1. Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University Summers_wayne@colstate.edu http://csc.colstate.edu/summers

2. 2 Computer (Systems) Security  the protection of the computer resources against accidental or intentional disclosure of confidential data, unlawful modification of data or programs, the destruction of data, software or hardware, and the denial of one's own computer facilities irrespective of the method together with such criminal activities including computer related fraud and blackmail. [Palmer]

3. 3 Chapter 1: Introduction  Components of computer security  Threats  Policies and mechanisms  The role of trust  Assurance  Operational Issues  Human Issues

4. 4 Basic Components  Confidentiality (concealment) –Keeping data and resources hidden –limiting who can access assets of a computer system  Integrity –Data integrity (integrity) –Origin integrity (authentication) –limiting who can modify assets of a computer system  Availability –Enabling access to data and resources –allowing authorized users access to assets

5. 5 Definitions  vulnerability - weakness in the security system that might be exploited to cause a loss or harm.  threats - circumstances that have the potential to cause loss or harm. Threats typically exploit vulnerabilities.  control - protective measure that reduces a vulnerability or minimize the threat.

6. 6 Vulnerabilities  “Today’s complex Internet networks cannot be made watertight…. A system administrator has to get everything right all the time; a hacker only has to find one small hole. A sysadmin has to be lucky all of the time; a hacker only has to get lucky once. It is easier to destroy than to create.” –Robert Graham, lead architect of Internet Security Systems

7. 7 Types of Threats  interception - some unauthorized party has gained access to an asset.  modification - some unauthorized party tampers with an asset.  fabrication - some unauthorized party might fabricate counterfeit objects for a computer system.  interruption - asset of system becomes lost or unavailable or unusable.

8. 8 Classes of Threats  Disclosure –Snooping  Deception –Modification, spoofing, repudiation of origin, denial of receipt  Disruption –Modification  Usurpation –Modification, spoofing, delay, denial of service

9. 9 Policies and Mechanisms  Policy says what is, and is not, allowed –This defines “security” for the site/system/etc.  Mechanisms enforce policies  Composition of policies –If policies conflict, discrepancies may create security vulnerabilities

10. 10 Goals of Security  Prevention –Prevent attackers from violating security policy  Detection –Detect attackers’ violation of security policy  Recovery –Stop attack, assess and repair damage –Continue to function correctly even if attack succeeds

11. 11 Trust and Assumptions  Underlie all aspects of security  Policies –Unambiguously partition system states –Correctly capture security requirements  Mechanisms –Assumed to enforce policy –Support mechanisms work correctly

12. 12 Types of Mechanisms secure precise broad set of reachable statesset of secure states

13. 13 Assurance  Specification –Requirements analysis –Statement of desired functionality  Design –How system will meet specification  Implementation –Programs/systems that carry out design

14. 14 Operational Issues  Cost-Benefit Analysis –Is it cheaper to prevent or recover?  Risk Analysis –Should we protect something? –How much should we protect this thing?  Laws and Customs –Are desired security measures illegal? –Will people do them?

15. 15 Human Issues  Organizational Problems –Power and responsibility –Financial benefits  People problems –Outsiders and insiders –Social engineering

16. 16 Tying Together Threats Policy Specification Design Implementation Operation

17. 17 Key Points  Policy defines security, and mechanisms enforce security –Confidentiality –Integrity –Availability  Trust and knowing assumptions  Importance of assurance  The human factor

18. 18 Controls  Reduce and contain the risk of security breaches  “Security is not a product, it’s a process” – Bruce Schneier [Using any security product without understanding what it does, and does not, protect against is a recipe for disaster.]