Data Security and Cryptology, I Introduction. Essence of Data Security September 3th, 2014 Valdo Praust Lecture Course in Estonian IT College Autumn 2014 September 3th, 2014 Valdo Praust Lecture Course in Estonian IT College Autumn 2014
Name and Goal Name: Data Security and Cryptology (Andmeturve ja krüptoloogia) Place: Estonian IT College Goal of lecture course: To provide a systematic overview of contemporary data security and cryptology, both from theoretical and practical side. Data security as a practical discipline will considered a little bit more theoretically and cyrpotography as a deep theoretical discipline (and also an important tool for data security) more practically
Processual Data, I Code: I378 Invovles: 16 academic pairs of lectures, 12 pairs of practices, 74 hours independent work Points: 5 ECTS Schedule (lectures): once a week, on Wednesdays between 2pm and 4pm Grading: final test (determines the final mark) – 70 multiple choice questions
Processual Data, II Distibution of materials: via webpage - English slideshows (PPTs); Estonian slideshows from year 2011 also available Communication between lecturer and students: via and the above- mentioned webpage Practical exercises will start in 5th week (4 pm)
LecturerLecturer Valdo Praust Master of Science (MSc) have 22 years different experience if the field of data security (different roles) currently freelancer IT Securiy expert ph
Plan of Lectures, I 1.Introduction. Essense of Data Security. Data security, it’s essence and importance in contemporary information systems and in whole world. Availability, integrity and confidentiality, its importance in different information systems and in protection of IT assets. Standard model of security harming. Economical side of data security. Practical solving of security problem 2.Security Threats, Classification. Classification of threats: spontaneous (accidental) threats and attacks. Methods used for finding and evaluating threats. Threats frequency
Plan of Lectures, II 3.Vulnerabilities of Information Assets. Appliable Security Measues. Classification of vulnerabilities. Interaction between vulnerabilities and theats, examples 4.Risk Management and its Methodics. Risk management as a tool of solving practical security problem. Four alternatives of risk management – detailed risk analysis, baseline security method, mixed method, non-formal method; their comparison. Quantitative and qualitative risk analysis, examples. Examples of baseline security methods, BSI and ISKE
Plan of Lectures, III 5.Essence of Cryptogrtaphy. Pre- Computer Cryptography. Essence and basic concepts of encryption. History of cryptography, traditional cryptography. Pre-computer cryptography, best-known traditional techniques and machines. Theoretical and practical security 6.Basics of Contemporary Cryptography. Main concepts, essence and goals. Main types of algorithms and their’ usage. Cryptanalysis, its’ goal and properties. Practical security of cryptoalgoritms, ways of achieving this
Plan of Lectures, IV 7.Symmetric Cryptoalgorithms. AES. Essence of symmetric cryptoalgorithms. Modes of operation, their usability and security. AES – history, main properties, technical description. Security and modes operation of AES 8.Other Symmetric Cryptoalgorithms. IDEA, Skipjack, Blowfish, AES, RC4. Their properties, security, usability. DES as a retrospective view of a classic symmetric algorithm
Plan of Lectures, V 9.Asymmetric Cryptoalgorithms. RSA. Essence, properties, mathemathical background and main concepts. Example. Practical usability, realisations 10.Hash Functions. Cryptoprotocols, TLS Essence of hash functions, properties, demands. Mostly used algorithms, thoretical and practical secrity. Collisions. Security protocols. TLS as an example - its desciption and usability
Plan of Lectures, VI 11.Digital Signature, its Usage. Urgency of digital signature in digital record management. Digital signature as an application of public-key cryptography. Practices of handling both the private and public key. Certification, certificates. Timestamp, validity of approval, service providers. Certification infrastructure, PKI. Digital signature in Estonia
Plan of Lectures, VII 12.Digital Signature and Digital Record Management in Practice. Digital Archieving, Estonian ID card. Peculiarities of digital signature in practice. Comparison with handwritten signature for end users and business. Overview of Estonian ID-card and mobile-ID card. Digital record management and digital archieving from the point of view of security
Plan of Lectures, VIII 13.Database Security. Network Security. Database security, theory and practice. Importance and usability of cryptographical chaining, integrity and accountability. Confidentiality as a difficultly solvable problem. Importance of network security. Firewall, virtual private network, cryptowall. Secure remote client
Plan of Lectures, IX 14.Security Management (Organisational Security). Principles and goals of data security management. Functions and activities. Essence of data security policy. Roles of Data Security Forum. Choosing of appropriate risk management technique. Data security plan, implementation of security measures and follow-up activities. Related national and international standards
