Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 395: Topics in Computer Security

Published byJody Barton Modified over 6 years ago

Similar presentations

Presentation on theme: "CS 395: Topics in Computer Security"— Presentation transcript:

1 CS 395: Topics in Computer Security
Fall 2006 Fall 2006 CS 395 Topics in Computer Security

2 CS 395 Topics in Computer Security
Material for this (and all presentations in this class) are based on material borrowed from the texts Computer Security: Art and Science by Matt Bishop and Security in Computing by Charles P. and Shari Lawrence Pfleeger. Fall 2006 CS 395 Topics in Computer Security

3 Attacks Security Goals
Introduction Attacks Security Goals Fall 2006 CS 395 Topics in Computer Security

4 What is Computer Security?
Generally concerned with protection of computer related assets Risk analysis and management! “Manage” could mean prevention of damage or detection of damage Knowledge of available countermeasures and controls Fall 2006 CS 395 Topics in Computer Security

5 CS 395 Topics in Computer Security
Security Goals Confidentiality: concealment of information or resources. Sometimes called privacy Availability: preserve ability to use information or resource desired. An unavailable system is at least as bad as no system at all! Fall 2006 CS 395 Topics in Computer Security

6 CS 395 Topics in Computer Security
Security Goals (cont.) Integrity: trustworthiness of data or resources. Typically refers to preventing improper or unauthorized modification Data integrity (content of information) Origin integrity (origin of information). Typically referred to as authentication. Fall 2006 CS 395 Topics in Computer Security

7 CS 395 Topics in Computer Security
Confidentiality Supported by access control methods Cryptography for example System-dependent mechanisms BUT: These leave data public when they fail or are bypassed Also applies to existence of data Knowing data exists can often be as valuable as the data itself Example: Knowing a politician conducted a survey on how many people distrust him may be more valuable than knowing the precise values of the responses Fall 2006 CS 395 Topics in Computer Security

8 CS 395 Topics in Computer Security
Confidentiality All confidentiality enforcement mechanisms require supporting services from system. Assumption is that security services can rely on kernel and other agents, to supply correct data. Thus assumptions and trust underlie confidentiality mechanisms. Confidentiality is not integrity: just because no one can read it, doesn’t mean they can’t change it! Fall 2006 CS 395 Topics in Computer Security

9 CS 395 Topics in Computer Security
Integrity Example: the correct quote credited to the wrong source preserves data integrity but not origin integrity. Fall 2006 CS 395 Topics in Computer Security

10 CS 395 Topics in Computer Security
Integrity Two classes Prevention mechanisms: maintain integrity by blocking unauthorized attempts to change data or by blocking attempts to change data in unauthorized ways. Detection mechanisms: report that data’s integrity is no longer trustworthy Fall 2006 CS 395 Topics in Computer Security

11 CS 395 Topics in Computer Security
Integrity Affected by Origin of data (how and from whom it was obtained) How well data protected before arrival at current machine How well data is protected on current machine Evaluating is difficult: relies on assumptions about source and about trust in that source Fall 2006 CS 395 Topics in Computer Security

12 CS 395 Topics in Computer Security
Availability Relevant to security because someone may be attempting to affect data or service by making it unavailable Ex. Some software (e.g. network code) depends for correct operation on underlying statistical information and assumptions. By changing, for example, service request patterns, an adversary can cause this code to fail. Fall 2006 CS 395 Topics in Computer Security

13 CS 395 Topics in Computer Security
Availability Relevant to security because someone may be attempting to affect data or service by making it unavailable Ex. Some software (e.g. network code) depends for correct operation on underlying statistical information. By changing, for example, service request patterns, an adversary can cause this code to fail. Attack on availability is called a denial of service attack Difficult to detect: is it a deliberate phenomenon or just an unusual access pattern? Also, even if underlying statistical model is accurate, atypical events do occur that may appear to be malicious! Fall 2006 CS 395 Topics in Computer Security

