Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIT 480: Securing Computer Systems

Published byLily Harris Modified over 7 years ago

Similar presentations

Presentation on theme: "CIT 480: Securing Computer Systems"— Presentation transcript:

1 CIT 480: Securing Computer Systems
Security Fundamentals

2 About Me James Walden Associate Professor of Computer Science
Interests: Software Security Mobile Application Security Web Application Security Empirical Software Engineering

3 Topics What is Security? Security Concepts States of Information
Confidentiality Integrity Availability States of Information Policies and Principles Security Controls

4 What is Security? Security is the prevention of certain types of intentional actions from occurring in a system. The actors who might attack a system are threats. Threats carry out attacks to compromise a system. Objects of attacks are assets.

5 We all have Assets: The Value of a Hacked PC

6 Safety vs Security Adversary: An intelligent attacker who intentionally causes the system to fail. Safety Home: fire alarm. Car: crumple zones. Computer: UPS. Security Home: door lock. Car: alarm. Computer: Login password. Safety and security can interact: Who is watching your computer room after the fire alarm was pulled?

7 Components of Security
Integrity Confidentiality Availability

8 Confidentiality Confidentiality is the avoidance of the unauthorized disclosure of information. Examples where confidentiality is critical: Personal information Trade secrets Military plans

9 Security Controls for Confidentiality
Access Control: rules and policies that limit access to certain people and/or systems. File permissions (which users can access) Firewall settings (which IP addresses can access) Encryption: transforming information so that it can only be read using a secret key. AES SSL

10 Integrity Integrity is the property that information has not be altered in an unauthorized way. Examples where integrity is critical: Operating system files Software updates and downloads Bank account records

11 Security Controls for Integrity
Backups: periodic archiving of data. Checksums: the computation of a function that maps the contents of a file to a numerical value. Intrusion detection: systems that look for signatures of attacks or that verify that all system software matches correct checksums.

12 Availability Availability is the property that information is accessible and modifiable in a timely fashion by those authorized to do so. Examples where availability is critical: E-commerce site Authentication server for your network Current stock quotes

13 Security Controls for Availability
Physical protections: infrastructure meant to keep information available even in the event of physical challenges. Backup generators Disaster recovery site Computational redundancies: computers and storage devices that serve as fallbacks in the case of failures. Backup tapes RAID

14 Other Security Components
Authenticity Anonymity Assurance

15 States of Information Storage: information in permanent storage (disk or tape) that is not currently being accessed. Processing: information in memory (RAM or cache) that is currently being used by a program. Transmission: information in transit between one node and another on a network.

16 Securing Information in All States
Internet Information in Transmission Information in Storage Information in Processing

17 Security Policies A security policy is a definition of what it means to be secure for a system or organization. Security controls are used to enforce security policies. Security policies hold even in the absence of a control to protect a system, e.g. you can commit a crime by entering someone’s house even if they didn’t lock the door. Examples: Acceptable Use Policy Antivirus Policy Security Policy LISTSERV and Mass Policy

18 Security Principles Security Principles Economy of mechanism
Fail-safe defaults Complete mediation Open design Separation of privilege Least privilege Least common mechanism Psychological acceptability Work factor Compromise recording

19 Security Controls Security controls are policies, technologies, or human factors that avoid, reduce, or counteract security risks. Controls act in three main ways: Prevention: prevent attackers from violating security policy. Ex: firewall. Detection: detect attackers’ violation of security policy. Ex: anti-virus. Recovery: stop attack, assess and repair damage. Ex: backups.

20 Types of Security Controls
Technologies Hardware/software used to ensure confidentiality, integrity, or availability. Policy and practice. Security requirements and activities. Education, training, and awareness. Understanding of threats and vulnerabilities and how to protect against them.

21 Control Example: Authentication
Authentication: the determination of the identity or role that someone has. Need to authenticate an entity before applying access control. Something you are Something you know Something you have radio token with secret keys password=ucIb()w1V mother=Jones pet=Caesar human with fingers and eyes

22 How to evaluate security controls?
What assets are you trying to protect? What are the risks to those assets? How well does the security control mitigate those risks? What other risks does the security control cause? What costs and trade-offs does the security control impose?

