Chapter 1

Is There a Security Problem in Computing?

Information security / Mahmoud Obeidat 1

In This ChapterThe risks involved in computingThe goal of secure computing: confidentiality,

integrity, availability The threats to security in computing:

interception, interruption, modifications, fabrication

Controls available to address these threats: encryption, programming controls, operating systems, network controls, administrative controls, laws and ethics


What Does “Secure” Mean?Are you Secure?

What makes you feel secure?Example: Banks

Yesterday – learning from the pastToday

Protecting ValuablesProtecting Money Vs. Protecting Information

Size and Portability (large vs. small) Ability to Avoid Physical Contact (lots vs. little) Value of Asset (very high vs. variable)


Developing an UnderstandingExamine the risk of security in computing

Consider available countermeasures or controls

Stimulate thought about uncovered vulnerabilities

Identify areas where more work is needed


Characteristics of Computer IntrusionAny computer system can be a target:

Hardware, Software, Storage, Data, People/UserAny system is most vulnerable at its weakest point.Principle of Easiest Penetration - An intruder

must be expected to use any available means of penetration. Penetration may not necessarily be by the most obvious means, nor via the one we have the most defense against.Consider all the means of penetrationChecked repeated times Don’t underestimate the attacker/think like an attackerStrengthening one thin might weaken another


AttacksThe components to attack:

HardwareSoftwareData

Vulnerability – a weakness in the security system that could be exploited to cause harm or loss.

For instance, a particular system may be vulnerable to unauthorized data manipulation because the system does not verify a user's identity before allowing data access.

Threat – a set of circumstances that has the potential to cause loss or harm.

Wall holding back waterThreat to get wetVulnerability is a crack in the wall


in Figure 1-1. Here, a wall is holding water back. The water to the left of the wall is a threat to the man on the right of the wall: The water could rise, overflowing onto the man, or it could stay beneath the height of the wall, causing the wall to collapse. So the threat of harm is the potential for the man to get wet, get hurt, or be drowned. For now, the wall is intact, so the threat to the man is unrealized.

However, we can see a small crack in the walla vulnerability that threatens the man's security. If the water rises to or beyond the level of the crack, it will exploit the vulnerability and harm the man.


Attack – human who exploits a vulnerabilityControl – a protective measure against an attack a control is an action, device, procedure, or technique that removes or reduces a

vulnerability

A threat is blocked by control of vulnerabilityType of System Security Threats in computing

InterceptionInterruptionModificationFabrication


interception : some unauthorized party has gained access to an asset.

The outside party can be a person, a program, or a computing system. Examples of this type of failure are illicit copying of program or data files, or wiretapping to obtain data in a network.

Interruption : an asset of the system becomes lost, unavailable, or unusable.

An example is malicious destruction of a hardware device, erasure of a program or data file.

Modification: unauthorized party tampers with an asset. For example, someone might change the values in a database,

alter a program so that it performs an additional computation, or modify data being transmitted electronically.

fabrication : The intruder may insert spurious transactions to a network

communication system or add records to an existing database.Information security / Mahmoud Obeidat 9


Figure 1-2. System Security Threats.

Method, Opportunity & MotiveAttacker must have three things:

Method – the skill, knowledge and tool

Opportunity – the time and access

Motive – a reason to want to perform an attack


Security GoalsSecure is:

Confidentiality (Secrecy or Privacy)- assets accessed only by authorized parties Not only reading but viewing, printing or knowing about

the assetIntegrity – assets modified only by authorized

parties Includes writing, changing, changing the status,

deleting or creatingAvailability – assets are accessible to authorized

parties at appropriate times. Denial of Service


Information security / Mahmoud Obeidat13

Figure 1-3. Relationship Between Confidentiality, Integrity, and Availability.

AvailabilityAvailability applies both to data and to services A data item, service, or system is available if1. There is a timely response to our request.2. Resources are allocated fairly so that some requesters are not

favored over others.3. The service or system involved follows a philosophy of fault

tolerance.4. The service or system can be used easily and in the way it

was intended to be used.5. Concurrency is controlled.


VulnerabilitiesHardware

It is very visibleEasy to attack

adding devices, changing them, removing them, intercepting the traffic to them

Water, burned, frozen, gassed and electrocuted, dust, time, environment

Voluntary Machine Slaughter or Machinicide Machines have been shot with guns, stabbed with knives, and

smashed with all kinds of things. Bombs, fires, and collisions have destroyed computer rooms


SoftwareSoftware DeletionSoftware Modification (cause it to fail or cause it to

perform an unintended task)Software TheftSoftware replacedSoftware destroyedthe attacks are obvious, as when the software no

longer runs. More subtle are attacks in which the software has been altered but seems to run normally.



