EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing - PowerPoint PPT Presentation

eec 693 793 special topics in electrical engineering secure and dependable computing n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing PowerPoint Presentation
Download Presentation
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing

play fullscreen
1 / 30
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing
0 Views
Download Presentation
mcdowelldavid
Download Presentation

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. EEC 693/793Special Topics in Electrical EngineeringSecure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org

  2. Outline • Types of threats • Meaning of computer security • Vulnerabilities in computer systems • Threats in computer networks EEC693: Secure & Dependable Computing

  3. The Meaning of Computer Security • The purpose of computer security is to devise ways to prevent the weaknesses from being exploited • What we mean when we say that a system is secure: • Confidentiality: computer-related assets are accessed only by authorized parties. Confidentiality is sometimes called secrecy or privacy • Integrity: assets can be modified only by authorized parties or only in authorized ways • Availability: assets are accessible to authorized parties at appropriate times EEC693: Secure & Dependable Computing

  4. Relationship of Security Goals • A secure system must meet all three requirements • The challenge is how to find the right balance among the goals, which often conflict • For example, it is easy to preserve a particular object's confidentiality in a secure system simply by preventing everyone from reading that object • However, this system is not secure, because it does not meet the requirement of availability for proper access => There must be a balance between confidentiality and availability EEC693: Secure & Dependable Computing

  5. Relationship of Security Goals EEC693: Secure & Dependable Computing

  6. Confidentiality • Confidentiality is the security property we understand best because its meaning is narrower than the other two • However, it is not trivial to ensure confidentiality. For example, • Who determines which people or systems are authorized to access the current system? • By "accessing" data, do we mean that an authorized party can access a single bit? pieces of data out of context? • Can someone who is authorized disclose those data to other parties? EEC693: Secure & Dependable Computing

  7. Integrity • It is much harder to ensure integrity. One reason is that integrity means different things in different context • For example, if we say that we have preserved the integrity of an item, we may mean that the item is: • precise • accurate • unmodified • modified only in acceptable ways • modified only by authorized people • modified only by authorized processes • consistent • internally consistent • meaningful and usable EEC693: Secure & Dependable Computing

  8. Integrity • Aspects of integrity: computerized data are the same as those in source documents; they have not been exposed to accidental or malicious alteration or destruction • Aspects of integrity: authorized actions, separation and protection of resources, and error detection and correction • Integrity can be enforced in much the same way as can confidentiality: by rigorous control of who or what can access which resources in what ways EEC693: Secure & Dependable Computing

  9. Availability • Availability applies both to data and to services (i.e., to information and to information processing • We say a data item, service, or system is available if • There is a timely response to our request • There is a fair allocation of resources, so that some requesters are not favored over others • The service or system involved are fault tolerant - hardware or software faults lead to graceful cessation of service or to workarounds rather than to crashes and abrupt loss of information • The service or system can be used easily and in the way it was intended to be used • …. EEC693: Secure & Dependable Computing

  10. Availability • The security community is just beginning to understand what availability implies and how to ensure it • A small, centralized control of access is fundamental to preserving confidentiality and integrity, but it is not clear that a single access control point can enforce availability • Much of computer security's past success has focused on confidentiality and integrity; full implementation of availability is security's next great challenge EEC693: Secure & Dependable Computing

  11. Vulnerabilities • Vulnerabilities: What would prevent us from reaching one or more of our three security goals • The three assets (hardware, software and data) and the connections among them are all potential security weak points EEC693: Secure & Dependable Computing

  12. Vulnerabilities EEC693: Secure & Dependable Computing

  13. Software Vulnerabilities • Software is surprisingly easy to delete and to copy • Software is vulnerable to modifications that either cause it to fail or cause it to perform an unintended task EEC693: Secure & Dependable Computing

  14. Software Vulnerabilities • Logic bomb: a program that has been maliciously modified to fail when certain conditions are met or when a certain date or time is reached • Trojan horse: a program that overtly does one thing while covertly doing another • Virus: a specific type of Trojan horse that can be used to spread its "infection" from one computer to another • Trapdoor: a program that has a secret entry point • Information leaks in a program: code that makes information accessible to unauthorized people or programs EEC693: Secure & Dependable Computing