Plan of Lectures, X 15.Legal Control of Data Security. Protecting of Personal Data. Essence of personal data. Common practices of protecting personal data both in Europe and in all around the world. Estonian Data Protection Act. Sensitive personal data, obligation of registration. Peculiarities of data security in public sector – data security classes, etc 16.Social Elements of Data Security. Influence of data security to information systems and society. Cyberattacks, cyberwar, information war. Cyberdefence, the role and share of different institutions. Cyber-security and data security, their main problems and comparison
Practical exercises, I Classification of threats, vulnerabilities and safeguards, their inter-dependendence Different baseline security standards Different risk analysis methodics Different cryptographic tools, usage of cryptoalgorithms
Practical exercises, II Introduction of PKI environment and software Practical solving of security task (different aspects and poit of view) Different secure authentication means Will start in 5th week
Independent work Final test (determines the final mark) – 70 multiple choice questions In order to access to the final test both the referative work and practical exercises must be passed (and marked) Referative work, related to data security or cryptography (deadline - 14th week). Minimal amount – 20 pages
What We Protect: Information Information (informatsioon, teave) – a knowledge concerning any objects, such as facts, events, things, processes or ideas, which have a special meaning in certain contexts The concept “information” is heavily related to the more general concept – knowledge. It assumes that there is a fact whis is known (an object), and the person who knows the fact (the subject) Information itself does not have the practical shape. The practical shape of information will occure when we also consider the practical representation of information (and then it is called - data)
What We Protect: Data Data are always the presentation of information, usually in a pre-agreed form (which allows to transfer the information beared by the data from one subject to another) The same data can be interpreted differently by the different subjects having a different background (for example, “hallitus” in Estonian and in Finnish) Data (andmed) – reinterpretable formalized representation of an information in such a form which is suitable for transfer, processing and/or interpretation
Digital Data Any information can be represented (carried) by the data in many different ways. The more essential ways are two following: paper-based data (paberkandjal andmed) – text, schemes, pictures etc are beared on the surface of the carrier (paper sheet(s)) digital data (digikujul andmed) – all the data are coded into the queues of 0’s and 1’s using certain standards and certain technical equipment When we talk about the computer-based (computer processable) data we always thought the digital data, which are always coded by using the queues of 0’s and 1’s.
Data Format Data format (andmevorming, vorming) — a desciption how different type of information – text, picture, voice, video etc – is coded into the queue of 0’s and 1’s A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data
From Data Format to Meaning Different data formats are supported by a different application software which usually allow to write the file in certain format, or to made the content of data (information) human- perceptable etc. A typical end-user usually don’t know anything about different data formats and interpretation. He/she usually associates the certain format only to the certain software which is able to interpretate these format(s). End user usually receives only an human-perceptable form, prepared by the software, so-calles WYSIWYG (What You See Is What You Get, in Estonian adekvaatkuva)
Necessity of Data Security If we possess (or process) the data then the information carried by the data has always a certain value for us (for our business process). It does not depend either the infomation is represented by the digital nor by the paper-based data Information security (infoturve) or data security (andmeturve) is a discipline concerning the maintaining these values/properties of information (performed in practice by the maintaining the properties of data)
Components of Information Security Infortmation security (infoturve) or data security (andmeturve) is a complex concept consisting of following three properties: information availability (käideldavus) information integrity (terviklus) information confidentiality (konfidentsiaalsus) Infortmation security (infoturve) or data security (andmeturve) is a complex concept consisting of following three properties: information availability (käideldavus) information integrity (terviklus) information confidentiality (konfidentsiaalsus) These three properties (branches of secrity) must be maintained for all information/data items we possess. In pre-computer world (paper-based information) we talked only about the confidentiality, not for other branches
About Different Concepts The following four concepts: information security (infoturve) information protection (infokaitse) data security (andmeturve) data protection (andmekaitse) are widely taken synonyms It’s mainly a question about traditions and culture where we use which concept. For example in Europe the concept data protection is often used in a context of protection of personal data (isikuandmete kaitse)
Data Availability Data availabilty (andmete käideldavus) is a timely and convenient access and usage of information carried by the data for all authorized persons and other entities Availability is the most important component of data security – the worst thing which must be happened is that data are no more available for the subjects which need them during business process (maybe destroyed forever) Examples: border guard does not have the list of fugitives (or the list isn’t up-to-date); National Board of Land does not know the who possesses the concrete plot of land
