View
214
Download
0
Category
Preview:
Citation preview
Linneaus-Palme Project
Information Security
Avinanta TariganGunadarma University
Indonesia
avinanta@staff.gunadarma.ac.idhttp://ps-sekuriti.gunadarma.ac.id
Linneaus-Palme Project
Gunadarma University
● One of five largest private University in Indonesia
● Approx 30.000 students, 1000 lectures● Bachelor, Master, Doctoral programs● 8 Faculties, 20 Departments, Mostly awarded
“A” by Government Accreditation Board● 12 Campus Locations across Jakarta● Top 5 Webomatriks Rank, 4ICU, in Indonesia
Linneaus-Palme Project
MySelf
● 1997 – Bachelor (Hons) in Computer Science, Gunadarma University
● 2007 – PhD in Computer Science, University of Bielefeld, Germany
● Since 1995 has been involved in ICT related project and research– Developed Certification Authority System for
Indonesian Telecom– Conducted security audit on several government
agencies and companies
Linneaus-Palme Project
Why do we need one ?
● Information becomes capital, has economic value lots of interests→
● Beyond physical security● “Misuse” of Internet and its Applications
– TCP/IP was never designed to be secure protocol– More applications are developed on top of Internet– More devices are connected to Internet
● User's awareness of Information Security is still low
Linneaus-Palme Project
Basics
● The state of the system in the information security context :– Secure – Insecure– Path Leads to Insecure States
● Yellow path is caused by Vulnerability in the System
● Vulnerability /\ Attack → Security Violation● An Exploit is attack technique for particular
vulnerability
Linneaus-Palme Project
So What is Information Security ?
● The objective of information security is : to keep the system always in green state and keeping yellow and red states unreachable.
● Security engineering is about building systems to remain dependable in the face of malice, error and mischance. As a discipline, it focuses on the tools, processes and methods needed to design, implement and test complete systems, and to adapt existing systems as their environment evolves (Ross Anderson)
Linneaus-Palme Project
Security Policy
● Basically, a security policy defines all secure states, insecure states, and security violation states of a system in organization, company, or even in country.
● It also defines procedures in order to reach security objectives
● Derived from Security Requirements after assessing Security Risk of all asset and possible threats.
Linneaus-Palme Project
The System
● A system can be:– a product or component (PC, smartcard,…)– some products plus O/S, comms and infrastructure– the above plus applications– the above plus internal staff– the above plus customers / external users– the above plus third party– the above plus government policy
● Common failing: policy drawn too narrowly
Linneaus-Palme Project
The System … (continued)
● Example :– X Bank defines their system as network, PCs,
servers, applications, databases, located and installed in their building
– Y Bank defines their system not only their servers etc, but also the network and PCs of their customers used to access Internet Banking service.
● Tell me what you think !● Give me another example
Linneaus-Palme Project
The System … (continued)
● “Security is chain of trust. It is only as strong as its weakest link” (Bruce Schneier)
● A chain represents any element of the system● Attacker only needs to find vulnerability and
corresponding exploit of weakest chain, and security breaks.
● Adding elements in the system : the security is becoming more complex since there are more chains
Linneaus-Palme Project
Attack
● Dimension of Attack :– Physical Attack : laptop – flash-disc - hard-disk theft,
cut the electrical supply, anti-tamper-proof– Syntatic Attack : buffer overflow, SQL injection, API
attack, etc– Semantic Attack : social engineering, site phising,
Nigerian Scam
Target of attack is not only limited to computer system.
