Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Slides:



Advertisements
Similar presentations
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Advertisements

Let’s Talk About Cyber Security
Lecture 13 Page 1 CS 111 Online File Systems: Introduction CS 111 On-Line MS Program Operating Systems Peter Reiher.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
SECURITY CHECK Protecting Your System and Yourself Source:
INTERNET SAFETY FOR STUDENTS
CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.
Lecture 1 Page 1 CS 236, Spring 2008 What Are Our Security Goals? Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
E-Safety Quiz Keeping safe online! A guide for parents & children.
Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.
INTERNET SAFETY FOR STUDENTS
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.
Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
Internet Safety By Stephanie Jarrard. What is the Internet?  “Internet” is a shortened name for “Interconnected networks”  The internet is a global.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Lecture 17 Page 1 CS 111 Spring 2015 Operating System Security CS 111 Operating Systems Peter Reiher.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
Safe Use of Social Media Cadets – Air Force’s Future.
Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
A Basic Introduction to Computer Security John H. Porter University of Virginia Department of Environmental Sciences.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Security CS Introduction to Operating Systems.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Computer security By Isabelle Cooper.
Topic 5: Basic Security.
Lecture 13 Page 1 CS 236 Online Principles for Secure Software Following these doesn’t guarantee security But they touch on the most commonly seen security.
Lecture 18 Page 1 CS 111 Online OS Use of Access Control Operating systems often use both ACLs and capabilities – Sometimes for the same resource E.g.,
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 1 Page 1 CS 236 Online What Are Our Security Goals? CIA Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
By Liam Wright Manga comic group Japan SAFETY on your computer.
Understand Permissions LESSON Security Fundamentals.
Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.
Lecture 5 Page 1 CS 236 Online Key Management Choosing long, random keys doesn’t do you any good if your clerk is selling them for $10 a pop at the back.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
Computer Security By Duncan Hall.
Basic Security Concepts University of Sunderland CSEM02 Harry R Erwin, PhD.
Lecture 14 Page 1 CS 111 Summer 2013 Security in Operating Systems: Basics CS 111 Operating Systems Peter Reiher.
Lecture 17 Page 1 Advanced Network Security Network Denial of Service Attacks Advanced Network Security Peter Reiher August, 2014.
Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.
Confidentiality, Integrity, Awareness What Does It Mean To You.
Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 2 Page 1 CS 136, Spring 2016 Security Principles, Policies, and Tools CS 136 Computer Security Peter Reiher March 31, 2016.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
Lecture 2 Page 1 CS 236 Online Security Policies Security policies describe how a secure system should behave Policy says what should happen, not how you.
Lecture 14 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Internet Safety.
Outline Security terms and concepts Security policies Basic concepts
Outline Basic concepts in computer security
Firewall Configuration and Administration
Outline What does the OS protect? Authentication for operating systems
Outline What does the OS protect? Authentication for operating systems
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Presentation transcript:

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008

Lecture 2 Page 2 CS 236, Spring 2008 Outline Security terms and concepts Security policies –Basic concepts –Security policies for real systems

Lecture 2 Page 3 CS 236, Spring 2008 Security and Protection Security is a policy –E.g., “no unauthorized user may access this file” Protection is a mechanism –E.g., “the system checks user identity against access permissions” Protection mechanisms implement security policies

Lecture 2 Page 4 CS 236, Spring 2008 Policy vs. Mechanism People shouldn’t drive that fast in my neighborhood! That’s a policy That’s a mechanism That’s a different type of mechanism

Lecture 2 Page 5 CS 236, Spring 2008 Trust An extremely important security concept You do certain things for those you trust You don’t do them for those you don’t Seems simple, but...

Lecture 2 Page 6 CS 236, Spring 2008 Problems With Trust How do you express trust? Why do you trust something? How can you be sure who you’re dealing with? What if trust is situational? What if trust changes?

Lecture 2 Page 7 CS 236, Spring 2008 An Important Example Consider a typical home computer Let’s say it only has one user What’s trust got to do with this case? What if it connects to the Internet? Do we treat everything out on the Internet as trusted? If not, how do we tell what to trust? And just how much?

