cipher, this is due to the fact that they encrypt a
bit at a time.
• Stream ciphers do not use chaining modes of operation whereas block ciphers heavily
use chaining modes of operation. Commonly known as block cipher modes of
operation.
• Hardware implementation is easier using stream cipher than in a block cipher.
• A software implementation is easier using block cipher than in a stream cipher.
• The best example of a stream cipher is the one-time pad whereas Data encryption
standard (DES) is the best example of a block cipher.
• Block ciphers are more code intensive compared to stream ciphers.
• Stream ciphers are mainly used in SSL technology while block ciphers are mainly used
in database and file encryption applications.
Block cipher examples
Here is a list of 5 most popular block ciphers:
Data encryption standard (DES) – is a 64-bit cipher that works with a 64-bit key. Actually, 8
of the 64 bits in the key are parity bits, so the key size is 56 bits long.
• 3DES – is a DES that run three times, Each DES operation can use a different key,
with each key being 56 bits long. 3DES has a block size of 64 bits.
• Advanced encryption standard (AES) – it has a block size of 128 bits and
supports three possible key sizes; 128, 192, and 256 bits. The longer the key size, the
stronger the encryption.
One-time pad (Stream Cipher): In cryptography, the one-time pad (OTP) is
an encryption technique that cannot be cracked, but requires the use of a one-time pre-shared
key the same size as, or longer than, the message being sent.
In this technique, a plaintext is paired with a random secret key (also referred to as a one-time
pad).
Then, each bit or character of the plaintext is encrypted by combining it with the corresponding
bit or character from the pad using modular addition.
If the key is truly random, is at least as long as the plaintext, is never reused in whole or in part,
and is kept completely secret, then the resulting cipher text will be impossible to decrypt or break
Example
Suppose Alice wishes to send the message "HELLO" to Bob. Assume two pads of paper
containing identical random sequences of letters were somehow previously produced and securely
issued to both. Alice chooses the appropriate unused page from the pad. The way to do this is
normally arranged for in advance, as for instance 'use the 12th sheet on 1 May', or 'use the next
available sheet for the next message'.
The material on the selected sheet is the key for this message. Each letter from the pad will be
combined in a predetermined way with one letter of the message. (It is common, but not required,
to assign each letter a numerical value, e.g., "A" is 0, "B" is 1, and so on.)In this example, the
technique is to combine the key and the message using modular addition. The numerical values of
corresponding message and key letters are added together, modulo 26. So, if key material begins
with "XMCKL" and the message is "HELLO", then the coding would be done as follows:
H E L L O message
7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message

+ 23 (X) 12 (M) 2 (C) 10 (K) 11 (L) key
= 30 16 13 21 25 message + key
= 4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z) (message + key) mod 26
E Q N V Z → ciphertext
If a number is larger than 26, then the remainder after subtraction of 26 is taken in modular
arithmetic fashion. This simply means that if the computations "go past" Z, the sequence starts
again at A.
The ciphertext to be sent to Bob is thus "EQNVZ". Bob uses the matching key page and the
same process, but in reverse, to obtain the plaintext. Here the key is subtracted from the ciphertext,
again using modular arithmetic:
E Q N V Z ciphertext
4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z) ciphertext
- 23 (X) 12 (M) 2 (C) 10 (K) 11 (L) key
= -19 4 11 11 14 ciphertext – key
= 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) ciphertext – key (mod 26)
H E L L O → message
Similar to the above, if a number is negative then 26 is added to make the number zero or higher.
Thus Bob recovers Alice's plaintext, the message "HELLO". Both Alice and Bob destroy the key
sheet immediately after use, thus preventing reuse and an attack against the cipher. The KGB often
issued its agents one-time pads printed on tiny sheets of "flash paper"—paper chemically
converted to nitrocellulose, which burns almost instantly and leaves no ash.
DES - Data Encryption Standard
The Data Encryption Standard (DES) is a symmetric-key algorithm for the encryption of
electronic data. The Data Encryption Standard is a block cipher, meaning a cryptographic key and
algorithm are applied to a block of data simultaneously rather than one bit at a time. To encrypt a
plaintext message, DES groups it into 64-bit blocks.
General Structure of DES
DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is
64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, No of Sub key is
16 sub keys, sub key siza is 48biyt, since 8 of the 64 bits of the key are not used by the encryption
algorithm (function as check bits only). General Structure of DES is depicted in the following
illustration Since DES is based on the Feistel Cipher, all that is required to specify DES is −
 Round function
 Key schedule
 Any additional processing − Initial and final permutation
Round Function
The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the
rightmost 32 bits to produce a 32-bit output.
Double DES
To address the discomfort, some researchers suggest using a double encryption for greater secrecy.
The double encryption works in the following way. Take two keys, k1 and k2, and perform two
encryptions, one on top of the other: E(k2, E(k1,m)). In theory, this approach should multiply the
difficulty of breaking the encryption, just as two locks are harder to pick than one.
Triple DES
However, a simple trick does indeed enhance the security of DES. Using three keys adds
significant strength.
The so-called triple DES procedure is C = E(k3, E(k2, E(k1,m))). That is, you encrypt with one
key, decrypt with the second, and encrypt with a third. This process gives a strength equivalent to
a 112-bit key (because the double DES attack defeats the strength of one of the three keys).
Advantages of DES:
 able to provide a high level of security
 specified and easy to understand
 publishable so that security does not depend on the secrecy of the algorithm
 available to all users
 adaptable for use in diverse applications
 economical to implement in electronic devices
 efficient to use
 able to be validated
 exportable
Advanced Encryption Standard
The Advanced Encryption Standard (AES), also known by its original name Rijndael (Dutch is
a specification for the encryption of electronic data established by the U.S. National Institute of
Standards and Technology (NIST) in 2001.
AES (acronym of Advanced Encryption Standard) is a symmetric encryption algorithm. The
algorithm was developed by two Belgian cryptographer Joan Daemen and Vincent Rijmen.
AES was designed to be efficient in both hardware and software, and supports a block length of
128 bits and key lengths of 128, 192, and 256 bits.
AES Structure
Each cycle consists of four steps.
o Byte substitution: This step uses a substitution box structure similar to the DES,
substituting each byte of a 128-bit block according to a substitution table. This is a straight
diffusion operation.
o Shift row: A transposition step. For 128- and 192-bit block sizes, row n is shifted left
circular (n - 1) bytes; for 256-bit blocks, row 2 is shifted 1 byte and rows 3 and 4 are shifted
3 and 4 bytes, respectively. This is a straight confusion operation.
o Mix column: This step involves shifting left and exclusive-ORing bits with themselves.
These operations provide both confusion and diffusion.
o Add subkey: Here, a portion of the key unique to this cycle is exclusive-ORed with the
cycle result. This operation provides confusion and incorporates the key
Overview - Public Key Cryptography
✓ Modern PKC was first described publicly by Stanford University professor Martin Hellman
and graduate student Whitfield Diffie in 1976. Generic PKC employs two keys that are
mathematically related although knowledge of one key does not allow someone to easily
determine the other key. One key is used to encrypt the plaintext and the other key is used to
decrypt the ciphertext.
✓ In PKC, one of the keys is designated the public key and may be advertised as widely as the
owner wants. The other key is designated the private key and is never revealed to another
party.
✓ Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's
public key; Bob decrypts the ciphertext using his private key. This method could be also used
to prove who sent a message; Alice, for example, could encrypt some plaintext with her
private key; when
The steps illustrates the P-K process

1. Each system generates a pair of keys.
2. Each system publishes its encryption key (public key) keeping its companion key private.
3. If A wishes to send a message to B it encrypts the message using B’s public key.
When B receives the message, it decrypts the message using its private key. No one else can
decrypt the message because only B knows its private key RSA Algorithm
✓ The RSA algorithm was developed by Ron Rivest, Adi Shamir and Len Adleman at MIT
in 1978. Since this time it has reigned supreme as the most widely accepted and
implemented general-purpose approach to public-key encryption.
✓ The RSA scheme is a block cipher in which the plaintext and cipher text are integers
between 0 and n − 1 for some n. The scheme makes use of an expression with exponentials.
✓ Plaintext is encrypted in blocks having a binary value less than some number n.
✓ For some plaintext block M and cipher text block C we have:
RSA Algorithm
Overview of Key Generation
1. Generate two large prime numbers, p and q.
2. Let n = pq.
3. Let Ф (n) = (p-1) (q-1).
4. Choose a small number e, ie relatively prime to the quotient and is 1 < e < Ф
(n) and gcd(e, Ф (n))=1, where e will be part of private key.
5. Find d, we will calculate by 2 methods
a) Eucliden Algorithm d = e-1 mod Ф (n)
b) Conherent equation method d = 1+ k(Ф (n))/e
✓ Encryption
e
6. C = M mod n
✓ Decryption
7. M = Cd mod n
1. Generate two large prime numbers, p and q
To make the example easy to follow, I am going to use small numbers, but this is
not secure. Lets have:
p=7
q = 19
2. Let n = p q
n=pxq
= 7 x 19
= 133
3. Let Ф (n) = (p-1) (q-1)

= 6 x 18
= 108
4. Choose a small number, e coprime to m.

