Computer Security: Computer Security: Principles and PracticePrinciples and Practice

Chapter 1 – Chapter 1 – OverviewOverview

OverviewOverview

Computer Security:Computer Security: protection afforded protection afforded to an automated information system in to an automated information system in order to attain the applicable objectives of order to attain the applicable objectives of preserving the integrity, availability and preserving the integrity, availability and confidentiality of information system confidentiality of information system resources (includes hardware, software, resources (includes hardware, software, firmware, information/data, and firmware, information/data, and telecommunications).

Key Security ConceptsKey Security Concepts

Computer Security Challenges (1/2)Computer Security Challenges (1/2)

1.1. Not simpleNot simple: The requirements seems to be : The requirements seems to be straightforward, but the mechanisms used to straightforward, but the mechanisms used to meet those requirements can be quite complex.meet those requirements can be quite complex.

2.2. Must consider potential attacksMust consider potential attacks: The attacks : The attacks you did not consider would cause the most you did not consider would cause the most damage.damage.

3.3. Procedures used counter-intuitiveProcedures used counter-intuitive: Typically, an : Typically, an elaborate security mechanism makes sense elaborate security mechanism makes sense when the various threat are considered.when the various threat are considered.

4.4. Must decide where to deploy mechanismsMust decide where to deploy mechanisms: Both : Both physical and logical placements need to be physical and logical placements need to be considered.considered.

Computer Security Challenges (2/2)Computer Security Challenges (2/2)

5.5. Involve algorithms and secret infoInvolve algorithms and secret info: Questions : Questions about the creation, distribution, and protection about the creation, distribution, and protection of the secret info should be solved. of the secret info should be solved.

6.6. Battle of wits between attacker / adminBattle of wits between attacker / admin: One : One security hole is just enough to crash a perfect security hole is just enough to crash a perfect system. system.

7.7. Not perceived on benefit until failsNot perceived on benefit until fails8.8. Requires regular monitoringRequires regular monitoring: Human-intensive : Human-intensive

jobjob

Computer Security Challenges (2/2)Computer Security Challenges (2/2)

9.9. Too often an after-thoughtToo often an after-thought: Security : Security mechanisms are often incorporated into a mechanisms are often incorporated into a system after the design is complete.system after the design is complete.

10.10. Regarded as impediment to using systemRegarded as impediment to using system: : There is a trade-off between efficiency and There is a trade-off between efficiency and security. security.

Security TerminologySecurity Terminology

Vulnerabilities and AttacksVulnerabilities and Attacks

system resource vulnerabilities maysystem resource vulnerabilities may be corrupted (loss of integrity)be corrupted (loss of integrity) become leaky (loss of confidentiality)become leaky (loss of confidentiality) become unavailable (loss of availability)become unavailable (loss of availability)

attacks are threats carried out and may beattacks are threats carried out and may be passivepassive activeactive insiderinsider outsideroutsider

CountermeasuresCountermeasures

means used to deal with security attacksmeans used to deal with security attacks preventprevent detectdetect recoverrecover

may result in new vulnerabilitiesmay result in new vulnerabilities will have residual vulnerabilitywill have residual vulnerability goal is to minimize risk given constraintsgoal is to minimize risk given constraints

Threat ConsequencesThreat Consequences

unauthorized disclosureunauthorized disclosure exposure, interception, inference, intrusionexposure, interception, inference, intrusion

deceptiondeception masquerade, falsification, repudiationmasquerade, falsification, repudiation

disruptiondisruption incapacitation, corruption, obstructionincapacitation, corruption, obstruction

usurpationusurpation misappropriation, misusemisappropriation, misuse

Scope of Computer SecurityScope of Computer Security

Network Security AttacksNetwork Security Attacks classify as passive or activeclassify as passive or active passive attacks are eavesdroppingpassive attacks are eavesdropping

release of message contentsrelease of message contents traffic analysistraffic analysis are hard to detect so aim to preventare hard to detect so aim to prevent

active attacks modify/fake dataactive attacks modify/fake data masquerademasquerade replayreplay modificationmodification denial of servicedenial of service hard to prevent so aim to detecthard to prevent so aim to detect

Security Functional Security Functional RequirementsRequirements

technical measures:technical measures: access control; identification & authentication; system & access control; identification & authentication; system &

communication protection; system & information integritycommunication protection; system & information integrity management controls and procedures management controls and procedures

awareness & training; audit & accountability; certification, awareness & training; audit & accountability; certification, accreditation, & security assessments; contingency accreditation, & security assessments; contingency planning; maintenance; physical & environmental planning; maintenance; physical & environmental protection; planning; personnel security; risk assessment; protection; planning; personnel security; risk assessment; systems & services acquisitionsystems & services acquisition

overlapping technical and management:overlapping technical and management: configuration management; incident response; media configuration management; incident response; media

protectionprotection

X.800 Security ArchitectureX.800 Security Architecture

X.800, X.800, Security Architecture for OSISecurity Architecture for OSI systematic way of defining requirements systematic way of defining requirements

for security and characterizing approaches for security and characterizing approaches to satisfying themto satisfying them

defines:defines: security attacks - compromise security security attacks - compromise security security mechanism - act to detect, prevent, security mechanism - act to detect, prevent,

recover from attackrecover from attack security service - counter security attackssecurity service - counter security attacks

Security TaxonomySecurity Taxonomy

Security TrendsSecurity Trends

Computer Security LossesComputer Security Losses

Security Technologies UsedSecurity Technologies Used

Computer Security StrategyComputer Security Strategy

specification/policyspecification/policy what is the security scheme supposed to do?what is the security scheme supposed to do? codify in policy and procedurescodify in policy and procedures

implementation/mechanismsimplementation/mechanisms how does it do it?how does it do it? prevention, detection, response, recoveryprevention, detection, response, recovery

correctness/assurancecorrectness/assurance does it really work?does it really work? assurance, evaluationassurance, evaluation

SummarySummary

security conceptssecurity concepts terminologyterminology functional requirementsfunctional requirements security architecturesecurity architecture security trendssecurity trends security strategysecurity strategy