Reliability and Security

Security

• How big a problem is security?• Perfect security is unattainable• Security in the context of a socio-

technical system• Disaster planning• Security is a process, not a product

Internet Security

What’s different about the Internet and computerized attacks?

• Complexity• Automation• Action at a distance• Propagation of techniques• Class breaks

Is IT Security a Technical Problem?

• Socio-technical systems view of IT security– Technical system includes hardware

software, networks, data– Social system includes people,

processes, organization, work design, objectives

– Socio-technical solution is the best total solution, may not optimize either social or technical solution

Is IT Security a Technical Problem?

• Schneier – security is provided within a context.– An asset is secured from a particular

type of attack from a particular type of attacker

– Assets and attacks exist in contexts– Context (especially the social part)

matters more than technology

Types of Attack

What’s the same• Theft• Embezzlement• Vandalism• Exploitation

• Fraud• Extortion• Threat of harm• Privacy

violations

Attack Types

• Schneier’s classification– Criminal attacks– Privacy violations– Publicity attacks

• By attacker motive– Financial or other gain– To damage others– Privacy violations

Gain Motivated Attacks

• Fraud• Intellectual Property Theft• Identity Theft• Brand Theft• Publicity Attacks

Privacy Violations

• Stalking• Surveillance• Databases• Traffic Analysis• Broad Scale Electronic Monitoring

Attacks aimed at damaging others

• Denial-of Service attacks• Defacing web sites• Viruses and their ilk

Adversaries

Those classified as criminals• Hackers• Lone Criminals• Malicious Insiders• Organized Crime• Terrorists

Adversaries

Those with claims of legitimacy• Industrial spies• The press• The police• National Intelligence Organizations• Infowarriors

Phishing

Antiphishing.org

Microsoft Vulnerabilities

• Sharp increase in attacks on Windows based PCs in 1st half of 2004– 1237 new vulnerabilities or 48/week

• Increase in number of bot networks– 30,000 from 2,000 in previous 6 months

• Increase in percent of e-commerce attacks from 4% to 16%

• 450% increase in new Windows viruses – 4,496

Chapter 6 Figure 6-6

Normal and DoS Handshakes

WebUser’s PC

WebsiteServer

WebsiteServer

WebUser’s PC

SYN: User’s PC says “hello”

ACK-SYN: Server says “Do you want to talk”

ACK: User’s PC says “Yes, let’s talk”

Normal Handshake

DoS Handshake

SYN: User’s PC says “hello” repeatedly

ACK-SYN: Server says “Do you want to talk” repeatedly

No Response: User’s PC waits for server to “timeout”

Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.

Chapter 6 Figure 6-7

A Distributed Denial of Service Attack

Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.

W ebsiteServer

Attacker 1

Attacker 3

Attacker 2

Attacker 5

Attacker 4

Attacker 6

Attacker 7

Attacker 8

Attack Leader

Attack Leader facilitates SYN floods from multiple sources.

Chapter 6 Figure 6-8

“Spoofing”

Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.

A ttacker

A ddress: 12345

T arget

A ddress: 54321

Inform ation Packets

N orm al

“Spoofing”

90817 54321

5432112345

SenderA ddress

D estinationA ddress

Target server correctly interprets sender address

Target server incorrectly interprets sender address

Risk Components

• Magnitude of loss• Likelihood of loss• Exposure to loss

Management of Risk

• Control• Information• Time

C h a p t e r 6 F i g u r e 6 - 1

F i v e C o m p o n e n t s i n S e r i e s ( e a c h 9 8 % A v a i l a b l e )

C o m p o n e n t 1

9 8 %a v a i l a b i l i t y

C o m p o n e n t 2

9 8 %a v a i l a b i l i t y

C o m p o n e n t 3

9 8 %a v a i l a b i l i t y

C o m p o n e n t 4

9 8 %a v a i l a b i l i t y

C o m p o n e n t 5

9 8 %a v a i l a b i l i t y

. 9 8 x . 9 8 x . 9 8 x . 9 8 x . 9 8 = s e r v i c e a v a i l a b i l i t y o f 9 0 %

S o u r c e : A p p l e g a t e , L y n d a M . , R o b e r t D . A u s t i n , a n d F . W a r r e n M c F a r l a n , C o r p o r a t e I n f o r m a t i o n S t r a t e g y a n d M a n a g e m e n t . B u r r R i d g e , I L : M c G r a w - H i l l / I r w i n , 2 0 0 2 .

Chapter 6 Figure 6-2

Combining Components in Series Decreases Overall Availability

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Number of Components In Series (each 98% available)

Av

ail

ab

ilit

y

Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.

Five Components in Parallel (each 98% Available)

Chapter 6 Figure 6-3

Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management . Burr Ridge, IL: McGraw-Hill/Irwin, 2002.

Chapter 6 Figure 6-4

Redundancy Increases Overall Availability

98.0%

98.5%

99.0%

99.5%

100.0%

1 2 3 4 5 6 7 8 9 10

Number of Components In Parallel (each 98% available)

Av

ail

ab

ilit

y

Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.

Miscellaneous Defensive Measures

• Security policies• Firewalls• Intrusion detection • Encryption• Authentication

Liability Argument

• Who should be held liable? – Software vendors, e.g. Microsoft– Network owner, e.g. ISP (Comcast)– Person who wrote the attack tool– Person who used the attack tool– The public

• The ATM example

Three Steps to Improving IT Security

1) Enforce liability2) Permit parties to transfer liability3) Provide mechanisms to reduce

risk