✓ e coprime to m, means that the largest number that can exactly divide both e and
m (their greatest common divisor, or GCD) is 1.
e = 2 Æ GCD (2,108) = 2 (No !)

e = 3 Æ GCD (3,108) = 3 (Yes !)
e = 4 Æ GCD (4,108) = 4 (Yes !)
e = 5 Æ GCD (5,108) = 1 (Yes !)
✓ Let have e= 5
5. Find d, Conherent equation method d = 1+ k(Ф (n))/e
✓ This is equivalent to finding d which satisfies de = 1 +k (Ф (n)), Where k is

any integer.
✓ We can rewrite this as,
d = (1 + nm)/ e
✓ Now we work through values of n until an integer
solution for e is found:
✓ k = 0 Æ d = (1 + 0 * 108) / 5 = 1/5 (no)
✓ k = 1 Æ d = (1 + 1 * 108) / 5 = 109/5 (no)
✓ k= 2 Æ d = (1 + 2 * 108) / 5 = 217/5 (no)
✓ k = 3 Æ d = (1 + 3 * 108) / 5 = 325/5 = 65 (yes !)
Public Key Secret Key
n = 133 n = 133
e=5 d = 65
Communication
Encryption
✓ This message must be a number less than the smaller of p and q.

✓ However, at this point we don’t know p or q, so in practice a lower bound on p and
q must be published.
✓ This can be published below their true value and so isn't a major security concern. For
e.g., lets use the message “ 6”.
C =Pe% n
= 6 5 % 133
= 7776 % 133
= 62
Decryption
This works very much like encryption, but involves a larger exponentiation which is broken down
into several steps.
M= c d % n
= 62 65 % 133
= 62 x 62 64 % 133
= 62 x (622)32 % 133
= 62 x (3844)32 % 133
= 62 x (3844 % 133)32 % 133
= 62 x (120)32 % 133
We now repeat the sequence of operation that reduced 6265 to 12032 to reduce the exponent down to
1.
= 62 x (1202)16 % 133
= 62 x (14400)16 % 133
= 62 x (14400 % 133)16 % 133
= 62 x (36)16 % 133
= 62 x (362)8 % 133
= 62 x (1296)8 % 133
= 62 x (1296 % 133)8 % 133
Computer Security Module Compiled by: Mr. Diriba M. @2023 G.C, Computer Science ,Ambo University
= 62 x (99)8 % 133
= 62 x (992)4 % 133
= 62 x (9801 % 133)4 % 133
= 62 x (92)4 % 133
= 62 x (922)2 % 133
= 62 x (922)2 % 133
= 62 x (8464 % 133)2 % 133
= 62 x (85)2 % 133
= 62 x (7225) % 133
= 62 x (7225 % 133) % 133
= 62 x (43)1 % 133
= 2666 % 133
=6
And that matches the plaintext we put in at the beginning, so that algorithm worked
Cryptography Hash functions
Hash functions are extremely useful and appear in almost all information security applications. A hash
function is a mathematical function that converts a numerical input value into another compressed
numerical value. The input to the hash function is of arbitrary length but output is always of fixed
length.
Values returned by a hash function are called message digest or simply hash values. The following
picture illustrated hash function −
Features of Hash Functions

The typical features of hash functions are −
• Fixed Length Output (Hash Value)
o Hash function coverts data of arbitrary length to a fixed length. This process is often
referred to as hashing the data.
o In general, the hash is much smaller than the input data, hence hash functions are
sometimes called compression functions.
o Since a hash is a smaller representation of a larger data, it is also referred to as a digest.
o Hash function with n bit output is referred to as an n-bit hash function. Popular hash
functions generate values between 160 and 512 bits.
• Efficiency of Operation
o
Generally, for any hash function h with input x, computation of h(x) is a fast operation.
o Computationally hash functions are much faster than a symmetric encryption.
Program Security Overview
An assessment of security can also be influenced by someone's general perspective on software quality. For
example, if your manager's idea of quality is conformance to specifications, then she might consider the code
secure if it meets security requirements, whether or not the requirements are complete or correct.
Frequently, we talk about "bugs" in software, a term that can mean many different things depending on
context. A bug can be a mistake in interpreting a requirement, a syntax error in a piece of code, or the (as-
yet-unknown) cause of a system crash.
When a human makes a mistake, called an error, in performing some software activity, the error may lead
to a fault, or an incorrect step, command, process, or data definition in a computer program. For example, a
designer may misunderstand a requirement and create a design that does not match the actual intent of the
requirements analyst and the user. This design fault is an encoding of the error, and it can lead to other faults,
such as incorrect code and an incorrect description in a
user manual. Thus, a single error can generate many faults, and a fault can reside in any development or
maintenance product.
A failure is a departure from the system's required behaviour. It can be discovered before or after system
delivery, during testing, or during operation and maintenance. Since the requirements documents can contain
faults, a failure indicates that the system is not performing as required, even though it may be performing as
specified.
Making the system less secure rather than more secure because they frequently introduced new faults.
There are at least five reasons why.
 Narrow focus on the fault itself.
 The fault often had nonobvious side effects in places other than the immediate area of the fault.
 Fixing one problem often caused a failure somewhere
 The fault could not be fixed properly because system functionality or performance would suffer as a
consequence
 Unexpected Behaviour - to understand program security, it can examine programs to see whether
they behave as their designers intended or users expected.
Flaws:
Program security flaws can derive from any kind of software fault. That is, they cover everything from a
misunderstanding of program requirements to a one-character error in coding or even typing.
The flaws can result from problems in a single code component or from the failure of several programs or
program pieces to interact compatibly through a shared interface. The security flaws can reflect code that
was intentionally designed or coded to be malicious or code that was simply developed in a sloppy or
misguided way. Thus, it makes sense to divide program flaws into two separate logical categories: human
errors, intentionally induced flaws (malicious)
Types of Flaws
They further divide intentional flaws into malicious and nonmalicious ones. In the taxonomy, the
inadvertent flaws fall into six categories:
 validation error (incomplete or inconsistent)
 domain error
 serialization
 inadequate identification and authentication
 boundary condition violation
 logic errors
Malicious Code
Malicious code refers to a broad category of programs that can cause damage or undesirable effects to
computers or networks. Potential damage can include modifying, destroying or stealing data, gaining or
allowing unauthorized access to a system, bringing up unwanted screens, and executing functions that a user
never intended.
Examples of malicious code include computer
 Viruses, is a program that infects a computer by attaching itself to another program, and propagating itself
when that program is executed.
 Worms, is a standalone malware computer program that replicates itself in order to spread to other
computers
 Trojan horses, A Trojan horse usually carries a hidden destructive function that is activated when the
application is started.
 Logic bombs, is a class of malicious code that "detonates" or goes off when a specified condition occurs.
A time bomb is a logic bomb whose trigger is a time or date.
 Spyware is a type of software that secretly forwards information about a user to third parties without the
user's knowledge or consent. This information can include a user's online activities, files accessed on the
computer, or even user's keystrokes.
 Adware, is a type of software that displays advertising banners while a program is running. Some adware
can also be spyware. They first spy on and gather information from a victim's computer, and then display
an advertising banner related to the information collected.
Computer Virus
A computer virus is a self-replicating computer program which can attach itself to other files/programs, and
can execute secretly when the host program/file is activated. When the virus is executed, it can perform a
number of tasks, such as erasing your files/hard disk, displaying nuisance information, attaching to other
files, etc.
Type of virus
 Memory-Resident Virus - This type will reside in main system memory. Whenever the
operating system executes a file, the virus will infect a file if it is a suitable target, for
example, a program file.
 Program File Virus - This will infect programs like EXE, COM, SYS etc.
 Polymorphic Virus -The virus itself can change form using various polymorphism
techniques.
 Boot Sector Virus -This type will infect the system area of a disk, when the disk is
accessed initially or booted.
 Stealth Virus - A virus which uses various stealth techniques in order to hide itself from
detection by anti-virus software.
 Macro Virus - Unlike other virus types, these viruses attack data files instead of executable
files.
 Email virus - A virus spread by email messages.
Nonmalicious Program flaws:

