امن نظم المعلومات وامن الشبكات

1. ‫ا‬
‫الحاسبات‬ ‫نظم‬ ‫من‬
‫وترتيب‬ ‫جمع‬
:
‫م‬
.
‫راشد‬ ‫عمرو‬
‫الحاسب‬ ‫هندسة‬ ‫بقسم‬ ‫محاضر‬
,
‫الم‬ ‫وتكنولوجيا‬ ‫الحاسبات‬ ‫كلية‬
‫علومات‬
,
‫الطائف‬ ‫جامعة‬
Amr_rashed2@Hotmail.com

2. ‫المقرر‬ ‫موضوعات‬

3. ‫االنترنت‬ ‫شبكة‬ ‫عن‬ ‫لمحة‬

4. ‫االنترنت‬ ‫بشبكة‬ ‫االتصال‬ ‫طرق‬

5. ‫االنترنت‬ ‫بشبكة‬ ‫االتصال‬ ‫طرق‬

6. ‫بالمعلومات‬ ‫المتعلقة‬ ‫الجرائم‬

7. ‫المعلو‬ ‫عالم‬ ‫في‬ ‫الجرائم‬ ‫اشكال‬ ‫عن‬ ‫نبذة‬
‫مات‬

8. ‫المعلومات‬ ‫عالم‬ ‫في‬ ‫الجرائم‬ ‫اشكال‬ ‫عن‬ ‫نبذة‬

9. ‫المعلومات‬ ‫امن‬ ‫مكونات‬

‫المعلومات‬ ‫سرية‬
(Data Confidentiality)

‫المعلومات‬ ‫سالمة‬
(
Data Integrity
)

‫الحاسوبية‬ ‫والموارد‬ ‫المعلومات‬ ‫إلى‬ ‫الوصول‬ ‫ضمان‬
(
Availability
)

10. ‫المعلومات‬ ‫سرية‬

11. ‫المعلومات‬ ‫سالمة‬

12. ‫الحاسوبية‬ ‫والموارد‬ ‫المعلومات‬ ‫إلى‬ ‫الوصول‬ ‫ضمان‬

13. ‫الهجمات‬ ‫لشن‬ ‫الضرورية‬ ‫العناصر‬
‫االلكترونية‬

‫الدافع‬ ‫وجود‬

‫الهجوم‬ ‫لتنفيذ‬ ‫طريقة‬ ‫وجود‬

‫الثغرات‬ ‫وجود‬

14. ‫الدافع‬ ‫وجود‬

15. ‫الهجوم‬ ‫لتنفيذ‬ ‫طريقة‬ ‫وجود‬

16. ‫الثغرات‬ ‫وجود‬

17. ‫الثغرات‬ ‫وجود‬

18. ‫الثغرات‬ ‫وجود‬

19. ‫المعلومات‬ ‫بأمن‬ ‫االخالل‬ ‫مصادر‬

‫الداخل‬ ‫من‬ ‫المهاجمون‬

‫الخارج‬ ‫من‬ ‫المهاجمون‬

20. ‫الداخل‬ ‫من‬ ‫المهاجمون‬

21. ‫الداخل‬ ‫من‬ ‫المهاجمون‬

22. ‫الداخل‬ ‫من‬ ‫الهجوم‬ ‫دوافع‬

‫الرضا‬ ‫عدم‬

‫تنف‬ ‫علي‬ ‫وقدراته‬ ‫الفنية‬ ‫مهاراته‬ ‫الشخص‬ ‫اثبات‬
‫هجوم‬ ‫يذ‬
‫الكتروني‬

‫المالية‬ ‫المكاسب‬ ‫تحقيق‬

23. ‫المراجع‬

‫د‬ ‫ميسرة‬ ‫بلغة‬ ‫المعلومات‬ ‫امن‬
.
‫سليمان‬ ‫بن‬ ‫خالد‬
‫الغثبر‬

24. Chapter 0 – Reader’s Guide
The art of war teaches us to rely not on
the likelihood of the enemy's not
coming, but on our own readiness to
receive him; not on the chance of his
not attacking, but rather on the fact
that we have made our position
unassailable.
—The Art of War, Sun Tzu

