 So what I want to do today is introduce you to what we mean by security, especially with respect to computer and network security. And this will set up for what we're going to study for the rest of the course. So mainly what you'll get from this lecture, you'll learn some new terminology, some definitions that we'll use throughout the course, and a few new concepts. So what do we mean by computer security? What do you think when you think here about computer security? When you hear the course title, security and cryptography or computer security, what do you think this course is going to be about? Passwords? Hacking? What about passwords? How to authenticate people? How to check if a person is an appropriate person to access a computer? Hashing. So I think you've heard about computer security concepts, encryption. You've heard about these terms, encryption, hashing, hacking, passwords, phishing and others. So what we want to do is to introduce some of those terms, not all of them, but to talk about the theoretical techniques that we use to provide computer security. About how do we ensure our computer systems, computer system may be your own individual computer, your phone, your laptop, your PC, but computer systems are more than just a single computer, they may be a set of computers, set of computers in an organization across the globe. How do we ensure that those systems are kept secure? And we'll see some of the techniques, our encryption, hashing, passwords and others. So what are other people mean by security? Well here are two definitions taken from some textbooks or some documents from other organizations. Computer security. The protection afforded to an automated information system. Automated information system, maybe a computer system. The protection afforded to it in order to attain the applicable objectives of, and here are the objectives, of preserving integrity, availability and confidentiality. So they are the three objectives there of information system resources. So this is saying computer security is providing or preserving three things. Integrity, availability and confidentiality of our information system resources, of our hardware resources, software resources, our data. So how do we protect that? That's what computer security is about. These three things of integrity, availability and confidentiality will come up in another slide. This is from some security handbook from the standards organization in the US. Computer security may focus on the security of an individual computer, but common nowadays we network computers. So we also care about not just security of information on that computer, but when it's transferred between computers. So network and internet security. Measures to deter, prevent, detect and correct security violations. Violations, something goes wrong that involve the transmission of information. So when we talk about network and internet security, we're not necessarily looking at stopping someone from accessing my laptop. We're looking at maybe stopping someone from reading information sent from my laptop to a server. The transmission of information and how to secure that. We will focus on the techniques that are used to provide both computer and network security and have some examples towards the end of the course about network and internet security. This last quote is from the course textbook by Stallings. William Stallings created the course textbook. If you want to get a copy you can find links to the recent edition I'm using. I think the fifth edition, there may be a sixth edition on the course website. But I think with the lecture notes that you have, you can survive without having a copy of the course textbook. So the first definition mentioned three components, three objectives. Confidentiality, integrity and availability. And they come up from other people's definitions of security as well. CIA, not the central intelligence agency but the concepts of providing confidentiality, integrity and availability. So many people when they talk about security of computer systems highlight these three objectives. So what are they? Confidentiality is keeping things secret, keeping your information secret. So that's a key objective with computer security. I store a file on my laptop that file as the exam answers for this course. I don't want students to be able to access that. I want to ensure that that information is confidential. I transmit that file to the secretary so she can print the exam. And again, I don't want students to be able to intercept that transmission through a network and be able to access that information. I want to keep that information secret. So that's a key objective of our security techniques in computer and network security, confidentiality. Integrity covers several things but integrity is making sure that the information that we access hasn't been modified. It maintains its integrity. That is, when I send a message from one point to another, I want to make sure that the message received at the destination is the same as what was sent. Nothing's been modified along the way and we'll give examples of that and what can go wrong if we don't have integrity. But also it covers integrity of the users. So make sure that it's the right person accessing the information. So we use techniques to authenticate users. So authentication or authenticity often goes with integrity of information. And availability is a slightly different one, especially with computer systems today. We want to allow multiple people to access