 introduce some concepts and talk about what we mean about computer security and network security because we're going to focus this topic more on network security and we'll try and explain the difference. What is security? Here's a definition of computer security. The protection afforded to an automated information system in order to attain the applicable objectives in preserving integrity, availability and confidentiality of information system resources. So here's one definition coming from the National Institute of Standards, NIST, an organization in the US that among other things creates a lot of standards about security protocols and techniques and their view of what they mean by computer security. So an automated information system think of a computer system whether it's one computer or many computers connected together, some computer system, we want to protect it to achieve some objectives and the objectives are preserving integrity, availability and confidentiality of some resources. So protect our system to make sure well we preserve integrity, availability and confidentiality. We need to define those three objectives and we'll do that on the next slide, talk about what they mean. Here's another definition actually from the textbook by Stolings about network security. Measures to deter, prevent, detect, correct security violations that involve the transmission of information. So network security is about when we sending information across some network, some computer network. Computer security is more general. Computer security includes network security but computer security also includes the security of the actual PC or computer itself. So we can have computer security issues without having a network at all. I need my own laptop, I need to protect the files on it, I may want to encrypt the issues of computer security but not network security. Network security is when we want to send data between two computers or between many computers. So we're going to focus in this course mainly on network security. So some aspects of computer security will skip over, will not cover. And what's the main network that we use every day, the internet. So sometimes referred to as internet security. But the first definition mentioned these three things, confidentiality, integrity and availability. CIA, the triad of CIA as some people refers to it. The most important objectives in securing a system. We'll see some definitions a little bit later of those three again but confidentiality, keeping things secret, keeping information secret. A common objective is if I send information from one computer to another and that information is authorized for use only by that other computer or the user of that other computer, I don't want someone else as I send it across the network to be able to intercept and read that information. I want to keep that information confidential. So that's the idea of confidentiality. Keep information private or secret or confidential. Integrity is making sure the information is not changed. So it's related to confidentiality. But we also want to make sure if I send information from one computer to another, then the information received by the destination computer is exactly the same as what was sent by the source computer. It would be bad if I have an email message and I'm sending an email to someone. What's an example? I'm sending an email to the secretary saying, change this student's grade from A to B. No, that's a bad example. Change this student's grade from B to C. I made a mistake with marking so I send an email to the secretary saying this student needs their grade change from B to C. But one of the students and that one that the email is about somehow intercepts a message on the network and modifies the message and changes the message to say change the grade from B to A. It's received by the secretary. The secretary thinks it came from me. It did originally, but it's been modified along the way. That's what we don't want. Integrity is about not allowing that to happen. Maintain the integrity of the data. That's a common requirement or objective of security. And availability is the other common objective of security. We have a network and we have a computer system which has normal users. We want to make sure that network and computer system is available to those normal users. It would be bad if that network becomes unavailable due to some malicious actions. So an example is a web server. Web server is part of our network or an entity in our network. It has the role of, say, the Amazon web server. It's spread across many web servers. But think of Amazon, the company, they sell many things via their web server. They make billions of dollars by people going to their website and ordering products. What if the Amazon web server was not available for 24 hours? Something happened. There was an attack on the web server which meant it was down. Well, I'm sure the company Amazon would lose millions of dollars in lost sales if the web server was down for a day. If no one could access Amazon for a day, then that would be a financial loss to the company. So some security attacks try to make the service unavailable. Availability is the objective, okay, our system must be available to the intended users. We shouldn't allow it to become unavailable. Another three key objectives of securing networks. Some related ones or other ones which also considered important. This is one of the earlier concepts that people arrived at these three, but they later added talking about authenticity. Make sure that the data you receive is authentic. It's genuine. It's coming from a genuine user. It's not coming from someone who's pretending to be someone else. And accountability. Make sure that if something goes wrong, we can track what went wrong and make someone