14 CS 395 Topics in Computer Security
Threats Threat: potential violation of security Attack: actions that could cause violation to occur Attacker: those who cause such actions to be executed Passive attack: attacker merely observes (e.g. traffic analysis) Active attack: attacker actively modifies data or creates false data stream Fall 2006 CS 395 Topics in Computer Security

15 Threat Classes (Shirey 1994)
Disclosure: unauthorized access to info Deception: acceptance of false data Disruption: interruption or prevention of correct operation Usurpation: unauthorized control of some part of a system Fall 2006 CS 395 Topics in Computer Security

16 CS 395 Topics in Computer Security
Examples and Terms Snooping: unauthorized interception of information (form of disclosure). Countered by confidentiality mechanisms Ex. Wiretapping Modification or alteration: unauthorized change of information (could be deception, disruption, or usurpation) Ex. Active wiretapping Ex. Man-in-the-middle attack: attacker reads message from sender and forwards (possibly modified) message to receiver. Countered by integrity mechanisms Fall 2006 CS 395 Topics in Computer Security

17 CS 395 Topics in Computer Security
Examples and Terms Masquerading or Spoofing: impersonation of one identity by another. Most often deception, but may be used for usurpation. Integrity services (called authentication services in this context) counter this threat. Delegation (one entity authorizes a second entity to perform functions on its behalf) is a form of masquerading that may be allowed. This is not the same as traditional masquerading, since the person performing the action is not pretending to be someone they are not. That is, all parties are aware of the delegation. Fall 2006 CS 395 Topics in Computer Security

18 CS 395 Topics in Computer Security
Examples and Terms Repudiation of origin: false denial that an entity sent or created something Denial of receipt: false denial that an entity received some information or message Delay: temporary inhibition of service. Typically a form of usurpation, but may also be used for deception. Denial-of-service: seen this already: long term inhibition of service. A form of usurpation. Fall 2006 CS 395 Topics in Computer Security

19 CS 395 Topics in Computer Security
Policy and Mechanism Security Policy: a statement of what is, and what is not, allowed Security Mechanism: a method, tool, or procedure for enforcing a security policy Mechanisms can be non-technical. Policies often require some procedural mechanisms that technology cannot enforce. Fall 2006 CS 395 Topics in Computer Security

20 Policies and Mechanisms
Policies may be presented mathematically, as a list of allowed and disallowed states. In general an axiomatic description of secure states and nonsecure states In practice, rarely this precise Normally written in English, leading to ambiguity (is a state legal or not?) Fall 2006 CS 395 Topics in Computer Security

21 CS 395 Topics in Computer Security
Assumptions and Trust Security rests on assumptions specific to the type of security required and the environment in which it is to be employed. Ex. (Bishop) Opening a door lock requires a key. Assumption is that the lock is secure against lock picking. This assumption is treated as an axiom and made because most people require a key to open a locked door. A good lock picker can, however, open a locked door without a key. Thus in an environment with a skilled, untrustworthy lock picker, the assumption is wrong and the consequence invalid. Fall 2006 CS 395 Topics in Computer Security

22 CS 395 Topics in Computer Security
Assumptions and Trust Well-defined exception to rules provides a back door through which security mechanisms can be bypassed. Trust resides in belief that back door will not be used except as specified by policy. Fall 2006 CS 395 Topics in Computer Security

23 CS 395 Topics in Computer Security
Assumptions and Trust Two assumptions made by policy designers Policy correctly and unambiguously partitions set of system states into secure and nonsecure states Security mechanisms prevent system from entering a nonsecure state If either of these fail, system is not secure Fall 2006 CS 395 Topics in Computer Security

24 CS 395 Topics in Computer Security
Our First Principle Principle of Easiest Penetration: Count on an intruder to use the easiest means to penetrate the system I.e., System is most vulnerable at its weakest point (regardless of how well other points are defended). Fall 2006 CS 395 Topics in Computer Security

Download ppt "CS 395: Topics in Computer Security"

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.

1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.

1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.

Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
July 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.

Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
Information Security Rabie A. Ramadan GUC, Cairo Room C7 -310 Lecture 2.

Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.

Similar presentations

Ads by Google