those computer systems and they are core to how businesses operate. We want to make sure that those computer systems are available for the normal purpose. And you probably have heard of denial of service attacks, a DOS attack. The denial of service attack is about attacking the concept of availability. Our aim is to make sure our computer system is available to the normal users. A security attack may be making that computer system unavailable to the normal users. So there's three key concepts that we want to achieve with computer security. Keep our data secret. Make sure that data is not modified. Make sure that the users accessing the data are as they say they are. And make sure our computer system, our data, our resources are available to the normal users. They're not restricted. Other people will use different names for some of those or add on other concepts or objectives like authenticity and accountability. But we'll focus on those three. What goes wrong if we have a computer system and the security of that system fails? We have a breach of the security. That is we set up a computer system or a network. Someone performs an attack on our system and they compromise the system. I think you can think of many different examples of what can go wrong. Different levels of impact. If we think of an organization like a company, a university that uses computer systems for their business, what can go wrong? What are the different impacts of security breaches? The effectiveness of the operations of that organization may be reduced. That is we, in SIT, we are an educational organization. We have a computer network. We have websites, databases. If there's a security attack, then it may mean that we cannot perform at our full capabilities. That is we cannot provide a... The web server is not provided to the users 24 hours per day, for example, if there's a security attack. Or someone breaks into my laptop and that means that I have to spend some time rewriting the exam. Or no longer working at the full effectiveness in that case. That's usually an inconvenience. So that's an inconvenience to me if someone gets into my laptop and gets a copy of the exam before the exam takes place, because now I need to rewrite a new exam. So that's one impact. Another impact may be financial loss. We lose money. Because our operations are reduced, or maybe someone gets access to confidential information and that costs us money in our business. They get trade secrets that allow them to develop something in advance of us and sell a product before we can. So we can lose money because of security breaches. We may have damage to assets. Assets may be physical assets, hardware, software, data. So we may have physical damage to equipment because of a security attack. One of those, an example you may have heard of over the last two or three years, was there was an attack on the nuclear power plants in Iran where the attackers inserted some malicious software eventually into the devices that control some of the machinery and the nuclear power plants. So there's some machinery that operates and eventually they got software in there that made the machinery operate outside of its bounds. Such that it failed eventually or it didn't work correctly. So that was a security attack from the computer system that led to damage of physical assets and may even lead to damage to us, harm to individuals. So there may be minor consequences of security breaches through to extreme consequences. So we need to understand what can be a security breach and try to prevent them. In this course we're not going to cover too much about these issues of what are the consequences. In another course I teach on IT security we talk more about this, but here we're going to focus more about the techniques to defeat or to prevent security breaches. There are different standards and organizations that talk about how to classify the levels of breaches and do risk analysis and look at well what's the impact of if this breach occurs and what's the likelihood of it happening to try and identify ways to fix that. For this course we want to classify what we mean by security and the different techniques that we are going to study. So different organizations have tried to define computer security. We'll introduce very briefly some terms from one organization called ISO and they have defined what's part of the OSI security architecture. And those that took my data communications course may have remembered we mentioned OSI, a seven layer stack or a seven layer reference model. It's the same because network communications come, one part of that is security. So there's a standard and the standard is referred to as ITU-TX800 security architecture. That standard is not of importance to us in this course. What we're going to do is just take some terms, some notation from that standard to set up for the rest of this course. Importantly, so it defines how to address computer and network security. The three things of interest to us in this course is that it talks about security aspects and three things in security aspects, attacks, mechanisms and services. So we'll use the terminology from that standard of the types of attacks, security mechanisms and security services throughout this course. So we'll define them in the next few slides. While we're introducing that terminology, we'll distinguish sometimes between a threat and an attack. So we'll talk about an attack. A threat is something that may potentially go wrong with our computer or network security. An