Changing State of Threats and Vulnerabilities FIRMA March 30, 2010.
notesmilenge.files.wordpress.com · Web viewAn organization can reduce the risks associated with...
Transcript of notesmilenge.files.wordpress.com · Web viewAn organization can reduce the risks associated with...
CYBER & INFORMATION SECURITY
Module- IV
CYBER & INFORMATION SECURITY
4.1 Security Model
An organization can reduce the risks associated with all of these threats by assessing the
vulnerabilities and threats present in their systems and implementing appropriate
countermeasures. A security model involves applying countermeasures at every layer of the
computer network, from the perimeter routers and firewalls to users' personal computers running
Microsoft Windows.
The defense-in-depth security model is illustrated in Figure 1. Imagine your organization's
information technology (IT) infrastructure as a series of interconnected layers. At the base of the
model are security policies and procedures. Your formal security policies dictate the basic
requirements and goals in a technology agnostic way. The procedures are more specific because
they formally define how to properly perform specific tasks on specific devices such as how to
install a new router or how to configure a new Web server. For these reasons, policies and
procedures affect every other defense-in-depth layer.
Figure 1: Defense in Depth Security Model
The following example explains the practical application of the defense-in-depth model. An
account executive, named Bob, is working remotely and needs to modify the record of one of
1 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
your organization's clients. Bob starts up his laptop computer and logs into Windows XP. This
action is an example of a client host. Bob uses a dial-up connection to connect to the Internet,
and then uses a VPN to connect to the corporate network. In other words, the client host connects
to the network through the perimeter. Bob then opens the enterprise resource planning (ERP)
client software that your organization uses and connects to the ERP server. At this point, the
client host has connected to the server host and then the server application. After the ERP client
software connects to the server, Bob is able to select the client's record and make the desired
modifications; that is, Bob is able to view and modify the data.
4.2 Protection Measures
Protection measures mean the precautionary measures taken toward possible danger or damage.
There are 6 types of security measures.
Fig. 2: Protection Measures
1) DATA BACKUP
Data Backup is a program of file duplication. Backups of data applications are necessary so that
they can be recovered in case of an emergency.
2) CRYPTOGRAPHY
Cryptography is a process of hiding information by altering the actual information into different
representation, for example, an APA can be written as I?
2 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Almost all cryptosystems depend on a key such as a password like the numbers or a phrase that
can be used to encrypt or decrypt a message. The traditional type of cryptosystem used on a
computer network is called a symmetric secret key system.
3) ANTIVIRUS
An antivirus program protects a computer against viruses by identifying and removing any
computer viruses found in the computer memory, on storage media or incoming e-mail files. An
antivirus program scans for programs that attempt to modify the boot program, the operating
system and other programs that normally are read from but not modified.
4) ANTI-SPYWARE
Spyware is a program placed on a computer without the user’s knowledge. It secretly collects
information about the user. The spyware program communicates information to the outside
source. An anti-spyware application program sometime called tracking software or a spybot is
used to remove spyware. Among of the popular anti-spyware programs are:
• Spybot Search and Destroy
• Ad-aware
• Spyware Blaster
5) FIREWALL
Firewall is a piece of hardware or software which functions in a networked environment to
prevent some communications forbidden by the security policy. Firewall implements a security
policy. It might permit limited access from in or outside the network perimeters or from certain
user or for certain activities.
3 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
6) HUMAN ASPECTS OF SECURITY MEASURES
Human aspects refer to the user and also the intruder of a computer system. It is one of the
hardest aspects to give protection to. The most common problem is the lack of achieving a good
information security procedure.
4.3 Software SecurityThe three pillars of software security are applied risk management, software security
touchpoints, and knowledge. By applying the three pillars in a gradual, evolutionary manner and
in equal measure, a reasonable, cost-effective software security program can result.
Fig. 3: Pillars of S/W Security
Touchpoints are a mix of destructive and constructive activities. Destructive activities are about
attacks, exploits, and breaking software. These kinds of things are represented by the black hat
(offense). Constructive activities are about design, defense, and functionality. These are
represented by the white hat (defense).