25. Standards Organizations
 National Institute of Standards &
Technology (NIST)
 Internet Society (ISOC)
 International Telecommunication
Union Telecommunication
Standardization Sector (ITU-T)
 International Organization for
Standardization (ISO)
 RSA Labs (de facto)

26. Information security
‫امن‬
‫المعلومات‬

‫بأمن‬ ‫يختص‬ ‫علم‬ ‫ظهر‬ ‫الشبكات‬ ‫امن‬ ‫ظهور‬ ‫قبل‬
‫الكمبيوتر‬ ‫وجود‬ ‫قبل‬ ‫العلم‬ ‫هذا‬ ‫وظهر‬ ‫المعلومات‬
.
‫مث‬
‫ال‬
‫امين‬ ‫مكان‬ ‫في‬ ‫أوراق‬ ‫وضع‬
,
‫توثيق‬
‫الشهادات‬
,
‫امضاء‬
‫شيك‬
,
‫ذلك‬ ‫وغير‬ ‫واألوراق‬ ‫للنقود‬ ‫خزنة‬ ‫استخدام‬
.
 Is about how to prevent attacks or
failing that , to detect attacks on
information-based systems where in
the information itself has no
meaningful physical existence and
then recover from the attacks.

27. Computer security
‫الحاسب‬ ‫امن‬
 The generic name for the collection of
tools designed to protect data and to
thwart hackers.

‫لحماية‬ ‫المستخدمة‬ ‫األدوات‬ ‫لمجموعة‬ ‫عام‬ ‫اسم‬ ‫هو‬
‫القراصنة‬ ‫ومنع‬ ‫البيانات‬
.

28. Network security
‫الشبكة‬ ‫امن‬
 The second major change that affected security is
the introduction of distributed systems and the use
of networks and communications facilities for
carrying data between terminal user and computer
and between computer and computer.

‫هو‬
‫االمن‬
‫لشبكة‬
‫ممكن‬
‫تكون‬
‫داخلية‬
‫وغير‬
‫متصلة‬
‫باإلنترنت‬
‫وظهر‬
‫له‬
‫االحتياج‬
‫له‬
‫بعد‬
‫ظهور‬
‫شبكات‬
‫الحاسب‬
‫ولكن‬
‫في‬
‫المرحلة‬
‫السابقة‬
‫كانت‬
‫األجهزة‬
‫منفصلة‬
‫عن‬
‫بعضها‬
‫أي‬
‫ال‬
‫تحدث‬
‫مشاكل‬
‫كبيرة‬
‫بها‬
‫اال‬
‫ألسب‬
‫اب‬
‫مثل‬
‫الفيروسات‬
‫وغيرها‬

29. Internet security
‫االنترنت‬ ‫شبكة‬ ‫امن‬
 Consists of measures to deter, prevent,
detect and correct security violations that
involve the transmission of information.

‫ويعتبر‬
‫امن‬
‫االنترنت‬
‫هو‬
‫المعني‬
‫االعم‬
‫ألمن‬
‫كل‬
‫شبكات‬
‫الحاسب‬
‫وفي‬
‫هذه‬
‫الحالة‬
‫فقد‬
‫احتجنا‬
‫ال‬
‫قياسات‬
‫لحماية‬
‫واكتشاف‬
‫وتصحيح‬
‫التعارضات‬
‫الموجودة‬
‫في‬
‫الشبكة‬
‫و‬
‫التي‬
‫تشمل‬
‫ارسال‬
‫البيانات‬
‫وقياسات‬
‫لتأكيد‬
‫سالمة‬
‫البيانات‬

‫وامن‬ ‫االنترنت‬ ‫شبكة‬ ‫امن‬ ‫بين‬ ‫واضح‬ ‫فرق‬ ‫يوجد‬ ‫ال‬ ‫أوال‬
‫الشبكة‬
.
 We use the term internet ,with lower case
,to refer to any interconnected of network.

