Week 2: Introduction - M199205zn/IAS-CS4 GitHub Wiki

Foundations to Information Assurance and Security

Core Principles of Information Assurance and Security

  1. Confidentiality

    • Protect sensitive information from being accessed by unauthorized individuals.
    • Methods:
      • Encryption (e.g., AES, RSA)
      • Access Control Lists (ACLs)
      • Multi-Factor Authentication (MFA)
    • Example: Using a Virtual Private Network (VPN) to protect online activities and sensitive communications from eavesdropping.

  2. Integrity

    • Ensure the information remains accurate, complete, and trustworthy, and is not altered by unauthorized entities.
    • Methods:
      • Checksums and hashing algorithms (e.g., SHA-256)
      • Digital signatures
      • Version control systems
    • Example: A banking system verifies the integrity of a transaction record using a hash value.

  3. Availability

    • Ensure data and resources are available to authorized users when needed.
    • Methods:
      • Redundant systems
      • Load balancing
      • Regular backups and disaster recovery plans
    • Example: An e-commerce website maintains high availability using a Content Delivery Network (CDN) to handle heavy traffic.

  4. Authentication

    • Verify the identity of users or systems attempting to access resources.
    • Methods:
      • Passwords
      • Biometrics (e.g., fingerprint, facial recognition)
      • Public Key Infrastructure (PKI)
    • Example: Logging into an online banking platform using facial recognition.

  5. Non-repudiation

    • Ensure that actions or transactions cannot be denied after they have been performed.
    • Methods:
      • Digital signatures
      • Audit logs
    • Example: A customer digitally signs a contract, and the signature is stored for legal evidence.

Key Domains of Information Assurance and Security

  1. Risk Management:

    • Identifying, assessing, and mitigating risks to information systems.
    • Example: Conducting a risk assessment for an organization's database to identify vulnerabilities.

  2. Security Policies and Procedures:

    • Developing frameworks to guide employees and technical teams in implementing security.
    • Example: Creating a company-wide password policy requiring 12-character passwords.

  3. Incident Response and Recovery:

    • Preparing for, detecting, and responding to security incidents.
    • Example: Establishing a response team to handle ransomware attacks.

  4. Physical Security:

    • Protecting the physical components of information systems (servers, networks, etc.).
    • Example: Securing server rooms with biometric locks and surveillance cameras.

Common Threats to IAS

  1. Malware: Viruses, worms, ransomware, and spyware that compromise systems.

    • Example: Ransomware encrypts critical data and demands payment for decryption.

  2. Phishing Attacks: Fraudulent emails or messages designed to steal sensitive data.

    • Example: An email pretending to be from a bank asking for login credentials.

  3. Denial-of-Service (DoS) Attacks: Overloading a network or system to make it unavailable.

    • Example: A hacker floods a website with traffic, causing it to crash.

  4. Insider Threats: Employees or contractors with malicious intent or negligent behavior.

    • Example: An employee unintentionally exposes sensitive data by clicking on a phishing link.

Emerging Trends in IAS

  1. Artificial Intelligence (AI) in Security: AI-powered tools for threat detection and automated response.

    • Example: AI-based intrusion detection systems analyze network traffic patterns in real time.

  2. Zero Trust Security Model: Assuming that no entity is trustworthy until proven otherwise.

    • Example: Implementing strict access controls, even for internal users.

  3. Cloud Security: Securing data and applications hosted in cloud environments.

    • Example: Encrypting data stored in a cloud database.

  4. Post-Quantum Cryptography: Preparing for threats posed by quantum computers to current encryption standards.

    • Example: Researching quantum-resistant algorithms like lattice-based cryptography.

Overview of Computer, Network, and Internet Security

1. Computer Security

Computer security focuses on protecting individual devices (e.g., desktops, laptops, servers) from malware, unauthorized access, and data breaches.

Key Elements:

  • Antivirus Software: Detects and removes malicious programs.
    • Example: Windows Defender protects against viruses and spyware.
  • Firewalls: Blocks unauthorized access to a computer system.
    • Example: Host-based firewalls like Norton or McAfee.
  • User Authentication: Ensures that only authorized users can access the computer.
    • Example: Biometrics (fingerprint scanners) or passwords.