Here are seven touchpoints, in order of effectiveness:
1. Code review
2. Architectural risk analysis
4 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
3. Penetration testing
4. Risk-based security tests
5. Abuse cases
6. Security requirements
7. Security operations
Following figure specifies the software security touchpoints and shows how software
practitioners can apply them during software development. This means understanding how to
work security engineering into requirements, architecture, design, coding, testing, validation,
measurement, and maintenance.
Fig. 4: Seven Touchpoints for S/W Security
4.4 Database Security
Database security concerns the use of a broad range of information security controls to protect
databases against the compromises of their confidentiality, integrity and availability. It involves
various types or categories of controls, such as technical, procedural/administrative and
physical.
Database security is a specialist topic within the broader realms of computer
security, information security and risk management.
5 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Security risks to database systems include, for example:
Unauthorized or unintended activity or misuse by authorized database users, database
administrators, or network/systems managers, or by unauthorized users or hackers (e.g.
inappropriate access to sensitive data, metadata or functions within databases, or
inappropriate changes to the database programs, structures or security configurations);
Malware infections causing incidents such as unauthorized access, leakage or disclosure of
proprietary or personal data, deletion of or damage to the data or programs, interruption or
denial of authorized access to the database, attacks on other systems and the unanticipated
failure of database services;
Overloads, performance constraints and capacity issues resulting in the inability of
authorized users to use databases as intended;
Physical damage to database servers caused by computer room fires or floods, overheating,
lightning, accidental liquid spills, static discharge, electronic breakdowns/equipment failures
and obsolescence;
Design flaws and programming bugs in databases and the associated programs and systems,
creating various security vulnerabilities (e.g. unauthorized privilege escalation), data
loss/corruption, performance degradation etc.;
Data corruption and/or loss caused by the entry of invalid data or commands, mistakes in
database or system administration processes, sabotage/criminal damage etc.
Many layers and types of information security control are appropriate to databases, including:
Access control
Auditing
Authentication
Encryption
Integrity controls
Backups
Application security
6 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Fig. 5: Oracle Database Security
4.5 Authentication in Distributed System
A distributed system is susceptible to a variety of security threats. A principal can impersonate
other principal and authentication becomes an important requirement.
Authentication is a process by which one principal verifies the identity of another principal. In
one-way authentication, only one principal verifies the identity of the other principal. In mutual
authentication, both communicating principals verify each other’s identity.
The authentication mechanism for distribution system tackles the various security challenges
through following manner:
1) a remote authentication architecture that lets users recover easily in case of password
compromise;
7 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
2) a social network-based email system in which users can authenticate themselves as trusted
senders without disclosing all their social contacts; and
3) a group access-control scheme where requests can be monitored while affording a degree of
anonymity to the group member performing the request.
The authentication mechanism for distribution system combines system designs and novel
cryptographic techniques to address their respective security and privacy requirements both
effectively and efficiently.
Fig. 6: Authentication in Distributed System
4.6 Insecure Network Connection
A wireless network is “unsecured” if you can access the internet using the network without
entering a password or network key. For example, a “hotspot” is a wireless network that is open
and available for the public to use. They can be found in restaurants, airports, coffee shops,
bookstores, hotels, libraries and just about any place that the public gathers. They are often
unsecured so anyone in range can use them. In some cases like at hotels or even universities, the
networks are “secured” because they require a network key.
Risk:
Once an intruder has access to your insecure network, they have access to everything you have
stored on any computers on that network and anything you do online. And if you think you do
not have anything worth stealing, think again. An intruder, once inside can access your tax
8 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
documents, financial records, online banking information, credit card numbers, emails,
usernames and passwords, and even where you are going online. More sophisticated intruders
can install software that records your every keystroke and every site you visit.
Prevention:
1. Secure your insecure network. Some simple steps are below:
Click the Router
Click on Settings
Change the Default SSID (a unique identifier used to name wireless networks)
Disable the SSID Broadcast (hides the network so it isn’t visible for all in range to see)
Change the default password
2. When you are on an unsecured wireless network, never shop online, transmit password
information, credit card numbers or login to online banking, email, social media sites or any site
that requires you send personal or private information.