Being human, programmers and other developers make many mistakes, most of which are unintentional and
no malicious. Many such errors cause program malfunctions but do not lead to more serious security
vulnerabilities. However, a few classes of errors have plagued programmers and security professionals for
decades, and there is no reason to believe they will disappear. In this section we consider three classic error
types that have enabled many recent security breaches. We explain each type, why it is relevant to security,
and how it can be prevented or mitigated.
buffer overflows,
time-of-check to time-of-use flaws,
incomplete mediation
Buffer Overflow Attack
A buffer is a temporary area for data storage. When more data (than was originally allocated to be stored)
gets placed by a program or system process, the extra data overflows. It causes some of that data to leak out
into other buffers, which can corrupt or overwrite whatever data they were holding.
In a buffer-overflow attack, the extra data sometimes holds specific instructions for actions intended by a
hacker or malicious user; for example, the data could trigger a response that damages files, changes data or
exposes private information.
Attacker would use a buffer-overflow exploit to take advantage of a program that is waiting on a user’s
input. There are two types of buffer overflows: stack-based and heap-based.
Heap-based, which are difficult to execute and the least common of the two, attack an application by
flooding the memory space reserved for a program.
Stack-based buffer overflows, which are more common among attackers, exploit applications and programs
by using what is known as a stack: memory space used to store user input.
Key Concepts of Buffer Overflow
➢ This error occurs when there is more data in a buffer than it can handle, causing data to overflow into
adjacent storage.
➢ This vulnerability can cause a system crash or, worse, create an entry point for a cyberattack.
➢ C and C++ are more susceptible to buffer overflow.
➢ Secure development practices should include regular testing to detect and fix bufferoverflows. These
practices include automatic protection at the language level and bounds-checking at run- time.
➢ Many programming languages are prone to buffer overflow attacks. However, the extent of such attacks
varies depending on the language used to write the vulnerable program
Let us study some real program examples that show the danger of such situations based on the C. In the
examples, we do not implement any malicious code injection but just to show that the buffer can be
overflow. Modern compilers normally provide overflow checking option during
the compile/link time but during the run time it is quite difficult to check this problem without any extra
protection mechanism such as using exception handling.
// A C program to demonstrate buffer overflow #include <stdio.h>
#include <string.h> #include
<stdlib.h>
int main(int argc, char *argv[])
{
// Reserve 5 byte of buffer plus the terminating NULL.
// should allocate 8 bytes = 2 double words,
// To overflow, need more than 8 bytes...
char buffer[5]; // If more than 8 characters input
// by user, there will be access
// violation, segmentation fault
// a prompt how to execute the program... if (argc < 2)
{
printf("strcpy() NOT executed... \n"); printf("Syntax: %s
<characters>\n", argv[0]); exit(0);
}
// copy the user input to mybuffer, without any
// bound checking a secure version is srtcpy_s() strcpy(buffer,
argv[1]);
printf("buffer content= %s\n", buffer);
// you may want to try strcpy_s()
printf("strcpy() executed...\n");
return 0;
}
Compile this program in Linux and for output use command outpute_file INPUT
Input : 12345678 (8 bytes), the program run smoothly. Input :
123456789 (9 bytes)
"Segmentation fault" message will be displayed and the program terminates.
The vulnerability exists because the buffer could be overflowed if the user input (argv[1]) bigger than 8 bytes.
Why 8 bytes? For 32 bit (4 bytes) system, we must fill up a double word (32 bits) memory. Character (char)
size is 1 byte, so if we request buffer with 5 bytes, the system will
allocate 2 double words (8 bytes). That is why when you input more than 8 bytes; the mybuffer will be
over flowed
Buffer Overflow Causes
Coding errors are typically the cause of buffer overflow.
• failing to allocate large enough buffers and neglecting to check for overflow problems. These mistakes are
especially problematic with C/C++, which does not have built-in protection against buffer overflows.
Consequently, C/C++ applications are often targets of buffer overflow attacks.
How to stop a buffer overflow from attacking applications
Now that you know how a buffer-overflow attack works, you can better grasp how to prevent them from
infiltrating your system and taking control of your applications. Here are some ways to bulk up your
defenses and prevent a buffer overflow:
o Avoid using library files: Library files, which are used in programming language and are inherently
insecure, are a target for hackers during application attacks. Any weakness found by a
hacker in a library file will also exist in all applications that use that library file, giving hackers a glaring
target for a potential attack.
o Filter user input: Filtering out possibly dangerous HTML code and characters that could cause
database problems. For example, in ASP code, the apostrophe, quotation mark and ampersand symbols are
all reserved symbols. These reserved symbols can't be included within a user's input or they will cause the
application to crash. Filter them out and replace them with something else to avoid complications and
problems.
o Test applications: Be sure to test all applications prior to deployment; trying to break into every
application to ensure secure coding. If the application breaks, it will be clear that there is a problem that
needs to be fixed before a hacker is able to exploit it.
Time-of-check to time-of-use flaws
In software development, time of check to time of use (TOCTOU, TOCTTOU or TOC/TOU) is a class of
software bugs caused by changes in a system between the checking of a condition (such as a security
credential) and the use of the results of that check. This is one example of a race condition. Time-of-check,
time-of-use race conditions occur when between the time in which a given resource is checked, and the time
that resource is used, a change occurs in the resource to invalidate the results of the check.
A simple example is as follows: Consider a Web application that allows a user to edit pages, and also allows
administrators to lock pages to prevent editing. A user requests to edit a page, getting a form which can be
used to alter its content. Before the user submits the form, an administrator locks the page, which should
prevent editing. However, since editing has already begun, when the user submits the form, those edits
(which have already been made) are accepted. When the user began editing, the appropriate authorization
was checked, and the user was indeed allowed to edit. However, the authorization was used later, at a time
when edits should no longer have been allowed.
Time-of-check, time-of-use consequences
Access control: The attacker can gain access to otherwise unauthorized resources. Authorization: race
conditions such as this kind may be employed to gain read or write access to resources which are not
normally readable or writable by the user in question.
Integrity: The resource in question, or other resources (through the corrupted one), may be changed in
undesirable ways by a malicious user.
Accountability: If a file or other resource is written in this method, as opposed to in a valid way, logging of
the activity may not occur.
Non-repudiation: In some cases it may be possible to delete files a malicious user might not otherwise
have access to, such as log files.
What Happens During a Race Condition Attack?
Web applications, file systems, and networking environments are all vulnerable to a race condition attack.
Attackers might target an access control list (ACL), a payroll or human resources database, a transactional
system, a financial ledger, or some other data repository.
Although race condition attacks don’t happen frequently — because they’re relatively difficult to engineer
and attackers must exploit a very brief window of opportunity — when they do happen, they can lead to
serious consequences, including a system granting unauthorized privileges. What’s more, race condition
attacks are inherently difficult to detect.
Preventing Damage and Remediating Code Are Critical
It’s critical to scan and review code for race condition vulnerabilities and exposure period to check
Design: Strong locking methods may be designed to protect against this flaw.
Implementation: Use of system APIs may prevent check, use race conditions
INCOMPLETE MEDIATION:
• Incomplete mediation is another security problem that has been with us for decades.
• Attackers are exploiting it to cause security problems.
• Supplying wrong type of data in wrong length.
• It is easy to exploit, but it has been exercised less often than buffer overflows,
nevertheless, unchecked data values represent a serious potential vulnerability.
How to stop a incomplete mediation from attacking applications
✓ Don’t let client return a sensitive result .that can be easily recomputed by server
✓ Use drop-down boxes/choice lists for data input.
✓ Prevent user from editing input directly.
✓ Check validity of data values received from client.
CONTROLS AGAINST PROGRAM THREATS