accountable for what went wrong. For example, a student breaks into the ICT server and gets all the answers to the quizzes for this course. So you can do the quizzes on Moodle and get 100% all the time. Okay, if that happens, what I would like to be able to do is to detect that it happened and even better trace back to which student did it. And then I can take action on that student outside of the network. I can take other action like give them some penalty. So accountability is the ability to detect things going wrong, keep traces and logs of what happens so that later on you can respond and take action if things do go wrong in a network. So some of the objectives of securing computer systems and computer networks. What happens if something does go wrong? What if we have a security breach? How does it impact upon the users or an organization? There are different classifications to look at, okay, when we're planning the security for our organization, we'd like to predict in advance what if this goes wrong? What are the consequences? Here are some of the most common impacts of security breaches. The effectiveness of primary operations are reduced. That means if you think of an organization, a company, a university, SIT, what happens if someone breaks the security of our network, of our databases, of our servers? Well, one thing that can go wrong is that we have to spend a lot of time fixing and we waste time fixing what went wrong as opposed to providing the normal service to students and others. That is, the organization does not work as well if things go wrong. A simple example, I create an exam for this course. I store it on my office computer before the exam, before you take the midterm exam. I create it a week before and I've prepared it, it's stored on my office computer. What happens if a student accesses that exam one week before the time for the exam? If I detect that, what happens? Well, it means I have to recreate the exam. I must rewrite the exam because I know if some students got the exam, most likely every student will have the answers by the time you sit the exam. That reduces my effectiveness. That is, I have to now rewrite the exam, wasting my time rewriting a second exam. I can spend less time doing other things that I should be doing. So the effectiveness of my operations are reduced in that case. Other impacts may be a financial loss. We lose money. The example for Amazon, if the Amazon web server goes down for a day because of some attack on the Amazon web server, the company will lose money. So that's a potential breach, a potential impact. Damage to assets, damage to hardware, damage to software. For example, someone gets access to the source code of Microsoft Windows. They break into the Microsoft network and get access to the original source code. And they make changes to the source code without people detecting. So we can think that that's going to potentially damage the software product that's produced. You can have damage to computer hardware. And the example I was recent is the Stuxnet worm. It was a worm one or two years ago, which was distributed by usually by USB keys. And it was a worm. And we talk about worms in one of our topics. Actually, no, I've removed that course. We may mention it. I've removed the topic. But some malicious software such that it was carried on a USB key. And when people plugged it into the computer, it distributed onto the network. And the target of this malicious software was the, I think, the centrifuges in a nuclear power reactor. And people think the target was one in Iran, where this malicious software made the hardware, the centrifuge operate in an abnormal way. For example, make it go fast, faster than it should go. And which caused the hardware to break down, which had the effect of then they cannot process the material that they wanted to process. So that was a case of a soft malicious software, which is part of a security attack that damaged some assets, in this case, hardware assets. You've seen on movies or TV shows, maybe, that people can break into the heart monitors and the heart rate controllers that people wear. And in theory, if you could attack that and make it do something that it's not supposed to do, you could have an impact on someone and harm individuals. So the impacts of security breaches may be very small. I have to rewrite an exam to be very serious. Financial human loss of life and damage to assets. There are different approaches from an organisation's perspective to think, okay, in advance, what are the potential breaches that can occur? What are the likely impacts? And to give some ratings to look at, well, what actions should I take to make sure those impacts are minimised? And there are some standards that we won't go through that talk about that. We need to treat security importantly. We need to consider it carefully, because the impacts may be large. Let's look at a view of or a perspective of network security and the components of securing computer networks. And this perspective comes from ITU, the International Telecommunications Union. They create standards about telecommunications including securing computer networks. We don't care so much about that they created it and how the standard is. There's some document that describes security aspects from their perspective. We're going to use the notation and terminology that they introduce to talk about what we require for computer security. And the main things that they introduce that we'll use is that they talk about security aspects, attacks, mechanisms and services. So we'll define those three over the next few slides. Different types of security attacks, mechanisms and services. And some terminology we'll use as we'll talk about a threat and an attack. We have some desire for operating our organisation