Introduction to Security

Concepts
Computer security
 Measures and controls that ensure
– confidentiality,
– integrity, and
– availability
 of information system assets including hardware,
software, firmware, and information being
processed, stored, and communicated.”
Key Security Concepts

Confidentiality Integrity Availability

• Preserving • Guarding against • Ensuring timely and

authorized improper reliable access to
restrictions on information and use of
information access modification or information
and disclosure, destruction,
including means for including ensuring
protecting personal information
privacy and nonrepudiation and
proprietary authenticity
information
Levels of Impact

Low Moderate High

The loss could
The loss could The loss could
be expected to
be expected to be expected to
have a severe or
have a limited have a serious
catastrophic
adverse effect on adverse effect on
adverse effect on
organizational organizational
organizational
operations, operations,
operations,
organizational organizational
organizational
assets, or assets, or
assets, or
individuals individuals
individuals
 Computer Security Challenges
1. Computer security is not as simple as it might first appear
to the novice

2. In developing a particular security mechanism or algorithm,

one must always consider potential attacks on those security
features

3. Procedures used to provide particular services are often

counterintuitive

4. Physical and logical placement needs to be determined

5. Security mechanisms typically involve more than a particular algorithm

or protocol and also require that participants be in possession of some
secret information which raises questions about the creation, distribution,
and protection of that secret information
 Computer Security Challenges
6. Attackers only need to find a single weakness, while the
designer must find and eliminate all weaknesses to achieve
perfect security
7. Security is still too often an afterthought to be incorporated
into a system after the design is complete, rather than being
an integral part of the design process

8. Security requires regular and constant monitoring

9. There is a natural tendency on the part of users and

system managers to perceive little benefit from security
investment until a security failure occurs
10. Many users and even security administrators view strong
security as an impediment to efficient and user-friendly
operation of an information system or use of information
 Table 1.1

Computer Security Terminology

 Adversary (threat agent)

- Individual, group, organization, or government that
conducts or has the intent to conduct detrimental
activities.
 Attack
- Any kind of malicious activity that attempts to collect,
disrupt, deny, degrade, or destroy information system
resources or the information itself.
 Countermeasure
- A device or techniques that has as its objective the
impairment of the operational effectiveness of
undesirable or adversarial activity, or the prevention of
espionage, sabotage, theft, or unauthorized access to
or use of sensitive information or information systems.
 Table 1.1

Computer Security
Terminology
 Risk
- A measure of the extent to which an
entity is threatened by a potential
circumstance or event, and typically
a function of 1) the adverse impacts
that would arise if the circumstance
or event occurs; and 2) the likelihood
of occurrence.
 Computer Security Terminology
 Security Policy
- A set of criteria for the provision of security services. It
defines and constrains the activities of a data processing
facility in order to maintain a condition of security for systems
and data.
 System Resource (Asset)
- A major application, general support system, high impact
program, physical plant, mission critical system, personnel,
equipment, or a logically related group of systems.
 Threat
- Any circumstance or event with the potential to adversely
impact organizational operations (including mission,
functions, image, or reputation), organizational assets,
individuals, other organizations, or the Nation through an
information system via unauthorized access, destruction,
disclosure, modification of information, and/or denial of
service.
 Vulnerability
- Weakness in an information system, system security
procedures, internal controls, or implementation that could
be exploited or triggered by a threat source.
Assets of a Computer System

Hardware

Software

Data

Communication facilities and

networks
Vulnerabilities, Threats
and Attacks
 Categories of vulnerabilities
 Corrupted (loss of integrity)
 Leaky (loss of confidentiality)
 Unavailable or very slow (loss of availability)
• Threats
 Capable of exploiting vulnerabilities
 Represent potential security harm to an asset
• Attacks (threats carried out)
 Passive – attempt to learn or make use of information from the
system that does not affect system resources
 Active – attempt to alter system resources or affect their
operation
 Insider – initiated by an entity inside the security parameter
 Outsider – initiated from outside the perimeter
Countermeasures
Means used to
deal with
security
attacks
• Prevent
• Detect
• Recover