A wise engineer who finds a fault can deal with it in at least three ways:
✓ by learning how, when and why errors occur,
✓ by taking action to prevent mistakes, and
✓ by scrutinizing products to find the instances and effects of errors that were missed.
There are many ways a program can fail and many ways to turn the underlying faults into security failures. It
is of course better to focus on prevention than cure; how do we use controls during software
development—the specifying, designing, writing, and testing of the program
The Nature of Software Development
Software development is often considered a solitary effort; a programmer sits with a specification or design
and grinds out line after line of code. But in fact, software development is a collaborative effort, involving
people with different skill sets who combine their expertise to produce a working product. Development
requires people who can
specify the system, by capturing the requirements and building a model of how the system should work
from the users' point of view
design the system, by proposing a solution to the problem described by the requirements and building a
model of the solution
implement the system, by using the design as a blueprint for building a working solution
test the system, to ensure that it meets the requirements and implements the solution as called for in the
design
review the system at various stages, to make sure that the end products are consistent with the
specification and design models
document the system, so that users can be trained and supported
manage the system, to estimate what resources will be needed for development and to track when the
system will be done
maintain the system, tracking problems found, changes needed, and changes made, and evaluating
their effects on overall quality and functionality
We can examine both product and process to see how each contributes to quality and in particular to security
as an aspect of quality. Let us begin with the product, to get a sense of how we recognize high-quality secure
software.
Modularity, Encapsulation, and Information Hiding
Modularity
Modularization is the process of dividing a task into subtasks. This division is done on a logical or
functional basis. Each component performs a separate, independent part of the task.
Encapsulation
Encapsulation hides a component's implementation details, but it does not necessarily mean complete
isolation. Many components must share information with other components, usually with
good reason. However, this sharing is carefully documented so that a component is affected only in known
ways by others in the system.
Information Hiding
Developers who work where modularization is stressed can be sure that other components will have
limited effect on the ones they write.
Peer Reviews
We turn next to the process of developing software. Certain practices and techniques can assist us in finding
real and potential security flaws (as well as other faults) and fixing them before the system is turned over to
the users. Of the many practices available for building what they call "solid software,"
peer reviews
hazard analysis
testing
good design
prediction
static analysis
configuration management
analysis of mistakes
Security Database
Introduction: Database security
Database security concerns the use of a broad range of security controls to protect databases
(potentially including the data, the database applications or stored functions, the database systems, the
database servers and the associated network links) against compromises of their confidentiality,
integrity and availability. It involves various types or categories of controls, such as
1. Technical,
2. Procedural/administrative
3. Physical.
Database security is a specialist topic within the broader realms of computer security, information
security and risk management.
Database Security Architecture:
Security risks to database systems:
Unauthorized or unintended activity or misuse by authorized database users: database
administrators, or network/systems managers, or by unauthorized users or hackers (e.g. inappropriate
access to sensitive data, metadata or functions within
databases, or inappropriate changes to the database programs, structures or security configurations);
Malware infections causing incidents such as unauthorized access, leakage or disclosure of personal or
proprietary data, deletion of or damage to the data or programs, interruption or denial of authorized access
to the database, attacks on other systems and the unanticipated failure of database services;
Overloads, performance constraints and capacity issues resulting in the inability of authorized users to use
databases as intended;
Physical damage to database servers caused by computer room fires or floods, overheating, lightning,
accidental liquid spills, static discharge, electronic breakdowns/equipment failures and obsolescence;
Design flaws and programming bugs in databases and the associated programs and systems, creating
various security vulnerabilities (e.g. unauthorized privilege escalation), data loss/corruption, performance
degradation etc.;
Data corruption and/or loss caused by the entry of invalid data or commands, mistakes in database or
system administration processes, damage/criminal damage etc.
Database security controls:
 Access control
 Auditing
 Authentication
 Encryption
 Integrity controls
 Backups
 Application
 security
Scope of the Database Security
Databases have been largely secured against hackers through network security measures such as
firewalls, and network-based intrusion detection systems.Furthermore, implement database Controls to
system, program, function and data access controls, along with the associated user identification,
authentication and rights management functions, have always been important to limit and in some
cases log the activities of authorized users and administrators. In other words, these are
complementary approaches to database security, working from both the outside-in and the inside-out
as it were.
Threats to the database
You will build your security skills from two directions. One is from the appreciation and awareness of
changing threats, and the other from the technical remedies to them. Threats include:
Unauthorized modification: Changing data values for reasons of sabotage, crime or ignorance
which may be enabled by inadequate security mechanisms, or sharing of passwords or
password guessing, for example.
Unauthorized disclosure: When information that should not have been disclosed has been
disclosed. A general issue of crucial importance, which can be accidental or deliberate.
Loss of availability: Sometimes called denial of service. When the database is not available it
incurs a loss (otherwise life is better without the system!). So any threat that gives rise to time
offline, even to check whether something has occurred, is to be avoided.
Commercial sensitivity: Most financial losses through fraud arise from employees. Access
controls provide both protection against criminal acts and evidence of attempts (successful or
otherwise) to carry out acts detrimental to the organisation,
whether fraud, extraction of sensitive data or loss of availability.
Personal privacy and data protection: Personal data is data about an identifiable individual.
Often the individual has to be alive but the method of identification is not prescribed. So a
postal code for a home may in some cases identify an individual, if only one person is living at
an address with the postal code. Such data needs careful handling and control.
Computer misuse: There is also generally legislation on the misuse of computers. Misuse
includes the violation of access controls and attempts to cause damage by changing the
database state or introducing worms and viruses to interfere with proper operation. These
offences are often extraditable. So an unauthorized access in Hong Kong using computers in
France to access databases in Germany which refer to databases in America could lead to
extradition to France or Germany or the USA.
Audit requirements: These are operational constraints built around the need to know who did
what, who tried to do what, and where and when everything happened. They involve the
detection of events (including CONNECT and GRANT transactions), providing evidence for
detection, assurance as well as either defence or prosecution.
Principles of database security
To structure thoughts on security, you need a model of security. These come in various forms that depend
on roles, degree of detail and purpose. The major categories are areas of interest (threats, impact and loss)
as well as the actions involved in dealing with them. Security risks are to be seen in terms of the loss of
assets. These assets include:
 Hardware
 Software
 Data
 Data quality
 Credibility
 Availability
 Business benefit
B2 database and functions can be managed by two different modes of security controls:
1. Authentication
2. Authorization
Authentication
Authentication is the process of confirming that a user logs in only in accordance with the rights to
perform the activities he is authorized to perform. User authentication can be performed at operating system
level or database level itself. By using authentication tools for biometrics such as retina and figure prints are
in use to keep the database from hackers or malicious users.
The database security can be managed from outside the db2 database system. Here are some types of
security authentication process:
1. Based on Operating System authentications.
2. Lightweight Directory Access Protocol (LDAP)
For DB2, the security service is a part of operating system as a separate product. For
Authentication, it requires two different credentials, those are userid or username, and password.
Authorization
You can access the DB2 Database and its functionality within the DB2 database system, which is managed by
the DB2 Database manager. Authorization is a process managed by
the DB2 Database manager. The manager obtains information about the current authenticated user, that
indicates which database operation the user can perform or access.
Here are different ways of permissions available for authorization:
Primary permission: Grants the authorization ID directly.
Secondary permission: Grants to the groups and roles if the user is a member
Public permission: Grants to all users publicly.
Context-sensitive permission: Grants to the trusted context role.
Multi - Instance level authorities:
1. System administration authority (SYSADM)
2. System control authority (SYSCTRL)
3. System maintenance authority (SYSMAINT)
4. System monitors authority (SYSMON)
5. Database authorities
1. System administration authority (SYSADM)
It is highest level administrative authority at the instance-level. Users with SYSADM authority can
execute some databases and database manager commands within the instance. Users with SYSADM
authority can perform the following operations:
Upgrade a Database
Restore a Database
Update Database manager configuration file.
2. System control authority (SYSCTRL)
It is the highest level in System control authority. It provides to perform maintenance and utility
operations against the database manager instance and its databases. These operations can affect
system resources, but they do not allow direct access to data in the database.
Users with SYSCTRL authority can perform the following actions:
Forcing users off the system-level
Creating or Dropping a database-level
Creating, altering, or dropping a table space
Using any table space
Restoring Database
3. System maintenance authority (SYSMAINT)
It is a second level of system control authority. It provides to perform maintenance and utility operations
against the database manager instance and its databases. These operations affect the system resources
without allowing direct access to data in the database. This authority is designed for users to maintain
databases within a database manager instance that contains sensitive data.Only Users with SYSMAINT
authorities can perform the following tasks:
1. Taking backup
2. Restoring the backup
3. Roll forward recovery
4. Starting or stopping instance
5. Restoring tablespaces
6. Executing db2trc command
7. Query the state of a tablespace
8. Updating log history files
9. Reorganizing of tables
10. Using RUNSTATS (Collection catalog statistics)
4. System monitor authority (SYSMON)
With this authority, the user can monitor or take snapshots of database manager instance or its database.
SYSMON authority enables the user to run the following tasks:
GET DATABASE MANAGER MONITOR SWITCHES GET MONITOR
SWITCHES
GET SNAPSHOT LIST
LIST ACTIVE DATABASES LIST
APPLICATIONS
LIST DATABASE PARTITION GROUPS LIST DCS
APPLICATIONS
LIST PACKAGES LIST
TABLES
LIST TABLESPACE CONTAINERS LIST
TABLESPACES
LIST UTITLITIES
RESET MONITOR
UPDATE MONITOR SWITCHES
5. Database authorities
Each database authority holds the authorization ID to perform some action on the database. These database
authorities are different from privileges. Here is the list of some database authorities:
ACCESSCTRL: allows to grant and revoke all object privileges and database authorities.
BINDADD: Allows to create a new package in the database.
CONNECT: Allows to connect to the database. CREATETAB:
Allows to create new tables in the database.
CREATE_EXTERNAL_ROUTINE: Allows to create a procedure to be used by applications and the