30. Key Security Concepts

31. Examples of security
violations

Violations
:
‫تعارض‬

‫عند‬
‫نقل‬
‫ملف‬
‫من‬
‫المستخدم‬
A
‫والمستخدم‬
B
‫ويحاول‬
‫المستخدم‬
C
‫عمل‬
‫نسخة‬
‫من‬
‫هذا‬
‫الملف‬
‫وقراه‬
‫مع‬
‫انه‬
‫غير‬
‫مسموح‬
‫له‬
‫بقراءة‬
‫هذا‬
‫الملف‬
.
User
A
User
B
User
C
Payroll
records
Not authorized to
read file
copy

32. Examples of Security
Requirements
 confidentiality – student grades
 integrity – patient information
 availability – authentication service
 authenticity – admission ticket
 non-repudiation – stock sell order

33. Example 2
User
F
Network
manager
D
Computer
E
‫عدلها‬ ‫ثم‬ ‫الرسالة‬ ‫استقبل‬
‫الي‬ ‫ومررها‬E
Update
authorization file

34. Example 3
User
F
User
E
Construct it’s
own message
Transmit message to E
as if it had come from
manager D

35. Example 4,5

‫الرابع‬ ‫المثال‬
:
‫وإلغاء‬ ‫عمله‬ ‫من‬ ‫موظف‬ ‫فصل‬ ‫عند‬
‫است‬ ‫فلو‬ ‫معينة‬ ‫ملفات‬ ‫علي‬ ‫الدخول‬ ‫في‬ ‫صالحيته‬
‫طاع‬
‫حساسة‬ ‫ملفات‬ ‫سرقة‬ ‫يمكنه‬ ‫الرسالة‬ ‫هذه‬ ‫تأخير‬
‫بالشركة‬ ‫واالضرار‬
.

‫الخامس‬ ‫المثال‬
:
‫او‬ ‫رسالة‬ ‫ارسال‬ ‫الطرفين‬ ‫احد‬ ‫انكار‬
‫اليه‬ ‫الرسالة‬ ‫وصول‬ ‫االخر‬ ‫الطرف‬ ‫انكار‬
.

36. Cont .
 One approach is to consider three
aspects of information security
 Major axes in network security
 1.security attack .‫والهجمات‬ ‫المخاطر‬
 2.security mechanism .‫المستخدمة‬ ‫االليات‬
 3.security services .‫االمنية‬ ‫الخدمات‬

37. 1.Security attacks
 Any action that compromises the security of
information owned by an organization.
 Any action wants to break security policy.

‫معينة‬ ‫لمنظمة‬ ‫المعلومات‬ ‫امن‬ ‫اختراق‬ ‫يحاول‬ ‫فعل‬ ‫أي‬
.

‫مثال‬
:

‫عندها‬ ‫االمن‬ ‫قواعد‬ ‫من‬ ‫مثال‬ ‫شركة‬
security policy
‫فيها‬
‫أي‬ ‫استخدام‬ ‫عدم‬ ‫هو‬
external CD
‫تشغيله‬ ‫او‬ ‫جهاز‬ ‫أي‬ ‫في‬
.

‫ال‬ ‫وشغل‬ ‫ذلك‬ ‫موظف‬ ‫أي‬ ‫فعل‬ ‫فاذا‬
CD
‫اختراق‬ ‫هذا‬ ‫يعتبر‬
‫لل‬
policy

‫ال‬
CD
‫الخت‬ ‫خلفية‬ ‫أبواب‬ ‫او‬ ‫فيروسات‬ ‫تحتوي‬ ‫ان‬ ‫يمكن‬
‫راق‬
‫الشركة‬

38. 2.Security mechanism
 A mechanism that is designed to
detect , prevent or cover from security
attack.
 Antivirus = security mechanism
 Detect of viruses=security mechanism

‫والتغط‬ ‫والحماية‬ ‫لالكتشاف‬ ‫المستخدمة‬ ‫االليات‬ ‫هي‬
‫ية‬
‫الهجمات‬ ‫من‬

39. 3.Security services
 A service that enhances the security of the data processing
system and the information transfers of an organization.
 The services are intended to counter security attacks , and
they make use of one or more security mechanisms to
provide the service.

‫تقوم‬
‫الخدمات‬
‫بحساب‬
‫الهجمات‬
‫وتستخدم‬
‫بعض‬
‫االليات‬
‫لتحقيق‬
‫الخدمات‬
‫األمني‬
‫ة‬
‫المطلوبة‬
.

