Embed Size (px)
DESCRIPTION
CIT 380: Securing Computer Systems. Security Solutions Part 2. Assumptions. Security rests on assumptions specific to type of security required and environment. Assumptions. Example: TCP/IP designed for pre-commercial Internet. Assumed only legitimate administrators had root access. - PowerPoint PPT Presentation
Citation preview
CIT 380: Securing Computer Systems
Security SolutionsPart 2
CIT 380: Securing Computer Systems Slide #2
Assumptions
• Security rests on assumptions specific to type of security required and environment.
Assumptions
• Example: – TCP/IP designed for pre-commercial Internet.• Assumed only legitimate administrators had root
access.• Trusted IP addresses, since only root can set IP address.• What happens to network when Windows 95 systems
added to network, where desktop user has all privileges?
CIT 380: Securing Computer Systems Slide #3
CIT 380: Securing Computer Systems Slide #4
Assurance
How much can you trust a system?Example:– Purchasing aspirin from a drugstore.– Bases for trust:• Certification of drug by FDA.• Reputation of manufacturer.• Safety seal on bottle.
CIT 380: Securing Computer Systems Slide #5
How much do you trust? Ken Thompson’s compiler hack from
“Reflections on Trusting Trust.”– Modified C compiler does two things:• If compiling a compiler, inserts the self-replicating
code into the executable of the new compiler.• If compiling login, inserts code to allow a backdoor
password.
How much do you trust?
– After recompiling and installing old C compiler:• Source code for Trojan horse does not appear
anywhere in login or C compiler.• Only method of finding Trojan is analyzing binary.
CIT 380: Securing Computer Systems Slide #6
CIT 380: Securing Computer Systems Slide #7
Key Points• Components of security– Confidentiality– Integrity– Availability
• States of information– Storage, Processing, Transmission
• Evaluating risk and security solutions.– Security is a matter of trade-offs.
• Security is a human problem.
Discussion: Gas Drive Away Without Paying
• What measures can be imposed?• What are the costs for the merchant and the
customer?• Do the benefits outweigh the costs?
CIT 380: Securing Computer Systems Slide #9
References1. Ross Anderson, Security Engineering, Wiley,
2001.2. Matt Bishop, Introduction to Computer Security,
Addison-Wesley, 2005.3. Peter Neumann, (moderator), Risks Digest,
http://catless.ncl.ac.uk/Risks/4. Bruce Schneier, Beyond Fear, Copernicus Books,
2003.5. Ken Thompson, “Reflections on Trusting Trust”,
Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763 (http://www.acm.org/classics/sep95/)