Figure 1-4. Vulnerabilities of Computing Systems.

Malicious Modification of SoftwareLogic Bomb: a piece of code intentionally

inserted into a software system that will set off a malicious function when specified conditions are met.

Trojan Horse: a program that overtly does one thing while covertly doing another

VirusTrapdoor : a program that has a secret entry

pointInformation leaks : code that makes

information accessible to unauthorized people or programs


Data VulnerabilitiesEffects everyoneData is more than just an electronic filePrinciple of Adequate Protection – Computer items must

be protected only until they lose their value.Data Confidentiality

Data can be gathered by many means, such as tapping wires, planting bugs in output devices, sifting through trash receptacles, monitoring electromagnetic radiation, bribing key employees, inferring one data point from other values, or simply requesting the data.

Data Integrity

Printed data, however, can be readily interpreted by the general public. Because of its visible nature, a data attack is a more widespread and serious problem than either a hardware or software attack. Thus, data items have greater public value than hardware and software because more people know how to use or interpret data.


Other Exposed AssetsNetworks

very exposed storage medium or access from distant and potentially untrustworthy computing systems.

Accesssteal computer time to do general-purpose computing, destroys software or data and deny service to a legitimate user

Key PeoplePeople can be crucial weak points in security. If only one person knows

how to use or maintain a particular program, trouble can arise if that person is ill, suffers an accident, or leaves the organization . In particular, a disgruntled employee can cause serious damage by using inside knowledge of the system and the data that are manipulated.


Information security / Mahmoud Obeidat21Figure 1-5. Security of Data.

Computer CriminalsAmateurs

Crackers or Hackers

Career Criminal

Terrorists


The security community distinguishes between a "hacker," someone who programs, manages, or uses computing systems, and a "cracker," someone who attempts to access computing systems for malicious purposes. Crackers are the "evildoers." Now, hacker has come to be used outside security to mean both benign and malicious users.


Terroriststerrorists using computers in three ways:1.targets of attack: denial-of-service attacks and

web site defacements are popular for any political organization because they attract attention to the cause and bring undesired negative attention to the target of the attack.

2.propaganda vehicles: web sites, web logs, and e-mail lists are effective, fast, and inexpensive ways to get a message to many people.

3.methods of attack: to launch offensive attacks requires use of computers


Methods of DefenseHarm occurs when a threat is realized against a

vulnerabilityRisk – the possibility of harmDealing with Harm

prevent it, by blocking the attack or closing the vulnerability

deter it, by making the attack harder but not impossibledeflect it, by making another target more attractive (or

this one less so)detect it, either as it happens or some time after the factrecover from its effects


ControlsControl – attempt to prevent the exploitation of a

vulnerabilityComputer Security has lots of controls

Simple or DifficultyInexpensive or Expensive

Type of ControlEncryption – formal name for the scrambling

process deals with confidentially and integrity Does not solve computer security problems.

Cleartext Ciphertext Protocols


Software Controls Programs must be secure to prevent attacksProgram Controls:

Internal Program Controls Operating System and Network System Controls Independent Control Programs (virus checker) Development Controls (quality standards in

construction)Software controls effect the user

Hardware ControlsSmart cards, locks, devices to ID users, firewalls,

intrusion detection systems, circuitry controlPolicies and Procedures

Policies – an agreement of way things are done Must be written and training provided

Physical Controls – locks/security officer/backupsInformation security / Mahmoud Obeidat 27

Effectiveness of ControlsControls must be properly used!Awareness of ProblemLikelihood of Use

Principles of Effectiveness - Control must be used-and used properly- to be effective. They must be efficient, easy to use, and appropriate.

Overlapping Controls (good)Periodic Review – controls are not permanent

Principle of Weakest Link – Security can be no stronger than its weakest link.


ConclusionThe risks involved in computingThe goal of secure computing: confidentiality,

integrity, availability The threats to security in computing:

interception, interruption, modifications, fabrication

Controls available to address these threats: encryption, programming controls, operating systems, network controls, administrative controls, laws and ethics


Chapter 1

Documents

Transcript of Chapter 1