‫مثال‬
‫مثال‬
‫للدخول‬
‫علي‬
‫أي‬
‫تطبيق‬
‫لشركة‬
‫ميكروسوفت‬
‫مثل‬
‫الوورد‬
‫بيعمل‬
‫في‬
‫البداية‬
virus check

‫والفيروس‬
‫ليس‬
‫شرط‬
‫ان‬
‫يكون‬
‫ملف‬
‫تنفيذي‬
‫بل‬
‫قد‬
‫يكون‬
‫عبارة‬
‫عن‬
script
‫ويسبب‬
‫مشاكل‬
‫عند‬
‫فتح‬
‫الملف‬
.
‫فهذه‬
‫تعتبر‬
‫خدمة‬
‫داخل‬
‫منتجات‬
Microsoft

‫من‬
‫اكبر‬
‫الشركات‬
‫في‬
‫عمل‬
standard
‫للشبكات‬
‫هي‬
ISO

‫واشهر‬
‫معيار‬
‫لها‬
‫هو‬
‫نموذج‬
‫الشبكات‬
(
ISO-OSI model
)

Open system interconnect

40. Threat
‫خطورة‬
 A potential for violation of security
which exists when there is a
circumstance ,capability ,action , or
event that could breach security and
cause harm. That is ,a threat is a
possible danger that might exploit a
vulnerability.

‫نقاط‬
‫ضعف‬
‫موجودة‬
‫في‬
‫النظام‬
‫او‬
‫نقاط‬
‫خطورة‬
‫محتم‬
‫لة‬
‫في‬
‫النظام‬
.

41. Attack (intelligent threat)
 An assault on system security that
derives from an intelligent threat ;that
is ,an intelligent act that is a deliberate
attempt to evade security services and
violate the security policy of a system.

‫هو‬
‫هجوم‬
‫ذكي‬
‫علي‬
‫النظام‬
‫وفي‬
‫الغالب‬
‫يكون‬
‫بواسط‬
‫ة‬
‫شخص‬
‫او‬
‫برنامج‬

42. OSI Security Architecture
 ITU-T X.800 “Security Architecture for
OSI”
 defines a systematic way of defining and
providing security requirements
 for us it provides a useful, if abstract,
overview of concepts we will study

43. The OSI security architecture
 OSI: Open System Interconnection
 ITU: International Telecommunication
Union
 X800.RFC (request for comment)
 X800:international standard
 ‫ل‬ ‫تفصيلي‬ ‫شرح‬ ‫علي‬ ‫يحتوي‬X.800
 ITU-T2 recommendation X.800
security architecture for OSI defines
such a systematic approach.

44. Cont.
 Computer & communications vendors
have developed security features for
their products and services. That
relates to this structured definition of
services and mechanisms.
 X800 defines :
 1.security services.
 2.security mechanism.
 3.security attacks.

45. 1.Security services (in RFC
2828)
 Def:
 A processing or communication
service that is provided by a system to
give a specific kind of protection to
system resources.
 Security services implement security
policies and are implemented by
security mechanisms.

46. Security Services
 X.800:
“a service provided by a protocol layer of
communicating open systems, which
ensures adequate security of the systems
or of data transfers”
 RFC 2828:
“a processing or communication service
provided by a system to give a specific
kind of protection to system resources”

47. Security Services (X.800)
 1.Authentication
 2.Access Control
 3.Data Confidentiality
 4.Data Integrity.
 5.Non Repudiation
 6.availability

48. Security Services (X.800)
 X800 divides these services into five
categories:
1.Authentication - assurance that
communicating entity is the one claimed
2.Access Control - prevention of the
unauthorized use of a resource
3.Data Confidentiality –protection of data from
unauthorized disclosure
4. Data Integrity - assurance that data received
is as sent by an authorized entity
5.Non-Repudiation - protection against denial
by one of the parties in a communication
6.Availability – resource accessible/usable

49. 1.Authentication
‫الوثوق‬
 The authentication services is concerned
with assuring that a communication is
authentic.
 The assurance that the communicating
entity is the one that it claims to be.