network or computer system in some way and we usually define some policy that we'd like. For example, a policy should be no student can access the exam on my computer. That's obvious, a simple policy from my perspective of who can access that information. A threat is a potential violation of some security policy. So my policy or my aim, no student can access the exam on my computer. There are some threats. One threat is that a student walks into my office and takes my computer and then they can access the exam. Another threat potentially is that they can get remote access over a network to my computer. So there are multiple threats that are potential violations of my policy in that case. An attack is an assault on a system that comes from a threat. In simple terms an attack is a threat carried out. So the threat is that someone takes my computer and reads the exam. Well an attack would be if someone actually comes and grabs my computer and reads the exam. So an attack is an actual implementation of a threat. Who performs attacks? I'm not sure if there's a slide about this maybe later but some terminology for what do we call someone who performs an attack. Sometimes we'll talk about an attacker, maybe a malicious user. An adversary is another word used. Sometimes you'll hear a hacker. Someone hacks into the network. I'll usually use malicious user or an attacker. But when we talk about all the techniques through this course, when we talk about the attacker or malicious user, they don't necessarily have to be a bad person. Sometimes the attack may be coming from someone who's doing something good or something legal. Law enforcement agencies may use legal techniques to intercept other people's messages and read other people's messages. From the perspective of the security technique, they are the attacker or malicious user. But they may be doing something good or legal. So when I say malicious user, I don't always mean someone who's bad. Often the case. Let's look at these three aspects. What is a security attack mechanism and service? An attack. An action that attempts to compromise the security of information or facilities. Information or facilities. So information, data, facilities, think of hardware or software or even communication lines. Compromise them to get access to information that they shouldn't be allowed to modify information to make the system unavailable, for example. A threat is a potential violation of security. An attack is an actual violation. We usually analyze the threats. Look at what are the possible threats and try and implement measures so that the attacks cannot occur. Or successful attacks cannot occur. A security mechanism is a method for preventing, detecting or recovering from an attack. I'd like to prevent attacks. So if I know of some threat, I would apply some mechanism to prevent an attack from being successful. I know the threat for someone accessing the exam on my computer. One threat is that they take the laptop and then just read the file from my computer. Or what mechanism could I use in that case? To prevent that attack, what could I use? Sorry? Guessing for the laptop. Yeah, okay, all right. Physical locks on the laptop. What else? Yep, correct. I can't secure my computer all the time physically. What else could I do such that even if someone steals my laptop, they cannot read the exam on my laptop. Encrypted. Password I hear. Okay, some some basic techniques and we'll through this course we'll look at how effective they may be but okay, if I have a password to log into my laptop such that if I leave it for five minutes I need to type the password again then that may provide some primitive protection. We may see how effective it is later. Or I could make sure the file is encrypted so that to unencrypt, to decrypt, I need again some password or special key to read it. More generally, encrypt the hard disk even if someone can steal my hard disk, access the computer, log into the computer, they still need some password to decrypt the hard disk. So there may be ways to prevent or to they may be mechanisms. There's a threat and we can apply mechanisms to try and prevent an attack but sometimes we cannot prevent an attack. So the next best thing is try and detect if an attack has or is occurring. Maybe hard on the laptop but in some other cases we can detect that something, some attack is occurring and if we can detect either we can quickly try and respond or we can take other means to try and recover. Again, if I detect, if I could detect that if someone got hold of the exam if I could trace it back to you then that acts as a good deterrence from you trying to access the exam because if you know it's very easy to steal my laptop but if you steal a laptop and read the exam if you knew I could trace that back to you as an individual then unlikely you're going to do through that. I know no one's going to steal my laptop anyway but if we had a malicious user the active or the deterrence is also a good mechanism because if I can trace back to you I can take other action. So there are different mechanisms for doing this for detecting, preventing, recovering and in fact this course is about those mechanisms. We'll look at those mechanisms in this course. Security service, we use the mechanisms to improve or enhance the security of our information and facilities so we stop attacks. We can think of the services as some requirements what we'd like to achieve. So the next few slides go through services, attacks then services. Let's go through attacks first. Now my example of the laptop is maybe not the best one for this course because we're going to focus on network communication so we're not going to deal with okay what if someone steals my laptop but we're going to deal with the cases or what if I send the exam in an email