attack is when it actually takes place. Someone tries to perform an attack. So a threat from my laptop is that someone accesses it while it's password unlocked. That's a threat. An attack would be if a student walks up to my laptop and does access it. So potential attack. So we'll talk about attacks, mechanisms and services. First, going through attacks, then services and then finally the mechanisms which the course will go into detail about. A security attack, some action that attempts to compromise the security of information or facilities. In general, in our computer system, we'd like to keep the information secure, the data for example, but also the software, the hardware, the facilities need to be kept secure. So if there's some actions that try to compromise the security of those facilities or information, we call that a security attack. It may not compromise it, but it attempts to. A mechanism is something that we'll use to try to prevent, detect or recover from attacks. The best case would be prevent attacks. I don't want attacks to happen. But sometimes we cannot prevent all attacks. So if we cannot prevent an attack, the next thing we'd like to do is to at least detect that it's happening. If an attack is taking place now and I detect that quickly, then I may be able to recover. Take some action to try and stop the attack once it's started. So we'll talk about mechanisms that are used to prevent, detect and recover from attacks. And in fact that's what our course focuses on. And we'll spend a lot of it, one of the mechanisms being encryption. And together we use a set of security mechanisms to enhance the security of our information or facilities to stop attacks. So we'll define those as security services and we'll list six security services that we'll try to provide. We try to provide security services which use mechanisms to prevent, detect attacks. What types of attacks? Let's classify security attacks, very general attacks. And we'll have a first classification into two types of passive versus active attacks. And within those passive attacks we'll say there are two types of passive attacks called release the message contents and traffic analysis. And four types of active attacks. Masquerade, replay, modification and denial of service. The difference between passive and active will become clearer after we go through those six attacks. So there are six in total. The first two will classify as passive, the last four is active. So let's go through the six, then we'll come back and return what's passive, what's active mean. And these pictures are from the textbook just trying to use to illustrate these six types of attacks. An attacks on network security, that's where the examples are coming from. So the picture is showing that we have a communications facility, a computer network, the blue cloud here. And we have some users that want to communicate using that network. And the users in this case are Bob and Alice. They are the normal users. So for example, Bob wants to send information to Alice. So in the normal case, let's say Bob sends a message, an email to Alice. The first attack is called releasing the message contents. It involves an attacker, in this case Darth, the third user, somehow intercepting the message being sent from Bob to Alice and reading the message contents. That is, the message Bob sends to Alice is a love letter. Alice is actually married to Darth. Alice and Darth are wife and husband. And Bob sends a love letter to Alice because they're having an affair. And Darth, who somehow intercepts the message sent across the network, gets a copy of that message and reads it and realizes that Alice is having an affair with Bob and does something about that. So that's an attack performed by Darth in obtaining the contents of a message which Bob and Alice didn't want him to find out about. So this is defeating the concept of confidentiality. Bob and Alice want to communicate confidentially. They want to keep things secret when they communicate. But if an attack takes place where Darth can read the message contents, then it's defeated that security concept of confidentiality. The contents of the message are released to people who are not intended to get a copy. How do we stop that? What mechanism could we use such that when Bob sends a message to Alice, even though Darth may be able to listen in on the network, they cannot release the message contents? Encryption. I think you've heard of, you've probably used encryption deliberately because it's used in the background always when you communicate across the internet or many times. So encryption is a key technique or a mechanism that we use to prevent this attack. When Bob sends a message to Alice, he writes the message before he sends it across the network, he encrypts it. And he sends an encrypted form across the network such that even though Darth can access that encrypted message, he can intercept the message, he cannot decrypt it and get the original message back. Whereas Alice can decrypt and get the original message back. So the focus of the first half of this course is on how do we do that encryption? How do we provide confidentiality? How can Darth intercept a message? Those that have studied communication networks with me or in other courses, what can Darth do to actually intercept this message being sent? Let's say Bob is using a laptop and Alice is maybe in another city. How could Darth get a copy of the message sent from Bob to Alice? Again? Yeah, but if they do use the same network