security

SECURITYSECURITYBart Vansevenant

Who is who?

Who can read what?

Traces

Virusses

Safety and confidentiality

Who is who?Who is who?

Telephone line

Mail server

TCP/IP

Echelon & Carnivore

Who can read what ?Who can read what ?

SMTP

POP3

POST

MAIL

e-mail using an ISPe-mail using an ISP

POST OFFICE

SMTP

POP3

POST

MAIL

a) Telephone-linea) Telephone-line

POST OFFICE

SMTP

POP3

POST

MAIL

b) e-mail serverb) e-mail serverEverything on the servers can be read or copied

POST OFFICE

SMTP

POP3

POST

MAIL

c) TCP/IPc) TCP/IP

Not readable – following different ways

POST OFFICE

Echelon/CarnivoreEchelon/Carnivore

Source: http://www.fbi.gov/hq/lab/carnivore/carnlrgmap.htm

TracesTraces

TracesTracesThe IP address of your computer is : 213.177.129.120

your DNS address is : adsl-129-120.wanadoo.be

We know you use : Microsoft Windows 98

Your navigator has the code: Mozilla/4.78 [en] (Win98; U)

In fact it is: Netscape Communicator 4.x English

What you did is stored :

Windows 95 C:\Windows\Temporary Internet Files\

Windows NT C:\WinNt\Temporary Internet Files\

A nice demo in french on: www.cnil.fr

VirusVirus

What is a virus and types?

How is a computer infected?

Danger

a) What is a virus?a) What is a virus? computer virus = a computer program

'I love you', 45 million computers infected

worm = multiplicates itselfcode Red: 300.000 servers destroyed

trojan horse = hides for other actionsBack Orifice

logic bomb = distroys programs

hoax = false alarm

b) How is a computer infected?b) How is a computer infected?

files attached to e-mail (attachment)

diskettes

other

c) Dangerc) Danger infecting components of your system

effects:

malfunctions

deletion of data

wiping of hard disk

...

Solutions to provide safety and Solutions to provide safety and confidentialityconfidentiality

solving identity problem and unauthorised reading

protection against traces

protection against virusses

Encryption

Purpose

Functions

How?

Identity and unauthorised Identity and unauthorised readingreading

Functions of encryptionFunctions of encryption

Authentication

Integrity

Confidentiality

Symmetrical encryptionSymmetrical encryption

Ubizen Vcjafo

EncryptionE(…)

DecryptionD(…)

Sender Receiver

VcjafoUntrustednetwork

SAME KEY

Ubizen

A=A+1 A=A-1

Asymmetrical encryptionAsymmetrical encryption

Ubizen

Sender Receiver

Untrustednetwork

Go#st$

EncryptionE(…)

Public Key Receiver

DecryptionD(…)

Go#st$ Ubizen

Private Key Receiver

confidentiality towards receiver

Asymmetrical encryptionAsymmetrical encryption

Ubizen

Sender Receiver

Untrustednetwork

Go#st$

EncryptionE(…)

Private Key Sender

DecryptionD(…)

Go#st$ Ubizen

Public Key Sender

authentication of sender

ExampleExample

ExampleExample

ExampleExample

Traces at the ISP

Traces on own computer

Against leaving tracesAgainst leaving traces

anti-virus programNorton, McAfee, eSafe, F-Secure, …

watch out for attachments.exe, .com, .pif, .vbs, .doc, .xls, …

www.bipt.be

Against virussesAgainst virusses