users of the databases.
DATAACCESS: Allows to access data stored in the database tables.
DBADM: Act as a database administrator. It gives all other database authorities except ACCESSCTRL,
DATAACCESS, and SECADM.
EXPLAIN: Allows to explain query plans without requiring them to hold the privileges to access the data in the
tables.
LOAD: Allows to load data into table.
How to protect Database from Threats
1. SETSESSIONUSER
Authorization ID privileges involve actions on authorization IDs. There is only one privilege, called the
SETSESSIONUSER privilege. It can be granted to user or a group and it allows to session user to switch
identities to any of the authorization IDs on which the privileges are granted. This privilege is granted by user
SECADM authority.
2. Schema privileges
This privileges involve actions on schema in the database. The owner of the schema has all the permissions to
manipulate the schema objects like tables, views, indexes, packages, data types, functions, triggers,
procedures and aliases. A user, a group, a role, or PUBLIC can be granted any user of the following
privileges:
CREATEIN: allows to create objects within the schema ALTERIN:
allows to modify objects within the schema. DROPIN: allows to
delete the objects within the schema.
3. Tablespace privileges
These privileges involve actions on the tablespaces in the database. User can be granted the USE privilege for
the tablespaces. The privileges then allow them to create tables within tablespaces. The privilege owner can
grant the USE privilege with the command WITH GRANT OPTION on the tablespace when tablespace is
created.
Table and view privileges
The user must have CONNECT authority on the database to be able to use table and view privileges. The
privileges for tables and views are as given below:
CONTROL
It provides all the privileges for a table or a view including drop and grant, revoke individual table privileges to
the user.
ALTER
It allows user to modify a table.
DELETE
It allows the user to delete rows from the table or view.
INDEX
It allows the user to insert a row into table or view. It can also run import utility.
REFERENCES
It allows the users to create and drop a foreign key.
SELECT
It allows the user to retrieve rows from a table or view.
UPDATE
It allows the user to change entries in a table, view.
Security plan in database
1. Identify the user community.
2. Gather the database information.
3. Determine the types of user account (i.e. associate database objects and user roles).
4. Undertake a threat analysis.
5. Establish DBA authorities and procedures.
6. Establish policies for managing (creating, deleting, auditing) user accounts.
7. Determine the user tracking policy.
8. Establish the user identification method.
9. Define security incidents and reporting procedure.
10. Assess the sensitivity of specific data objects.
11. Establish standards and enforcement procedures (as well as back-up and recovery plans, of
course).
Network security issues
When businesses connect their systems and computers, one user's problems may affect everyone on the
network. Despite the many benefits of using networks, networking raises a greater potential for security
issues such as:
 data loss
 security breaches
 malicious attacks, such as hacking and viruses
Protection with common network security issues
Typical preventive measures to help you avoid network security threats include:
 security devices such as firewalls and anti-virus software
 security settings in the router or the operating system
 data encryption systems for sensitive data
 data backup, including the use of off-site backup
 restricting access to the network infrastructure to authorized personnel only
 training staff in the safe and secure use of the equipment
As well as training staff, you should also implement policies and rules for computer use in the workplace.
You should let your staff know that misuse of networked equipment can be regarded as misconduct and may
result in disciplinary action. Find sample IT policies, disclaimers and notices for your business.
Threats against networked applications
The possibly external network threat for organization are listed below.
o Malicious threat:
Malicious threat includes Computer viruses, Trojan, worm and spyware. It is code or software that is
particularly intended to damage, steal, disrupt, or as a rule inflict some other “terrible” or illegitimate activity
on information, hosts, or network.
o DOS attack:
A Denial-of-Service (DOS) attack is an attack intended to close down a machine or network, making it
unavailable to its intended users.
o Eavesdropping:
Eavesdropping refers to the unauthorized monitoring of other people’s communications. It can be conducted
on ordinary telephone systems, emails, instant messaging or other Internet services.
o Data breaches:
A data breach is an occurrence in which sensitive, secured or confidential data has potentially been seen,
stolen or utilized by an individual unapproved to do as such. In case of small organization data breaches may
involve personal information and intellectual property.
o Phishing:
Phishing is the process to gain sensitive information like usernames, passwords and credit card information,
frequently for malicious reasons, by taking on the appearance of a dependable element in an electronic
correspondence.
o D-DOS attack
A distributed Denial of Service (DDOS) attack is a challenge to make an online service inaccessible by
overpowering it with traffic from numerous sources. It focus on wide range banking information and
confidential data of any organization.
How to stop this threat:
• Malicious threat:
Security measure:
 Install antivirus software into the system and download updates to ensure that software has the
latest fixes for new viruses, Trojans, worms and bots.
 Ensure that antivirus software can scan email and the all the files downloaded from the internet.
• DOS attack:
Security Measure:
 Using Over-provisioning brute force defense.
 Configuring windows firewall and IP access lists.
• Eavesdropping:
Security Measure: An electronic search of the radio frequency (RF) spectrum to detect any
unauthorized emanations from the area being examined.
Use encrypted data using data transmission or conversation.
• Data breaches:
Security measure:
 Encrypting all the sensitive information and shred them before disposing.
 Retain the third party and limiting the staffs to access system and devices.
Phishing:
 Security Measure:
 Keep websites certificates up to date so that users are assured the legitimacy of the websites.
 Educate users about the best practices that they should follow and observe when using Internet
services.
• D-DOS attack
Security Measure:
 Limit the rate of router to prevent form web server being overwhelmed
 Use of firewall and pack sniffing technique for controlling high packet traffic
Introduction to Secure Network Design
All information systems create risks to an organization, and whether or not the level of risk introduced is
acceptable is ultimately a business decision. Controls such as firewalls, resource isolation, hardened system
configurations, authentication and access control systems, and encryption can be used to help mitigate
identified risks to acceptable levels.
Designing Security into a Network
Security is often an overlooked aspect of network design, and attempts at retrofitting security on top of an
existing network can be expensive and difficult to implement properly. Separating assets of differing trust
and security requirements should be an integral goal during the design phase of any new project. Aggregating
assets that have similar security requirements in dedicated zones allows an organization to use small numbers
of network security devices, such as firewalls and intrusion-detection systems, to secure and monitor multiple
application systems.
Other influences on network design include budgets, availability requirements, the network’s size and scope,
future growth expectations, capacity requirements, and management’s tolerance of risks. For example,
dedicated WAN links to remote offices can be more reliable than virtual private networks (VPNs), but they
cost more, especially when covering large distances. Fully redundant networks can easily recover from
failures, but having duplicate hardware increases costs, and the more routing paths available, the harder it is
to secure and segregate traffic flows.
A significant but often missed or under-considered factor in determining an appropriate security design
strategy is to identify how the network will be used and what is expected from the business
it supports. This design diligence can help avoid expensive and difficult retrofits after the network is
implemented. Let’s consider some key network design strategies.
Firewalls
What is a Firewall?
A firewall is simply a program or network devices that filters the information coming through the internet
connection into your private network or computer system.
In computing, a firewall is a network security system that monitors and controls incoming and outgoing
network traffic based on predetermined security rules. A firewall typically establishes a barrier between a
trusted internal network and untrusted external network, such as the Internet.
Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls filter
traffic between two or more networks and run on network hardware. Host-based firewalls run on host
computers and control network traffic in and out of those machines.
What is an Application Firewall?