23 Example: Password Vault
Asset: passwords. Risks: use of passwords by someone else to gain access to private , bank, health information. Mitigate: encrypted storage prevents use of passwords without vault key. Other risks: lose access to all passwords if you forget the vault key. Costs/tradeoffs: if vault is on PC, lose access elsewhere. If vault is networked, passwords may not be encrypted in transit, will be accessible to attackers who don’t have access to your PC.

24 Security is a matter of Trade-offs
Security is only one of many system goals: Functionality Usability Efficiency Time to market Cost Security Security does not end when the system is completed. Its operation affects security. A “secure” system can be breached by improper operation (for example, when accounts with no passwords are created). The question is how to assess the effect of operational issues on security.

25 Aspects of Risks To evaluate a risk, we need to evaluate both:
Probability of risk occurring. Cost incurred by risk if it occurs. Minimize product of probability and cost. Risks are impacted by environment. Building a house in a flood plain incurs additional risks beyond that of house itself. Similarly, installation and configuration options impact risk of software systems.

26 Cost-Benefit Analysis
Is it cheaper to prevent violation or recover? Cost of good network security: Money, time, reduced functionality, annoyed users. Large and ongoing. Risks of bad network security: Angry customers, bad press, network downtime. Small and temporary. Cost-Benefit Analysis: this weighs the cost of protecting data and resources with the costs associated with losing the data. Among the considerations are the overlap of mechanisms’ effects (one mechanism may protect multiple services, so its cost is amortized), the non-technical aspects of the mechanism (will it be impossible to enforce), and the ease of use (if a mechanism is too cumbersome, it may cost more to retrofit a decent user interface than the benefits would warrant). Risk Analysis: what happens if the data and resources are compromised? This tells you what you need to protect and to what level. Cost-benefit analyses help determine the risk here, but there may be other metrics involved (such as customs).

27 Security: Laws and Customs
Are desired security measures illegal? cryptography export before 2000 is it legal to monitor security breakins? international commerce Will users circumvent them? writing down passwords removing file ACLs Laws and Customs: these constrain what you can do. Encryption used to be the biggie here, as the text indicates. How much that has changed is anybody’s guess. Customs involve non-legislated things, like the use of urine specimens to determine identity. That is legal, at least in the US in some cases; but it would never be widely accepted as an alternative to a password.

28 Security Liability Product liability:
Tires: Continental recalled Ford SUV tires in 2002 due to wire and vibration problems. Software: Manufacturer not liable for security flaws. Since Microsoft isn’t liable for Windows security failures, why would they want to sacrifice money, time, functionality, and ease of use for security?

29 Assumptions Security rests on assumptions specific to type of security required and environment. Example: TCP/IP designed for pre-commercial Internet. Assumed only legitimate admins had root access. Trusted IP addresses, since only root can set IP addr. What happens to network when everyone has personal devices with administrative (root) access?

30 What do you trust? Your vendor’s software Your encryption libraries
“Yet another picture frame malware incident” Your encryption libraries RSA warns customers to stop using BSAFE lib Your ISP ISP hijacks DNS and adds affiliates to URLs

31 Can you trust your compiler?
Ken Thompson’s compiler hack from “Reflections on Trusting Trust.” Modified C compiler does two things: If compiling a compiler, inserts the self-replicating code into the executable of the new compiler. If compiling login, inserts code to allow a backdoor password. After recompiling and installing old C compiler: Source code for Trojan horse does not appear anywhere in login or C compiler. Only method of finding Trojan is analyzing binary.

32 Key Points Definitions Components of security
Security, security policy, security control, threat, attack, asset. Components of security Confidentiality, Integrity, Availability Protect CIA in all states of information: Storage, Processing, Transmission Security Controls Technology, policy, education Cost-Benefit Analysis Probability × cost of the risk Policy and Principles

33 References Anderson, Security Engineering 2nd Edition, Wiley, 2008.
Bishop, Computer Security: Art and Science, Addison-Wesley, 2002. Goodrich and Tammasia, Introduction to Computer Security, Pearson, 2011.

Download ppt "CIT 480: Securing Computer Systems"

Similar presentations

Operating System Security

Operating System Security
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.

Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
July 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Chapter 3 Ethics, Privacy & Security

Chapter 3 Ethics, Privacy & Security
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
CIT 380: Securing Computer Systems Security Solutions.

CIT 380: Securing Computer Systems Security Solutions.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Similar presentations

Ads by Google