Real-World Example:

  • A personal laptop is secured with a firewall, password-protected login, and antivirus software to prevent phishing attacks or malware installation.

2. Network Security

Network security protects the integrity and usability of a network and its data. It involves securing communication pathways (e.g., LAN, WAN) from unauthorized access or disruptions.

Key Elements:

  • Firewalls: Filter incoming and outgoing network traffic.
    • Example: Cisco ASA Firewall for enterprise networks.
  • Intrusion Detection and Prevention Systems (IDPS): Monitor network traffic for suspicious activities.
    • Example: Snort, an open-source IDPS.
  • Virtual Private Networks (VPNs): Encrypt connections between devices and networks.
    • Example: Employees using a VPN to securely access their company's network remotely.
  • Access Control: Ensures that only authorized devices or users can connect.
    • Example: Using MAC address filtering on a Wi-Fi router.

Real-World Example:

  • A corporate network implements firewalls and VPNs to prevent external attackers from accessing internal systems, ensuring employees can securely collaborate from remote locations.

3. Internet Security

Internet security focuses on protecting users and systems from online threats during web-based activities, such as browsing, email communication, and online transactions.

Key Elements:

  • HTTPS Encryption: Ensures secure communication between browsers and websites.
    • Example: Websites with HTTPS encrypt data like credit card information.
  • Secure Email Protocols: Protect email communications.
    • Example: Secure protocols like SMTP with STARTTLS and encrypted email services like ProtonMail.
  • Anti-Phishing Tools: Identify and block fraudulent websites.
    • Example: Google Chrome's built-in anti-phishing tool alerts users of suspicious websites.
  • Secure Browsers: Browsers with strong privacy and security features.
    • Example: Firefox or Brave for secure web browsing.

Real-World Example:

  • An e-commerce website uses HTTPS, ensuring that customer payment details are securely transmitted and cannot be intercepted by attackers.

4. Types of Threats Across These Domains

  1. Malware (Viruses, Worms, Ransomware):

    • Software designed to disrupt, damage, or gain unauthorized access to a system.
    • Example: WannaCry ransomware encrypted files and demanded payment in Bitcoin.

  2. Phishing Attacks:

    • Fraudulent emails or websites designed to steal sensitive information.
    • Example: A fake email posing as a bank asks users to reset their passwords.

  3. Denial-of-Service (DoS) Attacks:

    • Overloading a network or server to make it unavailable.
    • Example: An attacker floods a website with traffic, causing it to crash.

  4. Man-in-the-Middle (MITM) Attacks:

    • Intercepting and altering communication between two parties.
    • Example: An attacker eavesdrops on data transmission in an unsecured Wi-Fi network.

  5. Zero-Day Exploits:

    • Exploiting unknown vulnerabilities in software.
    • Example: A hacker uses a zero-day vulnerability in a web browser to install spyware.

5. Best Practices for Securing Computers, Networks, and the Internet

  1. Implement Layered Security: Use multiple security measures like firewalls, antivirus software, and encryption for comprehensive protection.

    • Example: A business uses endpoint security for devices and network-level firewalls.

  2. Regular Updates: Keep systems and software up to date to patch vulnerabilities.

    • Example: Updating operating systems and installing the latest firmware for routers.

  3. Educate Users: Train employees and users about common threats like phishing and social engineering.

    • Example: Conducting cybersecurity awareness workshops.

  4. Data Backup and Recovery Plans: Ensure data can be restored in case of an attack.

    • Example: A cloud backup system stores sensitive files securely.

  5. Use Strong Authentication: Implement multi-factor authentication (MFA) wherever possible.

    • Example: Requiring a password and a one-time code sent to a mobile device.

Importance of Cryptography and Its Basic Concepts

Introduction:
Cryptography is the science of securing communication and information from unauthorized access by converting data into a coded format. Its primary goal is to ensure the confidentiality, integrity, authentication, and non-repudiation of information. Cryptography is an essential foundation of modern cybersecurity and is applied in numerous domains, from online banking to email communication and secure messaging.

Why Cryptography Is Important

  1. Ensures Confidentiality:

    • Cryptography protects sensitive data from unauthorized access.
    • Example: When you send an email over a secure platform like Gmail, encryption ensures that only the intended recipient can read its content.