or a different network, how could they actually, what? If you were Darth and you want to get a copy of the message sent, what would you do? Capture the packets so you'd use software like TCP dump or Wireshark to record the packets being sent. What would you need to do to capture the packets? Where would you need to be? You need to be somewhere along the path between Bob and Alice. Okay, so the network path, let's say this laptop is Bob's computer, the path includes maybe the Wi-Fi link to the access point and then the cable from the access point downstairs to a switch, then another cable to a router and then multiple cables through internet service providers, eventually to Alice's computer. What Darth would need to do is get somehow physical access to those links in the path so as the message was sent, they could use TCP dump, Wireshark or other software to record a copy of the packet. And if you record a copy of the packets, you can see the contents. Now that could be quite easy, especially if Wi-Fi is being used. That is, I send a message to that wireless access point. We've studied Wi-Fi last semester and we saw, I think from some experiments, that if you send a message to that access point, someone nearby also receives a copy of that signal which contains the message. So it's very easy with Wi-Fi for others to be just nearby and record copies of messages. If you'll assume in any network it is possible for someone to somewhere along the path between source and destination get a copy of the messages being sent. So encryption will become key to prevent such attacks. Bob's smart enough to encrypt these messages. So he encrypts the messages, still sending to Alice. The next attack is called traffic analysis. The messages are encrypted. Bob can send to Alice a message. Darth can intercept but cannot read the contents. Let's say they cannot read the contents. But what Darth may do is observe when the messages are sent and how frequently they are sent. And he observes that the message was sent at 2am late one night when Alice said she was somewhere else but she was actually receiving messages from Bob and from that extra information just by observing the messages being sent by analyzing the traffic, Darth may gain useful information about what's going on in the communications. So traffic analysis is not about reading the contents of the messages but looking at the patterns of the communications to gain some information that's useful for the attacker, Darth, in this case. So the useful information may be how frequent Bob is sending messages to Alice and at what times of the day. And he may use that combined with other information to make some assumptions about what's going on. So traffic analysis is possible even if we use encryption. Because usually when we send messages the source address and the destination address are included in the packets, the packet headers, unencrypted. We can't encrypt the addresses because the network needs them to send them across to the right destination computer. For example IP addresses. So traffic analysis is another type of attack where the attacker observes the patterns of communications. How can we stop that? How could Bob and Alice stop or make it difficult for Darth to observe how often they are communicating and at what times of the day they are communicating. Let's say Bob always sends Alice a message at 2am on a Friday night. How could they hide that information from Darth? What they could do is they could send some other fake messages at different times. Maybe every hour send a fake message. Darth intercepts and receives all these fake messages. He cannot read any of them. They're all encrypted. And only one of them is the real message in there so that Darth cannot observe any patterns of communication. So he just sees that they're communicating all the time. He doesn't know that it's actually at 2am Friday that they are communicating. So adding some extra information and maybe adding some randomness to that information can make it much harder for Darth to analyze the traffic. In both of these cases, traffic analysis and releasing the message contents, let's look what if the attacker wasn't there. Imagine that Darth is not there. There was no attack. The normal communications is Bob sends a message to Alice. Alice receives a message. When the attack takes place from Bob and Alice's perspective, the same thing happens. Bob sends a message. Alice receives a message. But also Darth gets a copy of that message. And similar with the traffic analysis, the normal situation, Bob sends a message to Alice. If an attack takes place, the same thing happens from the perspective of Bob and Alice. Bob sends a message. Alice receives a message. Darth also gets a copy. The point is in both of these attacks, from when there's no attack to when there is an attack, from the normal user's perspective, nothing has changed. And that's what we'll call a passive attack. The attack is taking place without any modifications of the normal system resources. And we'll compare that to the next four, which are active attacks. Let's go through them. A masquerade attack. Masquerade means to what? Pretend to be someone else. So this is a simple case. Let's say Bob is the director of SIT, or the director of some organization. Alice is the finance officer. She makes all the payments for your salary and so on. And what Darth, the attacker does, is creates a message saying, please increase Darth's salary by 10,000 baht. So Darth sends a message to Alice saying, please