View
236
Download
2
Category
Tags:
Preview:
Citation preview
Computer Security: Computer Security: Principles and PracticePrinciples and Practice
Chapter 1 – Chapter 1 – OverviewOverview
OverviewOverview
Computer Security:Computer Security: protection afforded protection afforded to an automated information system in to an automated information system in order to attain the applicable objectives of order to attain the applicable objectives of preserving the integrity, availability and preserving the integrity, availability and confidentiality of information system confidentiality of information system resources (includes hardware, software, resources (includes hardware, software, firmware, information/data, and firmware, information/data, and telecommunications).
Key Security ConceptsKey Security Concepts
Computer Security Challenges (1/2)Computer Security Challenges (1/2)
1.1. Not simpleNot simple: The requirements seems to be : The requirements seems to be straightforward, but the mechanisms used to straightforward, but the mechanisms used to meet those requirements can be quite complex.meet those requirements can be quite complex.
2.2. Must consider potential attacksMust consider potential attacks: The attacks : The attacks you did not consider would cause the most you did not consider would cause the most damage.damage.
3.3. Procedures used counter-intuitiveProcedures used counter-intuitive: Typically, an : Typically, an elaborate security mechanism makes sense elaborate security mechanism makes sense when the various threat are considered.when the various threat are considered.
4.4. Must decide where to deploy mechanismsMust decide where to deploy mechanisms: Both : Both physical and logical placements need to be physical and logical placements need to be considered.considered.
Computer Security Challenges (2/2)Computer Security Challenges (2/2)
5.5. Involve algorithms and secret infoInvolve algorithms and secret info: Questions : Questions about the creation, distribution, and protection about the creation, distribution, and protection of the secret info should be solved. of the secret info should be solved.
6.6. Battle of wits between attacker / adminBattle of wits between attacker / admin: One : One security hole is just enough to crash a perfect security hole is just enough to crash a perfect system. system.
7.7. Not perceived on benefit until failsNot perceived on benefit until fails8.8. Requires regular monitoringRequires regular monitoring: Human-intensive : Human-intensive
jobjob
Computer Security Challenges (2/2)Computer Security Challenges (2/2)
9.9. Too often an after-thoughtToo often an after-thought: Security : Security mechanisms are often incorporated into a mechanisms are often incorporated into a system after the design is complete.system after the design is complete.
10.10. Regarded as impediment to using systemRegarded as impediment to using system: : There is a trade-off between efficiency and There is a trade-off between efficiency and security. security.
Security TerminologySecurity Terminology
Vulnerabilities and AttacksVulnerabilities and Attacks
system resource vulnerabilities maysystem resource vulnerabilities may be corrupted (loss of integrity)be corrupted (loss of integrity) become leaky (loss of confidentiality)become leaky (loss of confidentiality) become unavailable (loss of availability)become unavailable (loss of availability)
attacks are threats carried out and may beattacks are threats carried out and may be passivepassive activeactive insiderinsider outsideroutsider
CountermeasuresCountermeasures
means used to deal with security attacksmeans used to deal with security attacks preventprevent detectdetect recoverrecover
may result in new vulnerabilitiesmay result in new vulnerabilities will have residual vulnerabilitywill have residual vulnerability goal is to minimize risk given constraintsgoal is to minimize risk given constraints
Threat ConsequencesThreat Consequences
unauthorized disclosureunauthorized disclosure exposure, interception, inference, intrusionexposure, interception, inference, intrusion
deceptiondeception masquerade, falsification, repudiationmasquerade, falsification, repudiation
disruptiondisruption incapacitation, corruption, obstructionincapacitation, corruption, obstruction
usurpationusurpation misappropriation, misusemisappropriation, misuse
Scope of Computer SecurityScope of Computer Security
Network Security AttacksNetwork Security Attacks classify as passive or activeclassify as passive or active passive attacks are eavesdroppingpassive attacks are eavesdropping
release of message contentsrelease of message contents traffic analysistraffic analysis are hard to detect so aim to preventare hard to detect so aim to prevent
active attacks modify/fake dataactive attacks modify/fake data masquerademasquerade replayreplay modificationmodification denial of servicedenial of service hard to prevent so aim to detecthard to prevent so aim to detect
Security Functional Security Functional RequirementsRequirements
technical measures:technical measures: access control; identification & authentication; system & access control; identification & authentication; system &
communication protection; system & information integritycommunication protection; system & information integrity management controls and procedures management controls and procedures
awareness & training; audit & accountability; certification, awareness & training; audit & accountability; certification, accreditation, & security assessments; contingency accreditation, & security assessments; contingency planning; maintenance; physical & environmental planning; maintenance; physical & environmental protection; planning; personnel security; risk assessment; protection; planning; personnel security; risk assessment; systems & services acquisitionsystems & services acquisition
overlapping technical and management:overlapping technical and management: configuration management; incident response; media configuration management; incident response; media
protectionprotection
X.800 Security ArchitectureX.800 Security Architecture
X.800, X.800, Security Architecture for OSISecurity Architecture for OSI systematic way of defining requirements systematic way of defining requirements
for security and characterizing approaches for security and characterizing approaches to satisfying themto satisfying them
defines:defines: security attacks - compromise security security attacks - compromise security security mechanism - act to detect, prevent, security mechanism - act to detect, prevent,
recover from attackrecover from attack security service - counter security attackssecurity service - counter security attacks
Security TaxonomySecurity Taxonomy
Security TrendsSecurity Trends
Computer Security LossesComputer Security Losses
Security Technologies UsedSecurity Technologies Used
Computer Security StrategyComputer Security Strategy
specification/policyspecification/policy what is the security scheme supposed to do?what is the security scheme supposed to do? codify in policy and procedurescodify in policy and procedures
implementation/mechanismsimplementation/mechanisms how does it do it?how does it do it? prevention, detection, response, recoveryprevention, detection, response, recovery
correctness/assurancecorrectness/assurance does it really work?does it really work? assurance, evaluationassurance, evaluation
SummarySummary
security conceptssecurity concepts terminologyterminology functional requirementsfunctional requirements security architecturesecurity architecture security trendssecurity trends security strategysecurity strategy
Recommended