Foundation of computer security
1 / 25

Foundation Of Computer Security - PowerPoint PPT Presentation

  • Uploaded on

Foundation Of Computer Security. Foundation of computer security. Reliability : accidental failures. Usability : operating mistakes. Security: intentional failures. Security. Security is about the protection of assets.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Foundation Of Computer Security' - bary

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Foundation of computer security1
Foundation of computer security

  • Reliability: accidental failures.

  • Usability: operating mistakes.

  • Security: intentional failures.


  • Security is about the protection of assets.

  • Hence, computer security is about the protection of IT assets (i.e. hardware, software, data & information, and reputation).

  • Protection measures can be classified as follows:

    • Prevention: taking measures that prevent your assets from being damaged.

    • Detection: taking measures that allow you to detect when an asset has been damaged, how it has been damaged, and who has caused the damage.

    • Reaction:taking measures that allow you to recover your assets or to recover from damage to your assets.


  • Example#1: protection of valuable items kept in your private home.

  • Prevention:

    • locks at the door and windows bars.

    • A wall round the property.

    • Add another layer of protection.

  • Detection:

    • you will detect when something has been stolen if it is no longer there.

    • A burglar alarm goes off when a break in occurs.

    • Closed circuit television camera

  • Reaction:

    • call police.

    • You may decide to replace the stolen item.


  • Example #2: Protecting Credit Card from being ‘stolen’ on the web.

  • Prevention:

    • Use encryption when placing an order.

    • Relay on the merchant to perform some checks on the caller before accepting a credit card order.

    • Don’t use your card number on the internet.

  • Detection:

    • Transaction that you didn’t authorize appears on your credit card statement.

  • Reaction:

    • Ask for new card number.

    • The cost of the fraudulent transaction may have to be cover by the card holder, the merchant where the fraudster made the purchase, or the card issuer.

Computer security
Computer security

  • Computer Security aims to preserve:

    • Confidentiality: prevention of unauthorized disclosure of information.

    • Integrity: prevention of unauthorized modification of information.

    • Availability: prevention of unauthorized withholding of information or resources.

  • As lists are never complete you can add further points such as authenticity , Legitimate Use, accountability or nonrepudiation.

CIA model


  • Historically, security and secrecy were closely related (even today?!).

  • Confidentiality (Privacy ,Secrecy).

  • Hiding the content of a document OR hiding its very existence.

  • Unlinkability: two or more items of interest (e.g. messages, actions, events, users, etc.) are unlinkableif an attacker cannot sufficiently distinguish whether they are related or not.

  • Anonymity: A subject (e.g. user) is anonymous if it cannot be identified within a given anonymity set of subjects.

Prevention of unauthorised disclosure of information


  • It is not easy to give a concise definition of integrity.

  • Does prevention of unauthorized actions fall under integrity?

  • Clark and Wilson : no user of the system , even if authorized, may be permitted to modify data items in such a way that assets or accounting records of the company are lost or corrupted.

  • We have captured security by specifying the user actions that have to be controlled.

  • External consistency : the data stored in a computer system should correctly reflect some reality outside the computer system. (DoD’sOrange book)

prevention of unauthorized modification of information


  • Integrity in communication security: refers to the detectionand correctionof modifications to, insertion in, deletion , or replay of transmitted data.

  • This include both intentional manipulations and random transmission errors.

  • Integrity is often a prerequisite for other security properties (e.g. protecting OS access control data so an attacker cannot change it to gain unauthorized access to documents). Here we have to protect the integrity of access control to achieve confidentiality.


  • According to ISO 7498-2:

    • Availability: the property of being accessible and usable upon demand by an authorized user.

    • Denial of Service (DoS):the prevention of authorized access to resources or the delaying of time-critical operations.

  • Although that availability is one of the most important aspects of computer security, there is a lack of security mechanisms effectively protecting against DoS attacks.

  • Security mechanisms that are too restrictive or too expensive can themselves lead to DoS

prevention of unauthorised withholding of information or resources


  • It is hard to prevent all improper actions:

    • we may find that authorized actions can lead to a security violation.

    • we may find a flaw in our security system that allow an attacker to find a way past our controls.

  • Users should be hold responsible for their actions.

  • Accountability: audit information must be selectively kept and protected so that actions affecting security can be traced to the responsible party. (the Orange book)

  • In order to do this, the system should first identifyand authenticateits users.

  • It has to keep an audit trail (is a log of security-relevant events).

Non repudiation

  • Non-repudiation is related to accountability.

