Cit 380 securing computer systems
Download
1 / 25

CIT 380: Securing Computer Systems - PowerPoint PPT Presentation


  • 395 Views
  • Updated On :

CIT 380: Securing Computer Systems Physical and EM Security Physical Security Physical Security Plan Elements of Physical Security Environmental Threats Physical Access Theft Backups Printouts Unattended Terminals EM Security Physical Security Plan

Related searches for CIT 380: Securing Computer Systems

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CIT 380: Securing Computer Systems' - lotus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Cit 380 securing computer systems l.jpg

CIT 380: Securing Computer Systems

Physical and EM Security

CIT 380: Securing Computer Systems


Physical security l.jpg
Physical Security

  • Physical Security Plan

  • Elements of Physical Security

  • Environmental Threats

  • Physical Access

  • Theft

  • Backups

  • Printouts

  • Unattended Terminals

  • EM Security

CIT 380: Securing Computer Systems


Physical security plan l.jpg
Physical Security Plan

  • List of physical assets to be protected

    • Descriptions

    • Replacement cost (hardware + data)

  • Locations of physical assets

  • Description of security perimeter(s)

    • Holes in perimeter (doors, windows, etc.)

    • Multiple perimeter example:

      • Outermost: campus

      • Outer: building

      • Inner: server room

  • Threats that you’re protecting against

  • Security defenses

CIT 380: Securing Computer Systems


Elements of physical security l.jpg
Elements of Physical Security

  • Determent

    • Convince people not to attack.

  • Detection

    • Alarms, guards, and other means of detecting attacks.

  • Delay

    • Elements that slow down an attacker, e.g. locks & safes.

  • Response

    • Guards or a call to the police.

CIT 380: Securing Computer Systems


Environmental threats fire l.jpg
Environmental Threats: Fire

  • Dangers:

    • Flames

    • Heat

    • Smoke

    • Water

  • Defenses

    • Gas-charged extinguishers

    • Dry-pipe water sprinkler systems

CIT 380: Securing Computer Systems


Environmental threats temperature l.jpg
Environmental Threats: Temperature

  • Most computer systems need 50-90F

  • Dangers:

    • Cold: thermal shock on power-on, cracking ICs/boards.

    • Hot: unreliability, then system failures as heat increases.

  • Defenses

    • Air-conditioning system

    • Good air circulation

    • Temperature alarm system

CIT 380: Securing Computer Systems


Environmental threats water l.jpg
Environmental Threats: Water

  • Humidity

    • Below 20% static discharge becomes a problem.

    • Must remain below dew point to avoid condensation on chilled surfaces.

    • Defenses:

      • Humidifier/de-humidifier

      • Humidity alarm

  • Water

    • Defenses:

      • Keep drinks away from computers.

      • Alarm at low level.

      • Automatic power shut-off at higher level.

CIT 380: Securing Computer Systems


Environmental threats electrical l.jpg
Environmental Threats: Electrical

  • Electrical Noise

    • Motors, fans, even vacuum cleaners can generate electrical surges.

    • Defenses:

      • UPS with power line filter

      • Anti-static mats

  • Lightning

    • Defenses

      • Turn off computer systems during lightning storms.

      • Surge suppressors may help for distant strikes.

CIT 380: Securing Computer Systems


Environmental threats l.jpg
Environmental Threats

  • Dust

    • Collects on drive heads and degrades media by abrasion.

    • Dust is slightly conductive and can cause circuit boards to short and fail if much accumulates.

    • Defenses:

      • Air Filtering Systems

      • Vacuuming

  • Vibration

    • Can work circuit boards out of sockets and drive heads out of alignment over time.

    • Defenses:

      • Rubber or foam mat.

CIT 380: Securing Computer Systems


Physical access l.jpg
Physical Access

  • Raised floors/dropped ceilings

    • If internal walls do not extend above dropped ceilings and below raised floors, computer room door security can be easily bypassed.

  • Air ducts

    • Serve computer room with many small air ducts.

    • Weld screens over air vents or within air ducts.

    • Motion detectors.

  • Glass walls

    • Easy to break—avoid them.

CIT 380: Securing Computer Systems


Network cabling l.jpg
Network Cabling

  • Threats

    • Wiretapping/monitoring

    • Cutting

    • Connecting to AC power

  • Defenses

    • Run through steel conduits, not open trays.

    • Double-walled conduits with pressurized gas between layers; alarm if pressure falls.

CIT 380: Securing Computer Systems


Alarms l.jpg
Alarms

  • Sensor types

    • Vibration detectors

    • Video cameras

    • Motion sensors

    • Infrared (body heat) detectors

  • False alarms

    • Causes

      • Weather (thunder, lightning, wind)

      • Created by attacker

    • Degrade response

      • guards/police will ignore alarms if too many false.

