0% found this document useful (0 votes)
13 views32 pages

01 Ch01 Introduction

The document provides an overview of computer security, focusing on key concepts such as confidentiality, integrity, and availability (CIA triad), as well as various security threats and design principles. It outlines the importance of a comprehensive security strategy that includes policy, implementation, and validation. Additionally, it discusses the challenges in computer security and the necessity for constant monitoring and adaptation to evolving threats.

Uploaded by

ypt8p82wcd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
13 views32 pages

01 Ch01 Introduction

The document provides an overview of computer security, focusing on key concepts such as confidentiality, integrity, and availability (CIA triad), as well as various security threats and design principles. It outlines the importance of a comprehensive security strategy that includes policy, implementation, and validation. Additionally, it discusses the challenges in computer security and the necessity for constant monitoring and adaptation to evolving threats.

Uploaded by

ypt8p82wcd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 32

Information Security

Chapter 1: Overview
Chapter 1 overview
• Computer Security Concepts
• Threats, Attacks, and Assets
• Security Functional Requirements
• Fundamental Security Design Principles
• Attack Surfaces and Attack Trees
• Computer Security Strategy

2
Learning objectives
• Describe the key security requirements of
confidentiality, integrity and availability
• Discuss the types security threats and attacks that
must be dealt with
• Summarize the functional requirements for
computer security
• Explain the fundamental security design principles
• Discuss the use of attack surfaces and attack trees
• Understand the principle aspects of a comprehensive
security strategy

3
A definition of computer security
• The protection afforded to an information system in
order to attain the applicable objectives of preserving the
integrity, availability and confidentiality of information
system resources (includes hardware, software,
firmware, information/data, and telecommunications)
NIST 1995

• The protection of computer systems and information


from harm, theft, and unauthorized use

4
Key Security Concepts

5
Three key objectives (the CIA triad)
• Confidentiality
– Data confidentiality: Ensure that computer related
information and services can be accessed by only authorized
entities.
– Privacy: Assures that individual control or influence what
information may be collected and stored.

To maintain confidentiality of important data while


transmission, the network should be guaranty the given
information cannot be accessed by malicious user other than
legitimate user.

6
• Integrity
– Data integrity: assures that information and programs are
changed or can be accessed by only in a specified and
authorized manner.
– System integrity: Assures that a system performs its operations
in unimpaired manner

The information sent from the transmitter must be received by the


receiver without create any modification in the integrity of the
data even changing status while transmission.

7
• Availability: Assure that systems works immediately
and service is not denied to authorized users.

Data availability can be measured in terms of how


often the data is available.
Moreover, the data must be available anytime and
anywhere, even in case of disaster occurred.

8
Other concepts to a complete security
picture
• Authenticity: the property of being genuine and being
able to be verified and trusted. The Confidence in the
validity of the transmitted data and the validity of its
source.
• Accountability: The traceability of actions performed on
a system to a specific system entity (user, process,
device). For example, the use of unique user
identification and authentication
supports accountability; the use of shared user IDs and
passwords destroys accountability.

9
Levels of security breach impact
• Low: the loss will have a limited impact, e.g., a
degradation in mission or minor damage or minor
financial loss or minor harm
• Moderate: the loss has a serious effect, e.g.,
significance degradation on mission or significant
harm to individuals but no loss of life or threatening
injuries
• High: the loss has severe or catastrophic adverse
effect on operations, organizational assets or on
individuals (e.g., loss of life)

10
Examples of security requirements:
Confidentiality
• Student grade information is an asset whose
confidentiality is considered to be very high
– The US FERPA Act: grades should only be available to
students, their parents, and their employers (when
required for the job)
• Student enrollment information: may have moderate
confidentiality rating; less damage if enclosed
• Directory information: low confidentiality rating;
often available publicly

11
Examples of security requirements:
Integrity
• A hospital patient’s allergy information (high integrity
data): A doctor should be able to trust that the info is
correct and current (file permissions and user access
controls)
– If a nurse deliberately falsifies the data, the database should
be restored to a trusted basis and the falsified information
traced back to the person who did it
• An online newsgroup registration data: moderate level
of integrity
• An example of low integrity requirement: anonymous
online poll (inaccuracy is well understood)

