CSC9UT4 (Managing Information) · PDF file17/02/2016 1 CSC9UT4 (Managing Information) Computer...
-
Upload
truongkhuong -
Category
Documents
-
view
221 -
download
3
Transcript of CSC9UT4 (Managing Information) · PDF file17/02/2016 1 CSC9UT4 (Managing Information) Computer...
17/02/2016
1
CSC9UT4 (Managing Information) Computer Security, Lecture 1
Nadarajen Veerapen http://www.cs.stir.ac.uk/~nve
Based on slides by Jingpeng Li
Reference
Charles P. Pfleeger, Shari L. Pfleeger: Security
in Computing. 4th Ed. Prentice Hall
Professional, 2006
Available at the library as an e-book
2
17/02/2016
2
Motivation
Computer systems handle sensitive information
Medical data
Financial data
Personal data
Business data
Data is valuable
Digital vandalism/terrorism
Data breaches often in the news
3
Motivation
The news give more and more examples of the
effects of computer security in our daily life.
Computing entails serious risks to the privacy
and integrity of your data, or the operation of
your computer.
4
17/02/2016
3
Motivation
The news give more and more examples of the
effects of computer security in our daily life.
Computing entails serious risks to the privacy
and integrity of your data, or the operation of
your computer.
5
Motivation
The news give more and more examples of the
effects of computer security in our daily life.
Computing entails serious risks to the privacy
and integrity of your data, or the operation of
your computer.
6
17/02/2016
4
This Lecture
What does “secure” mean?
The properties of secure computing
Traditional: Confidentiality, Integrity & Availability
Additional: Audit
Vulnerabilities, threats & controls
Caesar cipher example
7
What does “Secure” Mean?
How do we protect our most valuable assets? One
option is to place them in a safe place like a bank.
Bank robbery was, for a time, considered to be a
profitable business. Protecting assets was difficult and
not always effective.
Today asset protection is easier. Very sophisticated
alarm and camera systems silently protect secure
places, genetic material (DNA), fingerprints, retinal
patterns, voice, etc.
8
17/02/2016
5
Protecting Money vs. Protecting Information
9
System
Attacker Alice
General Picture
Security is about Honest user (e.g., Alice, Bob, …)
Dishonest Attacker
How the Attacker • Learns information intended for Alice only (Confidentiality)
• Disrupts honest user’s use of the system (Integrity, Availability)
10
17/02/2016
6
Network Security
Network Attacker Intercepts and controls network communication
Alice
System
11
Web Security
Web Attacker
Sets up malicious site visited by
victim; no control of network
Alice
System
12
17/02/2016
7
Operating System Security
OS Attacker
Controls malicious files and
applications
Alice
13
Desired Outcome
System
Attacker Alice
Confidentiality: Attacker does not learn Alice’s secrets
Integrity: Attacker does not undetectably corrupt system’s function for
Alice
Availability: Attacker does not keep system from being useful to Alice
14
17/02/2016
8
Goals of Security for Data
prevents unauthorised
disclosure of a data
item.
prevents unauthorised modification
prevents denial of
authorised access
15
16
Availability
Authentication
Identifying an individual as being genuine and not an imposter
Achieved by checking something a user Knows: PIN, pswd, DOB
Has: key, card, uniform
Is: face, fingerprint, iris scan
Combine two or more for more secure systems
Authorisation
Concerned with what an user is allowed to do
Computer system levels User: create/edit files in
their local space, cannot install software
Manager: edit files in project workspaces
Administrator: install software, configure printers, manage accounts
17/02/2016
9
Additional Property
Confidentiality, Integrity, Availability are related to prevention
Other important property of security is audit, related to taking actions after an attack.
Audit: the ability to conduct a methodological and thorough review of a system
Rely on logging/recording actions of system and users
May prevent attack and dissuades the attacker due to audit trail left behind (skilled hackers may find ways of covering trails)
17
These three characteristics can be independent, can overlap,
and can even be mutually exclusive.
Challenge: finding the right
balance among the goals,
which often conflict.
E.g. We can preserve an
asset’s confidentiality by
preventing everyone from
reading it. But then it is not
available!
18
Challenge
Confidentiality
Availability Integrity
Secure
17/02/2016
10
Characteristics of Computer Intrusion
The computing system is a collection of hardware, software, data, and people that an organisation uses to perform computing tasks.
Any part of a computing system can be the target.
19
Sometimes, we assume that
parts of a computing system
are not vulnerable to an
outsider, but often we are
mistaken.