  • Non-repudiation: services provide unforgeable evidence that a specific action occurred.

  • Digital signatures provide non-repudiation.

  • Non-repudiation of origin: providing evidence about the sender of a document.

  • Non-repudiation delivery: providing evidence that a message was delivered to a specific recipient.


  • Reliability (accidental failures) & safety (impact of failures on the environment).

  • Reliability only quantifies the frequency of failures, disregarding the consequences of a failure. From a safety point of view it is important to consider the consequences of failures, especially the failures that lead to hazards.

  • Security and reliability are very much related and intersected.

  • Dependability: the property of a computer system such that reliance can justifiably be placed on the service it delivers. (IFIP WG 10.4)

  • *skip 3.1.9

The fundamental dilemma of computer security
The fundamental Dilemma of computer security

  • Security-unaware users have specific security requirements but usually no security expertise.

  • A security unaware user cannot make educated decisions about security products and will have to pick standard ‘best practice’ solutions.

  • Standard solutions may not address the user’s specific requirements.

  • There is a trade-off between security and ease-of-use since:

    • Security mechanisms need additional computational resources.

    • Security interferes with the working patterns users are accustomed to.

    • Effort has to be put into managing security.

Data vs information
Data vs. Information

  • Data represents information.

  • Information is the interpretation of data.

  • Datais physical phenomena chosen by convention to represent certain aspects of our conceptual and real world. The meanings we assign to data are called information.

  • A covert channel is an information flow that is not controlled by a security mechanism.

Principles of computer security
Principles of Computer Security

  • Fundamental design parameters of computer security.

  • The figure above sketches the main dimensions in the design space for computer security. Horizontal axis represents the focus of the security policy, whilst the vertical axis represents the layer of the computer system where a protection mechanism is implemented.

Application Software

User (subject)

Resource (object)


Focus of control
Focus of Control

  • First Design Decision:

    In a given application (i.e. a cash machine), should the protection mechanism in a computer system focus on:

  • data;

  • Operations; and/or

  • users (access control)?

  • It is a fundamental design decision choosing which these options to take when applying security controls. Operating system have traditionally focused on protection data. In modern applications, it is often more relevant to control users’ actions.

The man machine scale
The Man-Machine Scale

  • Mechanisms towards the center tend to be more

  • generic while mechanisms at the outside are more

  • likely to address individual user requirements

    Second Design Decision:

    In which layer of the computer system should a security mechanism be placed?

more generic simple machine-oriented

more specific complex man-oriented

Complexity vs assurance
Complexity vs. Assurance

  • There is a trade-off between complexity and assurance.

  • Third Design Decision:

  • Simple with higher assurance OR complex with a feature-rich security environment?

  • Feature-rich security and high assurance do not match easily

Centralized vs decentralized
Centralized vs. Decentralized

  • Centralized(If a single entity is in charge of security):

    • Easy to achieve uniformity.

    • Better control.

  • BUT

    • Performance bottleneck.

    • Single Point of Failure (SPoF).

  • Decentralized(Distributed):

    • More efficient.

    • No SPoF.

  • BUT

    • More expensive and complicated (e.g. cost, management, etc.).

      Fourth Design Decision:

      Centralized OR decentralized?

The layer below
The Layer Below

  • Every protection mechanism defines a security perimeter (boundary).

  • Attackers may bypass protection mechanisms at some layer.

  • Fifth Design Decision:

  • How can you prevent an attacker from getting access to a layer below the protection mechanism?

  • The Layer Below – Examples:

  • Recovery tools, like Norton Utilities, restore the data by reading memory directly and then restoring the file structure. Such a tool can be used to circumvent logical access control as it does not care for the logical memory structure

The layer below examples
The Layer Below – Examples

2. Unix treats I/O devices and physical memory devices like files. If access permissions are defined badly, e.g. if read access is given to a disk containing read protected files, then an attacker can read the disk contents and reconstruct the files.

3. Object reuse: in a single processor system, when a new process becomes active, it gets access to memory positions used by the previous process. You have to avoid storage residues, i.e. data left behind in the memory area allocated to the new process.

4. Buffer Overruns: a value is assigned to a variable that is too large for the memory buffer allocated to that variable , so that memory allocated to other variables is overwritten.

The layer above
The Layer Above

  • It is not very wise design decision to spend much time and effort trying to protect a layer from the layer above it!

  • The security services provided by a layer are mostly not sufficient to the layer above it which requires more complex man-oriented services.


  • “Computer Security ”, 3rd edition by Dieter Gollmann. Wiley, March, 2011.

  • Chapter 3