CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.
-
Upload
bertram-knight -
Category
Documents
-
view
215 -
download
0
Transcript of CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.
![Page 1: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/1.jpg)
CIS/TCOM 551Computer and Network SecuritySlide Set 2
Carl A. GunterSpring 2004
![Page 2: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/2.jpg)
Introduction to Security
Goals Availability Integrity Confidentiality
Targets Hardware Software Data
Controls Physical security Limited interface Identification and
authorization Encryption
Analysis of costs and benefits
![Page 3: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/3.jpg)
Progress and Risk
Risk = (Probability of failure) * (Size of loss)
Safety-critical considerations Dutch port authority RER train Software in automobiles Intelligent highways
![Page 4: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/4.jpg)
Progress and Risk, cont.
Security-critical considerations Credit card purchases on the web Voting on the web Banking on the web Mobile agents and active networks
Safety and security considerations Military systems, eg. Star Wars Actuators on public networks
![Page 5: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/5.jpg)
Security Requirements
Banking Government Public Telecommunications Carriers Corporate / Private Networks Electronic Commerce
Ref: Computer Communications Security, W. Ford, 94.
![Page 6: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/6.jpg)
Banking
Electronic Funds Transfer (EFT) Prosecution of fraud problematic Financial system overall at risk
Automated Teller Machine (ATM)
![Page 7: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/7.jpg)
Automatic Teller Machines
Goals Availability: Provide automated teller
operations 24x7 in convenient locations Integrity: Authorized users only,
transactional guarantees Confidentiality: Private communication
with branches or center Vulnerabilities and controls Risk analysis and liabilities
![Page 8: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/8.jpg)
Government
National security of course, but also “Unclassified but sensitive
information” must not be disclosed Example: social security web page
Electronic signatures approved for government contractors
![Page 9: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/9.jpg)
Public Telecom Carriers
Operations, Administration, Maintenance, and Provisioning (OAM&P)
Availability is a key concern Significant insider risks
![Page 10: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/10.jpg)
Corporate Private Networks
Completely private networks are becoming a thing of the past because of telecommuting.
Protection of proprietary information of course, but also concerns like privacy in the health care industry.
Foreign government threat?
![Page 11: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/11.jpg)
Electronic Commerce
Electronic Data Interchange (EDI) Electronic contracts need to be
binding ABA Resolution: “recognize that information
in electronic form, where appropriate, may be considered to satisfy legal requirements regarding a writing or signature to the same extent as information on paper or in other conventional forms, when appropriate security techniques, practices, and procedures have been adopted.”
![Page 12: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/12.jpg)
Goals of Security
DATA
Integrity
DATA
Availability
DATA
Confidentiality
Ref: Pfleeger.
![Page 13: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/13.jpg)
Safety and Security
Many things in common and some major differences.
Some similarities aid understanding of both.
System vs. Environment. Accident, breach. Hazard, vulnerability.
![Page 14: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/14.jpg)
System vs. Environment (Safety)
Environment
System
![Page 15: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/15.jpg)
System vs. Environment (Security)
System
Environment
![Page 16: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/16.jpg)
Accident and Security Breach
Accident Loss of life Injury Damage to property
Security Breach Secret is revealed Service is disabled Data is altered Messages are fabricated
![Page 17: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/17.jpg)
Accident Definition
An accident is an undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of harm.
Define breach similarly. A security threat is a possible form of
breach
![Page 18: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/18.jpg)
Hazards and Vulnerabilities
Hazard No fire alarms No fire extinguishers Rags close to furnace
Vulnerability Password too short Secret sent in plaintext over public
network Files not write protected
![Page 19: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/19.jpg)
Hazard Definition
A hazard is a state or set of conditions of a system that, together with other conditions in the environment of the system, will lead inevitably to an accident.
Define security vulnerability similarly.
![Page 20: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/20.jpg)
Other Terms
Asset: object of value. Exposure: threat to an asset. Attack: effort by an agent to exploit
a vulnerability and create a breach.
![Page 21: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/21.jpg)
Major Threats
Interruption Interception Modification Fabrication
![Page 22: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/22.jpg)
Major Assets
Hardware Software Data
![Page 23: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/23.jpg)
Threats to Hardware
Interruption: crash, performance degradation
Interception: theft Modification: tapping Fabrication: spoofed devices
![Page 24: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/24.jpg)
Threats to Software Code
Interruption: deletion Interception: theft Modification
Trojan horse Logic bomb Virus Back door Information leak
Fabrication: spoofing software distribution on the web
![Page 25: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/25.jpg)
Threats to Software Processes
Interruption: bad inputs Interception: attacks on agents Modification: of exploited data Fabrication: service spoofing (man-
in-the-middle)
![Page 26: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/26.jpg)
Threats to Data
Interruption: deletion, perceived integrity violation
Interception: eavesdropping, snooping memory
Modification: alteration of important information
Fabrication: spoofing web pages
![Page 27: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/27.jpg)
Principles of Security
Easiest Penetration: An intruder must be expected to use any available means of penetration.
Adequate Protection: Computer items must be protected only until they lose their value. They must be protected to a degree consistent with their value.
Effectiveness: Controls must be used to be effective. They must be efficient, easy to use, and appropriate.
![Page 28: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/28.jpg)
Controls
Physical security Limited interface Identification and authorization Encryption
![Page 29: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/29.jpg)
Breakdown of S/W Controls
Program controls as exercised by the programmer as dictated by the programming
language or programming environment Operating system controls Development process controls
![Page 30: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/30.jpg)
Security Models
Multi-layer security Graham-Denning model
Ref: Pfleeger.
![Page 31: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/31.jpg)
Military Security
Familiar hierarchy of sensitivities, partitioned in to compartments.
![Page 32: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/32.jpg)
![Page 33: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/33.jpg)
Compartments
Each piece of information is coded with its security level and one or more compartments
![Page 34: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/34.jpg)
Classification and Clearance
<rank; compartments> Each piece of information, or object, o is
classified by its rank and compartments. C(o) = classification of o
Each actor, or subject, s is given a clearance by rank and compartments. C(s) = clearance of s
Dominance <r;c> <r’;c’> iff r r’ and c is a subset of c’.
C(o) C(s) if the classification of o is dominated by the clearance of s.
![Page 35: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/35.jpg)
Guarantees
A subject s is only able to access an object o if the rank of s is higher than that of o,
and s is cleared for all of the compartments
of o. The first is called a hierarchical
requirement, the second a non-hierarchical requirement.
![Page 36: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/36.jpg)
Top Secret
Secret
Confidential
Restricted
Unclassified
A
B
C
D
x y
z
w
v
![Page 37: CIS/TCOM 551 Computer and Network Security Slide Set 2 Carl A. Gunter Spring 2004.](https://reader030.fdocuments.net/reader030/viewer/2022032802/56649e175503460f94b020e1/html5/thumbnails/37.jpg)
Graham-Denning Model
Subject executing command is x.Transferable rights are denoted r*.Non-transferable rights are denoted r.
A[x,s]