Security Overview System protection requirements areas Types of information protection ...
-
Upload
dennis-adams -
Category
Documents
-
view
214 -
download
2
Transcript of Security Overview System protection requirements areas Types of information protection ...
![Page 1: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/1.jpg)
Security OverviewSecurity Overview
System protection requirements areasSystem protection requirements areasTypes of information protectionTypes of information protection Information Architecture dimensionsInformation Architecture dimensionsPublic Key Infrastructure (PKI)Public Key Infrastructure (PKI)
![Page 2: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/2.jpg)
Information Protection Information Protection RequirementsRequirements
ConfidentialityConfidentiality– Protect from unauthorized disclosureProtect from unauthorized disclosure
IntegrityIntegrity– Protect from unauthorized modificationProtect from unauthorized modification
AvailabilityAvailability– Reliable/timely access to required resourcesReliable/timely access to required resources
AuthenticityAuthenticity– Ability to determine authorized sourceAbility to determine authorized source
Non-repudiationNon-repudiation– Non-forgeable proof of data originator’s identity and data Non-forgeable proof of data originator’s identity and data
receiptreceipt
![Page 3: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/3.jpg)
Types of Information Types of Information ProtectionProtection
EncryptionEncryptionAccess controlAccess controlUser identification and authenticationUser identification and authenticationMalicious content detection (viruses)Malicious content detection (viruses)Audits, including real-time intrusion-Audits, including real-time intrusion-
detectiondetectionPhysical SecurityPhysical Security
![Page 4: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/4.jpg)
Information Architecture Information Architecture DimensionsDimensions
Information SystemInformation System– Unauthorized intrusionUnauthorized intrusion– Denial of serviceDenial of service
Information DomainInformation Domain– Users must have freedom of movement Users must have freedom of movement
within their authorized sphereswithin their authorized spheres Information ContentInformation Content
– In-transitIn-transit– At restAt rest
![Page 5: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/5.jpg)
PKIPKIPublic Key InfrastructurePublic Key Infrastructure
Generation of digital certificatesGeneration of digital certificates– Electronic proof of identityElectronic proof of identity
Issuance of Certificate Revocation Lists Issuance of Certificate Revocation Lists (CRLs)(CRLs)
Directories that serve certificates and Directories that serve certificates and CRLsCRLs
![Page 6: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/6.jpg)
PKI TermsPKI Terms
Certificate Authority (CA): Trusted agent Certificate Authority (CA): Trusted agent that signs and issues digital certificatethat signs and issues digital certificate– Sets rules for use, Sets rules for use, – Publishes CRLs, Publishes CRLs, – Posts to directory serverPosts to directory server
Registration Authority (RA): Verifies Registration Authority (RA): Verifies person’s identity, passes on to CAperson’s identity, passes on to CA
![Page 7: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/7.jpg)
Defense Messaging SystemDefense Messaging System
PKI by itself is considered medium PKI by itself is considered medium grade security assurancegrade security assurance
DMS involves PKI with modifications DMS involves PKI with modifications and additionsand additions– DMS is considered “high grade” assuranceDMS is considered “high grade” assurance
Includes detailed policies and custom Includes detailed policies and custom softwaresoftware
http://www.disa.mil/D2/dms/http://www.disa.mil/D2/dms/
![Page 8: Security Overview System protection requirements areas Types of information protection Information Architecture dimensions Public Key Infrastructure.](https://reader035.fdocuments.in/reader035/viewer/2022072016/56649ee65503460f94bf5e1a/html5/thumbnails/8.jpg)
Further readingFurther reading
DON CIO Information Technology DON CIO Information Technology Standards Guidance (1999)– Chapter 3Standards Guidance (1999)– Chapter 3– http://www.doncio.navy.mil/training/ools/itshttp://www.doncio.navy.mil/training/ools/its
g/chapter3.htmlg/chapter3.html
DoD Computer Emergency Response DoD Computer Emergency Response Team (CERT)Team (CERT)– http://199.211.123.12/http://199.211.123.12/