Information Security of Embedded Systems 6.1.2010: Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Slides:

Advertisements

Similar presentations

Information Security of Embedded Systems : Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Advertisements

Information Security of Embedded Systems : Embedded Systems Design Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Security Requirements

University of Tulsa - Center for Information Security Common Criteria Dawn Schulte Leigh Anne Winters.

Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Protection of Information Assets I. Joko Dewanto 1.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Effective Design of Trusted Information Systems Luděk Novák,

IT Security Evaluation By Sandeep Joshi

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Security Models and Architecture

1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.

Security Controls – What Works

Information Security of Embedded Systems : Foundations of Security II Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Information Security of Embedded Systems : Public Key Cryptosystems, Communication Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Applied Cryptography for Network Security

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Fraud Prevention and Risk Management

Project supported by YESS 2009 Young Engineering Scientist Symposium « Identity Management » Cryptography for the Security of Embedded Systems Ambient.

1 A Common-Criteria Based Approach for COTS Component Selection Wes J. Lloyd Colorado State University Young Researchers Workshop (YRW) 2004.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)

SEC835 Database and Web application security Information Security Architecture.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Information Security of Embedded Systems : Logics and Proof Methods, Wrap-Up Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

A Security Business Case for the Common Criteria Marty Ferris Ferris & Associates, Inc

Evaluating Systems Information Assurance Fall 2010.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Security as a New Dimension in Embedded System Design Presented by : Vivek Srikantan Authors: Paul Kocher Ruby Lee Gary McGraw Anand Raghunathan Srivaths.

Background. History TCSEC Issues non-standard inflexible not scalable.

© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.

1 Common Criteria Ravi Sandhu Edited by Duminda Wijesekera.

Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.

The Value of Common Criteria Evaluations Stuart Katzke, Ph.D. Senior Research Scientist National Institute of Standards & Technology 100 Bureau Drive;

Privacy, Confidentiality, and Security Unit 8: Professional Values and Medical Ethics Lecture 2 This material was developed by Oregon Health & Science.

CMSC : Common Criteria for Computer/IT Systems

Privacy, Confidentiality, and Security Component 2/Unit 8c.

TM8104 IT Security EvaluationAutumn CC – Common Criteria (for IT Security Evaluation) The CC permits comparability between the results of independent.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.

Trusted OS Design and Evaluation CS432 - Security in Computing Copyright © 2005, 2010 by Scott Orr and the Trustees of Indiana University.

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Chapter 21: Evaluating Systems Dr. Wayne Summers Department of Computer Science Columbus State University

@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416.

Security Issues in Information Technology

Ch.18 Evaluating Systems - Part 2 -

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

2006 Annual Research Review & Executive Forum

Official levels of Computer Security

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

Information Security of Embedded Systems : Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST

Embedded Security © Prof. Dr. H. Schlingloff Happy New Year! Have you read today’s newspaper?  banking card problem “2010” (30M€)  Mars spaceship problem (???$) You’re in the right lecture!

Embedded Security © Prof. Dr. H. Schlingloff Structure 1. Introductory example 2. Embedded systems engineering 1.definitions and terms 2.design principles 3. Foundations of security 1.threats, attacks, measures 2.construction of safe systems 4. Design of secure systems 1.design challenges 2.safety modelling and assessment 3.cryptographic algorithms 5. Communication of embedded systems 1.remote access 2.sensor networks 6. Algorithms and measures 1.digital signatures 2.key management 3.authentification 4.authorization 7. Formal methods for security 1.protocol verification 2.logics and proof methods

Embedded Security © Prof. Dr. H. Schlingloff Recap –Threats, Attacks, Principles Threats  virus, worms, trojan horses  mobile code, activeX Communication attacks  link layer  network layer  transport layer  application layer General construction principles  fail-safe defaults, complete mediation, need-to-know, open design, economy of mechanisms System construction phases  PID controller

Embedded Security © Prof. Dr. H. Schlingloff Design Challenges Tamper resistance, security even under physical attack Low processing capacities, form factor “Processing Gap” High energy costs, battery life “Battery Gap” Rapidly evolving architectures Engineering vs. information processing Ravi, Raghunathan, Kocher, Hattangady: Security in Embedded Systems:Design Challenges; ACM Trans. ECS3,3,2004

Embedded Security © Prof. Dr. H. Schlingloff Gaps “Processing gap”  cost for security calculations increase quicker than the available processing power “Battery gap”  battery capacity increase and energy consumption decrease slower than security cost inflation “Flexibility”  embedded systems difficult to upgrade, new attacks arise continually “Tampering”  reengineering methods and tools becoming readily available “Assurance gap”  functional complexity increase quicker than verification technology “Cost”  balance between security requirements and implementation costs

Embedded Security © Prof. Dr. H. Schlingloff Security Functions Kocher, Lee, McGraw, Raghunathan, Ravi: Security as a New Dimension in Embedded System Design; DAC 2004 data confidentiality data integrity authentication

