View
216
Download
0
Tags:
Embed Size (px)
Citation preview
CSE2500 CSE2500 System Security and PrivacySystem Security and Privacy
CSE2500 System Security and PrivacyNandita&Srini
2
LecturersLecturers
Prof B SrinivasanPhone: 990 31333 Room No: C4.47 [email protected]
Ms Nandita BhattacharjeePhone: 990 32185/990 53293Room No [email protected]
CSE2500 System Security and PrivacyNandita&Srini
3
Organisation and Evaluation Organisation and Evaluation
12 weeks of lectures 2 hours of tutorials per week – mainly
problem solving, starting from week 2 to week 12.
CSE2500 System Security and PrivacyNandita&Srini
4
Weekly LecturesWeekly Lectures
Lectures Wednesdays 7p.m. to 9p.m. in Caulfield K
Block K3.21Alternative Lecture times?
Fridays 12 noon to 2p.m. in Caulfield – K block 3.09
Fridays 3p.m. to 5p.m. in Caulfield B block B2.13
CSE2500 System Security and PrivacyNandita&Srini
5
TutorialsTutorials
Tutorials from week 2 to week 12:Wednesdays 10a.m. in Caulfield/B471Wednesdays 4p.m. in Caulfield/B471Wednesdays 4p.m. in Caulfield/B476Thursdays 10a.m. in Caulfield/A212Thursdays 2p.m. in Caulfield/B224Thursdays 6p.m. in Caulfield/F206 or Wednesday
5p.m in Caulfield/?? Pl use Allocate+ for allocating tutorials. If you have
any problems, please see us during the tutorial times next week.
CSE2500 System Security and PrivacyNandita&Srini
6
AssessmentAssessment
Four assessment components Two 30 min tests during the tutorial sessions in
weeks 6 and 12, worth 15% each. Individual question solving during the tutorial session
from weeks 7 to 11, worth 10%• Each student will be assigned a time slot and a problem and
they have to make a presentation of the solution to the rest of the group.
Examination – 2 hours duration – worth 60%
You need to get at least 50% to pass this unit.
CSE2500 System Security and PrivacyNandita&Srini
7
ReferencesReferences
Primary Reference book: Security in Computing – C P Pfleeger and S L
Pfleeger, Third Edition, 2003, Prentice HallSecondary Reference book:
Computer Security—Dieter Gollmann, 1999, John Wiley
CSE2500 System Security and PrivacyNandita&Srini
8
Subject: CSE2500
Lecturers: Prof. Bala Srinivasan Mrs. Nandita Bhattacharjee
Prescribed Text: PfleegerSecurity in Computing 3e
Available from the University Bookshop
CSE2500 System Security and PrivacyNandita&Srini
9
Where to look for the subject Where to look for the subject materials?materials?
http://www.csse.monash.edu.au/courseware/cse2500
http://beast.csse.monash.edu.au/cse2500 Please down load and print the lecture materials
before coming to the class as NO further photocopies of notes will be distributed in the class.
The lecture notes is complementary to the prescribed text.
CSE2500 System Security and PrivacyNandita&Srini
10
SecuritySecurity
Why do you lock your house before you leave?
How do you choose the kind of lock for your house?
Any added devices (such as alarms, bull terrier, etc…)
What you do when you observe that things in the house are scattered around?
CSE2500 System Security and PrivacyNandita&Srini
11
What are you protecting?What are you protecting?
Brick and wallsMoney and jewelleryMusic CDs and tapesEtc ….
CSE2500 System Security and PrivacyNandita&Srini
12
Threats to Computer and Threats to Computer and Communications systemsCommunications systems
Domain of information and network security
Taxonomy of security attacksAims or services of securityModel of system/(inter)network securityMethods of defense
CSE2500 System Security and PrivacyNandita&Srini
13
SecuritySecurity
Human nature physical, financial, mental,…, data and
information security
CSE2500 System Security and PrivacyNandita&Srini
14
There are ProblemsThere are Problems
Theft - of equipment Theft – e.g. Copying of confidential material Modification - for gain – e.g. Adding false names
to payroll Modification - malicious – e.g. Virus infections Access - easy for ‘us’ and difficult for ‘them’ ….
CSE2500 System Security and PrivacyNandita&Srini
15
Fact sheetFact sheet
bank robbery through computersindustrial espionage on corporate
information loss of individual privacy (email, mobile
phone/computer, fax, ...)information vandalismcomputer viruses(more can be found in “comp.risks”)
CSE2500 System Security and PrivacyNandita&Srini
16
What we mean by Security?What we mean by Security?