3. Communicate the risks of using an unsecured wireless network with others and emphasize the
importance of keeping their passwords and private information private.
4.7 Information Warfare and Surveillance
The Information Warfare (IW) primarily involves the use and management of information technology in
search of a competitive advantage over an opponent. Information warfare may involve collection of
tactical information, assurance(s) that one's own information is valid, spreading
of propaganda or disinformation to demoralize or manipulate the enemy and the public, undermining the
quality of opposing force information and denial of information-collection opportunities to opposing forces.
Information warfare is closely linked to psychological warfare.
The Information warfare can take many forms:
Television and radio transmission(s) can be jammed.
Television and radio transmission(s) can be hijacked for a disinformation campaign.
Logistics networks can be disabled.
Enemy communications networks can be disabled or spoofed.
9 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Stock exchange transactions can be sabotaged, either with electronic intervention, by
leaking sensitive information or by placing disinformation.
Surveillance is the monitoring of the behavior, activities, or other changing information, usually
of people for the purpose of influencing, managing, directing, or protecting them. This can
include observation from a distance by means of electronic equipment (such as CCTV cameras),
or interception of electronically transmitted information (such as Internet traffic or phone calls),
human intelligence agents and postal interception.
Surveillance is very useful to governments and law enforcement to maintain social control,
recognize and monitor threats, and prevent/investigate criminal activity. There are various
devices used for the surveillance.
o Computer
o Telephones
o Cameras
o Social network analysis
o Biometric
o Aerial
o Data mining and profiling
o Corporate
o Satellite imagery
o Identification and credentials
o Geolocation devices
Global Positioning System
Mobile phones
o Devices
o Postal services
10 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
4.8 Introduction to Cryptography
Cryptography is a technique to hide the existing data from external environments including
attacker, hacker, intruder and unauthorized user.
The Basic Principles of Cryptography
1. Encryption
Encryption is a process to convert the data in some unreadable form. This helps in protecting the
privacy while sending the data from sender to receiver. On the receiver side, the data can be
decrypted and can be brought back to its original form. The reverse of encryption is called as
decryption. The concept of encryption and decryption requires some extra information for
encrypting and decrypting the data. This information is known as key. There may be cases when
same key can be used for both encryption and decryption while in certain cases, encryption and
decryption may require different keys.
2. Authentication
This is another important principle of cryptography. In a layman’s term, authentication ensures
that the message was originated from the originator claimed in the message. Suppose, Alice
sends a message to Bob and now Bob wants proof that the message has been indeed sent by
Alice. This can be made possible if Alice performs some action on the message that Bob knows
only Alice can do. Well, this forms the basic fundamental of Authentication.
3. Integrity
Integrity means that Cryptography should ensure that the messages that are received by the
receiver are not altered anywhere on the communication path. This can be achieved by using the
concept of cryptographic hash.
4. Non Repudiation
What happens if Alice sends a message to Bob but denies that she has actually sent the message?
Cases like these may happen and cryptography should prevent the originator or sender to act this
way. One popular way to achieve this is through the use of digital signatures.
Types of Cryptography
11 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
There are three types of cryptographic techniques :
1. Secret Key Cryptography
2. Public key cryptography
3. Hash Functions
1. Secret Key Cryptography
This type of cryptography technique uses just a single key. The sender applies a key to encrypt a
message while the receiver applies the same key to decrypt the message. Since the only single
key is used so we say that this is a symmetric encryption.
The biggest problem with this technique is the distribution of key as this algorithm makes use of
a single key for encryption or decryption.
2. Public Key Cryptography
This type of cryptography technique involves two key crypto system in which a secure
communication can take place between receiver and sender over an insecure communication
channel. Since a pair of keys is applied here so this technique is also known as asymmetric
encryption.
In this method, each party has a private key and a public key. The private is secret and is not
revealed while the public key is shared with all those whom you want to communicate with. If
Alice wants to send a message to Bob, then Alice will encrypt it with Bob’s public key and Bob
can decrypt the message with its private key.