CIT 380: Securing Computer Systems


Theft l.jpg
Theft

  • Reasons:

    • Resale

    • Access to stored information

  • Targets

    • Laptops

    • Components: RAM, CPUs, hard disks

    • PCs/servers

CIT 380: Securing Computer Systems


Theft defenses l.jpg
Theft Defenses

  • Limit physical access.

    • Keep critical systems in high security areas.

  • Case locks to prevent access to components.

  • Laptop locks to lock laptop to desk.

  • Visible equipment tags with serial numbers.

  • Phone-home software for tracing.

  • Encryption of information.

CIT 380: Securing Computer Systems


Backups l.jpg
Backups

  • Protect availability of information.

  • Offer potential for confidentiality violation.

CIT 380: Securing Computer Systems


Backups16 l.jpg
Backups

  • Defenses:

    • Secure in safe after creation.

    • Periodically move to secure offsite storage.

    • Verify that you can restore data from backups.

      • Verify old backups periodically too.

    • Encrypt data on backup tapes.

    • Bulk erase tapes to destroy data before disposal.

CIT 380: Securing Computer Systems


Printouts l.jpg
Printouts

  • Provide availability when computers down.

  • Potential for confidentiality violation.

    • Dumpster diving

  • Defenses

    • Separate wastebaskets for confidential/unclassified information.

    • Paper shredding

      • Expensive shredding recovery services exist.

CIT 380: Securing Computer Systems


Unattended terminals l.jpg
Unattended Terminals

  • Offer anonymous attacker access

  • Defenses:

    • Auto-logout shells or daemons

    • Automatic screen locking

    • Boot only from hard disk

    • BIOS password to protect boot settings

    • Case lock to prevent battery removal or BIOS chip replacement

CIT 380: Securing Computer Systems


Em security l.jpg
EM Security

  • What is EM Security?

  • History

  • Surveillance

  • Passive Attacks

  • Active Attacks

  • Defences

CIT 380: Securing Computer Systems


Em security20 l.jpg
EM Security

Preventing a system from being attacked using electromagnetic emanations.

  • Confidentiality attacks

    • Listening to high frequency signals bled onto connected cables like power lines.

    • Listening to electromagnetic radiation leaked from computer devices.

  • Integrity attacks

    • Disrupting computations by inserting power glitches.

  • Availability attacks

    • Jamming, electromagnetic pulse weapons.

CIT 380: Securing Computer Systems


History l.jpg
History

1914: Telephone wires laid for miles parallel to enemy trenches only a few hundred meters away. Earth leakage caused crosstalk, allowing enemy to listen.

1960: UK listened to secondary signal on French embassy cable to capture plaintext leaked from cipher machine.

1960s: TV detector vans in UK listened to RF leakage to discover license fee evaders.

1985: Wim van Eck’s paper describing how to reconstruct picture on CRT at a distance.

1990s: Power analysis of smartcards.

CIT 380: Securing Computer Systems


Power analysis l.jpg
Power Analysis

  • Power analysis: analyzing power supply current of electronic device over time.

    • Transistor switching changes power draw.

  • Smartcards: credit-card sized plastic with embedded microprocessor/memory.

    • Uses: credit/ID card replacement, one time password authentication, physical access key.

    • Vulnerabilities

      • Low clock frequency compared to PCs.

      • Little or no power filtering.

CIT 380: Securing Computer Systems


Power analysis23 l.jpg
Power Analysis

  • Simple Power Analysis

    • Visual inspection of power consumption graph can reveal DES shifts and permutations or RSA multiplication and exponentiation operations.

  • Differential Power Analysis

    • Statistical analysis of many (100’s) operations where algorithm and either plaintext or ciphertext known.

    • Can be used to find 48 of 56 bits of DES key by analyzing last round of cipher.

    • Defenses: randomization of order of S-box use, frequent key updates, timing randomness, insertion of random dummy operations.

CIT 380: Securing Computer Systems


Rf leakage l.jpg
RF Leakage

  • All video displays (CRTs and LCDs) emit a weak TV signal.

  • All cabling (serial cables using by ATMs and Ethernet cable used by PCs) emits signals too.

  • Keyboard RF emissions modulated by currently pressed key.

  • Defenses:

    • Electromagnetic shielding of device or room.

    • Soft-Tempest fonts: low pass filter removes high frequencies of fonts—little visual difference on monitor but larger effect on signal.

CIT 380: Securing Computer Systems


Key points l.jpg
Key Points

  • Physical security is an essential component of computer security.

    • Many systems are more vulnerable to physical threats than system/network attacks.

  • Elements of Physical Security

    • Determent

    • Detection

    • Delay

    • Response

  • Backups are a defense against many threats, but must be defended themselves.

CIT 380: Securing Computer Systems


ad