to the secretary to print can someone need to set up across the network and steal the exam that way. Let's look at security attacks and classify them. First classification of security attacks on networks are passive and active. A passive attack makes use of some information to perform the attack but it doesn't affect the system resources so the system consists of the users, the computers and the network. A passive attack doesn't modify how the system operates it just observes but still performs an attack. All right we'll define active and then we'll compare them in a moment. An active attack somehow modifies or alters how the system works the resources or operations. Let's come back and talk about them after we go through some specific instances so with passive attack there are two types we'll talk about releasing the message contents and traffic analysis and then with active four types so I'm going to go through those six specific attacks and then we'll come back and explain again what we mean by passive and active it'll become clearer and we'll compare them. So now let's go through six attacks and these nice pictures from the textbook I'm going to use to illustrate. So we have a communications network with some users. This picture shows okay as the blue cloud is the network whether it's some link or it's the entire internet but some network that users use to communicate with each other and in this example we have Alice and Bob to normal users of the network. They're not malicious they're just normal users and Bob sends information to Alice that's the normal operation he sends emails or messages to Alice. For example Bob and Alice work in the same company and Bob is sending some secrets of the company to Alice some secret designs of their new product that they're going to build and sell okay. Now an attack where we release the message contents is one of the most obvious ones and one that most people think about when we talk about cryptography is that we have some malicious user Darth in this example that somehow as Bob sends messages to Alice's gets that message and is able to read the contents of that message. So we show it as the message going to Alice and also going to Darth and Darth can read the contents of the message if the message is some secret designs of their up and coming product and if Darth is a competitor then he can go and build the product and sell it first. So this is the case of an attack where we release the message contents same as if I send the exam to the secretary to print I'm Bob Alice is the secretary and some student intercepts somehow on the network and reads the exam then that's an attack that releases the message contents okay. This is the case where we'd like to keep that message confidential note that and let's try and explain an active and passive this is an example of a passive attack imagine there's no attack Darth is not there then what happens Bob has a message and sends it across the network to Alice that is Bob sends one message Alice receives that same message that identical message if there was no attack in that case now we introduce the attack Bob sends the same message Alice receives that message but with the attack Darth also receives the message but from the perspective of Bob and Alice nothing has changed whether there's an attack or no attack from the normal user's perspective from the system's perspective nothing's changed and that's why it's called a passive attack nothing has been altered from the normal system operation but still an attack has occurred here's another passive attack traffic analysis Bob sends messages to Alice in the normal operation in this attack while Bob is sending messages to Alice Darth the malicious user somehow intercepts those messages may not be able to read the contents of those messages but can make some conclusions based upon observing the messages being sent the time when they're sent the frequency that they're sent for example so by analyzing the messages being sent by analyzing the traffic on the network the attacker the malicious user may be able to make some conclusions which they couldn't make without analyzing that an example uh Bob is let's see Bob is a known terrorist okay law enforcement agency know that Bob is some terrorist there's done some done some illegal things in the past and they're monitoring what Bob is sending and it turns out they also know Alice is at some potential terrorist and the malicious user Darth here is the law enforcement agency that monitors how these two entities are communicating and by monitoring as to how many messages are sent at what time of day from what computer addresses they're being sent from they may be able to make observations about what potentially may happen for example they see that over a period of one month there are no messages and then on one day there's a lot of messages from Bob to Alice and they make the conclusion or they infer that that may mean that some attack is about to occur so by analyzing the frequency of communication the malicious user can make some observations even without seeing the contents of the messages even if they cannot see what's inside the messages just seeing that there are messages sent can be an attack and I think most of you heard about Snowden and the NSA and what's happening with the the revelation the NSA are monitoring many U.S. citizens well there was revealed that they are monitoring not the actual phone calls not the contents of what people are saying on the phones but just monitoring who you're calling and when you're calling so that would be considered a traffic analysis attack to be able to make observations not based on the contents of the message but just on who the messages are going to and how often when they're going to people is some form of an attack it's still