01
-
Upload
radhakrishnan-nagarajan -
Category
Documents
-
view
23 -
download
1
Transcript of 01
![Page 1: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/1.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-1
Chapter 1: Introduction
• Components of computer security
• Threats
• Policies and mechanisms
• The role of trust
• Assurance
• Operational Issues
• Human Issues
![Page 2: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/2.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-2
Basic Components
• Confidentiality– Keeping data and resources hidden
• Integrity– Data integrity (integrity)– Origin integrity (authentication)
• Availability– Enabling access to data and resources
![Page 3: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/3.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-3
Classes of Threats
• Disclosure– Snooping
• Deception– Modification, spoofing, repudiation of origin, denial of
receipt
• Disruption– Modification
• Usurpation– Modification, spoofing, delay, denial of service
![Page 4: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/4.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-4
Policies and Mechanisms
• Policy says what is, and is not, allowed– This defines “security” for the site/system/etc.
• Mechanisms enforce policies
• Composition of policies– If policies conflict, discrepancies may create
security vulnerabilities
![Page 5: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/5.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-5
Goals of Security
• Prevention– Prevent attackers from violating security policy
• Detection– Detect attackers’ violation of security policy
• Recovery– Stop attack, assess and repair damage– Continue to function correctly even if attack
succeeds
![Page 6: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/6.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-6
Trust and Assumptions
• Underlie all aspects of security
• Policies– Unambiguously partition system states– Correctly capture security requirements
• Mechanisms– Assumed to enforce policy– Support mechanisms work correctly
![Page 7: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/7.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-7
Types of Mechanisms
secure precise broad
set of reachable states set of secure states
![Page 8: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/8.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-8
Assurance
• Specification– Requirements analysis– Statement of desired functionality
• Design– How system will meet specification
• Implementation– Programs/systems that carry out design
![Page 9: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/9.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-9
Operational Issues
• Cost-Benefit Analysis– Is it cheaper to prevent or recover?
• Risk Analysis– Should we protect something?– How much should we protect this thing?
• Laws and Customs– Are desired security measures illegal?– Will people do them?
![Page 10: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/10.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-10
Human Issues
• Organizational Problems– Power and responsibility– Financial benefits
• People problems– Outsiders and insiders– Social engineering
![Page 11: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/11.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-11
Tying Together
Threats
Policy
Specification
Design
Implementation
Operation
![Page 12: 01](https://reader036.fdocuments.in/reader036/viewer/2022082623/544d170fb1af9f42338b487d/html5/thumbnails/12.jpg)
July 1, 2004 Computer Security: Art and Science©2002-2004 Matt Bishop
Slide #1-12
Key Points
• Policy defines security, and mechanisms enforce security– Confidentiality– Integrity– Availability
• Trust and knowing assumptions• Importance of assurance• The human factor