Lecture 2 Page 8 CS 236, Spring 2008 Main() {... } Continuing Our Example And what about the software it runs? Main() {... } Is it all equally trusted? If not, how do we determine exactly what each program should be allowed to do? Main() {... } Main() {... } Main() {... } Main() {... }

Lecture 2 Page 9 CS 236, Spring 2008 Trust Is Not a Theoretical Issue Most vulnerabilities that are actually exploited are based on trust problems Attackers exploit overly trusting elements of the computer –From the access control model to the actual human user Taking advantage of trust that shouldn’t be there Such a ubiquitous problem that some aren’t aware of its existence

Lecture 2 Page 10 CS 236, Spring 2008 A Trust Problem A user is fooled into downloading a Trojan horse program He runs it and it deletes a bunch of files on his computer Why was this program trusted at all? Why was it trusted to order the deletion of unrelated files?

Lecture 2 Page 11 CS 236, Spring 2008 Another Example of Trust Problems Phishing Based on fooling users into clicking on links leading to bad sites Usually resulting in theft of personal information Why does the user (or his computer) trust those sites? –Or the message telling him to go there?

Lecture 2 Page 12 CS 236, Spring 2008 A Third Example of Trust Problems Buffer overflows A mechanism for taking control of a running program Allows attacker to tell the program to do things it wasn’t designed to Why should that program be able to do arbitrary things, anyway? Why did we trust it to do things it didn’t need to do?

Lecture 2 Page 13 CS 236, Spring 2008 Transitive Trust I trust AliceAlice trusts Bob David trusts Carol Bob trusts David So do I trust Carol? Should I?

Lecture 2 Page 14 CS 236, Spring 2008 Examples of Transitive Trust Trust systems in peer applications Chains of certificates But also less obvious things –Like a web server that calls a database –The database perhaps trusts the web server itself –But does it necessarily trust the user who invoked the server? Programs that call programs that call programs are important cases of transitive trust

Lecture 2 Page 15 CS 236, Spring 2008 Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least common mechanism Acceptability Fail-safe defaults

Lecture 2 Page 16 CS 236, Spring 2008 Economy in Security Design Economical to develop –And to use –And to verify Should add little or no overhead Should do only what needs to be done Generally, try to keep it simple and small

Lecture 2 Page 17 CS 236, Spring 2008 Complete Mediation Apply security on every access to a protected object –E.g., each read of a file, not just the open Also involves checking access on everything that could be attacked

Lecture 2 Page 18 CS 236, Spring 2008 Open Design Don’t rely on “security through obscurity” Assume all potential attackers know everything about the design –And completely understand it This doesn’t mean publish everything important about your security system –Though sometimes that’s a good idea Obscurity can provide some security, but it’s brittle –When the fog is cleared, the security disappears

Lecture 2 Page 19 CS 236, Spring 2008 Separation of Privileges Provide mechanisms that separate the privileges used for one purpose from those used for another To allow flexibility in security systems E.g., separate access control on each file

Lecture 2 Page 20 CS 236, Spring 2008 Least Privilege Give bare minimum access rights required to complete a task Require another request to perform another type of access E.g., don’t give write permission to a file if the program only asked for read

Lecture 2 Page 21 CS 236, Spring 2008 Least Common Mechanism Avoid sharing parts of the security mechanism –among different users –among different parts of the system Coupling leads to possible security breaches

Lecture 2 Page 22 CS 236, Spring 2008 Acceptability Mechanism must be simple to use Simple enough that people will use it without thinking about it Must rarely or never prevent permissible accesses

Lecture 2 Page 23 CS 236, Spring 2008 Fail-Safe Designs Default to lack of access So if something goes wrong or is forgotten or isn’t done, no security lost If important mistakes are made, you’ll find out about them –Without loss of security –But if it happens too often...

Lecture 2 Page 24 CS 236, Spring 2008 Thinking About Security When considering the security of any system, ask these questions: 1.What assets are you trying to protect? 2.What are the risks to those assets? 3.How well does the security solution mitigate those risks? 4.What other security problems does the security solution cause? 5.What tradeoffs does the security solution require? (This set of questions was developed by Bruce Schneier, for his book Beyond Fear)

Lecture 2 Page 25 CS 236, Spring 2008 An Example Access to computers in the graduate workstation room Current security solution –Entry to room requires swipe card –Must provide valid CS department user ID and password to log in

Lecture 2 Page 26 CS 236, Spring 2008 Think About the Questions What assets are we trying to protect? What are the risks to those assets? How well does the security solution mitigate those risks? What other security problems does the security solution cause? What tradeoffs does the security solution require?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.