Principles of Computer Security - Coursework Example

Principles of Computer Security October 31, Table of Contents Introduction 5 Introduction 5 2. Cryptography 5 2. Cryptography 5 3. Public Key Infrastructure 7 3. Public Key Infrastructure 7 4. Standards and Protocols 9 4. Standards and Protocols 9 5. Network Fundamentals 9 5. Network Fundamentals 9 6. Infrastructure Security 11 6. Infrastructure Security 11 7. Remote Access 13 7. Remote Access 13 8. Wireless and Instant Messaging 13 8. Wireless and Instant Messaging 13 9. Intrusion Detection Systems 13 9. Intrusion Detection Systems 13 10. Security Baselines 15 10. Security Baselines 15 11. Conclusions 17 11. Conclusions 17 References 17 References 17 1. Introduction With increased use of computers and the Internet to manage our lives, cyber crimes have become a common term of use. Criminals have managed to adapt the traditional method breaking into a house to breaking into computer systems. Cybercrime is defined as "use of the Internet, computers and related technologies in the commission of a crime" (Maras, p. 2). Included in such crimes are technologically specific crimes that cannot be possible without using computers and traditional crimes and combining both methods. This paper discusses important principles of computer security and different components and systems that are used for the computer security. 2. Cryptography Cryptography is the process used in computer engineering used for providing secure communication to avoid interception of the message by unauthorised parties. A number of tools and devices are available and these are discussed as below (Schneier, p. 45-49). Algorithms: These instances of logic are coded to consider certain inputs and provide the desired outputs. These are useful in cryptography that enables a communication to be coded. Hashing: In cryptography, hash function is an algorithm that picks up a data block, and in return gives a bit string of a fixed size called the hash value. This means that any attempt to change or crack the hash code will not succeed. Symmetric Encryption: Also called the private key, this is a type of cryptography algorithm that identical keys to encrypt and decrypt. The party that sends the message has the same key and the party that wants to decrypt the message must have the same key. Asymmetric Encryption: This requires to different keys one public and the other secret to unlock the message. One key is used for encryption and other for decryption. 3. Public Key Infrastructure Public-key infrastructure - PKI refers to the infrastructure made of software, policies hardware, procedure and other assets that are used to create, distribute and manage digital certificate. It binds public keys with specified user identities by using the certificate authority (Bosworth and Kabay, p. 34-38). Certification Authority - CA refers to the issuing authority for digital certificates. These certify the ownership of a public key for a person so that other parties can use the signatures to form a trusted relationship. Registration Authorities - RA are the agency that maintains the set of international standard codes and issues new ones for parties that register with them. For Internet applications, it is the Internet Assigned Numbers Authority. Certificate Repositories - CR Are archives and databases where different digital certificates are placed. Authorised agencies request a digital certificate from the CR Trust and Certificate Verification is used to verify the authenticity of digital certificates that are offered by a party. Crypto API are used to verify if a party that offers a certificate is really the owner and if the certificate is authentic or forged. Digital Certificates also called as public key certificate is used for authentication. It is a digital document and it binds the public key to an entity by using a digital signature Private Key Protection are protected on a users computer by storing it is the root directory of documents, settings, user name, application data, Microsoft, crypto, rsa folder. A 128-bit encryption is used for the protection. 4. Standards and Protocols A protocol refers to a set of steps that must be followed to complete the required tasks. When multiple users and computers are present, protocols help and specify the manner in which these computers and software application communicate with each other. An example is the Internet. Cryptography and security protocols specify the set of steps that computers must follow when they connect to any Internet server. If a user takes any step that is different from the protocol, then it means there is a threat. Standards are used to specify the syntax and other rules used in the programming language for cryptographic tools. By using similar standards, it is possible for computers to speak to each other without any syntax errors (Bosworth and Kabay, p. 53). 