a passive attack with no attack Bob sends messages to Alice with the attack from Bob analysis perspective nothing changes so the system resources have not been modified go back to the first one how do we protect protect what's a security mechanism to stop the release of message contents what's a mechanism we can use I send the exam to the secretary across the Wi-Fi network in SIT I want her to print it how can I stop someone from receiving the message and reading the exam contents what's a mechanism we can use I'm sure you know of something you've probably used it in many cases anyone I could encrypt the message encrypt the file what I do is I take the exam file I encrypt it using some software and I don't send the original exam file I send the encrypted form of that exam across the network from Bob to Alice it's encrypted and what happens even though the malicious user may receive that message the encrypt encryption should be done such that without having some special secret a key or a password if you receive the message you cannot get the original contents back so even though the malicious user receives the message they cannot see the contents of the message so encryption is a common mechanism used to prevent such attacks and a lot of this course we'll talk about well what is encryption and and what are the algorithms that can be used for encryption what about traffic analysis how do I stop some malicious user from analyzing the patterns of communications between Bob and Alice does encryption help encryption doesn't help in this case because Darth is not care does not care necessarily about the contents of the messages even if they're encrypted he still sees that Bob is sending messages to Alice still knows the time of day how often how could I stop that attack stop someone from analyzing the traffic any ideas send send some fake messages change the pattern of communication so let's say normally Bob sends was is going to send three messages to Alice one every minute then and from that pattern of one every minute Darth makes some observations then what Bob can do is change the pattern in which they communicate by sending some fake messages in there sending at different times at different frequencies so by changing the pattern you may be to hide your communication patterns not easy though okay and changing your patterns of communications is a inconvenience as well it introduces some overhead and some inconvenience for the users keep going another attack an active attack masquerade masquerade means pretend to be someone else Bob and Alice normal users Alice is the the finance officer for the organization Bob is the the CEO or the director of SIT and normally what happens is that the end of the financial year Bob sends a message to Alice saying potentially about increasing or decreasing the salary of employees and when Alice receives a message from Bob she changes the the salaries in the database well what happens in this case is Darth a malicious user pretends to be Bob sends Alice an email saying from Bob I am Bob please increase the salary of Steve by ten thousand baht okay so or salary of Darth in this case one user pretends to be another user to do something malicious how do we stop that how how can we stop some malicious user from sending messages pretending pretending to be from Bob use some kind of digital signature signature all right correct and let's step back well first we cannot stop Darth from sending messages to Alice normally okay so we cannot stop Darth from sending him to Alice what we want to do is make sure Alice can detect if it's from Bob or if it's from someone pretending to be from Bob that's what we need to do the receiver needs to be able to verify the message that they receive who did it really come from and the concept is called authentication the receiver wants to be able to authenticate who was the original source and one mechanism is using digital signatures we'll see other mechanisms in this course and that's related to this one of this famous comic on the internet nobody knows you're a dog because when someone posts something on the internet or you visit a website you don't know what's out the other end point in the internet there's no inbuilt mechanism for authenticating users so it's very hard to trust what you receive on the internet a replay attack here Bob the director or the the the boss normally no attack normally sends a message to Alice please increase the salary of Darth by ten thousand bar okay that's the typical message because Darth did some good work salary rise one month later no when that normal message was sent Darth intercepted and took a copy of that message it was from Bob it had Bob's signature one month later Darth replays that same message sends it to Alice Alice receives a message from Bob signed by Bob increase the salary of Darth by ten thousand bar so now she's received two messages saying increase the salary of Darth by ten thousand bar so it's now up twenty thousand bar okay the first month and the second month so in this case the malicious user intercepts a message a normal message and at some time later resends or replays that message to achieve some outcome so a replay attack how do we stop that same message yes replay the exact same message not modified and we need to keep track of time okay in the first message that Bob sends he dates the the message saying this is on the the 12th of November 2013 please increase the the salary by ten thousand if Darth replays that exact same message one month later Alice receives it in December but it says it's in November hopefully Alice is smart enough to realize that okay this something's gone wrong here let's take some action and of course this is just a simplistic example in network protocols we can automate those techniques and use time stamps