Submitted To: - Mr.

Muhammad Aihab Khan

By: - Mehar Kashif
MSTN- Semester- 1
ID: - 051-13-118324

Submitted
Reg.

Advance Network Security:

Assignment No: - 1
Question 1.1:- What is OSI Security Architecture?
Security Architecture for OSI, is defines such a systematic approach. The OSI
security architecture is useful to managers as way of organization the task of
providing security. Furthermore, because this architecture was developed as
international standards, computer and communications vendors have
developed security feature for their products and services that relate to this
structured definition of services and mechanisms.
For our purposes, the OSI security architecture provides a useful, if abstract,
overview of many of the concepts that this book deals with. The OSI security
architecture focuses on security attacks, mechanisms, and services.
These can be defined briefly as
Security attack: Any action that compromises the security of information
owned by an organization.
Security mechanism: A process (or a device incorporating such a process)
that is designed to detect, prevent, or recover from a security attack.
Security service: A processing or communication service that enhances the
security of the data processing systems and the information transfers of an
organization. The services are intended to counter security attacks, and they
make use of one or more security mechanisms to provide the service.

Question 1.2:- Difference between Active Attacks and Passive

Attacks
Sr.No.
1

Active Attacks
Active attacks are in the
nature of to create false
information.
Active Attacks are easy to

Passive Attacks
Passive attacks are in the nature of
eavesdropping on, or monitoring of,
transmissions.
Passive attacks are very difficult to

detect
detect
Goal of opponent is to modify The goal of the opponent is to obtain
the transmitted information
information
that
is
being
transmitted.
Emphasis in dealing with the Emphasis in dealing with passive
active attacks is on the attacks is on prevention rather than
detection and how quickly detection.
recovers from the attacks
rather than prevention.
Active attacks are very Passive attacks can be preventing
difficult to prevent absolutely using
the
best
encryption
because of
algorithms.
the wide variety of potential
physical, software

Question 1.3:- List and briefly define the categories of Passive

and Active security attacks
a. Passive security attacks
There are two categories of passive security attacks. Release of
message contents and traffic analysis

i. Release of Message Contents

A telephone conversation, an electronic mail message, and a
transferred file may contain sensitive or confidential
information.

ii. Traffic Analysis

Suppose that we had a way of masking the contents of
messages or other information traffic so that opponents,
even if they captured the message, could not extract the
information from the message. The common technique for
masking contents is encryption. If we had encryption
protection in place, an opponent might still be able to
observe the pattern of these messages. The opponent could
determine the location and identity of communicating hosts
and could observe the frequency and length of messages
being exchanged. This information might be useful in
guessing the nature of the communication that was taking
place.

b. Active security attacks

Active attacks are in the nature of to create false information. Goal
of opponent is to modify the transmitted information Active attacks
are very difficult to prevent absolutely because of the wide variety
of potential physical, software. Emphasis in dealing with the active
attacks is on the detection and how quickly recovers from the
attacks rather than prevention.

i. Masquerade
In this type of active attack one entity pretends to be another
entity. For example the authentication sequence if captured by the
attacker is replayed so as to impersonate as an authorized entity
and hence acquired more privileges.

ii. Replay
In this type of attack the attacker initial acquires the
data/message passively and then retransmits the same to
intended destination so as create an un-authorized effect of the
original data transmission.

iii. Modification of Message

In this type of active attack the original message is acquired by
the attacker and then modified according to his desire so as to
get benefit from it. The modified message is then transmitted to
the destination which creates an un-authorized effect.

iv. Denial of Service

In this type of attack the attacker acquires a message and then
floods the system with multiple copies of the same message. It
not only creates an un-authorized effect but mainly put
excessive load over the server that has to ensure service to all
the fair communicating parties.

Question 1.4:- List and briefly define the categories of Security

Services?
A processing or communication service that is provided by a system to give a
specific kind of protection to system resources; security services implement
security policies and are implemented by security mechanisms.
These services into five categories and fourteen specific services

a. Authentication:
The assurance that the communicating entity is the one that it
claims to be.The problem of authorization is often thought to be
identical to that of authentication; many widely adopted standard
security protocols, obligatory regulations, and even statutes are
based on this assumption. However, more precise usage describes
authentication as the process of verifying a claim made by a subject
that it should be treated as acting on behalf of a given principal
(person, computer, smart card etc.), while authorization is the
process of verifying that an authenticated subject has the authority
to perform a certain operation.

b. Access control:
The prevention of unauthorized use of a resource (i.e., this service
controls who can have access to a resource, under what conditions
access can occur, and what those accessing the resource are
allowed to do).

c. Data confidentiality:
The protection of data from unauthorized disclosure. Data integrity:
The assurance that data received are exactly as sent by an
authorized entity (i.e., contain no modification, insertion, deletion,
or replay).

d. Nonrepudiation:
Provides protection against denial by one of the entities involved in
a communication of having participated in all or part of the
communication.

e. Availability service:
The property of a system or a system resource being accessible and
usable upon demand by an authorized system entity, according to
performance specifications for the system (i.e., a system is
available if it provides services according to the system design
whenever users request them).

