GROUP 1

 INTRODUCTION TO COMPUTER SECURITY

 THREATS
 VULNERABILITIES
 SECURITY MODELS
 CRYPTOGRAPHY AND CRYPTANALYSIS
MEMBERS
Mary Kagumbate B191631B
Frank Chinembiri B193090B
David Smart B192874B
Malvin Chikwanha B190633A
Kecy Majawala B1954020
Olinda Cheresai B191364B
Macdaniels Muchimbiri B190169A
Jean S Matiyenga B191216B
Shelton T Nzviramiri B192035B
Chipo T Nyamutsamba B192394B
Florence T Siyapeya B191636B
COMPUTER SECURITY
• the protection of computer systems and information from harm,
theft, and unauthorized use.
• security is all about system correctness meaning
1. If a user inputs expected input the system will generate desired
output
2. If a user inputs unexpected input the system will fail to produce
results meaning it halts its functionality.
SECURITY REQUIREMENTS TRIAD
(CIA)
• The three letters in "CIA triad" stand for Confidentiality, Integrity, and
Availability. The CIA triad is a common model that forms the basis for
the development of security systems. They are used for finding
vulnerabilities and methods for creating solutions.
• Ideally, when all three standards have been met, the security profile
of the organization is stronger and better equipped to handle threat
incidents.
CIA
• Confidentiality: involves the efforts of an organization to make sure data is kept
secret or private. To accomplish this, access to information must be controlled to
prevent the unauthorized sharing of data—whether intentional or accidental.
• INTEGRITY: Integrity involves making sure your data is trustworthy and free from
tampering. The integrity of your data is maintained only if the data is authentic,
accurate, and reliable.
• AVAILABILITY: Even if data is kept confidential and its integrity maintained, it is
often useless unless it is available to those in the organization and the customers
they serve. This means that systems, networks, and applications must be
functioning as they should and when they should. Also, individuals with access to
specific information must be able to consume it when they need to, and getting
to the data should not take an inordinate amount of time.
OTHER PROPERTIES
• AUNTHENTICITY: provides access control for systems by checking to
see if a user's credentials match the credentials in a database of
authorized users or in a data authentication server. In doing this,
authentication assures secure systems, secure processes and
enterprise information security.
• ACCOUNTABILITY: The traceability of actions performed on a system
to a specific system entity (user, process, device). 
SECURITY THREATS
• A potential for violation of security, which exists when there is an
entity, circumstance, capability, action, or event that could cause
harm.
TYPES OF COMPUTER SECURITY
THREATS
1. TROJAN HORSE: is a type of malware that conceals its true content
to fool a user into thinking it’s a harmless file.
2. VIRUSES AND WORMS: are malicious programs that self-replicates
on computers or via computer networks without the user being
aware.
3. SPYWARE: is a malicious software that enters a user’s computer,
gathers data from the device and user, and sends it to the third
parties without their consent.
4. BACKDOOR: is a malware type that negates normal authentication
procedures to access a system.
CONT…
5. COOKIES: these are files that left on your computer by the website and
they are used to keep details such as passwords, credit card details and track
sites visit history.
6. KEYLOGGING: it is a process of secretly recording keystrokes from the user
computer via the internet.
7. MALWARE: is a malicious application and code that can cause damage and
disrupt normal use of devices.
8. DOS ATTACK: is a cyber-attack in which the perpetrator seeks to make a
machine or network resource unavailable to its intended users by temporarily
or indefinitely disrupting services of a host connected to a network.
9.
VULNERABILITIES
• Is a weakness, flaw, or error found within a security system that has
the potential to be leveraged by a threat agent inorder to comprise a
secure network.
• For example weak passwords, code mistakes, outdated antiviruses
and weak auditing skills .
• Types of Vulnerabilities are Physical vulnerability, economic
vulnerability, social vulnerability and environmental vulnerability.
SECURITY MODELS
• Is a scheme for specifying and enforcing security policies.
• Determine how security will be implemented ,what subject can access
the system and what objects they will have access to.
TYPES OF SECURITY MODELS
STATE MACHINE MODEL

• In this model, to verify a security of a system, the state is used, which means all current
permissions and all current instances of subjects accessing objects must be captured.
• Maintaining the state of a system deals with each subject’s association with objects.
• If the subjects can only access objects by means that are concurrent with the security
policy, the system is secure.
• A state of a system is a snapshot of a system in one moment of time.
• There are many activities that can alter this state, which is referred to as a state transition.
• A system that has employed a state machine model will be in a secure state in each and
every instance of its existence
Bell-LaPadula Model