but it's still not easy modification attack Darth intercepts a message Bob sends a message please decrease the salary of Darth by ten thousand bar that's what Bob sends to Alice but Darth intercepts changes decrease to increase and forwards are on to Alice Alice receives the message and has increased the salary so here the malicious user modifies the message along the way replay the message is not modified it's an exact copy of a previous one another one which is different than the others denial of service attack we have some web server Bob normally accesses that web server to get his job done okay he needs access to the web server every day if he can't access the server then he cannot do his normal job and we start to lose money in the company what Darth does is sends many packets a lot of data to the server to overload the server once the server is overloaded no one else can access the server including Bob and Bob has been denied service the normal user is denied access to the the server in this case so a denial of service attack the other six main classifications of attacks there are some other exceptions but these are common ones that we'll see the first two we were were classified as passive attacks and the last four active attacks active because the best way to think is if there was no attack versus if there is an attack from the normal user's perspective does something change if yes then it's an active attack if no passive so in this case if there was no attack then Bob sends nothing and the server receives nothing but with an attack Darth sends something and importantly the server receives something so something's changed from the service perspective when the attack is taking place so we consider that active similar here modification attack Bob sends message a in the normal operation and Alice would receive message a in the normal operation but with an attack Bob sends message a Darth changes that to message b and Alice receives message b so from the perspective of Alice and Bob something has changed because with no attack Alice receives message a but with an attack Alice receives message b it's changed it's an active attack and you can look at replay and masquerade and see that they active attacks as well so passive attacks don't modify the system resources the messages sent the contents of those messages an active attack does passive attacks are relatively hard to detect because they don't modify anything it's hard to detect that they're taking place but they're relatively easy to prevent by using encryption and timestamps we can see compared to the others easy to prevent those attacks active attacks harder to prevent it's harder to stop someone from sending a message you can't in fact normally but easy to detect even though i cannot stop i cannot stop Darth sending messages to Alice i can detect it using security mechanisms i can usually detect something's happening here using some of the security mechanisms will go through so six types of attacks and classification into active and passive so we said there are three aspects of security services attacks mechanisms we've gone through attacks let's look at services and different people have tried to list the main services needed in network security and itu is one organization itf is another they've given definitions of what is a security service but let's go straight to a list which is one of the most common lists there are some variations some people divide it into six services some more or less or use different names but you'll see that these are common security services in most network systems authentication so these are the things that we want to achieve in a network to prevent the attacks authentication make sure that the communicating entity is the one that it claims to be someone sends you a message you want to authenticate that message you want to make sure that the message you receive came from the person who claims to be the sender this was uh going back the masquerade attack for example what we want is a service such that Alice when she receives a message can verify that that message came from Bob or not so that if we had such a service if she receives from Darth saying it's from Bob she can verify and see uh there's something wrong here this message didn't come from Bob so authentication is this service to make sure that we can verify where did the message really come from such that a masquerade attack cannot be performed or can can be detected at least sometimes we split authentication into peer entity authentication and data origin an example peer entity is like making sure the person that sender is the the right person data origin authentication make sure the data comes from a valid origin a valid entity not necessarily carrying which one in that case access control another service it's common that we want to control who can access particular resources on our network in our computer system okay i s it has a has a network covering the the campus here we want to control who from outside in the internet can access the servers can access the wi-fi can access the data in our network so we need some access control mechanisms so the service is to prevent unauthorized use of some resource software resource hardware resource data or some communications network an example of an access control mechanism is a firewall so s it has a firewall that sits between our internal our internal network and the rest of the world and it has the role of stopping what data comes into our network and also what goes out so it controls the access to resources inside our network so that's another desired service in security systems data confidentiality this is one of the more obvious ones protect data from unauthorized disclosure okay i want to keep my data secret confidential it's a common service