Upload
rcabacas
View
221
Download
0
Embed Size (px)
Citation preview
7/25/2019 Lecture 1 - Security Concepts.ppt
1/55
CS 216
Introduction to InformationSecurity Concepts
7/25/2019 Lecture 1 - Security Concepts.ppt
2/55
What is Security?
The quality or state of beingsecureto be free fromdanger
A successful organizationshould have multiple layers ofsecurity in place
!hysical security
!ersonal security
"perations security
Communications security
#et$or% security
Information security
7/25/2019 Lecture 1 - Security Concepts.ppt
3/55
Personal security
!ersonal security is a general condition that
occurs after adequate efforts are ta%en to deter&delay& and provide $arning before possiblecrime& if such $arning occurs& to summonassistance& and prepare for the possibility of
crime in a constructive manner'
7/25/2019 Lecture 1 - Security Concepts.ppt
4/55
Physical security
Physical securityis the protection of personnel&hard$are& programs& net$or%s& and data
from physicalcircumstances and events thatcould cause serious losses or damage to anenterprise& agency& or institution' This includesprotection from fire& natural disasters& burglary&
theft& vandalism& and terrorism'
7/25/2019 Lecture 1 - Security Concepts.ppt
5/55
Operations security (OPSEC)
Operations security(OPSEC) is a termoriginating in *'S' military +argon& as a process
that identifies critical information to determine iffriendly actions can be observed by enemyintelligence& determines if information obtainedby adversaries could be interpreted to be useful
to them& and then e,ecutes selected measuresthat eliminate or reduce adversary e,ploitationof friendly critical information'
7/25/2019 Lecture 1 - Security Concepts.ppt
6/55
Communications securityis the discipline ofpreventing unauthorized interceptors from
accessingtelecommunicationsin anintelligible form& $hile still delivering content tothe intended recipients'
7/25/2019 Lecture 1 - Security Concepts.ppt
7/55
Network security
Network securityconsists of the policies adoptedto prevent and monitor unauthorized access&
misuse& modification& or denial of acomputer networkandnetwork-accessibleresources'
Network securityinvolves the authorization of
access to data in a network& $hich is controlledby the networkadministrator'
7/25/2019 Lecture 1 - Security Concepts.ppt
8/55
What is n!ormation Security?
The protection of information and its criticalelements& including systems and hard$are thatuse& store& and transmit that information
#ecessary tools policy& a$areness& training&education& technology
C'I'A' triangle $as standard based on confidentiality&
integrity& and availability
C'I'A' triangle no$ e,panded into list of criticalcharacteristics of information
7/25/2019 Lecture 1 - Security Concepts.ppt
9/55
7/25/2019 Lecture 1 - Security Concepts.ppt
10/55
Critical Characteristics o! n!ormation
The value of information comes from thecharacteristics it possesses
Availability
Accuracy
Authenticity
Confidentiality
Integrity
*tility
!ossession
7/25/2019 Lecture 1 - Security Concepts.ppt
11/55
"oca#ulary$ Security Policy
.efers to the $ay a system is supposed tofunction
Can be e,plicit or implicit "utlines assumptions of protections and
violations
7/25/2019 Lecture 1 - Security Concepts.ppt
12/55
"oca#ulary$ Security Policy
The security policy must represent the pertinentla$s& regulations& standards& and general
policies accurately'There are three types of policy generally used in
secure computer systems
7/25/2019 Lecture 1 - Security Concepts.ppt
13/55
Con!i%entiality Policy$
A confidentiality policy typically states that onlyauthorised users are to be permitted to observe
sensitive data& and that all unauthorised usersare to be prohibited from such observation'
7/25/2019 Lecture 1 - Security Concepts.ppt
14/55
nte&rity Policy
An integrity policy has t$o facets'
The first refers to the quality of the data that is stored in
the computer' The integrity policy $ill state that thedata should reflect reality to some degree' /o$ best todo this is the sub+ect of much research activity'
The second facet of integrity policy is associated $ith the
data being available for use $hen it is legitimatelyneeded' #o user& $hether he or she is or is notauthorised to access some data item& should be able tounreasonably delay or prohibit another authorised userfrom legitimate access'
7/25/2019 Lecture 1 - Security Concepts.ppt
15/55
'aila#ility Policy$