‫مثال‬
:
‫خدمة‬ ‫وظيفة‬ ‫فان‬ ‫انذار‬ ‫او‬ ‫تحذير‬ ‫رسالة‬ ‫وصول‬ ‫عند‬
‫ذ‬ ‫يدعي‬ ‫الذي‬ ‫المصدر‬ ‫هو‬ ‫المرسل‬ ‫ان‬ ‫من‬ ‫التأكد‬ ‫هي‬ ‫التوثيق‬
‫لك‬
.

‫لهم‬ ‫مسموح‬ ‫الشخصين‬ ‫ان‬ ‫من‬ ‫التأكد‬

‫له‬ ‫مسموح‬ ‫غير‬ ‫اخر‬ ‫شخص‬ ‫دخول‬ ‫عدم‬ ‫من‬ ‫التأكد‬

‫االم‬ ‫هذا‬ ‫لتحقيق‬ ‫مرور‬ ‫وكلمة‬ ‫المستخدم‬ ‫اسم‬ ‫استخدام‬ ‫يمكن‬
‫ر‬

50. 2.Access control
‫لكل‬ ‫الصالحيات‬
‫فرد‬

‫المال‬ ‫راس‬ ‫علي‬ ‫المحافظة‬
 Def 1:is the ability to limit and control the access to
host systems and applications via communication
links.

‫ا‬ ‫معين‬ ‫دخول‬ ‫اذن‬ ‫علي‬ ‫الحصول‬ ‫يطلب‬ ‫شخص‬ ‫كل‬ ‫فان‬ ‫ذلك‬ ‫من‬ ‫للتحقق‬
‫و‬
‫أي‬ ‫اعطاؤه‬ ‫قبل‬ ‫أوال‬ ‫منه‬ ‫والتوثق‬ ‫تعريفه‬ ‫يجب‬ ‫فانه‬ ‫معينة‬ ‫صالحية‬
‫صالحيات‬
.
 Access Rights: ‫او‬ ‫طابعة‬ ‫او‬ ‫كمبيوتر‬ ‫علي‬ ‫بالدخول‬ ‫السماح‬cd rom
 User A >>>>delete ,edit , read
 User B>>>>edit
 User C>>>>read
 Def 2:the prevention of unauthorized use of a
resource.

51. 3.Data confidentiality
 Is the protection of transmitted data
from passive attacks.

‫ف‬ ‫او‬ ‫البيانات‬ ‫من‬ ‫االستفادة‬ ‫احد‬ ‫يستطيع‬ ‫ال‬ ‫حتي‬
‫همها‬
.
 The protection of data from
unauthorized disclosure.

‫من‬ ‫الحماية‬
passive attacks

52. 4.Data Integrity
 The assurance that data received are
exactly as sent by an authorized
entity.
 i.e. , contain no modification ,insertion
,deletion ,or replay.
 Assures that messages are received
as sent ,with no duplication, insertion,
modification, reordering ,or replays.

‫وليس‬ ‫الهجوم‬ ‫اكتشاف‬ ‫هو‬ ‫الخدمة‬ ‫هذه‬ ‫من‬ ‫الهدف‬
‫منه‬ ‫الحماية‬
.

53. 5.Non repudiation
‫ال‬ ‫او‬ ‫ينكر‬ ‫احد‬ ‫ال‬
‫يتنصل‬ ‫احد‬
 Provides protection against denial by
one of the entities involved in a
communication of having participated in
all or part of the communication.

‫ينك‬ ‫ال‬ ‫والمستقبل‬ ‫الرسالة‬ ‫ارسال‬ ‫ينكر‬ ‫ال‬ ‫المرسل‬
‫ر‬
‫استالمها‬
.

54. 6.Availability services
‫او‬ ‫االتاحة‬ ‫خدمة‬
‫متاح‬ ‫النظام‬
 Defined in X800 and RFC 2828
 The property of a system or a system resource
being accessible and usable upon demand by an
authorized system entity , according to
performance specialization for the system.