12
Examples of security requirements:
Availability
• Authentication services for critical system: high
availability required
– If customers cannot access resources, the loss of services
could result in financial loss
• A public website for a university: a moderate availably
requirement; not critical but causes embarrassment
• An online telephone directory lookup: a low
availability requirement because unavailability is
mostly annoyance (there are alternative sources)

13
Challenges of computer security
1. Computer security is not simple
2. In developing a particular security mechanism or algorithm ,
One must consider potential (unexpected) attacks
3. Procedures used are often counterintuitive/providing
services
4. Must decide where to deploy security mechanisms
5. Security mechanisms involve algorithms and secret info
(keys)
6. Computer security is a battle of wits between attacker /
admin
7. It is not perceived on benefit until fails(user/ admin)
8. Security required constant monitoring
9. Security is still too often an afterthought - incorporated after
the design is complete.
10. Strong security is regarded as impediment to using system

14
A model for computer security
• Table 1.1 and Figure 1.1 show the relationship
• Systems resources
– Hardware, software (OS, apps), data (users, system, database),
communication facilities and network (LAN, bridges, routers, …)
• Our concern: vulnerability of these resources (corrupted,
unavailable, leaky)
• Threats exploit vulnerabilities
• Attack is a threat that is accrued out
– Active or passive; from inside or from outside
• Countermeasures: actions taken to prevent, detect, recover
and minimize risks

15
Computer
Security
Terminology

16
Security concepts and relationships

17
Examples of threats

18
Fundamental security design principles
[1/4]
• Despite years of research, it is still difficult to design
systems that comprehensively prevent security flaws
• But good practices for good design have been
documented (analogous to software engineering)
– Economy of mechanism, fail-safe defaults, complete
mediation, open design, separation of privileges, lease
privilege, least common mechanism, psychological
accountability, isolation, encapsulation, modularity,
layering, least astonishment

19
Fundamental security design principles
[2/4]
• Economy of mechanism: the design of security
measures should be as simple as possible
– Simpler to implement and to verify
– Fewer vulnerabilities
• Fail-safe default: access decisions should be based
on permissions; i.e., the default is lack of access
• Complete mediation: every access should checked
against an access control system
• Open design: the design should be open rather than
secret (e.g., encryption algorithms)

20
Fundamental security design principles
[3/4]
• Isolation
– Public access should be isolated from critical resources (no
connection between public and critical information)
– Users files should be isolated from one another (except
when desired)
– Security mechanism should be isolated (i.e., preventing
access to those mechanisms)
• Encapsulation: similar to object concepts (hide
internal structures)
• Modularity: modular structure

21
Fundamental security design principles
[4/4]
• Layering (defense in depth): use of multiple,
overlapping protection approaches
• Least astonishment: a program or interface should
always respond in a way that is least likely to
astonish a user

22
Fundamental security design principles
• Separation of privilege: multiple privileges should be
needed to do achieve access (or complete a task)
• Least privilege: every user (process) should have the
least privilege to perform a task
• Least common mechanism: a design should
minimize the function shared by different users
(providing mutual security; reduce deadlock)
• Psychological acceptability: security mechanisms
should not interfere unduly with the work of users

23
Attack surfaces
• Attack surface: the reachable and available vulnerabilities in
a system which include:
– Open ports
– Services outside a firewall
– An employee with access to sensitive info

• Three categories
– Network attack surface (i.e., network vulnerability)
– Software attack surface (i.e., software vulnerabilities)
– Human attack surface (e.g., social engineering)

• Attack analysis: assessing the scale and severity of threats

24
Attack Trees
• A branching, hierarchical data structure that
represents a set of potential vulnerabilities
• Objective: to effectively exploit the info available on
attack patterns
– published on CERT or similar forums
– Security analysts can use the tree to guide design and
strengthen countermeasures

25
An Attack Tree

26
Computer security strategy
• An overall strategy for providing security
– Policy (specs): what security schemes are supposed to do
• Assets and their values
• Potential threats
• Ease of use vs security
• Cost of security vs cost of failure/recovery

– Implementation/mechanism: how to enforce


• Prevention
• Detection
• Response
• Recovery

– Correctness/assurance: does it really work (validation/review)

27
Security Taxonomy

28
Security Trends

29
Computer Security Losses

30
Security Technologies Used

31
Summary
• Security concepts
• Terminology
• Functional requirements
• Security design principles
• Security strategy

32

You might also like