Any system is most
vulnerable at its weakest
point.
A computer system has three separate but valuable
components: hardware, software and data.
A vulnerability is a weakness in the security system that
might be exploited to cause loss or harm.
A threat is a possible danger to the system.
The danger might be a person (a system cracker or a spy), a thing
(a faulty piece of equipment), or an event (a fire or a flood).
We use a control as a protective measure.
A control is an action, device, procedure, or technique that
removes/reduces a vulnerability.
20
Vulnerabilities, Threats & Controls
17/02/2016
11
Relationship among threats, controls, and vulnerabilities
A threat is blocked by control of a vulnerability.
To devise controls, we must know as much about threats
as possible.
• The water is a threat to the
man (get wet, hurt,
drowned)
• A small crack in the wall -
a vulnerability that
threatens the man’s
security. If the water rises
to the level of the crack, it
will exploit the vulnerability.
21
Vulnerabilities, Threats & Controls
22
Vulnerabilities
Hardware: adding/removing devices, intercepting the traffic to them, or flooding them with traffic until they can no longer function.
Software: replacing, changing or destroying software maliciously or accidentally (e.g. virus, information leaks).
Data: data have a definite value, even though that value is often difficult to measure.
Example 1: confidential data leaked to a competitor
may narrow a competitive edge
Example 2: flight coordinate data used by an airplane that is guided partly or fully by software
Can cost human lives if modified
17/02/2016
12
Threats
• Interception: unauthorised access to an asset. Eg. Illicit copying of program or data files, wiretapping to obtain data in a network.
• Interruption: an asset becomes lost, unavailable, or unusable. Eg. Malicious destruction of hardware, erasing programs or data files.
• Modification: an asset is tampered by an unauthorised party. Eg. Changing values in a database, alter programs to perform additional computation.
• Fabrication: an unauthorised party creates counterfeit objects. Eg. Adding records to a database, spurious transactions in a network.
23
Controls Available
Encryption: ‘scrambling’ data
Software controls: programs must be secure to prevent outside attack. Internal controls (access limitations), operating systems and network controls, independent control programs (virus scanner, intrusion detection)
Hardware controls: several devices such as smart card encryption, locks or cables, firewalls, devices to verify identity, intrusion detection systems
Policies and procedures: agreed among users such as frequent changes of passwords, training to enforce importance of security
Physical controls: door locks, guards at entry points, backup of software and data
24
17/02/2016
13
Controls Available: Encryption
The formal name for the scrambling process.
Take data in their normal, unscrambled state, called plaintext, and transform them so that they are unintelligible to the outside observer (ciphertext).
Addresses the need for confidentiality of data.
It can be used to ensure integrity: data that cannot be read generally cannot easily be changed in a meaningful manner.
25
Caesar Cipher
Method familiar to the emperor Julius Caesar
(ignoring 2,000 years of progress in encryption).
Replacing A → D, B → E, C → F
… (shift of a fixed length).
26
17/02/2016
14
Consider performing arithmetic on the "letters" of a message Expressions such as A + 3 = D or K - 1 = J have
their natural interpretation.
Modular arithmetic: performed as if the alphabetic table were circular
• Result of an arithmetic operation is between 0 and 25
• Ex. Y + 3 = B (and B – 3 = Y)
Two simple forms of encryption: Substitutions: one letter is exchanged for another
Transpositions: the order of the letters is rearranged
27
Caesar Cipher
Cryptanalysis of Caesar’s Cipher Suppose you are given the plaintext
wklv phvvdjh lv qrw wrr kdug wr euhdn
1) The break between two words is preserved
2) English has relatively few short words, such as am, is, to,
do, he, we, and, you, she, etc.
3) There is strong clue in the repeated r of the word wrr, such
as see, too, add, odd, off, …
4) Since wr is also a word, it is likely to be to, of, etc. Then
the message probably is wklv phvvdjh lv qrw wrr kdug wr euhdn
T--- ------- -- -OT TOO ---- TO -----
Cryptanalysts have list of common prefixes, suffixes and words having particular patterns, such as word sleeps for pattern abccda.
28
17/02/2016
15
Summary
Attempts to ensure the confidentiality, integrity, availability of computing systems' components.
3 pieces of commuting system are subject to attack: hardware, software, data, together with communications among them.
4 kinds of attacks to computing systems: interception, interruption, modification, and fabrication
Controls can be applied at all levels: encryption (data), software, hardware, policies and procedures, physical controls
29