increase the salary of Darth by 10,000 baht. And makes it look like the message came from the director, Bob. And whenever Alice receives a message from the director, she follows the instructions, increases the salary. So this is Darth pretending to be Bob to do something malicious in this case. In this case, to increase his own salary. This is called a masquerade attack in that Alice doesn't know that the message that she gets is from Darth. She thinks it's from Bob. Darth is pretending to be someone else. How can we prevent such an attack? How can we stop this from happening? Alice gets a message, an email, for example. And in that email it says, increase the salary of Darth by 10,000 baht, signed by Bob. At the bottom, it's from Bob. How can we make it easier for Alice not to be fooled by this message? Check the source. If you look at email addresses, there's always a from address and a to address. So if the from is from Darth, she won't believe the email message. But it turns out with email messages it's very easy to set a fake from address. You can set from anything. So if we have a fake from address or source address, then we can't just use that to detect. We could do a double check. What Alice does when she gets a message from supposedly Bob, she sends a message back to Bob saying, are you sure? Maybe she calls him on the phone. Are you sure you want to increase Darth's salary by 10,000 baht? Does that work? Well, if Alice sends a message, maybe he sends an email back to Bob saying, please confirm, do you want to increase Darth's salary? It may work if it goes to Bob, but if Darth can somehow intercept that message, even though it was sent to Bob to intercept it before it gets to him, and then sends back, yes, of course, increase Darth's salary, then it won't work there. The other way we do this in normal situations, not on email, but in handwritten paper documentation, we have a signature, and often we can confirm a signature or we use that as a method of proving who it came from. And in computer networks, we have a similar concept, digital signatures, where we're using encryption techniques to ensure that a message can be signed by someone and the receiver can verify the signature. When they get the message, they can check, using some cryptographic techniques, that this message did indeed come from Bob. It didn't come from someone pretending to be Bob. So we'll talk about digital signatures after the midterm. And this is a rather famous comic from an old newspaper. On the Internet, nobody knows you're a dog because you're communicating with someone, and on the Internet, there's no built-in mechanisms for preventing masquerade attacks. There's no mechanisms for authenticating who sent that message. Whenever you receive a message on the Internet, unless you're using specialized techniques, you can't be sure who sent that message. So those specialized techniques use digital signatures, which we'll study. Another active attack. Why are I maybe coming back to active attacks? I said the first two were passive attacks. This masquerade attack is an active attack. Why? Let's assume there was no attack. No attacker. How many messages does Bob send if there was no attack? Well, in a normal situation, Bob doesn't send anything. There'll be no message from Bob to Alice, and Alice would not receive anything. But when there is an attack, Darth sends a message. Alice, the normal user, receives a message that she wouldn't have received if there was no attack. So something has changed when we perform the attacker. It's changed from the perspective of the normal users. So we say that's an active attack, a replay attack. And these have some similarities. Bob sends a message to Alice. The real Bob sends a message to Alice yesterday, say, or maybe last month. Last month, Darth did a good job, and Bob sent a message to Alice saying, please increase the salary of Darth by 10,000 baht. It was a real message. And when that was sent, Darth actually intercepted and got a copy of that message. And then this month, Bob replays that same message. It sends the exact same message. And it was from Bob to Alice. Alice gets a copy, and this month Alice gets another message from Bob saying, please increase Darth's salary by 10,000 baht. And both messages are signed by Bob. So this is where the attacker replays an old message to get some gain. So it involves Bob sending one message to Alice, Alice receiving that normal message, Darth intercepting that normal message, and then later, sending that same message in this case to Alice. It's an active attack in that if there was no attack, Bob sends one message, Alice receives one message. If there is an attack, Bob sends one message, Alice receives two messages. The original one plus the replay. So it's something's changed. That's why we call it an active attack. How can we prevent replay attacks or detect them? That scenario of sending one month later, we can check the time of the message. So when Bob sends the original message, he puts the date inside the message, today's date, signs that message such that when someone receives it, they can verify it's from Bob. And they verify it's from Bob, and it was for today's date. So therefore, if someone tries to replay that message one month later, when they receive it, they will check, ah, this message is one month old, I will ignore it. So we can check the time stamp on that message to try and prevent replay attacks. Modification attack. Bob sends a message to Alice, increase Darth's salary by 10,000 