Upload
maximilian-gallagher
View
220
Download
1
Tags:
Embed Size (px)
Citation preview
2
Database Security• Data is a valuable resource that
may have strategic importance and therefore needs to be kept secure and confidential.
• There must be mechanisms that protect the database against intentional or accidental threats. Furthermore security considerations do not only apply to the data held in a database. Breaches of security may affect other parts of the system, which may in turn affect the database.
• Threat– Any situation or event, whether
intentional or unintentional, that will adversely affect a system and consequently an organization.
© Pearson Education Limited 1995, 2005
5
Countermeasures – Computer-Based Controls
• Concerned with physical controls to administrative procedures and includes: – Authorization– Access controls– Backup and recovery– Integrity and Encryption
• Authorization– Involves determining whether a user is,
who he or she claims to be.
• Access control– Based on the granting and revoking of
privileges.
6
What is Cryptology?
• Cryptography: is the study of codes or ciphers to encrypt and decrypt data.
• Encryption involves taking a piece of ordinary text or information and changing it so that it’s original contents are not obvious.
• Decryption is the code that allows the original contents to be recovered.
7
Simple Ciphers
• Example of Cipher:• Substitution Cipher: replace
each letter in a message with another letter, aka Caesar ciphers.Breadandbutterbreadandbutterweholdthesetruthstobesel..m
• The key value must be long enough that it cannot be easily deduced by cryptanalysts.
8
Symmetric Cryptography
• For a sender to send a coded message to a receiver, the following steps must occur:– A and B agree on a cryptosystem– A and B agree on a key– A encrypts the plaintext message
using the cryptosystem and key and sends the resulting ciphertext to B
– B decrypts the ciphertext using the cryptosystem and key
• An attacker who intercepts the ciphertext will have to cryptanalyse it to recover the plaintext.
9
Symmetric Cryptography
• In a good cryptosystem all the security in the system is inherent in the knowledge of the key, and nothing more.
• Thus in symmetric cryptosystems secure key management is vitally important. In other words the key must remain secret for the message to remain secure.
• An attacker who gains knowledge of the key can do a number of things:– break the cipher text – swap messages from the sender to the
receiver for his/her own– pretend to be the real sender
10
Symmetric Cryptography• A major problem in Cryptography is how
to get a key safely from the originator of a message to its receiver so he/she can decode it while assuming you are transmitting over an insecure channel.
• Assuming a separate key is used by each pair of users in a network, then the number of keys that must be managed increases rapidly as the number of users increases .
11
What is asymmetric or Public key Cryptography?
• PK cryptography seeks to avoid the problems associated with key distribution by avoiding it altogether.
• PK Cryptography uses two separate keys:– the public key, for encoding
messages for a recipient– the private key, used by the
recipient to decode the message.
12
Asymmetric cryptography
• The private and public keys are obviously related, but deducing the private key from the public key is effectively impossible.
• PK systems are based upon trap-door, one-way functions. These are easy to solve in one direction, but extremely difficult in the other without possession of the secret, trap-door information (private key).
13
RSA PK Cryptography
• RSA (Rivat Shamir and Adleman…) cryptography is a example of a PK cryptosystem.
• The RSA system allows for the idea of digital signatures.
• All PK cryptosystems have the property that:
DKd[Eke(P)] = P• The RSA system also has the
property:
Eke[DKd(P)] = P• Assume a scenario where a sender,
A, and a receiver, B, are communicating using RSA PK cryptography.
14
Digital Signatures via PK Cryptography
• The RSA system allows for the idea of digital signatures.
• All PK cryptosystems have the property that:
DKd[Eke(P)] = P
• The RSA system also has the property:
Eke[DKd(P)] = P
• Assume a scenario where a sender, A, and a receiver, B, are communicating using RSA PK cryptography.
15
Digital Signatures via PK Cryptography
• For A to ‘sign’ a message he/she first decrypts it with his/her private key, and then encrypts it with the B’s public key:
EKbe[DKad(P)] = C
• At the other end B reconstructs the plaintext by first decrypting with his/her private key, stripping off the encryption, and then encrypts with A’s public key to strip off the signature:
EKae[DKbd(C)] = P
16
Key Exchange via RSA PK cryptography
• RSA PK cryptography can also be used for key distribution.
• The process is as follows:– A and B want to communicate,
they are being eavesdropped upon by C.
– A sends B his/her public key.– B generates a random number,
encrypts it with A’s public key, and sends it to A.
– A decrypts it with his/her private key and recovers the random number.
– The number could be a symmetric key, which is then used to encrypt and decrypt data.
Data transmission Security
• Integrity ensures that the data in the message has not been deliberately or accidentally modified.
• The essential philosophy behind data integrity is that the manipulation of data or messages can not be completely prevented but what is essential is that an integrity failure can be detected.
Data transmission Security
• Authentication is a guarantee that the message has come from the person who claims to have sent it. It can be achieved using a “digital signature” and comparing it to the expected “digital signature”
• Non-repudiation is the certainty of knowing that the sender of the message can not later deny having sent it. This is achieved by using digital signatures just as a signature on a cheque forms the non-repudiation process in paper based payment schemes
Data transmission Security
• Confidentiality will prevent unauthorised access to transactions, which often contain data such as bank details and credit card numbers.
• Providing confidentiality involves the use of symmetric and / or asymmetric cryptographic algorithms. In practice bulk encipherment is done using a symmetric algorithm such as data encryption standard (DES). However, the transmission of symmetric keys is implemented using asymmetric algorithms
+
Figure 3.1(a) Ensuring Security on-line, adapted from Patni and Patni (1998)
Digital signature
Random KeySigned and
encrypted file
Hash Algorithm Digest
Receivers public
confidentially key
Secured file ready to send
Sender’s private
Authentication key
File
File Digital signature
Signed and
encrypted file
Encrypted
random key
Pass / Fail
Fig 3.1(b). Ensuring security on-line , adapted from Patni and Patni (1998).
Receivers private confidentially key
Secured file received vedreceived
Encrypted random key
Sender’s public Authentication key
Signed and encrypted file
Random Key
File Digital signature
File Digital signature
Hash Algorithm
Digest Digest
=?