Question 1.5 :- List and briefly define categories of security

mechanisms.
There are two major categories of security mechanisms:

a. Specific Security Mechanisms:

These are mechanisms that could be incorporated into a protocol layer
inorder to provide some of the OSI Security Services.
The mechanisms include:
i.
Encipherment To use certain algorithm for transformation of data
inorder to protect its
integrity from potential attackers and later
on recover the original data at destination by using certain key.
ii.
Digital Signature In this mechanism a certain data, known as
digital signature, is appended to the original data so that on arrival
at the destination the authenticity of host could be easily verified.
iii.
Access Control In this category of there are mechanism that
enforce access rights of resources by potential users.
iv.
Data Integrity This category deals with the class of mechanisms
that ensure the integrity of data being transmitted over the
network.
v.
Authentication Exchange This category of mechansims deals with
the exchange of authentication information among the
communicating parties.
vi.
Traffic Pading The mechanism deals with insertion of pading bits
between data packets to protect transmission from passive
attacker that intend to monitor data traffic.
vii.
Routing Control These mechanism ensure selection of secure
routes for certain data and allows routing changes when breach of
security is suspected.
viii. Notarization The mechanism explains use of a trusted third party
to ensure certain property of a data exchange.

b. Pervasive Security Mechanisms:

These are security mechanisms that are not specified to any protocol
layer or OSI Security services.
These mechanisms include:
i.
Trusted functionality - The mechanism deals with using functions
trusted by security policy.
ii.
Security Label The mechnism that deals with marking that shows
the security properties for a specific resource.
iii.
Event Detection The mechanism that is meant for detection of
security related events.
iv.
Security Audit Trail The mechanism deals with data collection for
independent security audits when required.
v.
Security Recovery The mechanism deals with requests from
mechanism such as event handling and take recovery actions.

PART - 2
Read the attached Research Papers and Answer any TWO of
the following Questions
Question. 2.1. How secret Japanese messages were decoded in
Washington hours before Pearl Harbor?

Answer:
United States had the cryptanalytic section of the Navy cryptologic
organization OP-20-G meant for deciphering tasks. On morning of December
07, 1941 a radio message from Tokyo to Washington was intercepted. The
message was meant for Japanese Ambassador to United States. The
encrypted text, that was ciphered using a complex technique called as
PURPLE at that time, was forwarded to cryptanalytic section where it was
decrypted using a machine uniquely built for this purpose. The machine was
composed of three components, the first one was a typewriter for input, the
second one and most important was a cryptographic assembly proper
consisting of a plugboard, four electric coding rings and associated wires
and switches, the final component was a printer used for output. The
cryptanalysts fed the key previously acquired, by flicking the appropriate
switches and then provided the encrypted message to the machine. The
message was accordingly deciphered by the machine and printed out by the
printer. The message was accordingly forwarded to all concerned
departments hours before the attack on Pearl harbor by the Japanese.

Question 2.2. How one American became the world's most

famous codebreaker, and another became the world's
greatest ?

Answer:
The most famous cryptologyist was an american named Herbert Osborne
Yardley from Indiana, USA. He was very enthusiastic about cryptology and
he tried to solve a 500 word code that was considered as the most difficult
code in American codes. He was successful just in a matter of few hours. He
followed this with demonstration of the low estate of high-level
cryptography with a 100-page memorandum on the solution of American
diplomatic codes. While absorbed in possible solutions for a proposed new
coding method, he diagnosed what has ever since been known among
cryptologists as the "Yardley symptom". He was later on declared as head of

the newly created cryptologic section of the Military Intelligence Division,

MI-8. A part from his pratical work he was also author of the most famous
book in cryptoplogy named The American Black Chamber.
The greatest codebreaker known to the world was Dr. John M. Manly who
was second in command to Yardley. He was a long term hobbyst in
Cryptology. He was the one who had cracked the Lother Witke cipher that
had baffled all his colleagues. He worked for years at MI-8 and served as one
of the God Fathers of code breaking in the secret services.