Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer."— Presentation transcript:

1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer Security: Art and Science ©2002-2004 Matt Bishop

2 Basic Components Confidentiality Keeping data and resources hidden Integrity Data integrity (integrity) Origin integrity (authentication) Mechanisms: Prevention and Detection Availability Enabling access to data and resources Computer Security: Art and Science ©2002-2004 Matt Bishop

3 Classes of Threats Threat Potential violation of security through attacks Disclosure Unauthorized access to information Snooping (passive wiretapping) Deception Acceptance of false data Modification, spoofing, repudiation of origin, denial of receipt Computer Security: Art and Science ©2002-2004 Matt Bishop

4 Classes of Threats Disruption Interruption or prevention of correct operation Modification Usurpation Unauthorized control of some part of a system Modification, spoofing, delay, denial of service Computer Security: Art and Science ©2002-2004 Matt Bishop

5 Policies and Mechanisms Policy says what is, and is not, allowed This defines “security” for the site/system/etc. Mechanisms enforce policies Composition of policies If policies conflict, discrepancies may create security vulnerabilities Computer Security: Art and Science ©2002-2004 Matt Bishop

6 Goals of Security A policy defines “secure” and “non-secure” actions and mechanisms aim for the following: Prevention Prevent attackers from violating security policy Cumbersome, reduce flexibility Detection Detect attackers’ violation of security policy Recovery Stop attack, assess and repair damage Continue to function correctly even if attack succeeds Computer Security: Art and Science ©2002-2004 Matt Bishop

7 Trust and Assumptions Underlie all aspects of security Policies Unambiguously partition system states (secure, not secure) Correctly capture security requirements Mechanisms Assumed to enforce policy Support mechanisms work correctly Computer Security: Art and Science ©2002-2004 Matt Bishop

8 Types of Mechanisms Computer Security: Art and Science ©2002-2004 Matt Bishop secure precise broad set of reachable statesset of secure states

9 Assurance Measure of how well the system meets its requirements; i.e. how much you can trust the system to do what it is supposed to do. NIST Computer Security Handbook definition “degree of confidence one has that the security measures, both technical and operational, work as intended to protect the system and the information it processes” “Does the security system design meet its requirements?” “Does the security system implementation meet its specifications” Computer Security: Art and Science ©2002-2004 Matt Bishop

10 Assurance Specification Requirements analysis Statement of desired functionality Design How system will meet specification Implementation Programs/systems that carry out design Proof of correctness vs. testing Computer Security: Art and Science ©2002-2004 Matt Bishop

11 Operational Issues Cost-Benefit Analysis Is it cheaper to prevent or recover? Overlap of mechanism’s effects Will it be possible to enforce Ease of use Risk Analysis Should we protect something? How much should we protect this thing? What would happen if the data/resource is compromised? What is the likelihood that the threats will materialize? The level of protection is a function of the likelihood and the effect of the attack. Computer Security: Art and Science ©2002-2004 Matt Bishop

12 Operational Issues Risk Analysis The amount of risk is a function of the environment Risks change with time Many risks are remote but exist Problem of “analysis paralysis” Laws and Customs Are desired security measures illegal? Will people do them? Computer Security: Art and Science ©2002-2004 Matt Bishop

13 Human Issues Organizational Problems No direct financial benefit Requires financial support, resources, manpower Power and responsibility Trained dedicated personnel People problems Outsiders and insiders Social engineering Computer Security: Art and Science ©2002-2004 Matt Bishop

14 Tying Together Computer Security: Art and Science ©2002-2004 Matt Bishop Threats Policy Specification Design Implementation Operation

15 Key Points Policy defines security, and mechanisms enforce security Confidentiality Integrity Availability Trust and knowing assumptions Importance of assurance The human factor Computer Security: Art and Science ©2002-2004 Matt Bishop

Download ppt "Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.

1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.
1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.

1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
July 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
1 Introduction to Security Dr.Talal Alkharobi. 2 Why is security important? Computers and networks are the nerves of the basic services and critical infrastructures.

1 Introduction to Security Dr.Talal Alkharobi. 2 Why is security important? Computers and networks are the nerves of the basic services and critical infrastructures.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google