2. OutlineThe focus of this chapter is on three
fundamentalquestions: What assets do we need to protect? How are
those assets threatened? What can we do to counter those threats?
3. Computer Security Overview The NIST Computer Security Handbook
definesthe term Computer Security as:The protection afforded to an
automatedinformation system in order to attain the
applicableobjectives of preserving the integrity, availabilityand
confidentiality of information systemresourcesincludes hardware,
software, firmware,information/data, and telecommunications. 4. The
CIA Triad 5. Key Security ConceptsConfidentiality
IntegrityAvailability preserving guarding against ensuring
timelyauthorizedimproper and reliable accessrestrictions on
informationto and use ofinformation accessmodification
orinformationand disclosure. destruction, including means including
ensuringfor protectinginformationpersonal privacynonrepudiationand
proprietary and authenticity Is this all?information 6. Computer
Security Challenges computer security is not as simple as it might
firstappear to the novice potential attacks on the security
features must beconsidered procedures used to provide particular
services areoften counterintuitive physical and logical placement
needs to bedetermined multiple algorithms or protocols may be
involved 7. Computer Security Challenges attackers only need to
find a single weakness, thedeveloper needs to find all weaknesses
users and system managers tend to not see thebenefits of security
until a failure occurs security requires regular and constant
monitoring is often an afterthought to be incorporated into asystem
after the design is complete thought of as an impediment to
efficient and user-friendly operation 8. Computer Security
Terminology Adversary (threat agent) - An entity that attacks, or
is athreat to, a system. Attack - An assault on system security
that derives from anintelligent threat; a deliberate attempt to
evade securityservices and violate security policy of a system.
Countermeasure - An action, device, procedure, ortechnique that
reduces a threat, a vulnerability, or anattack by eliminating or
preventing it, by minimizing theharm it can cause, or by
discovering and reporting it so thatcorrective action can be taken.
9. Computer Security Terminology Risk - An expectation of loss
expressed as theprobability that a particular threat will exploit
aparticular vulnerability with a particular harmful result.
Security Policy - A set of rules and practices thatspecify how a
system or org provides security servicesto protect sensitive and
critical system resources. System Resource (Asset) - Data; a
service provided bya system; a system capability; an item of
systemequipment; a facility that houses systemoperations and
equipment. 10. Computer Security Terminology Threat - A potential
for violation of security, whichexists when there is a
circumstance, capability,action, or event that could breach
security and causeharm. Vulnerability - Flaw or weakness in a
systemsdesign, implementation, or operation andmanagement that
could be exploited to violatethe systems security policy. 11.
Security Concepts and Relationships 12. Vulnerabilities, Threats
and Attacks vulnerabilities corrupted (loss of integrity) leaky
(loss of confidentiality) unavailable or very slow (loss of
availability) threats capable of exploiting vulnerabilities
represent potential security harm attacks (threats carried out)
passive or active attempt to alter/affect system resources insider
or outsider 13. Countermeasures preventmeans used to deal with
detect security attacks recovermay introduce
newvulnerabilitiesResidual vulnerabilities may remaingoal is to
minimizeresidual level of risk tothe assets 14. Threat Consequences
Unauthorized disclosure is a threat to confidentiality Exposure:
This can be deliberate or be the result of ahuman, hardware, or
software error Interception: unauthorized access to data Inference:
e.g., traffic analysis, use of limited access toget detailed
information Intrusion: unauthorized access to sensitive data 15.
Threat Consequences Deception is a threat to either system or
dataintegrity Masquerade: e.g., an attempt by anunauthorized user
to gain access to a systemby posing as an authorized user; Trojan
horse. Falsification: altering or replacing of valid dataor the
introduction of false data Repudiation: denial of sending,
receiving orpossessing the data. 16. Threat Consequences Disruption
is a threat to availability or systemintegrity Incapacitation: a
result of physical destructionof or damage to system hardware
Corruption: system resources or servicesfunction in an unintended
manner;unauthorized modification Obstruction: e.g. overload the
system orinterfere with communications 17. Threat Consequences
Usurpation is a threat to system integrity. Misappropriation: e.g.,
theft of service,distributed denial of service attack Misuse:
security functions can be disabled orthwarted 18. Scope of Computer
Security 19. Computer and Network Assets 20. Passive and Active
Attacks Passive attacks attempt to learn or make use of information
from thesystem but does not affect system resources
eavesdropping/monitoring transmissions difficult to detect emphasis
is on prevention rather than detection two types: release of
message contents traffic analysis Active attacks involve
modification of the data stream goal is to detect them and then
recover four categories: masquerade replay modification of messages
denial of service
