Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Computing Chapter 1, Is There a Security Problem in Computing? Summary created by Kirk Scott 1.

Published byKelly McBride Modified over 9 years ago

Similar presentations

Presentation on theme: "Security in Computing Chapter 1, Is There a Security Problem in Computing? Summary created by Kirk Scott 1."— Presentation transcript:

1 Security in Computing Chapter 1, Is There a Security Problem in Computing? Summary created by Kirk Scott 1

2 1. What is Computer Security About? Protecting things of value: Hardware Software Data 2

3 2. A Basic Vocabulary for Security Threat: What could go wrong Vulnerability: Weakness in a system or in its defenses or protections Control: A protective measure Summary of relationship among the three: A threat is blocked by a control of a vulnerability. 3

4 3. The Three Steps of Security 1. Recognize the risk. Embrace Murphy’s law, revised: What can be hacked will. In other words, the world is full of threats. 2. Identify and classify the vulnerabilities. There are varying degrees of vulnerability 3. Seek countermeasures/controls and effective means of implementing them 4

5 4. The Principle of Easiest Penetration: “An intruder must be expected to use any available means of penetration. The penetration may not necessarily be by the most obvious means, nor is it necessarily the one against which the most solid defense has been installed. And it certainly does not have to be the way we want the attacker to behave.” 5

6 Any complex system will have multiple points at which it might be attacked. By the process of elimination, attackers will give up on unproductive attacks and try something different. They will eventually reach the lowest point, the point where the system is easiest to attack. 6

7 5. Security is Not Just about Attacks. Full security takes into account any possible compromise to system and data. This can range from accidental deletion of files to nuclear disaster. This will not be discussed at length because it is non-technical in nature. Any well-run computer installation will have plans and procedures to deal with non- malicious issues like this. 7

8 6. A Taxonomy of Threats 1. Interception 2. Interruption 3. Modification 4. Fabrication In theory each threat can apply to each of hardware, software, and data Some threats would be more commonly associated with one of those resources than another. 8

9 There is an interrelationship among the threats. Modification and fabrication tend to presuppose interception. To an extent, modification and fabrication are simply differences of scale. For example: Modifying a single db record is a fabrication at the field level. Inserting a fabricated recorded is a modification at the table level. 9

10 8. Three Broad Security Goals 1. Confidentiality = privacy or secrecy 2. Integrity (like db integrity) 3. Availability 10

11 9. The Goals are the Converses of the Threats. Confidentiality is the converse of interception. Integrity is the converse of modification and fabrication. Availability is the converse of interruption or denial of service. 11

12 10. The Goals are in Tension with Each Other Building security means supporting all 3 goals. Note that availability and confidentiality are in tension. An open system is more liable to attack. A closed system will tend to be more confidential. It’s necessary to achieve balance so that resources are both secure and available. 12

13 11. Components of Confidentiality Confidentiality can be analyzed in a matrix of at least three dimensions: Users Resources or system components Level of privilege or access 13

14 12. The Possible Meanings of Integrity Precise Accurate Unmodified Modified only in acceptable ways by authorized people or processes Consistent/internally consistent Meaningful and usable 14

15 13. Components of Integrity Who or what can access what user in what way? This is essentially very similar to the matrix for confidentiality. An implementation of integrity may have the additional components of error detection and correction. 15

16 14. The Possible Meanings of Availability Present in a usable form Having sufficient capacity to meet demands Making progress towards completing service with bounded waiting if waiting Completing tasks within an acceptable period of time 16

17 15. Aspects of Design for Availability Ease of use and timeliness of response Fair resource allocation (possibly in tension with different levels of access privileges) Fault tolerance = graceful degradation of service under load or error conditions vs. catastrophic failure Concurrency control 17

18 16. Hardware Vulnerabilities Destruction (physical) Note existence of hardware destroying software Rarely—addition/modification Theft of hardware—theft of hardware cycles = computing time Historically—physical security for physical devices Not as applicable in portable world 18

19 17. Software Vulnerabilities Accidental and intentional problems are roughly analogous: Accidental deletion/intentional destruction Accidental modification/intentional modification or replacement The results: Gone or present but not working Worse: Still present and “working” but harboring some security problem 19

20 18. Aspects of Software Vulnerability Physical security along can’t protect software Like hardware, software is vulnerable to theft (piracy) as well as compromise Software is not robust Hardware systems are designed to be fault tolerant and self-correcting Change one bit of software and you may be dead Research topic: Self-healing software 20

21 19. Spectrum of Security Hardware security encompasses those with physical access to devices Software security encompasses those with electronic access and knowledge of writing and using programs Data security encompasses anyone with access to data and knowledge of its meaning These tend to be widening circles of people 21

22 20. Security Spectrum for Data Alone Granularity—data items only have meaning within a context—isolated data may have no significance Data has real value—it may be hard to quantify—but compromise or loss have a real cost Data has a lifetime—after a certain point it may have reduced or no value—meaning security measures for it can change 22

23 21. Principle of Adequate Protection “Computer items must be protected only until they lose their value. They must be protected to a degree consistent with their value.” 23

24 22. Threats to Data Confidentiality Physical/technical—wiretapping, network sniffing, etc. Physical access to non-electronic media— printouts, etc. Social access—access through other people who have access Software access—bugs, holes, leaks, etc. 24

25 23. Aspects of Data Vulnerability-- Integrity Interception is typically the first step More sophistication is needed to modify or fabricate Modifying data is typically easier than modifying software or hardware In a sense, data is the most valuable part of a system The hardware and software “serve” it 25