Protection of assets - can take several forms: Prevention Detection Reaction
CSE2500 System Security and PrivacyNandita&Srini
17
ReactionsReactions
active research in security & privacy(numerous conferences each year)
new lawseducationcollaborations between governments,
industries & academiaemployment of computer security
specialists
CSE2500 System Security and PrivacyNandita&Srini
18
What that means for computer What that means for computer assets?assets?
What are the assets (for system security)?
CSE2500 System Security and PrivacyNandita&Srini
19
Information SecurityInformation Security
Shift from the physical security to the protection of data (on systems) and to thwart hackers (by means of automated software tools) – called
System and information securitySystem and information security
CSE2500 System Security and PrivacyNandita&Srini
20
Network SecurityNetwork Security
With the widespread use of distributed systems and the use of networks and communications require protection of data during transmission – called
network security
CSE2500 System Security and PrivacyNandita&Srini
21
Internetwork securityInternetwork security
The term Network Security may be misleading, because virtually all businesses, govt., and academic organisations interconnect their data processing equipment with a collection of interconnected networks – probably we should call it as
(inter)network security
CSE2500 System Security and PrivacyNandita&Srini
22
Aspects of System (and Aspects of System (and information) securityinformation) security
Security attack – any action that compromises the security of system and information.
Security mechanism – to detect, prevent, or recover from a security attack.
Security service – service that enhances and counters security attacks.
CSE2500 System Security and PrivacyNandita&Srini
23
Other terminologyOther terminology
vulnerability a weakness in a computer system that might
be exploited to cause loss or harmattack
an action that exploits a vulnerabilitythreat
circumstances that have the potential to cause loss or harm
control - a protective measure
CSE2500 System Security and PrivacyNandita&Srini
24
Security mechanismsSecurity mechanisms
No single mechanism that can provide the services mentioned in the previous slide. However one particular aspect that underlines most (if not all) of the security mechanism is the cryptographic techniques.
Encryption or encryption-like transformation of information are the most common means of providing security.
CSE2500 System Security and PrivacyNandita&Srini
25
Why Security?Why Security?
Security is not simple as it might first appear. In developing a particular security measure one
has to consider potential counter measures. Because of the counter measures, the problem
itself becomes complex. Once you have designed the security measure,
it is necessary to decide where to use them. Security mechanisms usually involve more than
a particular algorithm or protocol.
CSE2500 System Security and PrivacyNandita&Srini
26
Security and Cost AnalysisSecurity and Cost Analysis
cost
Security level
100%
CSE2500 System Security and PrivacyNandita&Srini
27
Security Attacks - TaxonomySecurity Attacks - Taxonomy
Interruption – attack on availabilityInterception – attack on confidentialityModification – attack on integrityFabrication – attack on authenticity
Propertythat is
compromised
CSE2500 System Security and PrivacyNandita&Srini
28
InterruptionInterruption
Also known as denial of services.Information resources (hardware,
software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction.
e.g: cutting a communication line, disabling a file management system, etc.
CSE2500 System Security and PrivacyNandita&Srini
29
InterceptionInterception
Also known as un-authorised access.Difficult to trace as no traces of intrusion
might be left.e.g: illegal eavesdropping or wiretapping
or sniffing, illegal copying.
CSE2500 System Security and PrivacyNandita&Srini
30
ModificationModification
Also known as tampering a resource.Resources can be data, programs,
hardware devices, etc.
CSE2500 System Security and PrivacyNandita&Srini
31
FabricationFabrication
Also known as counterfeiting (of objects such as data, programs, devices, etc).
Allows to by pass the authenticity checks. e.g: insertion of spurious messages in a
network, adding a record to a file, counterfeit bank notes, fake cheques,…
impersonation/masqueradingto gain access to data, services etc.
CSE2500 System Security and PrivacyNandita&Srini
32
Security Attacks - TaxonomySecurity Attacks - Taxonomy
InformationSource
InformationDestination
Normal
InformationSource
InformationDestination
Interruption
InformationSource
InformationDestination
Interception
InformationSource
InformationDestination
Modification
InformationSource
InformationDestination
Fabrication
Source and Destination - can be what is supposed to be andwhat you get
CSE2500 System Security and PrivacyNandita&Srini
33
Attacks – Passive typesAttacks – Passive types
Passive (interception) – eavesdropping on, monitoring of, transmissions.
The goal is to obtain information that is being transmitted.
Types here are: release of message contents and traffic analysis.
CSE2500 System Security and PrivacyNandita&Srini
34
Attacks – Active typesAttacks – Active types
Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service.