‫و‬ ‫البيانات‬ ‫بكون‬ ‫تهتم‬ ‫التي‬ ‫النظام‬ ‫موارد‬ ‫احد‬ ‫او‬ ‫للنظام‬ ‫خاصية‬ ‫هي‬
‫الموارد‬
‫ب‬ ‫لهم‬ ‫المسموح‬ ‫المستخدمين‬ ‫بواسطة‬ ‫واستخدامها‬ ‫عليها‬ ‫الدخول‬ ‫يمكن‬
‫ذلك‬
‫للنظام‬ ‫األداء‬ ‫لمتطلبات‬ ‫تبعا‬
.
 A system is available if it provides services
according to the system design whenever the user
request them.

55. Cont.

‫هذه‬ ‫علي‬ ‫تؤثر‬ ‫ان‬ ‫يمكن‬ ‫الهجمات‬ ‫أنواع‬ ‫كل‬ ‫ان‬ ‫نالحظ‬
‫تلغيها‬ ‫او‬ ‫الخدمة‬
.
 X800 treats availability as a property
to be associated with various security
services.
 Availability services is one that
protects a system to ensure it’s
availability.

‫من‬ ‫الحماية‬ ‫هي‬ ‫الخدمة‬ ‫هذه‬ ‫من‬ ‫الهدف‬
 DOS attack , DDOS attack) dynamic
DOS)

56. 2-Security mechanism
 A mechanism that is designed to
detect ,prevent or recover from a
security attack.

‫م‬ ‫والتغطية‬ ‫والحماية‬ ‫لالكتشاف‬ ‫المستخدمة‬ ‫االلية‬
‫ن‬
‫الهجمات‬

57. Security Mechanism
 a.k.a. control
 feature designed to detect, prevent, or
recover from a security attack
 no single mechanism that will support
all services required
 however one particular element
underlies many of the security
mechanisms in use:
◦ cryptographic techniques
 hence our focus on this topic

58. Security Mechanisms (X.800)
 Types :
 1-Encipherment ‫التشفير‬
 2-Digital signature ‫الرقمي‬ ‫التوقيع‬
 3-Access control
 4-Data integrity
 5-Authentication exchange.
 6-Traffic padding
 7-Routing control
 8-Notarization

59. 1-Encipherment
 The use of math algorithms to
transform data into a form that is
readily intelligible.

‫البيانات‬ ‫لتحويل‬ ‫رياضية‬ ‫خوارزميات‬ ‫استخدام‬ ‫هو‬
‫الي‬
‫مقروءة‬ ‫غير‬ ‫صورة‬
.

60. 2-Digital signature
 Data appended to ,or a cryptographic
transformation of a data unit that
allows a recipient of the data unit to
prove the source and integrity of the
data unit to protect against forgery.

‫يتن‬ ‫ال‬ ‫حتي‬ ‫االصلية‬ ‫الرسالة‬ ‫مع‬ ‫مفتاح‬ ‫استخدام‬
‫احد‬ ‫صل‬
‫الرس‬ ‫انكار‬ ‫احد‬ ‫يستطيع‬ ‫وال‬ ‫الرسالة‬ ‫من‬ ‫الطرفين‬
‫الة‬
‫واستالمها‬

61. 3.Access control
 A variety of mechanisms that enforces
access right to resources

‫علي‬ ‫الدخول‬ ‫لتقنين‬ ‫المستخدمة‬ ‫االليات‬ ‫مجموعة‬
‫البيانات‬
.

62. 4-data integrity
 Mechanism not service
 A variety of mechanisms used to
assure the integrity of a data unit or
stream of data units.

63. 5.Authentication exchange
 A mechanism intended to ensure the
identity of an entity by means of
information exchange.

64. 6.Traffic padding
 The insertion of bits into gaps in a
data stream to frustrate traffic analysis
attempts.

‫معرف‬ ‫يستطيع‬ ‫ال‬ ‫حتي‬ ‫البيانات‬ ‫في‬ ‫حشو‬ ‫نضع‬
‫شكل‬ ‫ة‬
‫البيانات‬

65. 7.Routing control
 Enables selection of particular
physically secure routes for certain
data and allows routing changes
especially when a breach of security is
suspected.

‫للبيانات‬ ‫امنا‬ ‫المسارات‬ ‫اكثر‬ ‫اختيار‬

66. 8.Notorization
 The use of trusted third party to
assure certain properties of a data
exchange .