o Application Fire wall is a special firewall that is specifically coded (Software Programs) for
the type of traffic it is inspecting.
o Example: The most widely developed application firewall is the web application
firewall.
Difference between Host based & Network based Firewall
A host based firewall is installed on the individual computer to protect it from activity
occurring on its network.
A network based firewall is implemented at a specific point i n the network path and
protects all computers on the “internal” side of the firewall from all computers on the
external side of the fire wall.
Hardware and Software Firewall:
Hardware firewalls are integrated into the router that sits between a computer and the
internal.
Software firewalls are integrated on individual servers. They intercept each connection
request and then determine whether the request is valid or not.
Three Design goals of Firewalls.
➢ The first design goal for a firewall is that collectively the sum of all the network from internal to
external must go through the firewall physically cutting off all access to the local network except
via firewall. Example: Security Guard in the commercial Bank of Ethiopia, Ambo Main
Branch.
➢ The second goal would be only authorized traffic which is delineated by the local security policy
will be allowed to proceed. Example: The Bank Manager informed the security Guard to
Block A & B.
➢ Finally the last design goal is that the firewall itself is resistant to penetration inclusive in a solid
trustworthy system with a protected operating system. Example: Here the security guard
himself/herself act as an intellectual to block few peoples.
Types of Firewalls:
• Packet Filtering Router
• Application Level Gateway
• Circuit Level Gateway
o Packet Filtering Router
• Applies a set of rules to each incoming IP packets and then forwards or discards the
packets.
• Filter packets going in both directions.
• The packet filter is typically set up as a list of rules based on matches in the IP or TCP
header.
o Application Level Gateway
• Also called as proxy server.

• Acts as a relay of application level traffic.
It is used to check the traffic levels.
o Circuit Level Gateway
• Standalone Software.
• Sets up two TCP connections.
• The gateways typically relays TCP segments from one connection to the other without
examining the contents (simply it will send).
• The Security functions consists of determining which connections will be allowed.
The Role of Firewalls
• A firewall is a term used for a “barrier” between a network of machines and users that operate
under a common security policy and generally trust each other and the outside world.
• There are two basic reasons for using a firewall at present: to save money in concentrating your
security on a small number of components, and to simplify the architecture of a system by
restricting access only to machines that trust each other.
Advantages of Firewalls
• Concentration of security all modified software and logging is located on the firewall
system as opposed to being distributed many hosts.
• Protocol Filtering, where the firewalls filters protocols and services that are either not
necessary or that cannot be adequately secured from exploitation.
• Information Hiding, in which a firewall can “hide” names of internal systems (or)
electronic mail addresses, thereby revealing less information to outside hosts.
• Application Gateways, where the firewalls requires inside or outside users to connect first
to the firewall before connecting further, thereby filtering the protocol.
Disadvantages of Firewalls
• The most obvious being those certain types of network access may be hampered or even
blocked for some hosts, including telnet, ftp, NFS etc.
• A second disadvantages with a firewall system is that it concentrates security in one spot as
opposed to distributing it among systems, thus a compromised of the firewall could be disastrous
to other less protected systems on the subnet. Example: If someone attacks the security guard,
the organization face more risks.
IP Security Overview
The Internet community has developed application-specific security mechanisms in a number of areas,
including electronic mail (S/MIME, PGP), client/server(Kerberos), Web access (SSL), and others. However,
users have some security concerns that cut across protocol layers.
For example, an enterprise can run a secure, private TCP/IP network by disallowing links to untrusted sites,
encrypting packets that leave the premises, and authenticating packets that enter the premises. By
implementing security at the IP level, an organization can ensure secure networking not only for applications
that have security mechanisms but also for the many security-ignorant applications.
In response to these issues, the Internet Architecture Board (IAB) included authentication and encryption as
necessary security features in the next-generation IP, which has been issued as IPv6. Fortunately, these
security capabilities were designed to be usable both with the current IPv4 and the future IPv6. This means
that vendors can begin offering these features now, and many vendors do now have some IPsec capability in
their products.
IP-level security encompasses three functional areas: authentication, confidentiality, and key management.
The authentication mechanism assures that a received packet was, in fact, transmitted by the party identified
as the source in the packet header. In addition, this mechanism assures that the packet has not been altered in-
transit.
The confidentiality facility enables communicating nodes to encrypt messages to prevent eavesdropping by
third parties.
The key management facility is concerned with the secure exchange of keys. The current version of IPsec,
known asIPsecv3, encompasses authentication and confidentiality. Key management is provided by the
Internet Key Exchange standard, IKEv2.
Overview of IP security (IPsec)
FInternet Protocol Security (IPsec) is a network protocol, that authenticates and encrypts the packets of
data sent over a network.
FIPsec includes protocols for establishing mutual authentication between agents at the beginning of the
session and negotiation of cryptographic keys to use during the session.
FIPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security
gateways (network-to-network), or between a security gateway and a host (network-to- host).
FInternet Protocol security (IPsec) uses cryptographic security services to protect communications over
Internet Protocol (IP) networks.
FIPsec supports network-level peer authentication, data-origin authentication, data integrity, and data
confidentiality (encryption), and replay protection.
F The IPsec suite is an open standard. IPsec uses the following protocols to perform various
functions:
F Authentication Headers (AH) provides connectionless data integrity and data origin authentication
for IP datagrams and provides protection against replay attacks.
F Encapsulating Security Payloads (ESP) provides confidentiality, data-origin authentication,
connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited
traffic-flow confidentiality.
F Security Associations (SA) provides the bundle of algorithms and data that provide the parameters
necessary for AH and/or ESP operations. The Internet Security Association and Key Management
Protocol (ISAKMP) provides a framework for authentication and key exchange
What is intrusion detection?
Intrusion detection is the process of monitoring the events occurring in a computer system or network and
analysing them for signs of intrusions. Intrusions are caused by attackers accessing the systems from the
Internet, authorized users of the systems who attempt to gain additional privileges for which they are not
authorized, and authorized users who misuse the privileges given them. Intrusion Detection Systems (IDSs)
are software or hardware products that automate this monitoring and analysis process.
Functions of Intrusion detection systems:
F Monitoring and analysis of user and system activity
F Auditing of system configurations and vulnerabilities
F Assessing the integrity of critical system and data files
F Recognition of activity patterns reflecting known attacks
F Statistical analysis for abnormal activity patterns
Benefits of intrusion detection:

