Cis tcom 551 computer and network security slide set 2
Download
Sponsored Links
This presentation is the property of its rightful owner.
1 / 37

CIS/TCOM 551 Computer and Network Security Slide Set 2 PowerPoint PPT Presentation


  • 107 Views
  • Uploaded on
  • Presentation posted in: General

CIS/TCOM 551 Computer and Network Security Slide Set 2. Carl A. Gunter Spring 2004. Goals Availability Integrity Confidentiality Targets Hardware Software Data. Controls Physical security Limited interface Identification and authorization Encryption Analysis of costs and benefits.

Download Presentation

CIS/TCOM 551 Computer and Network Security Slide Set 2

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cis tcom 551 computer and network security slide set 2

CIS/TCOM 551Computer and Network SecuritySlide Set 2

Carl A. Gunter

Spring 2004


Introduction to security

Goals

Availability

Integrity

Confidentiality

Targets

Hardware

Software

Data

Controls

Physical security

Limited interface

Identification and authorization

Encryption

Analysis of costs and benefits

Introduction to Security


Progress and risk

Progress and Risk

  • Risk = (Probability of failure) * (Size of loss)

  • Safety-critical considerations

    • Dutch port authority

    • RER train

    • Software in automobiles

    • Intelligent highways


Progress and risk cont

Progress and Risk, cont.

  • Security-critical considerations

    • Credit card purchases on the web

    • Voting on the web

    • Banking on the web

    • Mobile agents and active networks

  • Safety and security considerations

    • Military systems, eg. Star Wars

    • Actuators on public networks


Security requirements

Security Requirements

  • Banking

  • Government

  • Public Telecommunications Carriers

  • Corporate / Private Networks

  • Electronic Commerce

Ref: Computer Communications Security, W. Ford, 94.


Banking

Banking

  • Electronic Funds Transfer (EFT)

    • Prosecution of fraud problematic

    • Financial system overall at risk

  • Automated Teller Machine (ATM)


Automatic teller machines

Automatic Teller Machines

  • Goals

    • Availability: Provide automated teller operations 24x7 in convenient locations

    • Integrity: Authorized users only, transactional guarantees

    • Confidentiality: Private communication with branches or center

  • Vulnerabilities and controls

  • Risk analysis and liabilities


Government

Government

  • National security of course, but also

  • “Unclassified but sensitive information” must not be disclosed

    • Example: social security web page

  • Electronic signatures approved for government contractors


Public telecom carriers

Public Telecom Carriers

  • Operations, Administration, Maintenance, and Provisioning (OAM&P)

  • Availability is a key concern

  • Significant insider risks


Corporate private networks

Corporate Private Networks

  • Completely private networks are becoming a thing of the past because of telecommuting.

  • Protection of proprietary information of course, but also concerns like privacy in the health care industry.

  • Foreign government threat?


Electronic commerce

Electronic Commerce

  • Electronic Data Interchange (EDI)

  • Electronic contracts need to be binding

  • ABA Resolution: “recognize that information in electronic form, where appropriate, may be considered to satisfy legal requirements regarding a writing or signature to the same extent as information on paper or in other conventional forms, when appropriate security techniques, practices, and procedures have been adopted.”


Goals of security

DATA

DATA

Confidentiality

DATA

Integrity

Availability

Goals of Security

Ref: Pfleeger.


Safety and security

Safety and Security

  • Many things in common and some major differences.

  • Some similarities aid understanding of both.

  • System vs. Environment.

  • Accident, breach.

  • Hazard, vulnerability.


System vs environment safety

System vs. Environment (Safety)

Environment

System


System vs environment security

System vs. Environment (Security)

Environment

System


Accident and security breach

Accident and Security Breach

  • Accident

    • Loss of life

    • Injury

    • Damage to property

  • Security Breach

    • Secret is revealed

    • Service is disabled

    • Data is altered

    • Messages are fabricated


Accident definition

Accident Definition

  • An accidentis an undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of harm.

  • Define breach similarly.

  • A security threat is a possible form of breach


Hazards and vulnerabilities

Hazards and Vulnerabilities

  • Hazard

    • No fire alarms

    • No fire extinguishers

    • Rags close to furnace

  • Vulnerability

    • Password too short

    • Secret sent in plaintext over public network

    • Files not write protected


Hazard definition

Hazard Definition

  • A hazard is a state or set of conditions of a system that, together with other conditions in the environment of the system, will lead inevitably to an accident.

  • Define security vulnerability similarly.


Other terms

Other Terms

  • Asset: object of value.

  • Exposure: threat to an asset.

  • Attack: effort by an agent to exploit a vulnerability and create a breach.


Major threats

Major Threats

  • Interruption

  • Interception

  • Modification

  • Fabrication


Major assets

Major Assets

  • Hardware

  • Software

  • Data


Threats to hardware

Threats to Hardware

  • Interruption: crash, performance degradation

  • Interception: theft

  • Modification: tapping

  • Fabrication: spoofed devices


Threats to software code

Threats to Software Code

  • Interruption: deletion

  • Interception: theft

  • Modification

    • Trojan horse

    • Logic bomb

    • Virus

    • Back door

    • Information leak

  • Fabrication: spoofing software distribution on the web


Threats to software processes

Threats to Software Processes

  • Interruption: bad inputs

  • Interception: attacks on agents

  • Modification: of exploited data

  • Fabrication: service spoofing (man-in-the-middle)


Threats to data

Threats to Data

  • Interruption: deletion, perceived integrity violation

  • Interception: eavesdropping, snooping memory

  • Modification: alteration of important information

  • Fabrication: spoofing web pages


Principles of security

Principles of Security

  • Easiest Penetration: An intruder must be expected to use any available means of penetration.

  • Adequate Protection: Computer items must be protected only until they lose their value. They must be protected to a degree consistent with their value.

  • Effectiveness: Controls must be used to be effective. They must be efficient, easy to use, and appropriate.


Controls

Controls

  • Physical security

  • Limited interface

  • Identification and authorization

  • Encryption


Breakdown of s w controls

Breakdown of S/W Controls

  • Program controls

    • as exercised by the programmer

    • as dictated by the programming language or programming environment

  • Operating system controls

  • Development process controls


Security models

Security Models

  • Multi-layer security

  • Graham-Denning model

Ref: Pfleeger.


Military security

Military Security

  • Familiar hierarchy of sensitivities, partitioned in to compartments.


Compartments

Compartments

  • Each piece of information is coded with its security level and one or more compartments


Classification and clearance

Classification and Clearance

  • <rank; compartments>

  • Each piece of information, or object, o is classified by its rank and compartments. C(o) = classification of o

  • Each actor, or subject, s is given a clearance by rank and compartments. C(s) = clearance of s

  • Dominance <r;c>  <r’;c’> iff r  r’ and c is a subset of c’.

  • C(o)  C(s) if the classification of o is dominated by the clearance of s.


Guarantees

Guarantees

  • A subject s is only able to access an object o if

    • the rank of s is higher than that of o, and

    • s is cleared for all of the compartments of o.

  • The first is called a hierarchical requirement, the second a non-hierarchical requirement.


Cis tcom 551 computer and network security slide set 2

A

Top Secret

v

C

Secret

B

D

z

Confidential

x

y

w

Restricted

Unclassified


Graham denning model

Graham-Denning Model

Subject executing command is x.

Transferable rights are denoted r*.

Non-transferable rights are denoted r.

A[x,s]


  • Login