is i have my exam i don't want others to read it who are not authorized to read it so the service of providing confidentiality of the data data integrity make sure that the data received is the same as what was sent so i send a message the receiver should be able to confirm that what's received is exactly the same as what was sent it hasn't been modified along the way so if a modification attack is successful then it means we don't have the data integrity service maintain the integrity of the data being communicated availability skip five availability make sure the system is successful for the normal users so think of the denial of service attack one of the last attacks there the service which we usually want is to make sure the servers the data the resources in general are available to the users as they're intended and the one we skipped actually let's go back to the other five some of the others first we'll come back to five in a moment availability is the desired service an example of an attack on that service is denial of service okay if Darth can perform a denial of service attack then we haven't got the availability service modification attack is an attack on data integrity because if a modification attack is successful then the data received is not the same as what was sent masquerade is an attack on authentication we should not be able to pretend to be someone else if we can we don't have authentication service and confidentiality is an attack on releasing the message contents oh sorry the other way around releasing the message contents is an attack on confidentiality what about non repudiation non repudiation to repudiate something is to deny something so the non repudiation service is we need to have the ability such that entities cannot deny something happening and the most common things is denying that we've sent or received a message let's say a Bob sends a message to Alice Alice receives that later Bob denies that he sent the message I didn't send it that can be a problem in some cases non repudiation is about making sure that Bob can't do that making sure that if Bob sends a message to Alice then later Bob will not be able to deny that he sent that message if he could that could cause problems and same from the other end point Alice should not be able to deny that she received the message that's the feature of non repudiation the sender cannot deny that they sent the message the receiver cannot deny that they received the message we need that in a number of services financial transactions are important okay when we're buying something we'd like to be able to have some confirmation some proof that we've sent the money proof that we sent and proof that they received it such that no one can come back later and say I didn't receive it when they actually did so non repudiation is providing that service so that no one can deny something that happened these are the main things that we look for in securing computer networks we don't necessarily want all of them depending upon the goal of our network but we often want one or more of these services for my sending the exam from me to the secretary to print I want confidentiality I want to make sure that no one can intercept and read the exam and maybe I also want data integrity I want to make sure that no one can intercept and modify somehow the the exam and potentially we also want authentication that is the secretary wants to be sure that the exam she just received came from me not from some student pretending to be me okay the other services are not so important for that application but for other applications we may choose different services so these are things that we want in our computer network to implement the services we use security mechanisms we've already mentioned some we've mentioned for confidentiality use encryption maybe use some time stamps some digital signatures these are mechanisms the techniques to prevent detect and recover from attacks there's no single technique that does everything okay so we usually combine their multiple mechanisms and we use one or more to achieve some service and the most common mechanisms are built around crypto cryptography cryptographic techniques and that's what a lot of this course is about talking about what are these cryptographic techniques some examples are listed here but we'll go through these in the course encryption or encifement digital signatures excel access control firewalls authentication exchange so there are protocols for authenticating users for hiding from traffic analysis traffic padding sending extra messages notarization have some third party verify that two entities just communicated to avoid non-repudiation so we look at some of these techniques in this course and another view of those techniques the services listed and some techniques and sorry some mechanisms and which services those mechanisms are used to implement for example to provide confidentiality we normally use encifement or we'll call the encryption to avoid non or to provide non-repudiation we use digital signatures and data integrity techniques what we're going to do in this course is look at encryption and then a fair bit of time looking at digital signatures data integrity authentication some of the others will touch upon and that's our introduction to security the next topic and the next several topics are about encryption how do we encrypt data and we'll look at it from different perspectives starting with some very very simple encryption techniques simple insecure but demonstrate the concepts that's finishes for today Thursday next topic classical encryption techniques between now and Thursday I'll assume that you've browsed the website you have any questions you asked me Thursday or before next week and then we'll continue with how do we do encryption