1 / 17

Introduction

Introduction. CSCI283/172 Fall 2008 GWU Sources: Bishop’s slides, Chapter 1. Introduction. Goals of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues. Basic Components. Confidentiality Keeping data and resources hidden

ehosmer
Download Presentation

Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction CSCI283/172 Fall 2008 GWU Sources: Bishop’s slides, Chapter 1

  2. Introduction • Goals of computer security • Threats • Policies and mechanisms • The role of trust • Assurance • Operational Issues • Human Issues CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  3. Basic Components • Confidentiality • Keeping data and resources hidden • Integrity • Data integrity (integrity) • Origin integrity (authentication) • Availability • Enabling access to data and resources CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  4. Examples: Confidentiality • Secret communication • Salaries are kept confidential • Not exact value of data, but property of data is kept confidential • not how many with SARS in the neighborhood, but is there SARS at all • Not exact value of data but interest in, or knowledge of is kept confidential • why does this employee want to know about jobs at other places? • does the US govt. have a file on John Doe? • Confidentiality of resources: • what computer systems are used, what configurations, what high-end equipment is available CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  5. Examples: Integrity Violation • When personal information is incorrectly maintained by a service provider (for example, a loan has been repaid but this is not noted in my credit rating) • When information is changed by an entity that does not have the authority to do so – can be malicious (origin and data integrity violation) • Libel/defamation • Incorrect source cited (Integrity violations can be prevented – more difficult – or detected) CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  6. Examples: Availability Violation Denial of service attacks in: E-commerce, News sites, Government information, Remote electronic voting, Cryptographic protocols that require the participation of a specific entity or group of entities Can be caused at • origin (preventing server from accessing resources required to send info.) • destination (blocking communication from server) • Intermediate path (by dropping communication from either origin or destination) Difficult to detect because system behavior might be due to genuine system overload CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  7. Classes of Threats (Potential Security Violations) • Disclosure • Snooping • Deception • Modification, spoofing (masquerading, identity theft), repudiation of origin, denial of receipt • Disruption • Modification • Usurpation: unauthorized control • Modification, spoofing, delay, denial of service CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  8. Policies and MechanismsEg: system access control and DRM • Policy says what is, and is not, allowed • This defines “security” for the site/system/etc. • Can be in natural/machine-readable language, math • Mechanisms (technical or procedural, can use crypto) enforce policies • Composition of policies • If policies conflict, discrepancies may create security vulnerabilities CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  9. Goals of Security • Prevention • Prevent attackers from violating security policy • Elaborate prevention can hamper legitimate use (e.g. DRM) • Detection • Detect attackers’ violation of security policy • Typically required because prevention is not always successful • Recovery • Stop attack, assess and repair damage • Continue to function correctly even if attack succeeds CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  10. Trust and Assumptions Underlie all aspects of security, include that: • Policies • Unambiguously partition system states into secure and nonsecure • Correctly capture security requirements • Mechanisms • Together enforce/implement policy (i.e. prevent entry into nonsecure state) • Are implemented, installed and administered correctly CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  11. Types of Mechanisms secure broad precise set of reachable states set of secure states CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  12. Definition 1.3 Let P be the set of all possible states. Let Q be the set of secure states specified by the security policy. Let the security mechanisms restrict the system to some set of states R. A security mechanism is Secure if Precise if Broad if Security policy characterizes Q, security mechanism prevents entry into P \ Q CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  13. AssuranceHow much a system can be trusted • First: Specification • Arises from a requirements analysis • Is a statement of desired functionality • Second: Design • How system will meet specification • Third: Implementation • Programs/systems that carry out design • Difficult to prove correctness of implementation All affect assurance CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  14. Operational Issues • Cost-Benefit Analysis • Is it cheaper to prevent or recover? • Risk Analysis • Should we protect something? • How much should we protect this thing? (What is the likelihood of a successful attack?) • Laws and Customs • Are desired security measures illegal? • Will people do them? CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  15. Human Issues • Organizational Problems • Power and responsibility • Financial benefits • People problems • Outsiders and insiders • Social engineering attacks CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  16. Tying Together Threats Policy Specification Design Implementation Operation CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

  17. Example: E-Commerce Site CS283-172/Fall08/GWU/Vora/Lecture1 Many slides from Matt Bishop's slide set

More Related