IA: Week 1 Trust & Threats Trust Models Threats and Vulnerabilities Threat Profiles.

Slides:



Advertisements
Similar presentations
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Advertisements

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
Access Control Methodologies
Grid Security. Typical Grid Scenario Users Resources.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Information Security Policies and Standards
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Chapter 12 Network Security.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Online Security Tuesday April 8, 2003 Maxence Crossley.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Introduction to Web Application Security
Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Session 11: Security with ASP.NET
Security.NET Chapter 1. How Do Attacks Occur? Stages of attack Examples of attacker actions 1. FootprintRuns a port scan on the firewall 2. PenetrationExploits.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Internet Security for Small & Medium Business Week 6
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Software Security Testing Vinay Srinivasan cell:
© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Harshavardhan Achrekar - Grad Student Umass Lowell presents 1 Scenarios Authentication Patterns Direct Authentication v/s Brokered Authentication Kerberos.
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Module 11: Securing a Microsoft ASP.NET Web Application.
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
Operating System Security Fundamentals Dr. Gabriel.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.
Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
DIGITAL SIGNATURE.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Creating and Managing Digital Certificates Chapter Eleven.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
The overview How the open market works. Players and Bodies  The main players are –The component supplier  Document  Binary –The authorized supplier.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Rights Management for Shared Collections Storage Resource Broker Reagan W. Moore
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
Secure Connected Infrastructure
Stop Those Prying Eyes Getting to Your Data
World Wide Web policy.
Secure Software Confidentiality Integrity Data Security Authentication
Presentation transcript:

IA: Week 1 Trust & Threats Trust Models Threats and Vulnerabilities Threat Profiles

Trust Models Networks, applications and systems must satisfy our expectations of trust. 1.Identity 2.Authentication 3.Service agreements 4.Privacy

Trust Models Rely on complete requirements: 1.Business 2.Technical 3.Legal 4.Regulatory 5.Fiduciary

Trust “Generally an entity can be said to 'trust' a second entity when the first entity makes an assumption that the second entity will behave exactly as the first entity expects” ITU-T X.509, §

Trust Principles Trust is a quality of a security architecture. Trust is a balance of liability and due diligence. Trust is confidence in predictable behavior. Trust is binding unique attributes to a unique identity. Trust establishes a trust relationship through a validation process.

Establishing Trust Binding a unique set of attributes to a unique identity, i.e. Authentication. You must have a satisfactory level of confidence in the attributes (credentials) provided by someone to establish a trust relationship.

Establishing Trust Trust is a binary relationship based on validation of a unique individual identity. A trust model does involve particular security mechanisms.

Trust Modeling The process performed to define complimentary threat profile and trust model based on a use- case-driven data flow analysis. Provides a framework for delivering security mechanisms sufficient to establish the trust required of the system.

Trust Modeling Identifies specific mechanisms necessary to respond to specific threat models. Includes validation of an entity's identity. Includes necessary characteristics for an event to occur.

Threats versus Vulnerabilities Vulnerability is a characteristic of a system or organization. A threat originates outside the system or organization and targets the system or organization. If a threat matches a vulnerability then the system is at risk.

Threat Profiles The set of threats and vulnerabilities identified through a use-case-driven data flow analysis. Identifies likely attackers and what they want. The purpose of a trust model is to respond to a particular threat model.

Gradients of Trust There are different levels of trust. Each system will require various levels of trust. A library requires proof of residence to loan a book. A financial institution requires a passport, drivers license or birth certificate to open a checking account.

Gradients of Trust Trust requirements must be matched to the specific kinds of threats or vulnerabilities and the risk that the threat will occur. There must be a starting point in establishing credentials. Trust requires a process of credential establishment and consistent validation.

Threats & Risks Threat profiles identify threats that put your environment at risk. Threat types: Unauthorized probing of system or data Unauthorized access Introduction of malicious code Unauthorized modification, deletion or disclosure of data Denial of service

Threats & Risks Any risk analysis must rely on a threat profile. Use-case-driven data flow analysis of the system: Identifies threats and vulnerabilities Identifies data and resources that are at risk Locates where in the system they are vulnerable

Example Original Entity Authentication Use-case-driven data flow analysis of the system: Identifies threats and vulnerabilities Identifies data and resources that are at risk Locates where in the system they are vulnerable

Example Original Entity Authentication Is the starting point for all trust models. Relying entities must be convinced of the identities of all other entities. Level of satisfaction must be specified in a published security policy.