The computer system should be available for use$hen it is needed& and it should satisfy somespecified requirements for its mean-time-to-failure and its mean-time-to-repair'
7/25/2019 Lecture 1 - Security Concepts.ppt
16/55
"oca#ulary$ nci%ent
Security incident is a violation (or series ofviolations) of a systems security policy
Scope can vary from narro$ to broad Incidents are events caused by (malicious)
behavior
Can be automated (a virus) or manual (abuseof access)
7/25/2019 Lecture 1 - Security Concepts.ppt
17/55
"oca#ulary$ hreat
!otential cause of a security incident
Can be purposeful (a specific tool used to brea%
into a site or a malicious insider)Accidental (floods& fire& lost bac%up tape& etc')
7/25/2019 Lecture 1 - Security Concepts.ppt
18/55
"oca#ulary$ "ulnera#ility
0la$ in a system that could allo$ a threat toviolate the security policy
Can be a result of oversight or architecture 1ogic fla$s can present vulnerabilities
2ulnerabilities are static aspects of systems
7/25/2019 Lecture 1 - Security Concepts.ppt
19/55
"oca#ulary$ E*ploit
3,ploit is $hen a threat capitalizes on avulnerability
3,ploits can be manual or automated 3,ploits demonstrate that there is a problem
$ith a system
7/25/2019 Lecture 1 - Security Concepts.ppt
20/55
"oca#ulary$ +alware
Soft$are that does bad stuff
4al$are include virus and $orm code
Includes soft$are designed to modify legitimatesystems to
Allo$ unauthorized remote access
/ide evidence of intrusion
3,filtrate data from a target
Surreptitiously monitor user activity
And more'''
7/25/2019 Lecture 1 - Security Concepts.ppt
21/55
Security Concepts
The 5olden .ule (Au)
Authentication
*sers are $ho they claim to be& or at least canpresent credentials
Authenticity
6ata has not been altered and remains true toits original form
Audit
The system can trac% $hat activity& data andusers
7/25/2019 Lecture 1 - Security Concepts.ppt
22/55
Security as 'sset Protection
A secure system must protect
Confidentiality
Threat Information disclosure ntegrity (and .eliability)
Threat 6ata corruption
'ccess
Threat 6enial of service
7/25/2019 Lecture 1 - Security Concepts.ppt
23/55
Security ,i!ecycle
Security is a process not a product
Comple,ity is the enemy of security
Security is an evolutionary landscape Secure is a point in time evaluation
Secure is defined by %no$n threats
7/25/2019 Lecture 1 - Security Concepts.ppt
24/55
- %ay
7 day is a vulnerability for $hich there is nopatch available
If 7 day cannot be predicted& ho$ can $e defend
against it8 7 day can often be mitigated
/o$ can $e detect 7 day8
6efense in depth is often the only defenseagainst 7 day
9hen evaluating security you should assume 7day
7/25/2019 Lecture 1 - Security Concepts.ppt
25/55
' Wor% on So!tware .u&s
Soft$are engineering is a robust& and mature&field of academic study
All soft$are pro+ects of sufficient size andcomple,ity contain bugs& regardless ofdevelopment process
A certain number of bugs $ill be security related
Conclusion all soft$are contain security relatedbugs
7/25/2019 Lecture 1 - Security Concepts.ppt
26/55
Classi!yin& So!tware .u&s
#ot all bugs are the same
:ugs may present $ildly varying threats
:ugs may have different ris%s associated $iththem
All bugs are significant& ho$ever
7/25/2019 Lecture 1 - Security Concepts.ppt
27/55
Een i! it/s #u& !ree
:ug free soft$are can still have vulnerabilities
Configuration problems
6efault or $ea% credentials
Improper trust model 3tc'
1ogic fla$s
0undamentally insecure design
Soft$are functions e,actly as designed but theresult is an unintended vulnerability
T$o bug free systems might have insecureinteraction
7/25/2019 Lecture 1 - Security Concepts.ppt
28/55
"ulnera#ility Syner&y
1in%ing one vulnerability to another
Chains of lo$ ris%& or lo$ significant
vulnerabilities can lead to a serious vulnerability 3ven if highest ris% bugs are all patched& a
combination of lo$ ris% bugs could lead tocompromise
7/25/2019 Lecture 1 - Security Concepts.ppt
29/55
Sisyphean ask
A sufficiently resourced and motivated attac%er$ill al$ays compromise security
6efenders must be right ;77< of the time&attac%ers need only succeed once
=ou can>t possibly defend against everything
Attac%er motivation is un%no$able
7/25/2019 Lecture 1 - Security Concepts.ppt
30/55
Protect0 etect0 eact
The security lifecycle& also %no$n as the securityhamster $heel of pain
323.= step is critical
6etection is dependent on observation an%reporting
1ogs are some of the best places to do detection
4ore on each step later
7/25/2019 Lecture 1 - Security Concepts.ppt
31/55
3ow can we &et ahea%?