26 A focused attack will be designed to access data, whether the attack comes through hardware or software If the data is the goal, the attacker presumably understands the data In that sense, the data itself is the weak point in the system Hardware and software can or should be part of the defenses for the data 26

27 24. System Security Security spans the range from a single system to collections of systems Networks may be under the control of one organization or the components may be autonomous (the Internet) A complete system includes hardware, software, data, and people or processes with access 27

28 25. Classification of Computer Criminals Amateurs Crackers/malicious hackers Career criminals Terrorists The book does not mention this category: State actors, spies, military organizations 28

29 26. Method, Opportunity, and Motive Documentation is available for commodity systems like Microsoft and Apple. Method is widely available. The systems themselves are widespread. There is no lack of opportunity. Motives vary, but it’s as simple as this: Where there is an open door, somebody will eventually walk through it. 29

30 27. A Little More Terminology “Harm occurs when a threat is realized against a vulnerability.” “The possibility for harm to occur is called risk.” 30

31 28. Methods of Defense/Dealing with the Potential for Harm Deter harm (make the attack harder) Deflect harm (make another target relatively easier) Prevent harm (close the vulnerability/block the attack) Detect harm Recover from harm 31

32 29. Controls or Countermeasures Multi-pronged approach Controls vary in implementation and use difficulty and expense They vary in area of effect and effectiveness Resources vary in value Across a system a combination of overlapping techniques may be applied to achieve the overall level of protection desired. 32

33 30. Encryption (Data Control) This is the most basic and powerful security tool Encryption scrambles data so that only authorized users have access Used correctly, encryption can prevent interception, modification, and fabrication of data. I.e., it supports confidentiality and integrity. An access control/authorization system will also have encryption in its internals Therefore, encryption is also central to providing secure availability. 33

34 31. Encryption Alone is Not Sufficient Encryption is used with other tools, techniques, and protocols Encryption itself is not simple Care has to be taken so that it’s implemented correctly Doing so is not a trivial task Done incorrectly, it can be counterproductive Poorly conceived changes can actually degrade or negate the security in an encrypted system Faulty encryption can lead to a false sense of security 34

35 32. Software Controls Software development controls—making sure the software itself doesn’t contain security flaws Internal program controls—e.g., authorization in a dbms O/S and network controls—e.g., login, password, permissions, etc. Independent security programs—e.g., anti- virus, intrusion detection, etc. 35

36 33. Hardware Controls Physical devices—e.g., locks and cabes, etc. User verification devices—e.g., cards, biometrics, etc. Hardware/smart card encryption, adapter cards securing attached devices, dongles, etc. Larger scale system level devices like firewall and intrusion detection machines, etc. 36

37 34. Policies and Procedures Policies and procedures set standards for the implementation and use of technical defenses This is an administrator’s dream—but a necessary one Large organizations will have manuals on this If procedures aren’t followed, technical defenses can be circumvented 37

38 At the low end procedures can be as simple as “You have to change your password every three months.” At the high end, procedures may take the form of ethics guidelines. Guidelines may be useful in promoting an ethical culture, but concrete policies still have to be enforced. 38

39 35. Effectiveness of Controls Decision makers need to believe that controls are needed Users should be persuaded that they ought to use them Controls have to be easy enough to use that people will use them 39

40 36. Principle of Effectiveness “Controls must be used—and used properly— to be effective. They must be efficient, easy to use, and appropriate.” 40

41 37. Principle of Weakest Link “Security can be no stronger than its weakest link. Whether it is the power supply that powers the firewall or the operating system under the security application or the human who plans, implements, and administers controls, a failure of any control can lead to security failure.” 41

42 Notice that the principle of the weakest link is essentially a restatement of the principle of easiest penetration. In an environment with controls, vulnerability is highest at that point where the controls are weakest. 42

43 38. Periodic Review Security is a moving target No one control is 100% effective Technology progresses When one problem is fixed, another arises Or attackers probe for weaknesses in the supposed fixed A layered approach is necessary, with multiple, overlapping controls As time passes, threats, vulnerabilities, and controls have to be reassessed. 43

44 39. What Lies Ahead in this Course Ch. 2, Elementary Cryptography (intro) Ch. 12, Cryptography Explained (in depth) Ch. 3, Program Security Ch. 7, Security in Networks Ch. 10, Privacy in Computing Ch. 11, Legal and Ethical Issues in Computer Security Project in Applied Web Site Security 44

Download ppt "Security in Computing Chapter 1, Is There a Security Problem in Computing? Summary created by Kirk Scott 1."

Similar presentations

Chapter 1 - 1 ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science
Introduction to Security in Computing 01204427 Computer and Network Security Semester 1, 2011 Lecture #01.

Introduction to Security in Computing Computer and Network Security Semester 1, 2011 Lecture #01.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Introducing Computer and Network Security

Introducing Computer and Network Security
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:
Lecture 1 Page 1 CS 236, Spring 2008 What Are Our Security Goals? Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.

Lecture 1 Page 1 CS 236, Spring 2008 What Are Our Security Goals? Confidentiality –If it’s supposed to be a secret, be careful who hears it Integrity –Don’t.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul 2010-2011 Module 1 Introduction: To Information & Security  Modified by :Ahmad Al Ghoul  Philadelphia.

Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul Module 1 Introduction: To Information & Security  Modified by :Ahmad Al Ghoul  Philadelphia.
CPSC 6126 Computer Security Information Assurance.

CPSC 6126 Computer Security Information Assurance.

Similar presentations

Ads by Google