F Improving integrity of other parts of the information security infrastructure
F Improved system monitoring, Tracing user activity from the point of entry to point of exit or
impact
F Recognizing and reporting alterations to data files
F Spotting errors of system configuration and sometimes correcting them
F Recognizing specific types of attack and alerting appropriate staff for defensive responses
F Keeping system management personnel up to date on recent corrections to programs
F Allowing non-expert staff to contribute to system security
F Providing guidelines in establishing information security policies
IDS Taxonomy
A distributed intrusion detection system is one where data is collected and analyzed in multiple host, as
opposed to a centralized intrusion detection system. Both distributed and centralized intrusion detection
systems may use host- or network-based data collection methods, or most likely a combination of the two.
--IDS can react to intrusion in two ways: Active - takes some action as a reaction to intrusion (such
shutting down services, connection, logging user...) Passive - generates alarms or notification.
--Audit information analysis can be done generally in two modes. Intrusion detection process can run
continuously, also called in real-time. The term "real-time" indicates not more than a fact that IDS reacts to
an intrusion "quick enough". Intrusion detection process also can be run periodically.
S/MIME vs PGP
Minimum Security Controls:
The following minimum-security controls have been selected for the information systems processing
in any organization
o General Policy Control
o Access Control
o Security Awareness & Training
o Audit & Accountability
o Security Assessment & Authorization
o Configuration Management
o Contingency Planning
o Identification & Authorization
o Incident Response
o System Maintenance
o Media Protection
o Physical & Environmental Protection
o Security Planning
o Personnel Security
o Risk Assessment
o System & Services Acquisition
o System & Communication Protection
o System & Information Integrity
• General Policy Control: This document, and any documents associated with or supportive of this
document, is reviewed and updated annually.
• Access Control: Account types
• Separate Account Types
• Standard user accounts will be used for the routine use of the information systems
• Administrator accounts will be established for performing tasks requiring elevated privileges
(e.g., installing and updating third-party software)
• Security Awareness & Training:
• All users will take annual security awareness training
• Training records will be maintained
• Audit & Accountability - Regularly audit the performance of system and users
• Security Assessment & Authorization: security control
• Determine security controls
• Evaluate security controls periodically
• Configuration Management: recommendation
• Apply CIS benchmark recommendations to obtain a minimal score of 80%
• Software must be approved by the Information System Security Officer (ISSO)
prior to installation
• Contingency Planning:
• Establish a methodology for performing data back-ups
• Annually test or validate data back-ups and validate that back-ups are being performed
• Identification & Authorization: ID and PWD strength
• Users have unique accounts (shared accounts are not authorized)
• Passwords must be at least 12 characters and meet complexity requirements in accordance with
Microsoft’s local group policy (upper case letter, lower case letter, special character and number)
• Passwords must be changed every 180 days
• The last 5 passwords cannot be re-used
• Account will be locked out after 5 consecutive invalid logon attempts. Lock-out duration is 15
minutes and the lock-out timer reset is 2 hours.
• Incident Response: ISSM
• Incidents will be reported to the Information System Security Manager (ISSM)
• System Maintenance: ISSO
• Maintenance performed by vendors will be approved by the ISSO
• Media Protection:
• Media will be marked appropriately based on content
• Physical & Environmental Protection:
• Laptops shall be accounted for and assigned to individuals
• Conduct annual inventory of all equipment
• Security Planning:
• Establish Rules of Behavior and ensure all users acknowledge
• Personnel Security:
• Establish personnel sanctions for individuals who violate security policy
• Risk Assessment:
• Review and verify risk categorization annually
• Re-establish configuration benchmarks annually as prescribed in Item 6, Configuration
Management
• System & Services Acquisition:
• describes secure configuration, installation, and operation of the system, component, or service
• System & Communication Protection:
• System shall be protected by anti-virus software
• System shall be protected by a software firewall (e.g., Microsoft)
• Ensure most recent software patches and updates are installed on the Operating System
• Ensure most recent version of third-party software is installed (e.g., Adobe Flash, Acrobat
Reader, McAfee, etc.)
• System & Information Integrity:
• Shall provide for SPAM protection filtering
• Shall provide for malicious code protection through the use of anti-virus software
Security Implementation and Protect Company Website From Hackers
Making your website live is like unlocking the door to your premises with your office and safe open: Most
of the people who visit your physical building will never even know that all of your data is there to discover
just by walking in. Theft is not the only thing on the mind of a hacker: Sheer destruction is a major
motivator. Hackers may want to destroy all your records, put a sick message on your customers’ screens or
just destroy your reputation.
You can never undo the damage done by a hacker, you can take steps to prevent it. Even the most basic
protection will discourage many hackers enough to make them go looking for easier pickings elsewhere.
Thieves are likelier to steal from people who leave their doors unlocked.
Following Steps to protect your website.
 Stay updated.
 Toughen up access control.
 Update everything.
 Tighten network security.
 Install a web application firewall.
 Install security applications.
 Hide admin pages.
 Limit file uploads.
 Use SSL.
 Remove form auto-fill.
 Back-up frequently.
 Stay updated.
You need to stay up to date with hacking threats. If you have at least a basic knowledge of what is possible
then you can protect your website against it. Follow updates at a tech site such as The Hacker News. Use the
information you gain to put fresh precautions in place when necessary.
Toughen up access control.
• The admin level of your website is an easy way into everything you do not want a hacker to see.
• Enforce user names and passwords that can not be guessed.
• Change the default database prefix from “wp6_” to something random and harder to guess.
• Limit the number of login attempts within a certain time, even with password resets, because
email accounts can be hacked as well.
• Never send login details by email, in case an unauthorized user has gained access to the account.
Update everything.
• If the reason behind the update is a security vulnerability, delaying an update exposes
you to attack in the interim period.
• Hackers can scan thousands of websites an hour looking for vulnerabilities that will allow them to
break in. They network like crazy, so if one hacker knows how to get into a program then hundreds of
hackers will know as well.
Tighten network security.
• Logins expire after a short period of inactivity.
• Passwords are changed frequently.
• Passwords are strong and NEVER written down.
• All devices plugged into the network are scanned for malware each time they are attached.
• Ever since I founded my hosting company, we've had to watch our network security on a minute-by-
minute basis not to be hacked.
Install a web application firewall.
A web application firewall (WAF) can be software or hardware based. It sets between your website server and
the data connection and reads every bit of data passing through it.
Install security applications.
• While not as effective as a full blown WAF, there are some free and paid for security applications
that you can install that will make life a bit more difficult for hackers.
• In fact, even some free plugins such as that from Acunetix WP Security can provide an additional
level of protection by hiding the identity of your website’s CMS..
Hide admin pages.
• You do not want your admin pages to be indexed by search engines, so you should use the robots_txt
file to discourage search engines from listing them. If they are not indexed then they are harder for
hackers to find. This tutorial from SEObook.com is all the help you will need.
Limit file uploads.
File uploads are a major concern. No matter how thoroughly the system checks them out, bugs can still get
through and allow a hacker unlimited access to your site’s data. The best solution is to prevent direct access
to any uploaded files.
Use SSL.
Use an encrypted SSL protocol to transfer users’ personal information between the website and your
database. This will prevent the information being read in transit and accesses without the proper authority.
Remove form auto-fill.
When you leave auto-fill enabled for forms on your website, you leave it vulnerable to attack from any user’s
computer or phone that has been stolen. You should never expose your website to attacks that utilize the
laziness of a legitimate user.
Back-up frequently.
• Just in case the worst happens anyway, keep everything backed-up.
• Back up on-site, back up off-site, back up everything multiple times a day.
• Every time a user saves a file it should automatically back up in multiple locations.
• Backing up once a day means that you lose that day’s data when your hard drive fails.
Remember every hard drive will fail.
Application Tools used to secure the website:
Netsparker (Free community edition and trial version available). A tool can good for testing SQL injection
and XSS
OpenVAS : A tool can Claims to be the most advanced open source security scanner. Good for testing
known vulnerabilities, currently scans over 25,000.
SecurityHeaders.io (free online check) : A tool to quickly report which security headers mentioned above
(such as CSP and HSTS) a domain has enabled and correctly configured.
Xenotix XSS Exploit Framework : A tool from OWASP (Open Web Application Security Project) that
includes a huge selection of XSS attack examples, which you can run to quickly
confirm whether your site's inputs are vulnerable in Chrome, Firefox and IE.
Security Implementation in Web Application Server
➢ Use separate servers for internal and external applications
➢ Use Separate Development Server for Testing and Debugging Apps
➢ Audit Website activity and store logs in a secure location
➢ Education of developers on sound security coding practices
➢ Patching Your Operating System and Web Server
➢ Use of Application Scanners
o Use separate servers for internal and external applications
Mostly, organizations have two classes of web applications; one of them serves the external users while the
other one serves the internal users. And, if you want security, you can place both applications on different
servers. This reduces the risk of some malicious person who tries to access the external application in order
to get internal information, which is sensitive and confidential. If you think you are unable to afford this
implementation, then you should at least use process isolation, which will stop your external applications
and internal applications interacting with one another.
o Use Separate Development Server for Testing and Debugging Apps
It sounds like common sense to test applications on a stand-alone web server, but most companies allow
developers to tweak code and, in many cases, allow developing new applications on a production server.
o Audit Website activity and store logs in a secure location
It is certain that every professional knows how important server activity logs are. The audit trails help you
to discern the attacks, and you can react in an efficient manner. These trails will also help you to troubleshoot
many problems.
• Set Clear Administrator Privileges
• Secure Your Private Network.
• Secure Endpoints by Configuring Demilitarized Zone (DMZ).
• Monitor the Network.
• Maintain Firewalls.
• Establish Intrusion Detection and Prevention Systems.
• Protect Remote Access.
• Isolate Guest Wireless Local Area Network (WLAN).
• Use Encryption Programs. Define and Practice Continuity Plans/Disaster Recovery.
• Set Clear Administrator Privileges. An important first step in providing
security for your network is to establish and enforce administrator privileges, managing
who has authorization to install software and change system configuration settings.
• Secure Your Private Network. Many intranet or private networks consist of multiple
local area networks (LANs) designed to connect your computers to resources, such as
printers, servers and other applications.
ii) Secure Endpoints by Configuring Demilitarized Zone (DMZ). In network security,
endpoint security refers to protection of the private network where it intersects with
public network. The common devices used at these endpoints to connect to the public
network include mail servers to send and receive emails, web servers to host websites,
and proxy servers to handle requests from clients seeking resources. A common security
configuration to protect these endpoints is a Demilitarized Zone (DMZ). A DMZ is a
computer network with firewalls and other prevention systems inserted as a "neutral zone"
between a company's private network and the outside public network. All incoming and
outgoing communications pass through the firewall and intrusion detection and
prevention systems prior to entering the private network.
✓ Monitor the Network. You and your cyber security providers should implement network
logging and monitoring strategies. These allow companies to monitor unauthorized data
transfers and unauthorized attempts to access your private network. Detection systems
should provide responsible parties with appropriate alerts and scheduled reports.
✓ Maintain Firewalls. Firewalls are a fundamental network security solution. They are
used to permit only appropriate traffic to enter and leave the private computer network. In
addition to using firewalls to protect your private network from the Internet, firewalls
installed within your private network can be used to segment the network into unique
security domains supporting enhanced layers of defense.
✓ Establish Intrusion Detection and Prevention Systems. Intrusion detection systems
(IDS) and intrusion prevention systems (IPS) can work together with firewalls to analyze
traffic to determine if it is legitimate. An IDS product will provide alerts on invalid
traffic, while an IPS will block the traffic.
Protect Remote Access. If your employees are allowed access to your private network from
remote networks, this access should only be through a firewall that protects your private network.
Another option is to utilize a Virtual Private Network (VPN) that uses encryption and multi-
factor authentication to provide greater security.
Isolate Guest Wireless Local Area Network (WLAN). If your company operates a wireless
local area network (WLAN) for the use of customers, guests and visitors, it is important that it is
kept separate from the main company network.
Use Encryption Programs. When used properly, encryption technologies can virtually prevent
files, directories, or disks from falling into unauthorized hands.
Define and Practice Continuity Plans/Disaster Recovery. Once you have completed mapping
and securing your network, assess any critical equipment or systems and evaluate the potential
business impact if they should fail or are breached.
If you want a high security, then make sure that your logs are at a device, which is virtually and physically
secure. You can use digital ways like the encryption with digital signatures, which will prevent any scam
modification.
Education of developers on sound security coding practices
Many developers who work for software corporations and develop many types of software usually forget that
information security is a pre-requisite for business success.
It is the responsibility of companies to educate the developers on critical issues regarding web server safety.
The organizations should educate the developers about the security mechanisms and make sure they aren’t
circumventing those mechanisms.
They should also be educated about overflow attacks and process isolation, which will result in the web
server security in the longer run.
Patching Your Operating System and Web Server
It is such a simple thing and entails common sense that most administrators even forget it because they are
burdened with other heavy tasks.
Software vendors often release patches for security vulnerabilities, and the administrators should patch their
web servers with the latest security fixes. If someone finds a flaw in your web server, he is surely going to
exploit it.
Use of Application Scanners
Application scanners are also best to secure your web server from security vulnerabilities because tools like
Watchfire, SUCURI ensure that no exploitable code slips through the crack into the production
environment.
It all depends if you can afford application scanners which can validate your internally developed codes.
Securing File and Print Servers
The file server role stores data for network users, and provides access to users for files stored on the file
server. File servers enable users to store files in a centralized location and share files with another user. The
print server role provides network printing capabilities for the network. Through the print server role, you can
configure a server to manage printing functions on the network. The print server is the computer where the
print drivers are located that manage printing between printers and client computers. The print servers also
manage communication between the printers and the client computers.
With Windows Server 2003, securing file and print servers are simpler than it was with the prior
Windows operating systems because Internet Information Services (IIS) is no longer installed on computers,
by default.
Both file servers and print servers need you to implement security measures to protect these servers:
 Set the appropriate permissions on files and folders.
 Use antivirus software
 Perform regular backups.
 If necessary, implement an encryption solution.
 Protect print servers from being used inappropriately. Securing File and Print Servers
Basic Security Measures for Securing File and Print Servers
Basic security measures for securing file and print servers are listed here:
 Physically secure your file and print servers.
 The NTFS file system should be utilized to protect data on the system volume, You should though
implement the NTFS file system on all system volumes.
 Apply and maintain a strong virus protection solution, Software patches should be keptup to date.
 If applicable, programs should only be allowed to be installed when they have trusted sources.
 All unnecessary services and applications not being used on your file and print servers should be
deleted.
 Users should only be configured with those permissions which they need to access and use files and
folders, and perform printing.
 Enforce the usage of strong passwords through Password Policy security settings.
 Secure the following well-known accounts: Administrator account, Guest account. A few
security features of File server are:
 With Windows Server 2003, the triple-DES (3DES) encryption algorithm can be utilized to further
enhance the security of EFS.
 EFS can encrypt and decrypt files on a remote computer.
 Files that are encrypted can be stored in Web folders.
 Offline files can also be encrypted by EFS. You should encrypt offline files to ensure protection
for locally stored documents.
 All temporary files in a folder that is encrypted are encrypted as well.
 You can back up encrypted files.
 You can use Server Message Block (SMB) signing to ensure that files are securely transmitted
and received over the network.
 You can also use IPSec to encrypt data as it moves over the network.
How to implement Security policy in Windows Registry:
You can strengthen security by replacing the DESX algorithm that EFS utilizes with the stronger 3DES
algorithm. You can use the system cryptography Group Policy setting to enable 3DES for encryption for IP
Security and EFS. You can however change the appropriate registry setting in the
HKEY_LOCAL_MACHINE / SOFTWARE/ MicrosoftWindowsNT/ CurrentVersion/ EFS key through the
Registry Editor to enable 3DES for encryption for EFS only.
Implementing Security for the Print Server Role