Linneaus-Palme Project
Attack (continued)
– Passive Attack: ● Packet Sniffing, Spying, Statistical Analysis● Relative difficult to detect
– Active Attack:● Man-In-The-Middle● Packet Spoofing● Packet Flooding, Denial of Service (DoS)● Reply Attack
Linneaus-Palme Project
Vulnerability
● Computer system behavior are determined by :– Algorithms – User Command
● A flaw / Bug in algorithm and user input/command can lead to vulnerability
● The most common vulnerability :– SQL Injection– Buffer Overflow– OS Command Injection– Cross-site scripting– etc
Linneaus-Palme Project
Attack (continued)
● XSS (Cross Side Scripting)● Enables attacker to execute
malicious code on behalf of trusted principle
● Example :● Session Hijacking● Automatic Friend Addition in
MySpace
Linneaus-Palme Project
Vulnerability
● Computer System Failure - Related to Safety :– Ariane V explosion :
● The internal SRI software exception was caused during execution of a data conversion from 64-bit floating point to 16-bit signed integer value. The floating point number which was converted had a value greater than what could be represented by a 16-bit signed integer. This resulted in an Operand Error.
– Airbus A320 Mullhouse● The designed fly-by-wire logic determined that in that
particular situation, alpha-floor protection should be sufficiently preserved, thus did not respond to pilot's command to increase power of the engines.
Linneaus-Palme Project
Vulnerability● Most of EDC Terminals has
Anti-Tampering-Mechanism to protect secret information used to send data to/from bank host
● Flaw in the hardware design enables attacker to collect sensitive information using driller, a paper clip to get into serial connector and a sniffing device
● Works only in Laboratory ?
● No. July 2008 – 'new' terminals found to be sending card and PIN data to Karachi
Linneaus-Palme Project
Vulnerability
● EMV deployed all over the world● Liability shift disputes charged →
to cardholder if pin used, else to merchant
● Flaw in the protocol between card and reader
● A stolen card connected with computing device enables attacker to accomplish transaction using any PIN
Linneaus-Palme Project
Vulnerability
● Flaw in API Hardware Security Module– HSM is crypto-machine used in electronic financial
transactions (ATM, EMV), and store the master key that never get out from the device
– Attacker who has access to the HSM, using computing device, can learn the key in 2 days
● Flaw in Cryptographic Protocol– Needham Schroeder & Earliest SSL
● And many more ...
Linneaus-Palme Project
Vulnerability
● Attacker creates an additional panel with skimming device, to be put on top of ATM panel
● It sniffs magnetic card data and the PIN
● Attacker makes a fake card and uses retrieved PIN to steal money
Linneaus-Palme Project
Vulnerability
● Using toothpick and hair-lotion to make the inserted card stuck in the card reader
● Call-center information is manipulated, customer calls the fake call-center, ending up giving the PIN
● Attacker recovered the card and use it to withdraw customer money from the ATM
Linneaus-Palme Project
Terminology
● A subject is a physical person● A person can also be a legal person (firm)● A principal can be
– a person– equipment (PC, smartcard)– a role (the officer of the watch)– a complex role (Alice or Bob, Bob deputising for Alice)
● The level of precision is variable – sometimes you need to distinguish ‘Bob’s smartcard representing Bob who’s standing in for Alice’ from ‘Bob using Alice’s card in her absence’. Sometimes you don’t
Linneaus-Palme Project
Terminology
● Secrecy is a technical term – mechanisms limiting the number of principals who can access information
● Privacy means control of your own secrets● Confidentiality is an obligation to protect
someone else’s secrets● Thus your medical privacy is protected by your
doctors’ obligation of confidentiality
Linneaus-Palme Project
Terminology
● Anonymity is about restricting access to metadata. It has various flavours, from not being able to identify subjects to not being able to link their actions
● An object’s integrity lies in its not having been altered since the last authorised modification
● Authenticity has two common meanings – – an object has integrity plus freshness– you’re speaking to the right principal
Linneaus-Palme Project
Terminology
● Trust is the hard one! It has several meanings:
– a warm fuzzy feeling– a trusted system or component is one that can break the
security policy– a trusted system is one I can insure– a trusted system won’t get me fired when it breaks
● We use number 2 above – by default. e.g. an NSA man selling key material to the Russian is trusted but not trustworthy (assuming his action unauthorised) (Anderson, 2004)
Recommended