  15. Data Vulnerabilities • Data items have greater public value than hardware and software, because more people know how to use or interpret data • By themselves, out of context, pieces of data have essentially no intrinsic value • On the other hand, data items in context do relate to cost, perhaps measurable by the cost to reconstruct or redevelop damaged or lost data EEC693: Secure & Dependable Computing

  16. Data Vulnerabilities • Confidential data leaked to a competitor may narrow a competitive edge • Data incorrectly modified can cost human lives • Inadequate security may lead to financial liability if certain personal data are made public • The value of data over time is far less predictable or consistent • Quite often, data is valuable only for a period of time EEC693: Secure & Dependable Computing

  17. Principle of Adequate Protection • Principle of Adequate Protection: • Computer items must be protected only until they lose their value • They must be protected to a degree consistent with their value EEC693: Secure & Dependable Computing

  18. Security of Data Integrity prevents unauthorized modification Confidentiality prevents unauthorized disclosure of a data item Availability prevents denial of authorized access EEC693: Secure & Dependable Computing

  19. Threats in Networks • Networks are specialized collections of hardware, software, and data • Each network node is itself a computing system • It experiences all normal security problems • A network must also confront communication problems that involve the interaction of system components and outside resources EEC693: Secure & Dependable Computing

  20. Threats in Networks • The challenges to achieve network security are rooted in • A network's lack of physical proximity • Use of insecure, shared media, and • The inability of a network to identify remote users positively EEC693: Secure & Dependable Computing

  21. What Makes a Network Vulnerable • Anonymity. An attacker can mount an attack from thousands of miles away and never come into direct contact with the system, its administrators, or users • Many points of attack—both targets and origins. An attack can come from any host to any host, so that a large network offers many points of vulnerability EEC693: Secure & Dependable Computing

  22. What Makes a Network Vulnerable • Sharing. Because networks enable resource and workload sharing, more users have the potential to access networked systems than on single computers • Complexity of system. A network combines two or more possibly dissimilar operating systems • Unknown network boundary. A network's expandability also implies uncertainty about the network boundary EEC693: Secure & Dependable Computing

  23. What Makes a Network Vulnerable Unknown network boundary EEC693: Secure & Dependable Computing

  24. What Makes a Network Vulnerable • Unknown path in message routing. There may be many paths from one host to another. Some intermediate node might not be trustworthy EEC693: Secure & Dependable Computing

  25. Methods of Defense • Harm occurs when a threat is realized against a vulnerability • To protect against harm, we can neutralize the threat, close the vulnerability, or both • The possibility for harm to occur is called risk EEC693: Secure & Dependable Computing

  26. Methods of Defense • We can deal with harm in several ways. We can seek to • Prevent it, by blocking the attack or closing the vulnerability • Deter it, by making the attack harder, but not impossible • Deflect it, by making another target more attractive (or this one less so) • Detect it, either as it happens or some time after the fact • Recover from its effects EEC693: Secure & Dependable Computing

  27. Methods of Defense – Multiple Controls EEC693: Secure & Dependable Computing

  28. Countermeasures / Controls • Encryption • Scrambling process • Software controls • Hardware controls • hardware or smart card implementations of encryption • Policies and Procedures • Example: change password periodically • Physical Controls • Example: Locks on doors, guards at entry points EEC693: Secure & Dependable Computing

  29. Software Controls • Internal program controls: parts of the program that enforce security restrictions, such as access limitations • Operating system and network system controls: limitations enforced by the operating system or network to protect each user from all other users • Independent control programs: application programs, such as password checkers, intrusion detection utilities, or virus scanners, that protect against certain types of vulnerabilities • Development controls: quality standards under which a program is designed, coded, tested, and maintained, to prevent software faults from becoming exploitable vulnerabilities EEC693: Secure & Dependable Computing

  30. Principle of Effectiveness • Principle of Effectiveness: Controls must be used—and used properly—to be effective. They must be efficient, easy to use, and appropriate EEC693: Secure & Dependable Computing