‫ا‬ ‫تحويل‬ ‫من‬ ‫والتأكد‬ ‫للتحقق‬ ‫ثالث‬ ‫طرف‬ ‫استخدام‬
‫لبيانات‬

67. 3.Security attacks
 Use x800 and RFC 2828 classify security
attacks to
 1-passive attacks
Attempts to learn or make use of information
from the system but does not affect system
resources.
‫علي‬ ‫التأثير‬ ‫دون‬ ‫النظام‬ ‫معلومات‬ ‫من‬ ‫والتعلم‬ ‫االستفادة‬ ‫يحاول‬
‫موارده‬
 2-active attacks
Attempts to alter system resources or affect
their operation.

68. Security attacks

69. 1-Passive attack
 The good of the opponent is to obtain
information that is transmitted.
 Passive attacks are very difficult to
detect because they do not involve
any alternation of data.

‫الهجمات‬ ‫اكتشاف‬ ‫وليس‬ ‫البيانات‬ ‫بحماية‬ ‫نهتم‬ ‫هنا‬
‫وفي‬
‫من‬ ‫النوع‬ ‫هذا‬ ‫من‬ ‫للحماية‬ ‫المستخدمة‬ ‫الطريقة‬ ‫الغالب‬
‫التشفير‬ ‫هو‬ ‫الهجمات‬

70. Cont.
 Types:
 1-the release of message content.

‫وفهمها‬ ‫تعلمها‬ ‫من‬ ‫الرسائل‬ ‫حماية‬ ‫المطلوب‬
 2-traffic analysis

‫الع‬ ‫ان‬ ‫بحيث‬ ‫الرسالة‬ ‫لحماية‬ ‫طريقة‬ ‫وجود‬ ‫بفرض‬
‫لو‬ ‫دو‬
‫م‬ ‫من‬ ‫االستفادة‬ ‫الممكن‬ ‫فمن‬ ‫يفهمها‬ ‫لن‬ ‫الرسالة‬ ‫اخذ‬
‫عاد‬
‫ارسال‬
‫وعددها‬ ‫ونوعيتها‬ ‫الرسائل‬
.

71. Passive Attack - Interception

72. Passive Attack: Traffic Analysis
Observe traffic pattern

73. 2-Active attack
 Involve some modification of the data
stream or the creation of false stream.
 It can be sub-divided into four
categories:
 1-Masquerade ‫اخر‬ ‫احد‬ ‫شخصية‬ ‫ينتحل‬
 2-Replay
 3-Modification of message
 4-Denial of services

74. 1-masquerade
‫احد‬ ‫شخصية‬ ‫ينتحل‬

‫ج‬ ‫في‬ ‫معينة‬ ‫صالحيات‬ ‫له‬ ‫معين‬ ‫شخص‬ ‫ان‬ ‫لو‬ ‫مثال‬
‫هاز‬
‫نف‬ ‫توثيق‬ ‫او‬ ‫إلثبات‬ ‫معينة‬ ‫خطوات‬ ‫بعمل‬ ‫ويقوم‬
‫قبل‬ ‫سه‬
‫احد‬ ‫يأخذ‬ ‫ان‬ ‫الممكن‬ ‫فمن‬ ‫الصالحيات‬ ‫علي‬ ‫الحصول‬
‫ع‬ ‫للحصول‬ ‫كتابتها‬ ‫ويعيد‬ ‫التوثيق‬ ‫خطوات‬ ‫اخر‬
‫لي‬
‫له‬ ‫ليست‬ ‫صالحيات‬
.

75. 2.Replay
 Involves the passive capture of a data
unit and it’s subsequent transmission
to produce unauthorized effect.

‫مثال‬
:
‫الخ‬ ‫االرسال‬ ‫بروتوكول‬ ‫او‬ ‫وطريقة‬ ‫التنسيق‬
‫اصة‬
‫بالبنك‬

76. Active Attack: Replay

77. 3.Modification of messages
 Means that some portion of legitimate
message is alerted , or that messages are
delayed or reordered to produce an
unauthorized effect.