CSE2500 System Security and PrivacyNandita&Srini
35
AttacksAttacks
Passive
Interception(confidentiality)
Release ofMessage contents
Trafficanalysis
Active
Modification(integrity)
Fabrication(integrity)
Interruption(availability)
CSE2500 System Security and PrivacyNandita&Srini
36
Security threats (to maintain) areSecurity threats (to maintain) are
ConfidentialityIntegrityAvailability
to give us secure data (and information)Authenticity
CSE2500 System Security and PrivacyNandita&Srini
37
ConfidentialityConfidentiality
Only accessible by authorised partiesNot revealedMore that just not readingConfidentiality is distinct from secrecy and
privacy ( ?)
CSE2500 System Security and PrivacyNandita&Srini
38
IntegrityIntegrity
Associated with loss and corruptionData Integrity as
Computerised data same as external, source data
Data not exposed to alteration or destructionNo inappropriate modification
CSE2500 System Security and PrivacyNandita&Srini
39
AvailabilityAvailability
The property of being accessible and useable (without delay) upon demand by an authorised entity
We want there to be no denial of service
CSE2500 System Security and PrivacyNandita&Srini
40
Other issuesOther issues
AccountabilityReliabilitySafetyDependability
CSE2500 System Security and PrivacyNandita&Srini
41
Security is defined asSecurity is defined as
Computer security deals with the prevention and detection of unauthorised actions by users of a computer system
Security deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others
CSE2500 System Security and PrivacyNandita&Srini
42
The security dilemmaThe security dilemma
security deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others.
Security-unaware users have specific security requirements but (usually) no security expertise.
But
CSE2500 System Security and PrivacyNandita&Srini
43
The security dilemmaThe security dilemma
The costs of additional resources to implement security mechanisms can be quantified.
Security mechanisms interfere with users, and can lead to loss of productivity.
Managing security also costs.Need to perform risk analysis (which will
be the next topic)
CSE2500 System Security and PrivacyNandita&Srini
44
Principles of SecurityPrinciples of Security
Principle of easiest penetration an intruder will use any means of penetration
Principles of timeliness items only need to be protected until they
lose their valuePrinciples of effectiveness
controls must work, and they should be efficient, easy to use, and appropriate.
CSE2500 System Security and PrivacyNandita&Srini
45
Layers of technology (and Onion Layers of technology (and Onion Model)Model)
In which layer should security mechanisms be placed ?
Should controls be placed in more that one layer ?
See slide 46 too.
Hardware
KernelOperating System
Services
Applications
CSE2500 System Security and PrivacyNandita&Srini
46
LayersLayers
The presence of layers is a feature of technology
Separate layers often perform very different functions
Similar functions are combined in one layer The boundary between two layers is usually
easily defined Layers can often be independently implemented
CSE2500 System Security and PrivacyNandita&Srini
47
Vulnerabilities Vulnerabilities
The three broad computing system resources arehardware
• interruption (denial of service), interception (theft) software
• interruption (deletion), interception, modificationdata
• interruption (loss), interception, modification and fabrication
CSE2500 System Security and PrivacyNandita&Srini
48
One method of defenceOne method of defence
By controlsWhat should be the focus of the controls?
• For example: should protection mechanisms focus on data or operations on that data or on the users who use the data?
Since there are layers of technology, where controls should apply?
• Applications, services, operating systems, kernel, hardware.
CSE2500 System Security and PrivacyNandita&Srini
49
ControlsControls
Can be applied at hardware, software, physical or polices.
Simple mechanisms or lots of features?Should defining and enforcing security
mechanism be a centralised function?How to prevent access to the layer below
the security mechanism?
CSE2500 System Security and PrivacyNandita&Srini
50
Examples of ControlsExamples of Controls
Modern cryptologyEncryption, authentication code, digital
signature,etc.Software controls
Standard development tools (design, code, test, maintain,etc)
Operating systems controlsInternal program controls (e.g: access
controls to data in a database)Firewalls
CSE2500 System Security and PrivacyNandita&Srini
51
Examples of Controls Examples of Controls
Hardware controlsSecurity devices, smart cards, …
Physical controlsLock, guards, backup of data and software, thick walls, ….
Security polices and proceduresUser educationLaw
CSE2500 System Security and PrivacyNandita&Srini
52
Effectiveness of ControlsEffectiveness of Controls
Merely having controls does no good unless they are used properly. The factors that affect the effectiveness areAwareness of protectionLikelihood of usersOverlapping controlsPeriodic review
CSE2500 System Security and PrivacyNandita&Srini
53
Model for network securityModel for network security
Information channel
MessageMessage
SecretInfo.
SecretInfo.
PrincipalPrincipal
Opponent – security threads and possible attacks
Trusted Third party
Gate Keeper
[Borrowed from Stallings]
CSE2500 System Security and PrivacyNandita&Srini
54
Two questions to ponderTwo questions to ponder
Having backup copies of the data – is it a solution to security?
The internetwork security model (the previous slide) has the gate keeper at the receiver (or destination) end – why not at the sender (source)?