  2. Maintains Data Integrity:

    • Ensures that data is not tampered with during transmission.
    • Example: A digital signature ensures that a document remains unchanged during its journey from sender to receiver.

  3. Supports Authentication:

    • Verifies the identity of users and systems.
    • Example: Password hashing ensures the authenticity of user logins without exposing the actual password.

  4. Enables Non-Repudiation:

    • Prevents entities from denying actions or transactions they performed.
    • Example: When a contract is signed digitally, the signature acts as proof that the signer cannot deny having signed the document.

  5. Protects Privacy:

    • Ensures individuals' personal information and communications remain confidential.
    • Example: End-to-end encrypted messaging apps like WhatsApp protect conversations from third-party access.

  6. Secures Online Transactions:

    • Enables secure online transactions, including banking, shopping, and cryptocurrency.
    • Example: HTTPS ensures secure communication during online shopping.

Basic Concepts of Cryptography

1. Plaintext and Ciphertext

  • Plaintext: The original, readable form of data.
  • Ciphertext: The encrypted, unreadable form of data after applying a cryptographic algorithm.
  • Example:
    • Plaintext: "Hello, World!"
    • Ciphertext: "Khoor, Zruog!" (using a Caesar cipher with a shift of 3)

2. Encryption and Decryption

  • Encryption: The process of converting plaintext into ciphertext to prevent unauthorized access.
  • Decryption: The process of converting ciphertext back into plaintext using a key.
  • Types of Encryption:
    • Symmetric Encryption: The same key is used for encryption and decryption.
      • Example: Advanced Encryption Standard (AES).
    • Asymmetric Encryption: Different keys are used for encryption (public key) and decryption (private key).
      • Example: RSA.

3. Cryptographic Keys

  • Keys are the values used in cryptographic algorithms to encrypt and decrypt data.
  • Key length determines the strength of encryption.
    • Example: A 256-bit AES key is stronger than a 128-bit key.
  • Key Types:
    • Public and private keys (asymmetric encryption).
    • Shared secret keys (symmetric encryption).

4. Hashing

  • Hashing is a one-way process that converts data into a fixed-length string (hash) regardless of the input size.
  • Hashing ensures data integrity by detecting any changes to the original data.
  • Example:
    • Input: "password123"
    • Hash: "ef92b778ba598f8bd428a6f63f9a87e9"
  • Popular algorithms: MD5, SHA-256.

5. Digital Signatures

  • A cryptographic mechanism that provides authentication and non-repudiation.
  • A sender signs a document using their private key, and the receiver verifies it using the sender’s public key.
  • Example: Signing legal documents electronically with tools like DocuSign.

6. Certificates and PKI (Public Key Infrastructure)

  • Certificates: Digital certificates verify the ownership of a public key, issued by a trusted Certificate Authority (CA).
    • Example: SSL/TLS certificates for secure websites.
  • PKI: A framework for managing digital keys and certificates.

Applications of Cryptography

  1. E-Commerce:

    • Ensures secure payment processing using protocols like TLS/SSL.
    • Example: Credit card details are encrypted during online purchases.

  2. Secure Communication:

    • Protects emails, instant messaging, and video calls.
    • Example: Signal and WhatsApp use end-to-end encryption.

  3. Data Protection in Cloud:

    • Ensures sensitive data stored in the cloud is encrypted.
    • Example: Cloud providers like AWS and Google Cloud encrypt data-at-rest and in-transit.

  4. Blockchain and Cryptocurrencies:

    • Cryptography secures transactions and ensures the integrity of blockchain systems.
    • Example: Bitcoin uses cryptographic hashing for mining and transactions.

  5. Digital Identity:

    • Ensures secure user authentication.
    • Example: Using biometrics for authentication, with data encrypted for privacy.

Cryptographic Algorithms

  1. Symmetric Algorithms:

    • DES, AES, Blowfish.
    • Used for fast encryption, ideal for large data volumes.

  2. Asymmetric Algorithms:

    • RSA, ECC (Elliptic Curve Cryptography).
    • Used for secure key exchange and digital signatures.

  3. Hashing Algorithms:

    • MD5, SHA-1, SHA-256.
    • Used for data integrity and digital fingerprints.