Residual
vulnerabilities
may remain

Goal is to
May itself minimize
introduce new residual level
vulnerabilities of risk to the
assets
 Threat
Consequences,
and the
Types of
Threat Actions
That Cause
Each
Consequence

Based on
RFC 4949

**Table is on page 10 in the textbook.

Computer and Network Assets, with Examples of
Threats
Passive and Active Attacks
Passive Attack
 Attempts to learn or make use of
information from the system but
does not affect system resources
 Eavesdropping on, or monitoring
of, transmissions
 Goal of attacker is to obtain
information that is being
transmitted
 Two types:
– Release of message contents
– Traffic analysis
Active Attack
 Attempts to alter system
resources or affect their
operation
 Involve some modification of
the data stream or the
creation of a false stream
 Four categories:
– Replay
– Masquerade
– Modification of
messages
– Denial of service
 Security
Requirements
 Security
Requirements
 Fundamental security design
principles
Economy of Fail-safe Complete
Open design
mechanism defaults mediation

Least
Separation of Least Psychological
common
privilege privilege acceptability
mechanism

Isolation Encapsulation Modularity Layering

Least
astonishment
Attack Surfaces

Consist of the reachable and exploitable

vulnerabilities in a system

Examples:

Code that
Open ports on processes An employee with
outward facing incoming data, access to sensitive
Services available
Web and other email, XML, office Interfaces, SQL, information
on the inside of a
servers, and code documents, and and Web forms vulnerable to a
firewall
listening on those industry-specific social engineering
ports custom data attack
exchange formats
Attack Surface Categories
Network
Attack Surface
Vulnerabilities over an
enterprise network, wide-
area network, or the Internet
Included in this category are
network protocol
vulnerabilities, such as
those used for a denial-of-
service attack, disruption of
communications links, and
various forms of intruder
attacks
Software Human Attack
Attack Surface Surface
Vulnerabilities in application,
utility, or operating system
code
Vulnerabilities created by
personnel or outsiders,
such as social engineering,
human error, and trusted
insiders
Particular focus is Web
server software
Computer Security Strategy
Security Policy Security
• Formal statement of rules Implementation
and practices that specify • Involves four
or regulate how a system complementary courses of
or organization provides action:
security services to • Prevention
protect sensitive and
• Detection
critical system resources
• Response
• Recovery

Assurance Evaluation
• Encompassing both • Process of examining a
system design and system computer product or
implementation, system with respect to
assurance is an attribute certain criteria
of an information system • Involves testing and may
that provides grounds for also involve formal
having confidence that the analytic or mathematical
system operates such that techniques
the system’s security
policy is enforced
Standards

 Standards have been developed to cover management practices

and the overall architecture of security mechanisms and services
 The most important of these organizations are:
– National Institute of Standards and Technology (NIST)
 NIST is a U.S. federal agency that deals with measurement science,
standards, and technology related to U.S. government use and to the
promotion of U.S. private sector innovation
– Internet Society (ISOC)
 ISOC is a professional membership society that provides leadership in
addressing issues that confront the future of the Internet, and is the
organization home for the groups responsible for Internet infrastructure
standards
– International Telecommunication Union (ITU-T)
 ITU is a United Nations agency in which governments and the private
sector coordinate global telecom networks and services
– International Organization for Standardization (ISO)
 ISO is a nongovernmental organization whose work results in international
Summary

 Computer security • Fundamental

concepts security design
– Definition principles
– Challenges • Attack surfaces and
– Model attack trees
– Attack surfaces
 Threats, attacks, – Attack trees

and assets • Computer security

– Threats and attacks strategy
– Security policy
– Threats and assets – Security implementation
 Security functional – Assurance and
evaluation
requirements
 Standards