1 / 42

Information Security: Security Challenges and Technologies

Information Security: Security Challenges and Technologies. 70-451 Management Information Systems Robert Monroe November 22, 2011. Quiz.

lamond
Download Presentation

Information Security: Security Challenges and Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security:Security Challenges and Technologies 70-451 Management Information Systems Robert Monroe November 22, 2011

  2. Quiz • In last Sunday’s class we introduced the acronym CIA to describe three fundamental concerns of information security. Write one of the words represented by the letters C, I, or A: ____________ . • ___________ is the art and science of sending secure messages from one party to another party. • Name one example of a type of security threat described or discussed in last Sunday’s class: ________.

  3. Goals For Today By the end of today's class you should be able to: • Apply simple risk management techniques and frameworks to uncover the largest information security risks in an organization, and to focus your information security resources appropriately. • Explain how cryptography techniques can be used to support Confidentiality, Integrity, and Authentication • Identify and explain the primary types of information security attacks and risks • Understand some of the basic technologies and techniques used to address these threats

  4. Information Security Management

  5. Information Security Is A Management Issue First • Creating information security policies and prioritizing threats is a business issue and responsibility • The role of the IT team is to provide a secure IT infrastructure that mitigates the threats identified by the business team • Many management teams abdicate their responsibility for information security. Why? • Incentive structure (costs for failure, success is invisible) • Ignorance, fear, and loathing of technology/technologists • Lack of understanding of threat (wait for the crisis)

  6. Information Security Management Is Risk Management • You can’t afford to completely secure all digital information in your organization • Recognize this and address the challenge as a standard risk management problem • Identify and prioritize risks • Plan to meet them so as to minimize expected losses • Focus on your primary business

  7. Identifying and Prioritizing Threats • Identify and catalog your company’s digital assets • Assign appropriate and explicit levels of importance to them • Identify threats to those assets • Catastrophic threats • Expensive threats • Non-critical threats • What would the cost be of having the digital assets • Exposed (stolen) • Destroyed (lost) • Changed • Prioritize specific threats that need to addressed • Through technical measures • Through personnel and policy measures

  8. Match Your Response To The Threat • Determine probability and cost of each threat • Why is this is really hard to do accurately with IT? • Determine whether you need to mitigate the threat through technical measures, policy measures, or both • Work with technical or policy teams to implement threat mitigation plan

  9. Match Your Response To The Threat: Example Two levels of security in a bank branch: vs. Secure the penwith a leash Secure the cashwith a vault

  10. Develop Security Policies And Enforce Them • Set policies defining appropriate usage of IT resources • Make it clear how information is categorized and what the categories mean (e.g. confidential, company-only, publicly available) • Identify who can access or change what information • Identify who has access to which systems. Why and for how long? • How do you handle sensitive data that has to leave your company? • Identify what employees are allowed to do with their machines • Can they modify them and install software on them? • Can they surf the web for personal use? Limits to which sites? • Automate enforcement where it makes sense to do so, put policies in place where automated enforcement might not make sense • Create policies and procedures for dealing with network/computer attacks • Plan how to handle common problems before they happen so that they don’t run out of control

  11. Information Security Management Summary • Information Security is a management issue first • Your IT security policies and approach should be driven by business goals and constraints • Fundamentally a matter of risk management • It is non-trivial to identify, quantify, and prioritize your organization’s information security threats • The basic categories and types of threats are quite common • There are standard ways to mitigate most of these threats • Match your strategy to threats appropriately

  12. Cryptography Primer

  13. Cryptography Helps Secure Information In Transit • The internet is fundamentally an insecure medium • Assume your network traffic can be: • Read • Intercepted • Modified • Forged • Cryptography provides a mechanism for securing information sent over an electronic network • … and so much more!

  14. Cryptography Cryptography: a collection of mathematical techniques for protecting information Encryption: The process of using cryptography to scramble a message Decryption: The process of using cryptography to unscramble a message Agent Jones: The shipment arrives tonight... D#°S3ˆß)2Ãa´,! ÔKhÑü0:ö_£é¿íu¼... Source: Garfinkel, Simpson, Web Security, Privacy & Commerce, 2nd Edition, O’Reilly, 2001

  15. Cryptography Can Provide: • Confidentiality • Integrity • Authentication • Non-Repudiation • Note: Cryptography does not automatically provide availability or an audit trail (though it can strengthen the trust in an audit trail)

  16. Basic Encryption Techniques • Substitution: Replace each letter in a message with a different letter/symbol • Trivial example: • Guvf vf n frpeg zrffntr! • This is a secret message! • Transposition: Scramble the characters in a message • Trivial example: • !og a si htraE fo noisavnI • Invasion of Earth is a go! Key A: N B: O C: P D: Q E: R F: S G: T H: U I: V J: W K: X L: Y M: Z Key Reverse the order of the characters in the sentence

  17. Symmetric Key Encryption • Both sender and receiver know the algorithm used to encrypt a message and have the secret key necessary to decrypt it • Message can be intercepted by a third party but it can not be read • Block cipher vs. Stream cipher • Common symmetric key algorithms: • DES, Triple-DES, Blowfish,IDEA, RC2, RC4, RC5, Rinjdael

  18. Alice and Bob Top Secret! • Alice wants to send a private message to Bob • Secret agent Eve wants to intercept it • Alice and Bob use symmetric key encryption to keep the message private

  19. Symmetric Key Analysis • Benefits • Encryption and decryption can be very fast • Very strong algorithms available • Drawback: Key Management is difficult • Both parties must initially exchange keys • Both parties must store keys securely • Unique keys necessary for each pair who want to communicate privately