5. Network Fundamentals These are basic instruction and descriptions of various components that make up a network. A number of components are present and these are discussed as below. These are very important in computer network security since they tell us the assets to be protected and the location (Schneier, p. 76). Network Architectures refers to the designs used in computer communication networks. It specifies physical and virtual elements in the network such as computers, servers, bus details along with data formats that are used. Network Topology refers to the manner in which the network elements are arranged. The representation can be physical where the different nodes are shown along with the location and cable installation. Logical topology refers to the data flow in a network and the placement as per the information flow. Network Protocols are the set of rules that define the manner in which computer communicate in a network. Some common protocols are Ethernet, local talk, token ring, Fibre Distributed Data Interface, Asynchronous Transfer Mode, Gigabit Ethernet and others. Packet Delivery refers to the delivery of the formatted and encrypted unit of data. Data is usually broken down into small bits, encrypted and delivered along with private keys and public keys. 6. Infrastructure Security IT Infrastructure Security refers to the process and methods used to protect the whole network of an organisation. All assets in the network and this include devices such as workstations, servers, NICs, hubs, bridges and switches must be protected from external and internal threat. Hackers gain backdoor entry through a single and often unguarded port. Hence, the security program should consider the topology and prepare a binding set of procedures and policies that help in the implementation of the plan. There is also a need to carry out security checks and awareness, test the existing system for vulnerabilities and then create the policies. 7. Remote Access This is a process where a user accesses a database or a network from a location outside the network topology. The Internet is used for web applications while a dedicated network is used for banks and ATM machines. This process is often risky since a hacker can gain access to the authentication and passwords that a person uses. Therefore, authentication must be very robust and secure when using applications such as online booking, online banking and shopping where the credit card numbers are often used. Hackers usually try to intercept the exchange of passwords so that they know the details and they can then use the information to steal money or make fraudulent purchases (Bosworth and Kabay, p. 74). 8. Wireless and Instant Messaging Instant messaging using the computer, Internet chat rooms and mobile phones have become very common. These use different protocols such as WAP, IMPS and WTLS, 802.11 and others. These applications have increased the ease of affordable communication but they can also be used to hack into networks, banks and mobile phones of other users. When mobile phones are used for shopping and banking very strong authentication systems are used (Schneier, p. 101). 9. Intrusion Detection Systems IDS are special software applications and devices that monitor a network, the home computer or the server and detect any suspicious activity. Different types are explained as below (Bosworth and Kabay, p. 87-93). A host-based intrusion detection system - HIDS analyses and monitors traffic in the internals of a computing system and the network interfaces. All dynamic behaviour of the computer is monitored and compared with the protocols and standards. Network Based - NIDS - is based in a network and monitors the incoming and outgoing traffic for any malicious activity. The traffic is compared with protocols and routines and when a hacker attempts to connect to an unauthorised port, the activity is detected and blocked. Other terms of relevance are signatures, False Positives and Negatives and these refer to the protocols, messages and alerts raised when an intrusion is detected. 10. Security Baselines These fundamental activities are performed to protect the computer and users. Password selection refers to selecting a password that is not easy to guess. The methods include using capitals in the password along with special characters such as $ or #. Hardening of the operating and network system means using higher levels of authentication and passwords along with firewalls. These elements make it difficult for a hacker to enter a system. Network and application hardening is done by securing unguarded ports and installing intrusion detection systems. In other cases, security patches are used and unnecessary applications are blocked. Special systems are available for different operating systems and applications. A banking application will be highly secure since it deals with money while a Internet browsing session from a public computer may not be excessively hardened ((Schneier, p. 127). 11. Conclusions The paper has discussed briefly important concepts and terms used in computer security. Various terms related to cryptography, intrusion detection systems, standards and protocols, public and private keys and hardening of the network were discussed. It can be seen that the subject of computer security is very vast and complex. Hackers can use a number of methods and processes to gain entry to a network. Hence, suitable methods to overcome these challenges become a part of computer security. References Bosworth, Sam., and Kabay. Meer., Computer Security Handbook, 4th edition. NY: Wiley Publications, 2010 Maras, Marie-Helen. Computer Forensics: Cybercriminals, Laws, and Evidence. Sudbury, MA: Jones & Bartlett Learning, 2012 Schneier. Ben. Secrets and Lies: Digital Security in a Networked World, 2nd edition. NY: Wiley Publication, 2007 Read More