baht. Before it gets to Alice, Darth is on the network, he intercepts that message, and he changes 10,000 to 20,000. And it's still signed by Bob and forwards that modified message onto Alice, increase the message, increase the salary to 20,000 baht. So this is a modification along the way. And the way to stop there is to make sure when there's a digital signature, or when there's something signed, the entire message is signed. Any modification of that message can be detected by the receiver. And again, the techniques will come up after the midterm, how to sign messages. So three main active attacks there, pretend to be someone else, replay a message, or modify a message. Again, this is an active attack because even though Bob and Alice send and receive one message, the message received by Alice is different. Something has been altered. So we call it an active attack. If there was no attack, Bob sends a message, Alice receives that exact message. If there is an attack, Bob sends a message, Alice receives a different message. Something's modified along the way. We say that's an active attack. Last one is denial of service attack. Here it's slightly different. We don't have Alice. We have a server, like a website, a database server that provides an important service for an organization. Normally Bob accesses that server. Normally every day, Bob needs to access the server to do his job. If he doesn't access the server, he can't do his job and the company loses money. So what the attacker does is disrupts access to that server, makes it so that the server is slow to respond or is inaccessible that no one can access it. By, for example, overflowing it with data, overloading the server, such that when a normal user tries to access the server, they cannot. They denied access. So this is the attack system. We want to make computer systems available for the normal users. A denial of service attack is making them unavailable for the normal users. How do we stop this? How do we stop denial of service attacks from taking place? Upgrade the server, get a more powerful server, more powerful network connection into it. Okay, it costs more money and upgrade even more when the attacks increase. It turns out today that it's, it's quite easy to perform such denial of service attacks. Especially when things are not set up well in some networks and if you look over the, in the news every week there's always attacks, denial of service attacks. You hear about anonymous. The group performs attacks on websites or gaming systems where they overload websites or computer networks with traffic such that the normal users cannot access them. So it's very hard to prevent denial of service attacks. So we want to look at the techniques or the mechanisms to prevent and detect those types of attacks. And we'll group those mechanisms together to say that they provide a set of services to our users. So let's list the set of services and there are six that we'll define. Again, there are different definitions of the key security services, but in this course we'll use six security services. And what, once we see those services and the mechanisms will say we'll use security mechanisms like encryption, digital signatures, to implement services and for an organization, those services are used to implement some policy. An organization has a policy, for example, SIT has a policy that a student can only see the grades of their own, the courses they've taken, their own grades. The student cannot see other students' grades. Or a faculty member can only see the grades of the students who they've taught or their advisees. They cannot see any students' grade. They may be security policies for an organization. We would use security services to implement those policies and mechanisms to implement those services. In this course, we're going to focus on the mechanisms. So before we get to them, let's list the key six security services. We'll not look at policies. These are the main security services provided in computer and network security. Authentication, access control, data confidentiality, integrity, non-repudiation and availability. Some are easy. For example, data confidentiality. The service of data confidentiality, we want to keep our data confidential secret. That's the service we often want to provide. If you need to secure a computer system, this is a key service you need to provide to the users. Protect the data from unauthorized disclosure. Make sure that the contents of messages are not released to people who are not allowed to see that message. A key way, a key mechanism to implement confidentiality is encryption. Encrypt the data. Data integrity. Make sure that data that is received is exactly as sent by the authorized entity. That is, nothing's modified along the way. Or nothing's modified at rest. That is, I save a file on my computer. And if someone can access my computer and modify that file without me knowing, that's an attack on the data integrity service. Even if the data is not sent across the network, the data at rest, the integrity may be compromised. A modification attack is an attack on the data integrity service. Where I send a message and someone modifies it along the way, then that would defeat this service. Authentication. Make sure that the entity is communicating as they say they are. This is about the masquerade attack. When you receive a message, make sure that message came from Bob. It didn't come from someone pretending to be Bob. So authentication is a service to prevent such