‫مثال‬
:
‫الرسالة‬ ‫هذه‬ ‫تعديل‬ ‫تم‬
 Allow john smith to read confidential file
accounts.
 Modified to
 Allow Fred brown to read confidential file
accounts

78. Active Attack: Modification
Modify message

79. Active Attack: Fabrication
Fabricate message

80. Active Attack: Interruption
Block delivery of message

81. 4.Denial of service

‫الخدمة‬ ‫في‬ ‫سوء‬ ‫او‬ ‫الخدمة‬ ‫وجود‬ ‫عدم‬
.

‫االنترنت‬ ‫شبكة‬ ‫علي‬ ‫األنواع‬ ‫اشهر‬
.
 Prevent or inhibits the normal use or
management of communication
facilities.

‫مثال‬
:
‫معي‬ ‫لمستقبل‬ ‫الرسائل‬ ‫من‬ ‫كبير‬ ‫عدد‬ ‫ارسال‬
‫او‬ ‫ن‬
‫عمل‬
overload
‫وعمل‬ ‫بالرسائل‬ ‫للشبكة‬
disable
‫الخدمة‬ ‫تنعدم‬ ‫وبالتالي‬ ‫للشبكة‬
.
 Security audit service

82. A model for network security

83. A model for network security
 using this model requires us to:
1. design a suitable algorithm for the
security transformation
2. generate the secret information (keys)
used by the algorithm
3. develop methods to distribute and
share the secret information
4. specify a protocol enabling the
principals to use the transformation and
secret information for a security service

84. A model for network security
 All the techniques for providing security
have two components:
 1.a security-related transformation on the
information to be sent.

‫مثال‬
‫علي‬
‫ذلك‬
‫عمل‬
‫تشفير‬
‫للبيانات‬
‫حتي‬
‫تكون‬
‫غير‬
‫م‬
‫قروءة‬
‫بواسطة‬
‫الخصوم‬
‫او‬
‫إضافة‬
‫كود‬
‫يكون‬
‫معتمد‬
‫علي‬
‫محتويات‬
‫الرسالة‬
‫حتي‬
‫نتأكد‬
‫من‬
‫استخدامه‬
‫من‬
‫شخصية‬
‫المرسل‬
.
 2.some secrete information shared by the
two principals and, it is hoped, unknown by
the opponent.

‫مثال‬
‫علي‬
‫ذلك‬
‫عملية‬
‫ارسال‬
‫مفتاح‬
‫التشفير‬
‫والذ‬
‫يستخ‬
‫دم‬
‫عند‬
‫المرسل‬
‫لتشفير‬
‫البيانات‬
‫وعند‬
‫المستقبل‬
‫لفك‬
‫التش‬
‫فير‬

85. A trusted third party
 A trusted third party may be needed to
achieve secure transmission.

‫المعلومات‬ ‫إلرسال‬ ‫هو‬ ‫ثالث‬ ‫طرف‬ ‫وجود‬ ‫من‬ ‫الهدف‬
‫والمس‬ ‫المرسل‬ ‫بين‬ ‫التشفير‬ ‫مفتاح‬ ‫مثل‬ ‫السرية‬
‫تقبل‬
‫واالعداء‬ ‫الخصوم‬ ‫من‬ ‫البيانات‬ ‫وحماية‬
.

86. A model for network security
 This general model shows that there are four basic
tasks in designing a particular security services:
 1.Design an algorithm for performing the security
related transformation.
 2.Generate the secrete information to be used with
the algorithm .
 3.Develop methods for the distribution and sharing of
secrete information.
 4.Specify a protocol to be used by the two principals
that make use of the security algorithm and the
secrete information to achieve a particular security
service.

87. Model for Network Access Security

88. Model for Network Access
Security
 using this model requires us to:
1. select appropriate gatekeeper functions to
identify users
2. implement security controls to ensure only
authorised users access designated
information or resources
 note that model does not include:
1. monitoring of system for successful
penetration
2. monitoring of authorized users for
misuse
3. audit logging for forensic uses, etc.

89. Relationship between security
mechanism and security services

90. Summary
 topic roadmap & standards
organizations
 security concepts:
◦ confidentiality, integrity, availability
 X.800 security architecture
 security attacks, services,
mechanisms
 models for network (access) security