Presentation is loading. Please wait.

Presentation is loading. Please wait.

Assumptions of Secure Operation University of Sunderland CSEM02 Harry R. Erwin, PhD.

Published byLogan Bennett Modified over 8 years ago

Similar presentations

Presentation on theme: "Assumptions of Secure Operation University of Sunderland CSEM02 Harry R. Erwin, PhD."— Presentation transcript:

1 Assumptions of Secure Operation University of Sunderland CSEM02 Harry R. Erwin, PhD

2 Definition When you do a security analysis, you identify ‘security objectives’—what the target of evaluation (TOE—i.e., the ‘system’) should do. For example, the recommendations of a risk analysis are security objectives. Some of these objectives do not require specific security mechanisms because the system operates securely for other reasons. Those other reasons are the ‘assumptions of secure operation’. We will examine typical ones from US Department of Defense sources.

3 Assumption Categories (from CCTool) Administrators—what can we assume about the administrators? Users—what can we assume about the users? Assumed Protection—what can we assume about the protection of security data? Procedural Security—what can we assume about administrative procedures? Communications Security—what can we assume about the security of data in transit? Physical Security—what can we assume about the physical security of the system and facility?

4 Administrator Assumptions Are the administrator staff authenticated and held responsible for their actions? (good idea) Is remote security administration supported? (bad idea) Are administrators trusted, hostile, or negligent? (trusted is preferred) Are administrators competent, improperly trained, or error-prone? (competent is preferred) Can administrators be trusted to be well-behaved and to act constructively? (Answer ‘yes’.)

5 User Assumptions Are users cooperative? (hard to say) Do they have access to security data? Can they access the system remotely? Are they competent, hostile, or error-prone? Can they bypass security? How competent are the hackers? Are viruses a concern?

6 Assumed Protection How secure are the password files? Can they be accessed outside of their use in identification and authentication? Do system administrators have the ability to corrupt data transiting to/from the system? (unlikely) Are programs, log files, and system data protected from corruption by users?

7 Procedural Security Do security administrators follow documented policies and procedures? Do security administrators review audit trails and security logs on a regular basis? Do security administrators remove user data properly from the system when user access is removed? (Discuss…) Do security administrators follow procedures to enforce proper user management of passwords? Do security administrators follow procedures to prevent the spread of computer viruses?

8 Communications Security Are communications media physically protected? (unlikely) Can outsiders read communications traffic? Are the systems interfacing to the TOE under the same management control, and do they follow the same security policies? (Trust, again!)

9 Physical Security Can hackers gain physical access to the system? Are TOE security functions physically protected? Is the system protected against natural disaster? Is the system protected against sudden loss of power? Are system communications protected from sudden loss of service?

10 Conclusions Clearly, it is easier to secure a system that operates in a benign or safe environment. Deploying a system in an unprotected environment makes security much more difficult, but may be required. (E.g., FAA radars and communications antennae are not physically protected.) Consider the operational environment in assessing costs and benefits.

Download ppt "Assumptions of Secure Operation University of Sunderland CSEM02 Harry R. Erwin, PhD."

Similar presentations

Chapter 1 - 1 ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,
Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.

Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.
Professional Behaviour

Professional Behaviour
The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.

The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
Information Security Policies and Standards

Information Security Policies and Standards
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.

SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland.

How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland.
VoIP – Security Considerations An Examination Ricardo Estevez CS 522 / Computer Communication Fall 2003.

VoIP – Security Considerations An Examination Ricardo Estevez CS 522 / Computer Communication Fall 2003.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security expenditure should be determined by security risk. What is the financial risk to UNC of undetected modification of bioresearch data? theft and.

Security expenditure should be determined by security risk. What is the financial risk to UNC of undetected modification of bioresearch data? theft and.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.

ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.
Fraud Prevention and Risk Management

Fraud Prevention and Risk Management

Similar presentations

Ads by Google