1. Security

2. Part I-1
Components of Computer Security

3. Confidentiality Keeping data and resources hidden.
Government, military, online financial transactions, e-commerce, medical record, ....
Confidentiality is a protection of information from unauthorized parties
Can be achieved by access control.
Cryptography is used in access control. Encryption scrambles data to make it incomprehensible. Original data can be recovered by decryption.
Demo: Encryption using AES

4. Integrity
Data integrity is to provide assurance so that data has not been altered (for example, by an unauthorized entity).
Unauthorized tampering can be detected by tracking a message digest.
MD5/SHA-1 Example
Origin integrity (of the source of data) , is also called authentication.
Counter measures include prevention and detection.

5. Availability
Availability—Enabling access to data and resources. It is aspect of reliability and system design.
Attackers can make data or service unavailable (deny access). Some systems are designed based on some (statistical) model.
Attackers can do something so that the assumptions of the model is invalid.

6. Part I-2
Threats

7. Disclosure Unauthorized access of information.
It is a passive attack and has the following form: Snooping (e.g., wiretapping).

8. Deception Acceptance of false data. The forms are:
Modification (or alteration)—unauthorized change of information (e.g., active wiretapping, man-in-the-middle attack).
Spoofing (or masquerading)—impersonation
Repudiation of the origin—deny previously authorized action. Denial of receipt

9. Policies and Mechanisms
Components of Computer Security Threats Policies and Mechanisms Trust and Assumptions Assurance Operational Issues Hum
Part I-3
Policies and Mechanisms

10. Policies and Mechanisms
Policy says what is, and is not, allowed. 1
A policy defines “security” for site/system/etc. Formal definition (e.g., algebraic characterization) v.s. informal definition (plain description in English). 2
Mechanisms enforce policies. 1
Mechanisms can be methods, tools or procedures.
Be careful with composition of policies. Inconsistent policies may be a source of security flaws. 1
Example. MS Outlook can be configured to include “Don’t download pictures”, but in IE “Show picture” is chosen.

11. Goals of Security
Prevention—prevent attackers from violating security policy. Detection—detect attackers’ violation of security policy.
Recovery—stop attack, assess and repair damage; continue to function correctly even if attack succeeds

12. Part I-4
Trust and Assumptions

13. Trust and Assumptions
Underlie all aspects of security. Two assumptions: 1
Policies should unambiguously partition system states into “secure” set and “non secure” set, and correctly capture security requirements.
Mechanisms are assumed to enforce policy and implemented correctly. 2

14. Types of Mechanisms P = set of all states.
Q = set of secure states specified by a policy. Q is a subset of
P, i.e., Q ⊂ P.
Suppose that a mechanism restricts the system to some set of states, say R ⊂ P. Then the security mechanism is 1
secure if R ⊂ Q.
precise if R = Q.
broad if R − Q is not empty, i.e., there is some state of R
which is not in Q. 2 3

15. Types of Mechanisms...(2) Secure Precise Broad Set Q ( secure )
Set R ( reachable )

16. Components of Computer Security Threats Policies and Mechanisms Trust and Assumptions Assurance Operational Issues Hum
Part I-7
Human Issues

17. Human Issues People problems: Outsiders and insiders1 1
Outsiders and insiders
Some statistics indicates high percentage of security threats are from insiders. 2 2