University of Mosul

College of Engineering
Computer Engineering Dept.

Computer Security
2022-2023
Lecture 2
OSI Security Architecture
Asst. Prof. Dr. Mayada Faris Ghanim
 The OSI Security Architecture*
To assess effectively the security needs of an
organization and to evaluate and choose various
security products and policies, the manager responsible
for security needs some systematic way of defining the
requirements for security and characterizing the
approaches to satisfying those requirements. This is
difficult enough in a centralized data processing
environment; with the use of local and wide area
networks, the problems are compounded.

*Open Systems Interconnection (OSI). 2

 The OSI Security Architecture
The International Telecommunication Union (ITU)
Telecommunication Standardization Sector (ITU-T)
Recommendation X.800, Security Architecture for OSI,
defines such a systematic approach. The OSI security
architecture is useful to managers as a way of organizing
the task of providing security. Furthermore, because this
architecture was developed as an international standard,
computer and communications vendors have developed
security features for their products and services that relate
to this structured definition of services and mechanisms.
3
 The OSI Security Architecture
The OSI security architecture focuses on the
following:
1. Security attack
2. Security mechanism
3. Security service

4
 Security attack
A useful means of classifying security attacks is in terms
of:
1. Passive attacks
2. Active attacks
A passive attack attempts to learn or make use of
information from the system but does not affect system
resources. An active attack attempts to alter system
resources or affect their operation.

5
 Passive attacks
Passive attacks (see the following figure) are in
the nature of eavesdropping on, or monitoring
of, transmissions. The goal of the intruder is to
obtain information that is being transmitted.
Two types of passive attacks are the release of
message contents and traffic analysis.

6
Passive attacks

7
 Release of message contents
The release of message contents is easily
understood. A telephone conversation, an
electronic mail message, and a transferred file
may contain sensitive or confidential
information. We would like to prevent an
intruder from learning the contents of these
transmissions.

8
 Traffic Analysis
A second type of passive attack, traffic analysis, is accurate.
Suppose that we had a way of masking the contents of
messages or other information traffic so that intruders, even if
they captured the message, could not extract the information
from the message. The common technique for masking
contents is encryption. If we had encryption protection in
place, an intruder might still be able to observe the pattern of
these messages. The intruder could determine the location and
identity of communicating hosts and could observe the
frequency and length of messages being exchanged. This
information might be useful in guessing the nature of the
communication that was taking place. 9
 Passive attacks
Passive attacks are very difficult to detect, because they
do not involve any alteration of the data. Typically, the
message traffic is sent and received in an clearly normal
fashion, and neither the sender nor receiver is aware
that a third party has read the messages or observed
the traffic pattern. However, it is feasible to prevent the
success of these attacks, usually by means of
encryption. Thus, the important thing in dealing with
passive attacks is prevention rather than detection.
10
 Active Attacks
Active attacks involve some modification of the
data stream or the creation of a false stream
and can be subdivided into four categories:
1. Masquerade
2. Replay
3. Modification of messages
4. Denial of service.
11
Active Attacks

12
 Active Attacks
A masquerade takes place when one entity pretends to
be a different entity (path 2 of previous figure is active).
A masquerade attack usually includes one of the other
forms of active attack. For example, authentication
sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling
an authorized entity with few privileges to obtain extra
privileges by impersonating an entity that has those
privileges.
13
 Active Attacks
Replay involves the passive capture of a data unit and
its subsequent retransmission to produce an
unauthorized effect (paths 1, 2, and 3 active).
Modification of messages simply means that some
portion of a legitimate message is altered, or that
messages are delayed or reordered, to produce an
unauthorized effect (paths 1 and 2 active). For example,
a message meaning “Allow John Smith to read
confidential file accounts” is modified to mean “Allow
Fred Brown to read confidential file accounts.” 14
 Active Attacks
The denial of service prevents or inhibits the normal
use or management of communications facilities (path
3 active). This attack may have a specific target; for
example, an entity may hold all messages directed to a
particular destination (e.g., the security audit service).
Another form of service denial is the disruption of an
entire network, either by disabling the network or by
overloading it with messages so as to degrade
performance.
15
 Active Attacks
Active attacks present the opposite characteristics of
passive attacks. Whereas passive attacks are difficult to
detect, measures are available to prevent their success.
On the other hand, it is quite difficult to prevent active
attacks absolutely because of the wide variety of
potential physical, software, and network
vulnerabilities. Instead, the goal is to detect active
attacks and to recover from any disruption or delays
caused by them. If the detection has a deterrent effect,
it may also contribute to prevention. 16
 Security Services
X.800 defines a security service as a service that is
provided by a protocol layer of communicating open
systems and that ensures adequate security of the
systems or of data transfers. Perhaps a clearer
definition is found: a processing or communication
service that is provided by a system to give a specific
kind of protection to system resources; security
services implement security policies and are
implemented by security mechanisms.
17
 Basic Security Services
 Authentication
• assurance that the communicating entity is the one it claims to be
• peer entity authentication
• mutual confidence in the identities of the parties involved in a connection
• Data-origin authentication
• assurance about the source of the received data
 Access Control
• prevention of the unauthorized use of a resource
• to achieve this, each entity trying to gain access must first be identified and
authenticated, so that access rights can be given to the individual

18
 Basic Security Services
• Data Confidentiality
– protection of data from unauthorized disclosure (against
eavesdropping)
– traffic flow confidentiality is one step ahead
• this requires that an attacker not be able to observe the source and
destination, frequency, length, or other characteristics of the traffic
on a communications facility
• Data Integrity
– assurance that data received are exactly as sent by an authorized
sender
– i.e. no modification, insertion, deletion, or replay

19
 Basic Security Services
• Non-Repudiation
– protection against denial by one of the parties in a
communication
– Origin non-repudiation
• proof that the message was sent by the specified party
– Destination non-repudiation
• proof that the message was received by the specified
party

20
 Relationships
• among integrity, data-origin
authentication and non-repudiation

Non-repudiation

Authentication

Integrity

21
 Security Mechanisms
 Cryptographic Techniques
◦ AES, DES,...etc.
 Software and hardware for access limitations
◦ Firewalls
 Intrusion Detection and Prevention Systems
 Traffic Padding
◦ against traffic analysis
 Hardware for authentication
◦ Smartcards, security tokens
 Security Policies / Access Control
◦ define who has access to which resources.
 Physical security
◦ Keep it in a safe place with limited and authorized physical access

22
Relationship Between Security
Services and Mechanisms

23