3. Hash Functions
This technique does not involve any key. Rather it uses a fixed length hash value that is
computed on the basis of the plain text message. Hash functions are used to check the integrity of
the message to ensure that the message has not be altered,compromised or affected by virus.
4.9 Digital Signatures
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital
message or document. A valid digital signature gives a recipient reason to believe that the 12 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
message was created by a known sender, such that the sender cannot deny having sent the
message (authentication and non-repudiation) and that the message was not altered in transit
(integrity). Digital signatures are commonly used for software distribution, financial transactions,
and in other cases where it is important to detect forgery or tampering.
Using Bob and Alice, we can illustrate how a digital signature (standard electronic signature) is
applied and verified.
Step 1: Getting a Private and Public Key
In order to digitally sign a document, Bob needs to obtain a private and public key, which is a
one-time process. The private key, as the name implies, is not shared and is used only by the
signer. The public key is openly available and used by those that need to validate the signer's
digital signature.
Step 2: Signing an Electronic Document
Create a digital signature - A unique digital fingerprint of the document is created using a
mathematical algorithm (such as SHA-1). Append the signature to the document - The hash
result and the user's digital certificate (which includes the user's public key) are combined into a
digital signature. The resulting signature is unique to both the document and the user. Finally, the
digital signature is appended to the document. Bob sends the signed document to Alice. Alice
uses Bob's public key to authenticate Bob's signature and to ensure that no changes were made to
the document after it was signed.
Step 3: Validating a Digital Signature
Initiate the validation process- Depending on the software used, Alice needs to initiate the
validation process (e.g., by clicking a "Validate Signature" menu option button on the software's
toolbar).
Decrypt the digital signature - Using Bob's public key, Alice decrypts his digital signature and
receives the original document (the document fingerprint).
Compares the document fingerprint with her calculated one - Alice's software then calculates the
document hash of the received document and compares it with the original document hash (from
the previous step). If they are the same, the signed document has not been altered.
13 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Fig. 7: Digital Signature
4.9 Digital Watermarking
A digital watermark is a signal or code that is hidden in a digital signal (such as in the digital
audio or a digital image portion) that contains identifying information. For example, a digital
watermark should not be distorted or lost when the signal is passed through a conversion or
compression process.
14 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
A software program or assembly that can separate the watermark from a media file extracts a
digital watermark. This watermark may be used to provide the key that is able to decode and play
the media file. The process of watermarking is called stenography.
Encrypted watermarks are tamper resistant information that is added (data embedding) or
changed information in a file or other form of media that can be used to identify that the media is
authentic. To identify the watermark in the media file, a decryption code is needed to decipher
the contents of the watermark message.
Fig. 8: Digital Watermarking
Digital watermarks can be added to any type of media files such as digital video and audio.
Adding or slightly modifying the colors and/or light intensities in the video in such a way that
the viewer does not notice the watermarking information. Audio watermarking may be
performed by adding audio tones above the normal frequency or by modifying the frequencies
and volume level of the audio in such a way that the listener does not notice the watermarking
information.
4.10 Biometric Security
A biometric security system refers to the identification and verification of a person based on the
unique physiological or behavioral characteristics. Since they depend on properties which are
15 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
highly impossible to fake, the reliability of biometric security system satisfies the needs of
immensely guarded areas of an organization. It can be commercially extended for home security
systems as well.
Fig 9: Biometric Security
Advantages of Biometric Security
1. Highly Reliable
The means of identification are highly accurate and precise. The chances of false negatives and
false positives are almost zero. This makes it an authentic security system that can be employed
in high security zone such as in banking, defense, military access, etc.
2. Unique
The identity established by a biometric recognition security system is unique. It is based on
characteristics like a fingerprint, eye print, etc. in which no two people share similarities. Hence
the database formed is unique to each individual.
3. Difficult to Fake
The features that are used by a biometric security system cannot be shared or copied from a
person. It makes it difficult to forge an identity of a person who has access, for misuse by another
person.
4. Impossible to Lose
It is highly impossible to lose the feature used for recognition by the biometric security system
unless the person has met with a serious accident that causes serious disruption in the specific
characteristics.