The protect?detect?react cycle often requires anincident to move from detect?react to betterprotection
It is important to %eep the cycle movingindependently of a security incident
Collecting metrics is %ey to ma%ing informed
decisions
Start $ith security first'''
7/25/2019 Lecture 1 - Security Concepts.ppt
32/55
Threat modeling 4a,imize ."I $ith high impact& lo$ cost&
mitigations
5ood authentication& authorization and audit
0ault tolerance or .ugged 6esign
Applications should protect against une,pectedactions
This includes good e,ception handling Test driven design& $ith tests that shoul%fail
Secure Application 6evelopment 1ifecycle (S61C)
Secure esi&n
7/25/2019 Lecture 1 - Security Concepts.ppt
33/55
Penetration estin&
Actively attac%ing your o$n systems
Can reveal fla$s in protection& including gaps
Can proactively identify vulnerabilities (prevent7 day)
/elps more accurately frame ris% assessment
7/25/2019 Lecture 1 - Security Concepts.ppt
34/55
'pplication Security estin&
:lac% bo,
!enetration testing
5ray bo, Some level of access and documentation
available
9hite bo,
0ull code revie$& often combined $ith othertesting tools
7/25/2019 Lecture 1 - Security Concepts.ppt
35/55
4sin& 'utomation
Automation is critical for a timely revie$
Automation can lead to false positives
Automated tools $ithout s%illed humanoperators can be useless
6eluge of false positives
!oor ris% assignment
5ol% Stan%ar% !or Security
7/25/2019 Lecture 1 - Security Concepts.ppt
36/55
5ol% Stan%ar% !or Securityeportin&
Security reporting after a revie$ should include
1ist of vulnerabilities& ran%ed?grouped byseverity
6emonstration of e,ploit
1ist of suggested mitigation and $or% aroundstrategies
1ist of patches and?or fi,es for the issueA good security test should be repeatable
7/25/2019 Lecture 1 - Security Concepts.ppt
37/55
esource 'llocation
In the real $orld resources are limited
5iven the scope of security it is impossible to
cover all fronts /o$ does one ma%e smart resource allocation
decisions8
7/25/2019 Lecture 1 - Security Concepts.ppt
38/55
isk Calculations
.is% can be used to dra$ comparisons
.is% generally calculated
.is% @ 1i%elihood , Severity 5ood ris% ratings allo$ you to compare apples
to apples
Can focus attention and resources to greatestneed
/o$ can $e baseline these $ithout 43T.ICS8
7/25/2019 Lecture 1 - Security Concepts.ppt
39/55
law in isk Calculation
1i%elihood can never actually be measuredbecause it is $ithin the attac%ers control
/o$ can you quantify $hat you don>t %no$8 Severity may hinge on un%no$n consequences
or attac%er motivation
Some resources may escape ris% calculation
7/25/2019 Lecture 1 - Security Concepts.ppt
40/55
Non echnical hreats
.is% calculation involves assessing threats
Some threats are not strictly system related
.eputational damage 4isinformation
:usiness ris%s (e, grant funding)
7/25/2019 Lecture 1 - Security Concepts.ppt
41/55
ypical Poor isk Calculation
/ome user doesn>t protect their machinebecause they have no data of value
.is% @ medium li%elihood , lo$ impact /ome user may not understand full impact
Attac%er can use $ebcam
Attac%er can use mic to record conversations Attac%er can use connection to compromise
$ireless router to allo$ anonymous $ireless
7/25/2019 Lecture 1 - Security Concepts.ppt
42/55
,inchpin in +ost laws
4any ris% calculations fail because theassessor measures ris% based on
!erceived attac%er motivation
9ithout understanding $hat an attac%er is afterthere is no effective $ay to protect resources
Industry best practice may provide a guide
7/25/2019 Lecture 1 - Security Concepts.ppt
43/55
+oin& orwar%
5oal is an adaptive& metrics based informationsecurity program
.esources should be fluid& and allocated basedon actual need
.eactive capabilities should be ma,imized
.eduction of misguided protective measures Constant metrics gathering and reevaluation
1earn& gro$& share
S i C t
7/25/2019 Lecture 1 - Security Concepts.ppt
44/55
Securin& Components
Computer can be sub+ect of an attac% and?or theob+ect of an attac%
9hen the sub+ect of an attac%& computer is used asan active tool to conduct attac%
9hen the ob+ect of an attac%& computer is the entitybeing attac%ed
i&ure 178 9 Su#:ect an% O#:ect o!