A few measures of implementing security for the print server role are listed here:
When deciding on a print server, consider implementing a print server cluster if your enterprise needs
exceptional reliability and performance when it comes to printing. For physical security, printers which are
used for printing of confidential data should be placed in secure locations. Access to these printers should be
limited to only those individuals authorized to view the confidential data.
IPSec can be used to secure data as it being transmitted over the network to your printers. Configure the
appropriate print permissions. Print permissions are used to manage printing and specify those users which
are allowed to print to the printer.

Computer Security Module@2022 - 23

Uploaded by

Copyright:

Available Formats

Computer Security Module@2022 - 23

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Computer Security Module@2022 - 23

Uploaded by

Copyright:

Available Formats

AMBO UNIVERISTY

Hachalu Hundessa Campus

Computer Security Module Prepared

Ambo , Oromia, Ethiopia

 Loss or corruption of system data

Man in the middle Attack

Integrity is the assurance that the information is trustworthy and accurate.

Security Policy and Mechanism

symmetric key cryptography

7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message

The steps illustrates the P-K process

3. Let Ф (n) = (p-1) (q-1)

4. Choose a small number, e coprime to m.

e = 2 Æ GCD (2,108) = 2 (No !)

✓ This is equivalent to finding d which satisfies de = 1 +k (Ф (n)), Where k is

✓ This message must be a number less than the smaller of p and q.

Features of Hash Functions

Nonmalicious Program flaws:

CONTROLS AGAINST PROGRAM THREATS

Allows to create new tables in the database.

CREATE_EXTERNAL_ROUTINE: Allows to create a procedure to be used by applications and the

What is an Application Firewall?

o Application Level Gateway

• Also called as proxy server.

Benefits of intrusion detection:

Implementing Security for the Print Server Role

You might also like