  20. PKI Example: Alice, Bob, and Eve Top Secret! • Alice wants to send a private message to Bob but they don’t have a shared secret key • Secret agent Eve still wants to intercept their message • Alice and Bob use public key encryption to keep the message private

  21. Public Key Infrastructure (PKI) • Public Key Cryptography: A technique for establishing encrypted communication channels between two parties who have not previously exchanged secret encryption keys • Public Key Infrastructure: A suite of technology products that implement public key cryptography for non-cryptographers

  22. Public Key Encryption • Pulic Key Algorithms solve key exchange problems • Encrypt with recipients public key • Decrypt with recipients private key • Drawbacks • Public keys are much larger than private keys • More complex to implement • Much slower than private key systems • Common public key systems: • Diffie-Hellman, DSA/DSS, Eliptic Curves, RSA

  23. Hybrid Approach • A hybrid public/private key approach is most commonly used on the web • Generate a private key for this session • Use Public Keys to exchange that private key • All subsequent interactions for that session are encrypted with private key • Private key is discarded at end of session

  24. Alice and Bob, Scenario 3 Top Secret! • Bob needs to confirm that a message he received from Alice truly came from Alice • Secret agent Eve wants to impersonate Alice • Solution: Alice uses a Digital Signature to sign her messages Top Secret Message From Alice (trust me)

  25. Digital Signatures • Digital Signatures use cryptographic techniques to provide: • Authentication • Integrity • Non-repudiation • Digital signatures do not, by themselves, provide confidentiality

  26. Steganography: The art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. Popular recent movie examples: The DaVinci Code and National Treasure Example: Load the first image Apply the Logical And operation with the number 3 to the image Make the image 85 times brighter You get the second image. Advanced Topic: Steganography

  27. Limitations Of Cryptography • Cryptography ≠ Security • Cryptography can not protect against: • Theft or exposure of unencrypted documents • Stolen encryption keys • Message traffic analysis • Denial of service attacks • Booby-trapped encryption programs • Malicious counter-parties

  28. Securing An IT Infrastructure:Principles and Technologies

  29. Principle: Compartmentalize Resources • Carefully limit connectivity between: • The public internet • Your public-facing servers • Your employees’ computers (desktops/laptops/pda’s) • Key corporate servers (web, db. app servers, etc.) • Other common groups containing key information assets • Assign appropriate levels of security to machines in each of these different compartments • Carefully limit and monitor interactions between them • Keep the most valuable assets “furthest” from public access

  30. Compartmentalization Technology • Firewalls • Filter network traffic • Decide what goes in and what goes out of a network • Act as a gatekeeper and buffer between networks • Such as the public internet and a company’s servers • Network Address Translation (NAT) • Displays a “reachable” public IP address to outside world • Creates an “unreachable” network address for internal use • DMZs (DeMilitarized Zones) • A network segment between two firewalls that buffers and limits traffic between the two network segments

  31. Compartmentalization Example

  32. Principle: Secure the Perimeter • Define clear boundaries of your network(s) • For each of these networks, it should be clear what is ‘inside’ the network and what is ‘outside’ the network • Put strong (fire)walls and gatekeepers at the perimeters

  33. Securing The Perimter: Physical Security • A network is not secure without good physical security • Control access to servers and networking equipment • Physical and procedural barriers • “Need to know/go” basis for access to machines and logins passwords • Limit the entrance and removal of trusted machines or storage media from the data center (e.g. laptops, USB keys, CD’s, …) • Beware of backups and old hard drives • Don’t throw them awaywithout erasing data

  34. Principle: Harden The Platform • Reduce the “attack surface” • Don’t run unnecessary programs • Keep up to date with patches and service packs • This is remarkably hard to do in practice! • Patching one problem often causes another • Build secure applications vs.

  35. Principle: Strategic Heterogeneity • Each element of your software and hardware platform have their own unique vulnerabilities • If you have a standardized platform, once an attacker finds an exploit for one part of the system, he can exploit many other parts of the system also • A bio-diversity model helps slow an attackers progress by presenting different kinds of defenses

  36. Counter-Principle: Keep It Simple (KISS) • Heterogeneity comes at a cost – complexity • Complexity and security don’t mix • Why?

  37. Principle: Use Strong Authentication • Something that you know – user id and password • This is the most common authentication mechanism • Something that you have • Smartcards • Keys/tokens – RFID tag , code generator, physical key • Physical access to a specific machine • Something that you are (biometrics) • Fingerprint • Voiceprint • Facial recognition • Iris/retina print • Etc…

  38. Strengthening Authentication • Require 1, 2, or 3 of what you know/have/are • The more you can supply, the stronger the authentication • Use a common authentication system for as many systems/interactions as possible • Why is this important? • Why is this hard to do in practice? MyID/EatShrimp + + =

  39. Principle: Control Access To Resources • Access control specifies who has access to which resources • Access control is different from authentication • Try to use a consistent model across applications • Common model: • Users, Permissions, Groups, Roles, Scope • Create “zones” of your network with strong partitions between the zones • Principle of Least Privileges

  40. Principle: Constant Vigilance • Securing IT infrastructure requires 24/7/365 vigilance • Combination of automated and human actions • Technology: Intrusion detection • Monitors traffic • Looks for attack patterns • Alerts when potential problems are found

  41. Midterm Exam Results • Overall, most people did well on the exam • 85 points possible • Score range: 50 (58%) to 83 (98%) (out of 85 possible) • Median score: 75 (88%) • Mean score: 72.3 (85%)

  42. References [AD03] Robert Austin and Christopher Darby, The Myth of Secure Computing, Harvard Business Review, June 2003.

More Related