attacks. What else is easy? Availability. Make sure the system, the network, the computer resources are accessible and usable as needed by the normal users. So we have a server. We build that server to support 100 users at the same time. Then we must, the availability service is making sure that that server will remain available to those 100 users. An attack on the availability service, a denial of service attack, would make the server unavailable to those users. The other two. Access control. Prevent unauthorized use of a resource. Prevent users from accessing computer or software resources that they're not allowed to do. Usually that is combined with authentication techniques, but there are slightly different ones that we probably not see in this course, but you may see in the computer network lab and other courses you've used. For example, access control, a firewall. In a computer network, we'll have a device referred to as a firewall which will control who can access servers inside our network and may also control what the users inside our network can access outside the network. That is, it may block you from accessing Facebook or block people from outside of your network from accessing your internal web server. So a firewall provides access control there. And the last one, non-repudiation. To repudiate is really to deny something. To deny something happened. So the non-repudiation service is to make sure that users cannot deny that something's happened in the past. For example, I ask you to submit your assignments by email. So you send me your assignment. It has to be done by the deadline. You send me the assignment before the deadline and I'm a malicious lecturer and I don't like you really. And I say, I didn't get the assignment. So what do you do? You send the assignment, you email to me. I actually got it, but I deny I received it. I say, no, I didn't get your assignment, you get an F for this course. What would you do in that case? Yeah, what would you do? What you would do is maybe show someone, me, or someone else that this was the email that was sent. You would show in the ascent folder. But you can fake that easily, so I don't trust you. So what do you do? Well, you need some way to be able to prove that you actually did send that message. That the receiver cannot deny receiving it when they did receive it. So there are techniques similar to a receipt. When you buy something, the proof of purchase is that receipt, that printed receipt that you get. So some token that says, yes, you paid for that. So non-repudiation is about ensuring that people cannot deny that they've done something, that a receiver cannot deny that they've received a message, or a sender cannot deny that they've sent a message. So that is what non-repudiation is about. It's very important with financial transactions. Someone sends money across the internet, they receive that money, then they deny they received it. Or similarly, someone like the assignment submission example. So these are the key six services that we want to provide to our users, or our computer system. We want to be able to authenticate who's who, check that if someone's sending a message that they are, as they say they are, prevent access to resources that are not allowed to access, ensure that the data is kept confidential, no secrets are revealed, ensure the data is not modified along the way, we maintain the integrity, make sure that users cannot deny something's taken place when it actually has, and make sure the system is available to the users. Different computer networks and computer systems may have different focuses on these services. You may not care about all of them, but in general we need mechanisms to provide or implement those six security services. This course is about the mechanisms, really. How to implement data confidentiality, encryption. How to implement authentication or data integrity. One mechanism is digital signatures, and we'll see some other mechanisms. How to implement access control, use a firewall. That's what the security mechanisms are. And we will not talk about many of them, because that's what the next topics will introduce. There are many different security mechanisms available. Some of them are listed here. There's no single security mechanism that provides all services. So we usually build up a service using a combination of mechanisms. But a very important mechanism is encryption, or generally cryptographic techniques, using cryptography. That's what we'll talk about in the next topic. So in siphonment, there is really another word for encryption. Digital signatures, firewall-based access control. There are authentication exchange protocols, which we'll see come up. Traffic padding is like adding in fake messages to prevent traffic analysis. These are some of the techniques or mechanisms available to implement security services. We will focus mainly on encryption, digital signatures, and maybe a little bit on authentication exchanges in this course. And I think that's about all for this topic. This table just lists the connection between some of those security mechanisms in the columns with the security services in the rows. But the services are slightly different than the six-wheeled students. It splits the first one into two, and confidentiality into two as well. But we'll see key mechanisms, encryption, digital signatures, and another one we'll cover a bit is authentication exchanges. That's what we'll cover in this course. Any questions to finish this introduction to security?