Original Entity Authentication Occurs only once Results in a credential or token Library card Credit card The credential can be evaluated, tested and referenced by a relying entity Evaluation according to a standardized protocol The credential must be unique and bound to a specific entity

Original Entity Authentication Steps 1. Entity A requests a trust relationship with Entity B 2. Entity B requires Entity A to provide proof of identity 1.In accordance with stated policy 3.Entity B validates these proofs of identity 4.Entity B returns to Entity A some identity credential that Entity B can test to validate Entity A in the future

Bootstrap Entity A uses the token or credential provided by Entity B to re-establish trust. AGAIN trust depends on the ability to bind unique attributes (credentials) to a unique entity.

Spontaneous Trust Spontaneous trust does not exist in any meaningful way. Those systems the purport spontaneous trust have no basis to trust the entity. In SSL the browser can validate the credentials of the server. However the server cannot validate the browser.

Trust Relationships Characteristics Portability Standardized credential types and formats of credentials Interoperability Standardized protocols for validating credentials Reliability Consistent performance Assurance Continued accuracy of credential-to-entity binding

Trust Models Direct Trust Transitive Trust Assumptive Trust

Direct Trust Model A validates B's credentials with no reliance on another entity. No delegation of trust All entities gain trust through a common entity that is responsible for the original entity authentication.

Direct Trust Model Public Key Infrastructure (PKI) is often used in direct trust models. The root certificate authority (CA) initiates all trust relationships. The CA generates all credentials. Original entity authentication is not delegated in this model.

Direct Trust Model Advantages: Validation of credentials is performed by one's self High level of confidence Reduces liability – no dependence of other entities Disadvantages: Labor intensive Expensive

Transitive Trust Models Trust is transmitted through another party. A validates and trusts B. B validates and trusts C. A trusts but does not have to validate C. Transitive Trust is common in peer-to-peer systems.

Transitive Trust Models In transitive trust systems A has to be confident that B validated C. Often banks use a transitive model after the merger of two banks each with their own direct trust systems.

Assumptive Trust Models Assumptive Trust is a form of spontaneous trust. PGP used to use an assumptive trust model. Web of Trust and their key ring

Trust Model Development Acceptable use policy Business requirements Threat profile Identify appropriate security mechanisms

Security Stance A basic principle of acceptable use of data and processing resources is the foundation for developing a trust model.

Acceptable Use Policy Data is accessible on a need-to-know basis only. Processing resources are available only to those explicitly approved.

Business Requirements Sometimes determined by legal and regulatory mandates. Service Level Agreements set speed, throughput, availability requirements. Acceptable risk for the business.

Security Mechanisms Response to identified risks. Support business requirements. Enforce security stance.

Data Flow Analysis Trust Points: Identify all data communication paths Identify all processors involved Identify all storage repositories Identify the types of threats affecting each trust point

Data Flow Analysis Identify risks and results of compromises

Example for a Bank Direct trust model. All users must be identified and authenticated. Trust and authentication can never be implied nor assumed. No transitive trust. Trusted users can access system on a predefined need-to-know basis. All data shall be encrypted during transfer over the Internet.

Threat Models Application  Requirements  Roles  Architecture Scenarios Technologies Security Mechanisms

Example – Web Application Requirements Store, e-commerce Roles Internet shoppers Catalog admins Architecture Server Database Scenarios User browsing catalog\ Adds item to shopping cart Etc.

Technologies Web Server – MS IIS Presentation – ASP.NET (C#) Business logic – C# Data access logic – ADO.NET, T-SQL Stored Procedures Database Server – MS SQL Server 2008

Application Security Mechanisms User authentication Application authentication for access to database Access to business logic based on roles No remote administration access is provided

Trust Boundaries Perimeter firewall Database server trusts calls from the Web app’s identity Data access components trust that business components pass fully validated data

Data Flows Use cases

Entry Points Port 80 for Web requests Port 443 for SSL All other ports trap by the firewall Logon page is validated client side and server side Catalog administration page

Exit Points Search page Catalog page

Threats Brute force attacks using a store dictionary Network sniffing to get client credentials Capture authentication cookie to spoof identity SQL Injection Cross site scritpting Cookie replay attack Attacker assumes control of server Attackers gets crypto keys for CC details

Vulnerabilities User password storage SQL server unpatched IIS unpatched Lack of strong password policy Weak input validation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.