Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybersecurity First Principles

Published byWillis Hunt Modified over 6 years ago

Similar presentations

Presentation on theme: "Cybersecurity First Principles"— Presentation transcript:

1 Cybersecurity First Principles
Janica Edmonds

2 Cybersecurity Introduction

3 Security Needs Confidentiality Integrity Availability
Basic security needs are confidentiality, integrity, and availability of all components within a system or network. Confidentiality is preserving sensitive data or resources from unauthorized disclosure. Integrity is preventing the modification of data or resources by unauthorized users, preventing unauthorized or unintentional modification by authorized users, and preserving the consistency of the data and resources. Availability is the timely and uninterrupted access to data and resources.

4 Security Threats A potential occurrence, malicious or otherwise, that might damage or compromise assets. Interception – asset is diverted. Interruption – asset is delayed Modification – asset is altered. Fabrication – asset is manufactured.

5 Security Assets Components of the system or network. Hardware Software
People Data

6 Cybersecurity First Principles
Domain separation Process Isolation Resource encapsulation Layering Modularization Least Privilege Information hiding Abstraction Simplicity Minimization

7 Domain Separation Separating areas where resources are located prevents accidents and loss of data, keeping information worlds from colliding. Good fences make good neighbors. When trying to secure a home or computer, separating the areas where resources are and people work prevents accidents and loss of data or private information. We are preventing the information worlds from colliding. *The images come from a game developed by the GenCyber team at California State University, San Bernardino.

8 Process Isolation A process occurs when a task is executed. Keeping processes separate prevents the failure of one process from negatively impacting another. A process is when a program is run. By keeping processes separated, it prevents the failure of one process from causing another to fail.

9 Resource Encapsulation
Resources – hardware, system objects, or processes – must be separated and used as intended. A resource can be hardware such as memory, disk drives, or a display screen. It can also be system objects such as semaphores, a linked list, or shared memory. Processes (or programs) need resources to run. Resources have to be separated and used in the way they were intended.

10 Layering Multiple layers of defense protect information. If one layer is defeated, the next one should catch it. Cybersecurity uses multiple layers of defenses for protecting information. If one layer is defeated then the next one should catch it.

11 Modularization Able to be inserted or removed from a project; each module has its own function, interchangeable with other modules. The concept of modularity is like building blocks. Each block (or module) can be put in or taken out from a bigger project. Each module has its own separate function that is interchangeable with other modules.

12 Least Privilege Limits what access people have to your resources and what they can do with them. One of the ways to protect information is by limiting what people can do with your information and resources. Like a private letter, you may allow a friend to read it, but not edit it. Your friend may make a mistake. You might let a teacher edit it because she will correct it.

13 Information Hiding Any attempt to prevent people from being able to see information. Information hiding is any attempt to prevent people from being able to see information. It can be hiding the content of a letter, or it can be applied to hiding how the letter is delivered. Both ways can prevent people from being able to see the information.

14 Abstraction Abstraction is a fancy word for summarizing or explaining in a way that can be easily understood. Abstraction is a fancy word for summarizing or explaining in a way that we can easily understand. A map is an abstraction of the Earth. The speedometer on a car is an abstraction for how fast the car is going.

15 Simplicity If something is less complicated, it is less likely to have problems and it is easier to troubleshoot and fix. The less complicated something is, the less likely it is to have problems. It is also easier to troubleshoot and fix. Keep it simple!

16 Minimization Minimization’s goal is to simplify and decrease the number of ways the software can be exploited. Minimization refers to having the least functionality of a program or device. The goal of minimization is to simplify and decrease the number of ways the software can be exploited. This can include turning off the ports that are not needed, reduce the amount of code running, and turn off unneeded features.

Download ppt "Cybersecurity First Principles"

Similar presentations

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.
Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-

1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.

Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Cmpe 471 Computer Crime: Techniques and Countermeasures.

Cmpe 471 Computer Crime: Techniques and Countermeasures.
What does “secure” mean? Protecting Valuables

What does “secure” mean? Protecting Valuables
Computer & Network Security

Computer & Network Security
Summer, 2015 1.

Summer,

Similar presentations

Ads by Google