• This is used to maintain the Confidentiality of Security. Here, the

classification of Subjects(Users) and Objects(Files) are organized in a
non-discretionary fashion, with respect to different layers of secrecy.
Bell-LaPadula Model RULES
1. SIMPLE CONFIDENTIALITY RULE: Simple Confidentiality Rule states that
the Subject can only Read the files on the Same Layer of Secrecy and the Lower
Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule
as NO READ-UP.
2. TAR CONFIDENTIALITY RULE: Star Confidentiality Rule states that the Subject can
only Write the files on the Same Layer of Secrecy and the Upper Layer of Secrecy
but not the Lower Layer of Secrecy, due to which we call this rule as NO WRITE-
DOWN.
3. STRONG STAR CONFIDENTIALITY RULE: Strong Star Confidentiality Rule is highly
secured and strongest which states that the Subject can Read and Write the files on
the Same Layer of Secrecy only and not the Upper Layer of Secrecy or the Lower
Layer of Secrecy, due to which we call this rule as NO READ WRITE UP DOWN 
BIBA MODEL
• This Model was invented by Scientist Kenneth .J. Biba. Thus this
model is called Biba Model. This is used to maintain the Integrity of
Security. Here, the classification of Subjects(Users) and Objects(Files)
are organized in a non-discretionary fashion, with respect to different
layers of secrecy. This works the exact reverse of the Bell-LaPadula
Model.
BIBA MODEL RULES
1. SIMPLE INTEGRITY RULE: Simple Integrity Rule states that
the Subject can only Read the files on the Same Layer of Secrecy
and the Upper Layer of Secrecy but not the Lower Layer of Secrecy,
due to which we call this rule as NO READ DOWN 
2. STAR INTEGRITY RULE: Star Integrity Rule states that
the Subject can only Write the files on the Same Layer of Secrecy
and the Lower Layer of Secrecy but not the Upper Layer of Secrecy,
due to which we call this rule as NO WRITE-UP 
3. STRONG STAR INTEGRITY RULE
CLARKE-WILSON
• This Model is a highly secured model.

ENTITES
• SUBJECT: It is any user who is requesting for Data Items.
• CONSTRAINED DATA ITEMS: It cannot be accessed directly by
the Subject. These need to be accessed via Clarke Wilson Security
Model 
• UNCONSTRAINED DATA ITEMS: It can be accessed directly by
the Subject.
CLARKE-WILSON COMPONENTS
• TRANSFORMATION PROCESS: Here, the Subject’s request to access
the Constrained Data Items is handled by the Transformation process
which then converts it into permissions and then forwards it to
Integration Verification Process
• INTEGRATION VERIFICATION PROCESS: The Integration Verification
Process will perform Authentication and Authorization. If that is
successful, then the Subject is given access to Constrained Data Items.
BREWER AND NASH
• The model is referred to as the chinese wall model.
• It can eliminate conflict of interest by preventing individuals , like
consultants, from signing onto more than one COI, i.e, rows of
interests categories.
• The modification of access control policies is based on the behaviour
of users. This means that if a user who has access to the data is on the
right side, they cannot access data from the other side or are
unavailable to the same user.
HARRISON RUZZO ULLMAN
• Is an add on model to the BLP model. The BLP model lacks a
mechanism for changing access privileges or creating or deleting
objects or subjects.
• This Harrison Ruzzo Ullman model fixes the issue by authorizing the
structures to be used for access rights distribution and checking
compliance with the policy that prohibits access to non-authorized
users.
• This model can be implemented through an access control list or
capabilities list.
Cryptography and Cryptanalysis
• Cryptography is a method of protecting information and communications
through the use of codes, so that only those for whom the information is
intended can read and process it.
• In computer science, cryptography refers to secure information and
communication techniques derived from mathematical concepts and a set of
rule-based calculations called algorithms, to transform messages in ways that are
hard to decipher.
• These deterministic algorithms are used for cryptographic key generation,
digital signing, verification to protect data privacy, web browsing on the internet
and confidential communications such as credit card transactions and email.
• Three main types of cryptography are
 Cryptography
plaintext ciphertext plaintext
Encryption Decryption

• Encryption algorithm also called a cipher

• Cryptography has evolved so that modern encryption
and decryption use secret keys
• Cryptographic algorithms can be openly published
• Only have to protect the keys