7/25/2019 Lecture 1 - Security Concepts.ppt
45/55
i&ure 1 8 Su#:ect an% O#:ect o!'ttack
.alancin& n!ormation Security an%
7/25/2019 Lecture 1 - Security Concepts.ppt
46/55
.alancin& n!ormation Security an%'ccess
Impossible to obtain perfect securityit is a process¬ an absolute
Security should be considered balance bet$eenprotection and availability
To achieve balance& level of security must allo$
reasonable access& yet protect against threats
i&ure 176 9 .alancin& Security an%
7/25/2019 Lecture 1 - Security Concepts.ppt
47/55
& & y'ccess
'pproaches to n!ormation Security
7/25/2019 Lecture 1 - Security Concepts.ppt
48/55
pp ymplementation$ .ottom74p 'pproach
5rassroots effort systems administrators attempt toimprove security of their systems
ey advantage technical e,pertise of individualadministrators
Seldom $or%s& as it lac%s a number of critical features
!articipant support
"rganizational staying po$er
7/25/2019 Lecture 1 - Security Concepts.ppt
49/55
'pproaches to n!ormation Security
7/25/2019 Lecture 1 - Security Concepts.ppt
50/55
pp ymplementation$ op7own 'pproach
Initiated by upper management
Issue policy& procedures and processes
6ictate goals and e,pected outcomes of pro+ect
6etermine accountability for each required action
The most successful also involve formaldevelopment strategy referred to as systemsdevelopment life cycle
Security Pro!essionals an% theO i ti
7/25/2019 Lecture 1 - Security Concepts.ppt
51/55
Or&ani;ation
9ide range of professionals required to support adiverse information security program
Senior management is %ey componentB also&additional administrative support and technicale,pertise required to implement details of ISprogram
Senior +ana&ement
7/25/2019 Lecture 1 - Security Concepts.ppt
52/55
Senior +ana&ement
Chief Information "fficer (CI")
Senior technology officer
!rimarily responsible for advising senior e,ecutives on strategicplanning
Chief Information Security "fficer (CIS")
!rimarily responsible for assessment& management& andimplementation of IS in the organization
*sually reports directly to the CI"
n!ormation Security Pro:ect eam
7/25/2019 Lecture 1 - Security Concepts.ppt
53/55
n!ormation Security Pro:ect eam
A number of individuals$ho are e,perienced in oneor more facets of technical and non-technical areas
Champion
Team leader
Security policy developers
.is% assessment specialists
Security professionals
Systems administrators
3nd users
ata Ownership
http://information_security_project_tea.htm/http://information_security_project_tea.htm/7/25/2019 Lecture 1 - Security Concepts.ppt
54/55
ata Ownership
6ata "$ner responsible for the security and use ofa particular set of information
6ata Custodian responsible for storage&maintenance& and protection of information
6ata *sers end users $ho $or% $ith information toperform their daily +obs supporting the mission ofthe organization
Communities O! nterest
7/25/2019 Lecture 1 - Security Concepts.ppt
55/55
Communities O! nterest
5roup of individuals united by similar interest?valuesin an organization
Information Security 4anagement and !rofessionals
Information Technology 4anagement and!rofessionals
"rganizational 4anagement and !rofessionals