Soft Exam - Chapter 6. System Security Analysis and Design

This article is transcoded by Jianyue SimpRead, the original address blog.csdn.net

Chapter 6. System Security Analysis and Design

December 19, 2021: https://www.bilibili.com/video/BV1rW411j7e7?p=70

Intermediate soft exam. https://www.bilibili.com/video/BV1rW411j7e7?p=70

6.01. Information system security attributes

security properties

1. Confidentiality: the principle of least authorization (for applications onlyThe most basic authority to maintain its basic functions, I have seen things that should not be seen, and does not meet the principle of minimum authorization), anti-exposure (for example, when naming, you can set the name to garbled []), information encryption (to prevent information from being intercepted and cracked during transmission), physical Confidentiality [Physical Device Encryption]

2. Integrity (that is, to ensure that data is not lost during transmission): security protocol, check code (md5 integrity verification), password verification, digital signature, notarization

3. Availability (only allowedlegitimate useruse these resources): Comprehensive Assurance (IP Filtering, Traffic Control, Routing Control Selection, Audit Trail)

4. Non-repudiation: digital signature

6.02. Symmetric encryption technology and asymmetric encryption technology

Symmetric encryption technology and asymmetric encryption technology are the most basic and core parts of information encryption.

Symmetric encryption technology uses the same key for encryption and decryption;[Encryption and decryption, the passwords for encryption and decryption are the same]

Symmetric encryption technology

Symmetric encryption technology (for complex information transmission, also known as shared key encryption)

[External link image transfer failed, the source site may have an anti-leech mechanism, it is recommended to save the image and upload it directly (img-Bnvy4syt-1639906210311) (D:/RenXianShou/Documents/TyporaImages/image-20211219100855586.png)]

Symmetric encryption, which can be broken.

Legend: Replacement: The corresponding relationship between the symbols before and after the replacement is drawn into a table (codebook, password table), and the table is directly read for replacement during translation. Replacement operation in DES: For example, when cracking a telegram, we have a codebook, and we can convert the ciphertext into plaintext one by one according to the codebook. shift = move.

Symmetric encryption, 3DES is more difficult to crack; triple DES is encrypted through three steps of encryption, decryption and encryption.

Symmetric encryption advantages:Fast and efficient encryption. Disadvantages of symmetric encryption:The encryption strength is not high, and the key distribution is difficult

Asymmetric encryption technology

Asymmetric encryption technology: that is, different keys are used for encryption and decryption, and the two are used together. The plaintext is encrypted with the public key and decrypted with the private key。【】

Asymmetric encryption technology (for simple information transmission {let's say small content, small amount of content}, also known as public key encryption)

Sometimes the receiver does not know the key when receiving the information, so when we send the information and the key together to the receiver, if it is intercepted, it is equivalent to no encryption, andAsymmetric encryption technology can solve this problem

Asymmetric encryption, slow speed. Therefore, it is necessary to cooperate with symmetric encryption technology and asymmetric encryption technology to complement each other, asymmetric encryption to transfer keys, symmetric encryption to encrypt large content transmission,

Legend: Everyone has their own public key, andThe public key is public in plaintext, and everyone knows it, whileThe private key is unique to the sender and receiver and cannot be known by othersFor example, the information encrypted by A's public key can only be decrypted by A's private key,If A wants to send the information to B, he can encrypt it with B's public key and send it to B. After receiving it, B can decrypt it with his own private key.; This encryption method generally uses 1024-bit encryption, so it is extremely difficult to decrypt the extremely large information if this encryption method is used [When A sends information to B, it encrypts the information through B's public key and transmits the information to B. Party B decrypts with its own private key】

6.03. Information Summary

One-way hash function, one-way hash function, can only be one-way, the information can only generate a digest, and the digest cannot be turned into plaintext, which is a destructive operation.

Summary content – ​​rainbow tables, huge library – textual information. Password cracking.

[External link image transfer failed, the source site may have an anti-leech mechanism, it is recommended to save the image and upload it directly (img-QalkaXBb-1639906210312) (D:/RenXianShou/Documents/TyporaImages/image-20211219104934922.png)]

Information Digest (to prevent information from being tampered with)For example, Party A sends 10w of information to Party B, and the information in the intermediate transmission process is tampered with and becomes 100w. Then the integrity of the information is compromised.