Embedded Security © Prof. Dr. H. Schlingloff Security Concepts Encryption  symmetric and asymmetric ciphers, public key methods Access control policies Secure hashing Security protocols  e.g., SSL, IPSec, VPNs Digital Signatures  certificates  biometrical data Digital Rights Management  watermarking, steganography Cryptographic hardware accelerators Embedded processor support for cryptography Multicore for security Open design Redundancy Timing analysis Electromagnetic resistance Capacitors

Embedded Security © Prof. Dr. H. Schlingloff Embedded Security Pyramid Knezevic, Rozic and Verbauwhede: Design Methods for Embedded Security

Embedded Security © Prof. Dr. H. Schlingloff Another Model of Mobile Security Areas of consideration “Abstract to concrete”  property areas  target areas  application areas Sun, Howie, Koivisto, and Sauvola: A Hierarchical FrameworkModel of Mobile Security

Embedded Security © Prof. Dr. H. Schlingloff Property Theory Layer Objectives  confidentiality  integrity  availability Attacks  intrusion orientation  sources of attack  attacked targets  attack methods Mechanisms  protection, cryptography, authentication, monitoring…

Embedded Security © Prof. Dr. H. Schlingloff Limited Targets Layer Networking Computers, OS Multimedia

Embedded Security © Prof. Dr. H. Schlingloff Classified Applications Layer Samples  more? Discussion of the two models?

Embedded Security © Prof. Dr. H. Schlingloff Safety Modelling and Assessment “Common Criteria for Information Technology Security Evaluation” Specification, implementation and evaluation of security requirements  Results to be comprehensible, comparable and traceable  comparable to IEC61508 for safety assessment International standard (ISO/IEC 1540, )  Replaces predecessors - TCSEC (Trusted Computer Eval. Criteria, 1980) - ITSEC (Information Technology Security Evaluation Criteria, 1991)  Mutual acknowledgement between countries  V3.1 released July 2009 Certification for systems by accredited institutions  in Germany: BSI Sources available at

Embedded Security © Prof. Dr. H. Schlingloff Certified Products Network and Network related Devices and Systems Operating systems Access Control Devices and Systems Biometric Systems and Devices Boundary Protection Devices and Systems ICs, Smart Cards and Smart Card related Devices and Systems Key Management Systems Data Protection systems, Databases Detection Devices and Systems Products for Digital Signatures Trusted Computing

Embedded Security © Prof. Dr. H. Schlingloff Structure Part 1: general model  glossary, foundations of evaluation, protection profiles, security targets Part 2: functional requirements  catalogue of recommendations  connections between threats, goals and requirements Part 3: assurance requirements  guideline on evaluation methodology and process  protection profile and security target evaluation

Embedded Security © Prof. Dr. H. Schlingloff Key concepts Target Of Evaluation (TOE)  system to be evaluated Protection Profile (PP)  security requirements for a class of security devices Security Target (ST)  security properties of the TOE; may refer to one or more PPs Security Functional Requirements (SFRs)  individual security functions provided by a product Security Assurance Requirements (SARs)  measures taken during development Evaluation Assurance Level (EAL)  numerical rating of an evaluation; EAL 1-7

Embedded Security © Prof. Dr. H. Schlingloff Functional Security Classes functionality classes  FAU: security audit  FCO: communication  FCS: cryptographic support  FDP: user data protection  FIA: identification and authentication  FMT: security management  FPR: privacy  FPT: protection of the security functions  FTA: TOE access  FTP: trusted path/channels

Embedded Security © Prof. Dr. H. Schlingloff Components of Security Classes e.g. FCS: cryptographic support key generation key distribution key access key destruction specified algorithm

Embedded Security © Prof. Dr. H. Schlingloff Evaluation assurance levels in CC (EAL1) functionally tested  “provides meaningful increase in assurance over an unevaluated IT product or system”  development according to normal engineering standards (EAL2) structurally tested  requires “developer testing, vulnerability analysis, and independent testing”  formulation of security goals, threats, informal architecture plan, test documentation (EAL3) methodically tested and checked  more complete testing, tamper resistance during development  informal implementation plan, test result evaluation

Embedded Security © Prof. Dr. H. Schlingloff Evaluation assurance levels in CC (EAL4) methodically designed, tested, and reviewed  requires design descriptions, partial implementation check, informal model; correlation between design and implementation (EAL5) semiformally designed and tested  semiformal design descriptions, structured architecture, covert channel analysis; formal security model (EAL6) semiformally verified design and tested  vulnerability analysis, structured implementation, environment controls  explanation instead of description (EAL7) formally verified design and tested  formal representations and correspondences, comprehensive testing  mathematical proofs of algorithms

Embedded Security © Prof. Dr. H. Schlingloff Evaluation methods Analysis and checking of processes and procedures Checking that processes and procedures are being applied Analysis of the correspondence between design representations Analysis of design representations against the requirements Verification of proofs Analysis of the guidance documents Analysis of tests and test results Functional and penetration testing

Embedded Security © Prof. Dr. H. Schlingloff Critique + Certification possible for many TOEs +- Generality of approach + Evaluation maintenance - Evaluation usually complex and costly (~10 6 $) - Lenghthy process; certified products outdated - No direct increase in security by assessment - Not for open source and agile development