Data Integrity Data integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain source and haven’t been altered (both by an accident or by a deliberate act or by the fake) Integrity are the second important security branch (by the availability) In the business process we usually assume that the data we used (information carried by the data) are firmly related to the creator/source of the data, creation time etc. Violation or absense of these relationships will usually causes serios negative consequences Näide: karistusregistri kuritahtliku muutmisega saab vang õigusevastaselt varem vabaks
Data Confidentiality Data confidentiality (andmete konfidentsiaalsus ehk salastatus ehk salastus) is the availability of the information, carried by the data, only by the authorized subjects (and strict non-availability for other subjects) Examples: state of corporative secret will be disclosed operational intelligence information will be disclosed personal data will be spread without the permission of data subject
Security of Data vs IT Assets Security of data (security of information beared by the data) is ensured by the securing the (IT) assets surrounding the data IT assets (infovarad) include: IT equipment (hardware, communication devices, power supplies etc) data communication channels software (both system and application software) but it also MUST include (must taken into the account): organization (its structure and operation) personnel data carriers (incl. documents) infrastructure (buildings, offices etc)
Main Properties of Digital Data (from the security point of view) 1.A great but indirect value of a data (information): it’s very hard to measure it 2.Portativity: data which can be stored by the very small and easily movable carriers can possess a huge value for our business process 3.Possibility of avoiding the physical contact: the physical and virtual structures are usually very different 4.Disclosure of security losses especially for integrity and confidentiality losses
Standard Model of Security Harming 1.Threats (ohud) influence the data (via IT assets) 2.Threats use the vulnerabilities (nõrkused, turvaaugud) of IT assets or components of IT system 3.Threats with co-influence the vulnerabilites will determine the risk or security risk (risk, turvarisk) 4.When a certain risk realises, there will appear a security loss or security breach or security incident (turvakadu, turvarike, turvaintsident) 5.In order to minimize the risks there’s necessary to minimise vulnerabilities using safeguards of security measures (turvameetmeid)
Harming of Security
Influence of Safeguard(s)
Essence of Security Concepts Threat (oht) – a potential extern-influenced harm of information security Vulnerability (nõrkus ehk turvaauk) – the property of each IT asset (component) from the point of view of external threats Risk (risk) – a probability that threat can use the certain vulnerability and will realise Security loss (turvakadu) – an event when the security (availability, integrity and/or confidentiality) of some IT asset(s) will be harmed Safeguard or security measure (turvameede) – a modification of IT asset(s) which will minimise the risk(s) (the rate of vulnerabilities of asset(s))
Examples of Security Losses failure of equipment – integrity loss of IT asset theft of equipment – availability loss of IT asset Unauthorised modifying of register – integrity loss of data destroying of office rooms by fire – availability loss of infrastructure wiretapping of non-crypted data cabels – confidentiality loss of data
Relations Between Main Concepts
Security and Residual Risk Instead of absolute security usually the concept acceptable residual risk by the business process (äriprotsessi jaoks aktsepteeritav jääkrisk) is used NB! It does not matter how many safeguards we implement, we NEVER achieve the absolute security. If we implement more safeguards we only minimise the probability that security (availability, integrity of confidentiality) will be harmed but it will never fall into zero An acceptable residual risk is a situation where the total price of all implemented safeguards is approximately equal to the forecasted total loss of security (measured by the amount of money)
Economical View of Data Security
The both graphs are hardly predictable (estimatable): We do not know the exact expenses of the all safeguards (it will change over the times) Even less we can estimate the graph of damages – we do not have the actual data of threat frequences and their impact for all IT assets Even we have all this estimation data, the exact calculation (quantitative risk analysis) is very time- consuming prosess - there’s a hunderds of different IT assets, thousands of threats, thousands of vulnerabilities (and all of them must be taken account together) Serious Obstacles of Evaluating the Optimal Security Point
Necessity for a Risk Management Techniques to standardise different security levels i.e. different availability, integrity and confidentiality levels to create a system which is able to determine standardised actions (safeguards), for different security levels, which result ensures us to approximately achieve the optimum point (to archieve the acceptable residual risk situation This process is usually called a risk management (riskihaldus) In order to simplify a practical security task it’s usually necessary