CS461/ECE422 — Computer Security I — Spring 2012

 Computing in the presence of an adversary  Adversary (threat agent) An entity that attacks, or is a threat to, a system.  Attack An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [source: RFC 2828] Nikita Borisov — UIUC2

 Security Services  Prevent “bad” things from happening  Mechanism  Security Policies  Define what is “bad” and what is “good”  Policy Nikita Borisov — UIUC3

AreaUsual perspectiveSecurity perspective ReliabilityRandom failuresDeliberate failures UsabilityUser confusionUser deception Programming languages (memory safety) CrashesEntrance vector Software engineering (bugs) Software qualityAttack vectors Nikita Borisov — UIUC4

 Security only as good as weakest link  Must understand all parts of the system  O/S  Networking  Devices  Physical security  People  We will cover some of these topics Nikita Borisov — UIUC5

 Task: log into online bank account to transfer funds  What are the vulnerabilities? Nikita Borisov — UIUC6

 Confidentiality  Keeping data and resources hidden  Privacy  Integrity  Data integrity (integrity)  Origin integrity (authentication)  Availability  Enabling access to data and resources Nikita Borisov — UIUC Slide #1-7

Authenticity Property of being genuine. Can be verified and trusted Accountability Actions of an entity can be traced uniquely to that entity Nonrepudiation or “you can’t escape your past” Nikita Borisov — UIUC8

 Threat – Set of circumstances that has the potential to cause loss or harm. Or a potential violation of security.  Vulnerability – Weakness in the system that could be exploited to cause loss or harm  Attack – When an entity exploits a vulnerability on system  Control or Countermeasure – A means to prevent a vulnerability from being exploited Slide # Nikita Borisov — UIUC

Security entails:  Identifying assets  Identifying vulnerabilities  Designing countermeasures  Assessing risk [Figure 1.2 from Stallings & Brown] Nikita Borisov — UIUC10

Slide # Nikita Borisov — UIUC

 Disclosure – Unauthorized access to information  Deception – Acceptance of false data  Disruption – Interruption or prevention of correct operation  Usurpation – Unauthorized control of some part of a system Slide # Nikita Borisov — UIUC

 Snooping or interception  Unauthorized interception of information  Falsification  Unauthorized change of information  Masquerading or spoofing  An impersonation of one entity by another  Repudiation  A false denial that an entity received some information. Slide # Nikita Borisov — UIUC

 Policy  A statement of what is and what is not allowed  Divides the world into secure and non-secure states  A secure system starts in a secure state. All transitions keep it in a secure state.  Mechanism or Implementation  A method, tool, or procedure for enforcing a security policy  Prevent, detect, response, or recovery Slide # Nikita Borisov — UIUC

 Web server accepts all connections  No authentication required  Self-registration  Connected to the Internet Slide # Nikita Borisov — UIUC

 Locks prevent unwanted physical access.  What are the assumptions this statement builds on? Slide # Nikita Borisov — UIUC

 Policy correctly divides world into secure and insecure states.  Mechanisms prevent transition from secure to insecure states. Slide # Nikita Borisov — UIUC

 Bank officers may move money between accounts.  Any flawed assumptions here? Slide # Nikita Borisov — UIUC

 Evidence of how much to trust a system  Evidence can include  System specifications  Design  Implementation Slide # Nikita Borisov — UIUC

 Why do you trust Aspirin from a major manufacturer?  FDA certifies the aspirin recipe  Factory follows manufacturing standards  Safety seals on bottles  Analogy to software assurance Slide # Nikita Borisov — UIUC

 Must look at the big picture when securing a system  Main components of security  Confidentiality  Integrity  Availability  Differentiating Threats, Vulnerabilities, Attacks and Controls  Policy vs mechanism  Assurance Slide # Nikita Borisov — UIUC

 Staff  Nikita Borisov, instructor  Qiyan Wang, TA  Communications  Class web page  Newsgroup class.sp12.cs461  More to come next class Slide # Nikita Borisov — UIUC

 Two lectures / week  Each lecture:  Starts 8am sharp  i-Clicker review questions  5-minute break halfway through  Active learning exercises  ~1 per week  Help keep you awake!  Bring pen, paper Nikita Borisov — UIUC23

 Midterm: 20%  Final: 40%  Homework: 15%  Every 1-2 weeks  Security analysis: 15%  See next slide  Participation: 10%  Extra project worth 20% for grad students taking for 4 credits Slide # Nikita Borisov — UIUC

 Last few days of Slashdot Nikita Borisov — UIUC25

 Analyze a current event  Report what happened  Describe threats, vulnerabilities, assets, and risks involved  Identify lessons  Analyze an existing system  Perhaps one you encounter in daily life ▪ Pictures are great  Describe threats, vulnerabilities, assets, and risks involved Nikita Borisov — UIUC26

 Total requirements: 3 in a semester  At least one current event and one existing system  Due Feb 14, Mar 13, Apr 17  May be done in groups  1-3 students per group  Posted in forum  TBA Nikita Borisov — UIUC27

 i-Clicker participation  Comments / questions in class, on newsgroup  Discussion of security analyses  100% participation not required for 100% of grade Nikita Borisov — UIUC28

 Review department and university cheating and honor codes:  g/Honor+Code g/Honor+Code  4_1-402.html 4_1-402.html  This has been an issue in the past  Expectations for exams, homeworks, projects, and papers Slide # Nikita Borisov — UIUC

 Main text:  Computer Security: Principles and Practice by William Stallings and Lawrie Brown  Additional readings provided via compass or public links  Books on reserve at the library Slide # Nikita Borisov — UIUC

 Three introductory courses  Computer Security I (CS461/ECE422) ▪ Covers NSA 4011 security professional requirements ▪ Taught every semester (mostly)  Computer Security II (CS463/ECE424) ▪ Continues in greater depth on more advanced security topics ▪ Taught every 1-2 semesters  Applied Computer Security Lab (CS460/ECE419) ▪ With CS461 covers NSA 4013 system administrator requirements  Two of the three courses will satisfy the Security Specialization in the CS track for Computer Science majors. Slide # Nikita Borisov — UIUC

 Cryptography  Theoretical foundations (Prabhakaran)  Applied cryptography (Prabahkaran & Borisov)  Number theory (Blahut)  Security Reading Group CS591RHC  Advanced Computer Security CS563  Local talks  events events  ITI Security Roadmap  Slide # Nikita Borisov — UIUC