1. Concept: In information,The summary is the characteristic value of the information, the eigenvalues ​​will change when the original information changes.

2. Application: In information transmission, if A and B conduct information transmission, the content is intercepted by C, and then tampered with and then sent to B, which will cause information errors. Therefore,If A can transmit a summary at the same time when transmitting the information to B, and B translates the summary after receiving the information and compares it with it, it can judge whether the information has been tampered with.

3. Algorithm: The algorithm used in the information digest is a one-way hash function (one-way Hash function), which converts the plaintext into a digest. The digest cannot be converted into plaintext. Commonly used information digest algorithms include MD5, SHA, etc. The hash values ​​of the MD5 and SHA algorithms widely used in the market are 128 and 160 bits respectively. Because SHA usually uses a longer key length, So the security is higher than MD5.

6.04. Digital Signatures

Digital signature (preventing repudiation)

Sign the digest to the sender in a digital way,Prove that the message was sent by someone.

It is a non-repudiation technology that can solve some problems that cannot be solved in the information summary

Legend:The private key is used for decryption in asymmetric technology and for signature in digital signature, B uses A's information after receiving A's informationPublic key decryption is verification，then the information sent from A is non-repudiation

The public key is public, and anyone can open the package, so it cannot be regarded as encrypted transmission, but as a process of digital signature authentication. play a role in the identification process.

In many cases, the information digest and digital signature technology are used in combination. If the digital signature operates on the original text, the efficiency is very low, and the operation on the information digest is fast because there is less data.

6.05. Digital envelopes and PGP

digital envelope

[External link image transfer failed, the source site may have anti-leech mechanism, it is recommended to save the image and upload it directly (img-pmr2uJhX-1639906210312) (D:/RenXianShou/Documents/TyporaImages/image-20211219163220114.png)]

Concept: The sender encrypts and transmits the original text with the symmetric key, and encrypts the symmetric key with the receiver's public key and sends it to the other party. After the receiver receives the electronic envelope, it decrypts the envelope with its own private key, and then takes out the symmetric private key to decrypt the result. original

Symmetric keys and public and private keys are involved. Symmetric encryption, encrypting large text content, asymmetric encryption, suitable for encrypting data with a small amount of information. The two methods cooperate, and the efficiency is good,

Body, using symmetric encryption. The key is transmitted using asymmetric encryption,Encrypt with the recipient's public key

• Symmetric encryption algorithm encrypts content with a large amount of information, and asymmetric encryption algorithm encrypts content with a small amount of information, so the text information is encrypted through symmetric encryption.

The receiver's public key is encrypted, and the receiver decrypts with its own private key.

PGP protocol

1. Concept: It can be used for email encryption or file storage encryption, using hybrid algorithms, including IDEA, RSA, MD5, ZIP data compression algorithms
2. Features: PGP recognizes two different certificate formats: PGP certificate and X.509 certificate; PGP certificate contains PGP version number, certificate holder's public key, certificate holder's information, certificate holder's digital signature, certificate's Validity period, the preferred symmetric encryption algorithm for the key.
3. X.509 certificate: Contains certificate version, certificate serial number, signature algorithm identifier, certificate validity period, and the following data: the name of the certificate issuer, the certificate subject name, the subject public key information, and the issuer's digital signature.

Users can determine the legitimacy of a website by using the CA's public key to verify the authenticity of the CA's signature

[CA organization, CA certificate, verify the signature of the issuing organization, verify whether the digital certificate is a forged certificate]

Encrypting confidential data, cloud disk, cloud computing, the reliability is better.

Digital certificates, personal keys and personal information are tied together.

Digital certificate + security verification physique,

CA agency, which certifies digital certificate applicants, is authoritative,

verify the signature of the issuing authority,

6.06 Design Email Encryption System (Example)

03:13s

[External link image transfer failed, the source site may have anti-leech mechanism, it is recommended to save the image and upload it directly (img-EhKPRwT5-1639906210313) (D:/RenXianShou/Documents/TyporaImages/image-20211219165223930.png)]

Emails are required to be encrypted and transmitted. The maximum attachment content of emails can reach 500MB. The sender cannot be denied. If the email is intercepted by a third party, the third party cannot tamper with it.