plaintext ciphertext plaintext

Encryption Decryption

Key KA Key KB
Three main types of cryptography are

• Symmetric key encryption: This type of encryption uses the same key to encrypt and
decrypt messages. The keys used in this type of encryption must be kept secret by both
parties, making them vulnerable to attack by hackers. Symmetric keys are most commonly
used for public key systems.
• Asymmetric key encryption: This type of encryption uses two keys instead of one. One
key is used for encryption, and another key is used for decryption. These keys do not have
to be kept secret because they are only used once per message and can be reused
multiple times. Asymmetric keys are most commonly used in public-key systems.
• Public-key encryption: Public-key systems use a pair of mathematically related keys that
cannot be derived from each other without knowing the different keys (a process known
as factoring). This means that even if someone finds your private key, they will only be
able to derive your public key (and vice versa).
• Techniques Used For Cryptography
The most commonly used techniques in cryptography, are,
• Symmetric Key Cryptography,
• Asymmetric Key Cryptography,
• Hashing,
• Secret Sharing,
• Digital Signatures,
• Elliptic Curve Cryptography,
• Quantum Cryptography,
• Steganography,
• Zero-Knowledge Proofs,
• Homomorphic Encryption.
Features of Cryptography
• Some of the crucial features of cryptography are,
• Authentication: Authentication is the process of verifying the identity of a person or entity. It ensures that only authorized personnel
can access confidential data or personal networks.
• Confidentiality: Confidentiality is keeping data or information secret from unauthorized individuals or entities. It is used to ensure
that the data is only accessible by authorized personnel.
• Integrity: Integrity ensures that data is not modified, corrupted, or tampered with during transmission or storage.
• Non-repudiation: Non-repudiation ensures that the sender or receiver cannot deny a transaction or communication at a later date.
• Authorization: Authorization is the process of allowing authorized personnel access to specific data or networks.
• Key Management: Key management securely stores, distributes, and manages cryptographic keys.
Applications Of Cryptography
Electronic Commerce: Cryptography is used in e-commerce to protect data from theft and misuse. Digital signatures, encryption,
and authentication protocols secure online transactions.

Secure Storage: Encryption is used to store data securely on storage devices like external hard drives, USBs, memory cards, etc.

Wireless Network Security: Cryptography secures wireless networks from attacks. It is used to authenticate users and encrypts data
transmitted over the web.

Online Banking: Cryptography is used to secure online banking transactions. It is used to authenticate users, encrypt data, and
securely transfer funds.

Secure Email: Cryptography is used to send emails securely. It is used to authenticate users, encrypt data, and ensure that emails are
transmitted securely.
ADVANTAGES AND DISADVANTAGES
OF CRYPTOGRAPHY
Advantages
• Security: Encryption provides privacy and protection from unauthorized access to data.
• Authentication: Digital signatures can provide authentication, ensuring the sender is who they say they are.
• Integrity: Data integrity ensures that the message has not been changed in transit.
• Digital signatures: Cryptography can also be used to create digital signatures, verifying a sender's identity.
Disadvantages
• Speed: Encryption can slow down during the data transmission, taking longer than unencrypted messages.
• Require a large amount of power: Cryptography is computationally intensive, requiring large amounts of
computing power to encrypt and decrypt data.
• Vulnerable: It is also susceptible to cryptographic attacks, such as brute-force attacks, that can compromise
the security of encrypted data.
• Requiring a high skill: Cryptography requires a high degree of skill, knowledge, and resources to
implement correctly.
CRYPTANALYSIS
• Cryptanalysis is the study of methods for obtaining the meaning of
encrypted information, without access to the secret information that
is typically required to do so. Typically, this involves knowing how the
system works and finding a secret key. Cryptanalysis is also referred to
as codebreaking or cracking the code. The ciphertext is generally the
easiest part of a cryptosystem to obtain and, therefore, is an
important part of cryptanalysis. Depending on what information is
available and what type of cipher is being analyzed, cryptanalysts can
follow one or more attack models to crack a cipher.
Cryptanalysis Techniques
• Brute force: try every key
• Ciphertext-only attack:
• Attacker knows ciphertext of several messages encrypted with same
key (but doesn’t know plaintext).
• Possible to recover plaintext (also possible to deduce key) by looking
at frequency of ciphertext letters
• Known-plaintext attack:
• Attackers observes pairs of plaintext/ciphertext encrypted with same
key.
• Possible to deduce key and/or devise algorithm to decrypt ciphertext.
Cryptanalysis Techniques
• Chosen-plaintext attack:
• Attacker can choose the plaintext and look at the paired ciphertext
• Attacker has more control than known-plaintext attack and may be
able to gain more info about key
• Adaptive Chosen-Plaintext attack:
• Attacker chooses a series of plaintexts, basing the next plaintext on
the result of previous encryption
• Examples
• Differential cryptanalysis – DES is resistant it
• Linear cryptanalysis
• Cryptanalysis attacks often exploit the redundancy of
natural language
• Lossless compression before encryption removes
redundancy
Types of ciphers
Substitution Cipher
• Substitution of single letters separately—simple substitution—can be demonstrated by writing out the alphabet in some order to represent the
substitution. This is termed a substitution alphabet. The cipher alphabet may be shifted or reversed (creating the Caesar and Atbash ciphers,
respectively) or scrambled in a more complex fashion, in which case it is called a mixed alphabet or deranged alphabet. 
Transposition Cipher
• A transposition cipher is a method of encryption in which the positions held by units of plaintext (which are commonly characters or groups of
characters) are shifted according to a regular system so that the ciphertext constitutes a permutation of the plaintext.
  Block Cipher
• a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called blocks, with an unvarying transformation that is specified
by a symmetric key. Block ciphers are important elementary components in the design of many cryptographic protocols and are widely used to
implement encryption of bulk data.
Stream Cipher
• a stream cipher is a symmetric key cipher in which plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a
stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext
stream.
Password Cracking
• In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that have been stored in or transmitted by
a computer system. A common approach is to try guesses for the password repeatedly.