16 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
5. Easier Tracking
Being an automated system, the tracking of events or entry-exit is made lot easier. The records
are maintained in a database which can be accessed easily whenever required. This gives an
authentic backup solution in case of any problem.
6. Complete Integration
The biometric systems encompass wide solutions for the complete integration through
information in a database. The customer applications, facilities and access are integrated into a
robust control system.
7. Safe
The system is considered to be safe as well as user friendly when compared to the other security
systems. The issues of privacy and invasion are minimal.
8. Speed
The method is quite fast and the results are available almost instantly. The speed of processing
an access request is one of the added advantages of using biometric security systems.
4.11 Security Management
Security management is the identification of an organization's assets (including information
assets), followed by the development, documentation, and implementation of policies and
procedures for protecting these assets.
An organization uses such security management procedures as information classification, risk
assessment, and risk analysis to identify threats, categorize assets, and rate system vulnerabilities
so that they can implement effective controls.
17 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Fig 10: Security Management
A Security Management System (SeMS) set out an organization’s security policy as an integral
part of its business process. It is thus a part of the corporate management responsibility. SeMS is
based on the same concepts used in the Safety Management System (SMS). SeMS provides
system-wide security model encouraging and dependent on close co-operation between all
stakeholders and regulators.
4.12 Security Policies
In today's high-tech and interconnected world, every corporation needs a well thought out
security policy. Threats exist from both within the walls of each enterprise as well as from
external sources such as hackers, competitors and foreign governments. The goal of corporate
security policies is to define the procedures, guidelines and practices for configuring and
managing security in your environment. By enforcing corporate policy, corporations can
minimize their risks and show due diligence to their customers and shareholders.
Security policy is a definition of what it means to be secure for a system, organization or other
entity. For an organization, it addresses the constraints on behavior of its members as well as
constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls. For
systems, the security policy addresses constraints on functions and flow among them, constraints
on access by external systems and adversaries including programs and access to data by people.
18 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Fig 11: Security Policies
As the policy pyramid shows, the best security begins with upper management, creating an actual
policy or mandate to implement security. The policy should be based on industry standards and
regulations such as ISO 17799 and HIPAA. Procedures, guidelines and practices form the basis
for all security technology. Products such as Enterprise Security Manager (ESM) measure policy
compliance with modules and policies for operating systems, databases and applications. These
then interact with the actual computer environment.
4.13 Risk Management
Risk management is the identification, assessment, and prioritization of risks followed by
coordinating and economical application of resources to minimize, monitor, and control the
probability and/or impact of unfortunate events or to maximize the realization of opportunities.
Risks can come from uncertainty in financial markets, threats from project failures, legal
liabilities, credit risk, accidents, natural causes and disasters as well as a deliberate attack from
an adversary, or events of uncertain or unpredictable root-cause.
According to the ISO standard, the risk management consists several processes as follows:
19 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
1. Identify Risks – Identify risks that affect the project (positively or negatively) and
documenting their characteristics
2. Assess & Analyze Risks - Assess the risk impact, Analyze the probability of risk occurrence
and prioritize the risks, numerically analyze the effect of identifying risks on project objectives.
3. Plan Actions – Explore all the possible ways to reduce the impact of threats (or exploit
opportunities). Plan actions to eliminate the risks (or enhance the opportunities). Action plans
should be appropriate, cost effective and realistic.
4. Monitor & Implement the Action – Track the risks throughout the project. If risks occur
then implement the risk strategy based on the action plan. Ex. If mitigation strategy is selected,
execute the contingency plan based on risk triggers. In case contingency plan fails, execute a
fallback plan.
5. Measure the effectiveness & Control the risk impact - Measure the effectiveness of the
planned action and controlling the risk impact by understanding risk triggers & timely
implementation of planned actions.
Fig. 12 Risk Management Processes
20 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
CYBER & INFORMATION SECURITY
Risk management processes are cyclic which starts from the identification of a risk and it may
result in identification of another new risk.
21 | P a g e H i m a n s h u G u p t a , F a c u l t y M e m b e r - A I I T
THANKS!