SECURITY PRINCIPLES

MIS. ZUBEDA S KILUA

 INTRODUCTION

 Security principles are foundational concepts that

guide the development and implementation of
secure systems, processes, and policies.
 They are designed to protect information, systems,
and networks from unauthorized access, use,
disclosure, disruption, modification, or destruction
 The key security principles

1. Confidentiality
 Ensures that sensitive information is accessed only
by authorized individuals or systems.
 Techniques: Encryption, access control, data
masking.
2. Integrity
 Ensures that data remains accurate, consistent, and
unaltered unless modified by authorized means.
 Techniques: Hashing, checksums, digital signatures.
 Cont..

3. Availability
 Ensures that systems, applications, and
data are accessible when needed by
authorized users.
 Techniques: Redundancy, failover
mechanisms, backups, disaster recovery
planning.
Cont..

4. Authentication
 Confirms the identity of a user, device, or
system before granting access.
 Techniques: Passwords, multi-factor
authentication (MFA), biometrics.
 Cont..

5. Authorization
 Determines the level of access or permissions
granted to authenticated users or systems.
 Techniques: Role-based access control (RBAC),
least privilege principle.
 Cont..

6. Non-Repudiation
 Prevents denial of actions or communications
by ensuring proof of origin or authenticity.
 Techniques: Digital signatures, audit trails,
logging.
Cont..

7. Least Privilege
 Grants only the minimum necessary access or
permissions required to perform a task.
 Reduces attack surface and limits potential
damage from breaches.
Cont..

8. Defense in Depth
 Employs multiple layers of security controls to
provide redundancy and mitigate risks.
 Layers: Firewalls, intrusion detection systems,
endpoint protection.
Cont..

9. Accountability
 Assigns responsibility for actions, ensuring
that systems and users can be held
accountable for their activities.
 Techniques: Logging, monitoring, and audit
trails.
Cont..

10. Resilience
 Ensures systems can continue operating,
recover quickly, and withstand attacks or
failures.
 Techniques: Incident response plans, resilient
architecture, system updates.
 Cont..
11. Privacy
 Protects personal or sensitive information and
ensures compliance with data protection laws.
 Example: General Data Protection Regulation (GDPR),
data anonymization.
 These principles form the basis for creating robust
security policies, designing secure systems, and
responding to evolving cybersecurity threats
 Windows vs Linux

 Windows and Linux are two prominent

operating systems that follow core security
principles while implementing their own
mechanisms and tools to address security.
 comparison of how they align with
standard security principles:
1. Confidentiality
 Windows:
i. Access Control: Uses Access Control Lists (ACLs) and
Group Policies to define user and group permissions.
ii. Encryption: BitLocker provides full-disk encryption
for data protection.
iii. File Permissions: NTFS supports fine-grained
permission settings for files and directories.
 Cont..

 Linux:
i. Access Control: Implements file permissions
(read, write, execute) and more granular access
control via Access Control Lists (ACLs).
ii. Encryption: Offers tools like LUKS for disk
encryption and GPG for encrypting files or
emails.
iii. SELinux/AppArmor: Adds Mandatory Access
Control (MAC) for enhanced confidentiality.
 Cont..

2. Integrity
 Windows:
i. File Integrity Monitoring (FIM): Tools like
System File Checker (SFC) and Windows Resource
Protection (WRP) ensure critical system files are
intact.
ii. Event Logs: The Windows Event Viewer tracks
changes for audit purposes.
 Cont..
 Linux:
i. File Integrity: Tools like AIDE (Advanced Intrusion
Detection Environment) and Tripwire monitor file
changes.
ii. Package Management: Uses cryptographic
checksums and signatures (e.g., GPG) to ensure
software integrity.
iii.SELinux/AppArmor: Enforces policies to prevent
unauthorized changes.
 Cont..
3. Availability
 Windows:
i. System Restore: Provides a mechanism to roll
back changes to ensure system availability.
ii. Failover Clustering: Enhances availability for
critical applications.
iii. Patch Management: Windows Update
automates security updates to reduce
vulnerabilities.
 Cont..
 Linux:
i. Redundancy: Services like HAProxy and
clustering tools (e.g., Pacemaker) ensure
availability.
ii. Service Management: Tools like systemd
manage and restart failed services.
iii. Kernel Updates: Live patching tools like Ksplice
minimize downtime during updates.
 Cont..
4. Authentication
 Windows:
i. Active Directory (AD): Centralized
authentication and identity management.
ii. Multi-Factor Authentication (MFA):
Integrated through tools like Azure AD and
Windows Hello.
iii. Biometric Authentication: Supports
fingerprint and facial recognition.
 Cont..
 Linux:
i. Pluggable Authentication Modules (PAM):
Modular authentication system for various
services.
ii. Multi-Factor Authentication (MFA): Tools like
Google Authenticator or Duo integrate easily.
iii. SSH Keys: Widely used for secure remote
access.
cont..

5. Authorization
 Windows:
i. User Account Control (UAC): Limits
administrative access to protect the system.
ii.Group Policy Objects (GPOs): Manage user
and group permissions centrally.
iii.File Permissions: Granular ACLs for file and
folder access.
 Cont..

 Linux:
i. File Permissions: Uses Owner, Group, and
Others permission model.
ii.sudo: Grants temporary elevated privileges for
administrative tasks.
iii.RBAC: Tools like SELinux enable role-based
access controls.
 Cont..

6. Non-Repudiation
 Windows:
i. Event Logs: Comprehensive logging through
Event Viewer.
ii. Audit Policies: Tracks user actions and
system changes.
iii. Digital Signatures: Verifies the authenticity
of applications and documents.
 Cont..

 Linux:
i. System Logs: Maintains logs in /var/log,
which can be further managed by tools like
rsyslog or journald.
ii. Auditd: Auditing daemon for tracking system
events.
iii. Digital Signatures: Cryptographic tools like
GPG ensure non-repudiation.
Cont..

7. Least Privilege
 Windows:
i. Standard User Accounts: Encourages
limiting administrative rights.
ii. UAC: Prompts for elevation only when
necessary.
iii. Policy Enforcement: Managed through
GPOs.
Cont..
 Linux:
i. sudo: Allows running specific commands with
elevated privileges without full root access.
ii.Permission Management: Granular control
over who can access or modify files.
iii.Chroot: Restricts application environments
for isolation.
 Cont..

8. Defense in Depth
 Windows:
i. Built-In Antivirus: Windows Defender provides
real-time protection.
ii.Firewall: Windows Firewall offers network
protection.
iii.Network Access Protection (NAP): Validates
the health of devices connecting to the network.
Cont..
 Linux:
i. SELinux/AppArmor: Provides mandatory
access control.
ii.Firewall: iptables/nftables manage network
traffic rules.
iii.Intrusion Detection: Tools like Snort and
Fail2Ban protect against attacks.
Cont..

 Both systems strive to implement these

principles, but their methods and tools may
differ due to their architectural philosophies
and user base.
Class work

 With the help of commands show

how GPG and SELinux works