Answer: Sender A (public key: Ea, private key: Da) Receiver B (public key: Eb, private key: Db)

(1) A encrypts the plaintext with a random key (symmetric encryption technology)

(2) A uses B's public key Eb to encrypt the random key

(3) A signs the digest of the plaintext with his private key

(4) A transmits the signed digest and encrypted information to B

(5) B decrypts A's random key with B's private key, and uses the random key to read the text

(6) B extracts the digest from the text and decrypts A's digest with A's public key (if the decryption is successful, then A sends the message non-repudiation), and then compares the two digests, if they are the same, it proves that the message has not been tamper

[External link image transfer failed, the source site may have anti-leech mechanism, it is recommended to save the image and upload it directly (img-XKuZPKNj-1639906210313) (D:/RenXianShou/Documents/TyporaImages/image-20211219170517345.png)]

Above: Using symmetric encryption technology to encrypt the text content.

6.07. Security at each network level

In order to solve the security problems highlighted by the Internet protocol with the development of information technology

Legend: Protocol security is implemented from the second layer, IPSec is a protocol for encrypting IP packets

SSH: It is a security protocol based on the application layer. SSH is a relatively reliable protocol that provides security for remote login sessions and other network services. Using the SSH protocol can effectively prevent information leakage in the process of remote management

SSL: SSL is a security protocol that provides security and data integrity for network communication. It encrypts network connections at the transport layer and is currently widely used for identity authentication and encrypted data transmission between web browsers and servers. [SSL involves four layers, application layer, presentation layer, session layer, transport layer]

6.08. Network Security - Network Threats and Attacks and Firewall Technology

Classification of cyber attacks

Network attacks can be divided into active attacks and passive attacks

1. Active attack: Contains intentional actions by the attacker to access the information he needs. For example, by remotely logging in to the mail port of a specific machine to find out the information of the corporate mail server; forging an invalid IP address to connect to the server, so that the system that receives the wrong IP address wastes time trying to connect to which illegal address. Attackers are actively doing things that are not good for you or your company's systems. Active attacks include: denial of service attacks, distributed denial of service, information tampering, resource use, deception, camouflage, replay and other attack methods

2. Passive attack: Primarily gathering information rather than accessing it, the activity goes unnoticed by legitimate users of the data. Passive attacks include sniffing, information gathering and other attack methods

Common Cyber ​​Threats

ARP spoofing attack, eavesdropping business flow analysis.

Denial of Service: Preventing legitimate access to information or resources

Eavesdropping on information, resources, legal means, [electromagnetic leakage, interception of useful information]

Business flow analysis: long-term monitoring, long-term eavesdropping, [long-term monitoring]

Information leakage: as the name suggests

Destruction of Integrity: Addition, Change, Destruction

Unauthorized access: not authorized

Just get a general understanding

Legend: DOS attack mainly destroys the availability of the system, making the system unable to use the corresponding resources legally; the difference between business flow analysis and eavesdropping is that business flow analysis focuses on long-term monitoring and information analysis, while eavesdropping only obtains information

Kerberros systems usually add timestamps to packets to prevent ARP attacks

6.09 Firewall Technology

Interference in the handover transmission process.

Legend: Firewall technologies can be roughly divided into network-level and application-level firewall technologies.

• Among them, the network-level firewall has a lower level, but the efficiency is relatively high. The main method is to refuse to accept the information of the specified IP segment, regardless of its content;

• Application-level firewalls have higher levels and lower efficiency. The main method is: regardless of the source of the information, it directly checks the information out of the box, and refuses to receive it if there is a problem; the shielded subnet (DMZ) is a block that neither belongs to The intranet does not belong to the isolation area of ​​the extranet, its purpose is toTo prevent attacks inside the firewall

The most important feature of the firewall is to use the set conditions to monitor the characteristics of the passing packets to decide to release or block the data. At the same time, the firewall is generally set up in front of the server that provides some services, and has the ability to be a gateway. Users can access the server or internal network. Both requests and feedback need to be forwarded through the firewall, compared to external usersFirewall hides internal network structure. As a network security device, a firewall is installed with a network operating system, which can log and audit the traffic information flowing through the firewall in detail.

Supplement: Intrusion Detection Technology

Includes: Expert System, Model Checking, Simple Matching