Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
2 Computer (Systems) Security the protection of the computer resources against accidental or intentional disclosure of confidential data, unlawful modification of data or programs, the destruction of data, software or hardware, and the denial of one's own computer facilities irrespective of the method together with such criminal activities including computer related fraud and blackmail. [Palmer]
3 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues
4 Basic Components Confidentiality (concealment) –Keeping data and resources hidden –limiting who can access assets of a computer system Integrity –Data integrity (integrity) –Origin integrity (authentication) –limiting who can modify assets of a computer system Availability –Enabling access to data and resources –allowing authorized users access to assets
5 Definitions vulnerability - weakness in the security system that might be exploited to cause a loss or harm. threats - circumstances that have the potential to cause loss or harm. Threats typically exploit vulnerabilities. control - protective measure that reduces a vulnerability or minimize the threat.
6 Vulnerabilities “Today’s complex Internet networks cannot be made watertight…. A system administrator has to get everything right all the time; a hacker only has to find one small hole. A sysadmin has to be lucky all of the time; a hacker only has to get lucky once. It is easier to destroy than to create.” –Robert Graham, lead architect of Internet Security Systems
7 Types of Threats interception - some unauthorized party has gained access to an asset. modification - some unauthorized party tampers with an asset. fabrication - some unauthorized party might fabricate counterfeit objects for a computer system. interruption - asset of system becomes lost or unavailable or unusable.
8 Classes of Threats Disclosure –Snooping Deception –Modification, spoofing, repudiation of origin, denial of receipt Disruption –Modification Usurpation –Modification, spoofing, delay, denial of service
9 Policies and Mechanisms Policy says what is, and is not, allowed –This defines “security” for the site/system/etc. Mechanisms enforce policies Composition of policies –If policies conflict, discrepancies may create security vulnerabilities
10 Goals of Security Prevention –Prevent attackers from violating security policy Detection –Detect attackers’ violation of security policy Recovery –Stop attack, assess and repair damage –Continue to function correctly even if attack succeeds
11 Trust and Assumptions Underlie all aspects of security Policies –Unambiguously partition system states –Correctly capture security requirements Mechanisms –Assumed to enforce policy –Support mechanisms work correctly
12 Types of Mechanisms secure precise broad set of reachable statesset of secure states
13 Assurance Specification –Requirements analysis –Statement of desired functionality Design –How system will meet specification Implementation –Programs/systems that carry out design
14 Operational Issues Cost-Benefit Analysis –Is it cheaper to prevent or recover? Risk Analysis –Should we protect something? –How much should we protect this thing? Laws and Customs –Are desired security measures illegal? –Will people do them?
15 Human Issues Organizational Problems –Power and responsibility –Financial benefits People problems –Outsiders and insiders –Social engineering
16 Tying Together Threats Policy Specification Design Implementation Operation
17 Key Points Policy defines security, and mechanisms enforce security –Confidentiality –Integrity –Availability Trust and knowing assumptions Importance of assurance The human factor
18 Controls Reduce and contain the risk of security breaches “Security is not a product, it’s a process” – Bruce Schneier [Using any security product without understanding what it does, and does not, protect against is a recipe for disaster.]