Chapter 1: Introduction

Slides:



Advertisements
Similar presentations
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 1: Overview.
1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.
1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.
1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.
1 An Overview of Computer Security computer security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Introduction (Pendahuluan)  Information Security.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
An Introduction to Information Assurance COEN 150 Spring 2007.
CS526: Information Security Chris Clifton August 26, 2003 Course Overview Portions of the material courtesy Professor Matt Bishop.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.
Computer Security: Principles and Practice
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.
Design Principles and Common Security Related Programming Problems
Fall 2008CS 334 Computer Security1 CS 334: Computer Security Fall 2008.
Fall 2008CS 334: Computer SecuritySlide #1 Design Principles Thanks to Matt Bishop.
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Module 7: Designing Security for Accounts and Services.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,
June 1, 2004© Matt Bishop [Changed by Hamid R. Shahriari] Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.
Slide #13-1 Design Principles CS461/ECE422 Computer Security I Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and.
1 Design Principles CS461 / ECE422 Spring Overview Simplicity  Less to go wrong  Fewer possible inconsistencies  Easy to understand Restriction.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Computer Security Introduction
CS457 Introduction to Information Security Systems
CS 395: Topics in Computer Security
Introduction to Information Assurance
Overview CSE 465 – Information Assurance Fall 2017 Adam Doupé
Issues and Protections
Chapter 1: Introduction
Threat modeling Aalto University, autumn 2013.
Software Security II Karl Lieberherr.
Chapter 13: Design Principles
Chapter 19: Building Systems with Assurance
Chapter 1: Introduction
Cryptography and Network Security
How to Mitigate the Consequences What are the Countermeasures?
Security Basics CSCE 489/689 (Software Security) Fall 2018
Protection and Security
Computer Security: Art and Science, 2nd Edition
An Overview of Computer Security
Advanced System Security
Overview CSE 365 – Information Assurance Fall 2018 Adam Doupé
Information Security: Terminology
Computer Security Introduction
Security.
Chapter 13: Design Principles
Access Control What’s New?
Chapter 4: Security Policies
Design Principles Thanks to Matt Bishop 2006 CS 395: Computer Security.
Chapter 1: Introduction
Overview CSE 365 – Information Assurance Fall 2019 Adam Doupé
Presentation transcript:

Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues April 1, 2004 ECS 235

Basic Components Confidentiality Integrity Availability Keeping data and resources hidden Integrity Data integrity (integrity) Origin integrity (authentication) Availability Enabling access to data and resources April 1, 2004 ECS 235

Classes of Threats Disclosure Deception Disruption Usurpation Snooping Modification, spoofing, repudiation of origin, denial of receipt Disruption Modification Usurpation Modification, spoofing, delay, denial of service April 1, 2004 ECS 235

Policies and Mechanisms Policy says what is, and is not, allowed This defines “security” for the site/system/etc. Mechanisms enforce policies Composition of policies If policies conflict, discrepancies may create security vulnerabilities April 1, 2004 ECS 235

Goals of Security Prevention Detection Recovery Prevent attackers from violating security policy Detection Detect attackers’ violation of security policy Recovery Stop attack, assess and repair damage Continue to function correctly even if attack succeeds April 1, 2004 ECS 235

Trust and Assumptions Underlie all aspects of security Policies Unambiguously partition system states Correctly capture security requirements Mechanisms Assumed to enforce policy Support mechanisms work correctly April 1, 2004 ECS 235

Types of Mechanisms secure precise broad set of reachable states set of secure states April 1, 2004 ECS 235

Assurance Specification Design Implementation Requirements analysis Statement of desired functionality Design How system will meet specification Implementation Programs/systems that carry out design April 1, 2004 ECS 235

Operational Issues Cost-Benefit Analysis Risk Analysis Is it cheaper to prevent or recover? Risk Analysis Should we protect something? How much should we protect this thing? Laws and Customs Are desired security measures illegal? Will people do them? April 1, 2004 ECS 235

Human Issues Organizational Problems People problems Power and responsibility Financial benefits People problems Outsiders and insiders Social engineering April 1, 2004 ECS 235

Tying Together Threats Policy Specification Design Implementation Operation April 1, 2004 ECS 235

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological Acceptability April 1, 2004 ECS 235

Overview Simplicity Restriction Less to go wrong Fewer possible inconsistencies Easy to understand Restriction Minimize access Inhibit communication April 1, 2004 ECS 235

Least Privilege A subject should be given only those privileges necessary to complete its task Function, not identity, controls Rights added as needed, discarded after use Minimal protection domain April 1, 2004 ECS 235

Fail-Safe Defaults Default action is to deny access If action fails, system as secure as when action began April 1, 2004 ECS 235

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.