1 / 14

Chap 1: Overview

Chap 1: Overview. Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information The need arises from sensitive fields (military, industry)

maitland
Download Presentation

Chap 1: Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chap 1: Overview • Concepts of CIA: confidentiality, integrity, and availability • Confidentiality: concealment of information • The need arises from sensitive fields (military, industry) • Examples: encryption (protect the key), access control, existence of the data, resource hiding (configuration, google 1.7 – 2.4 M servers.) • Integrity: prevent unauthorized or improper changes, is directly related to trustworthiness of data and sources • Include data integrity and origin integrity (has impact on trust), therefore, related to credibility • Prevention: • prevent unauthorized changes • changes in unauthorized ways • Detection • Report integrity violation (confine dirty data??)

  2. Chap 1: Overview • Concepts of CIA: confidentiality, integrity, and availability (continued) • Availability: ability to use the data or resources • Example of highway • DoS or DDoS attacks (SMS for cell phone) • Very difficult to detect • Is it attack or we are unlucky today • Attacker will mess with the security methods as well (packet tracing)

  3. Threats: • A potential violation of security (not necessarily occur at this moment). • The actions that cause such violations are called attacks. • 4 classes of threats: • Disclosure: unauthorized access to data • Deception: acceptance of false data • Disruption: interruption or prevention of correct operation • Usurpation: unauthorized control of the system

  4. Examples of threats: • Snooping: unauthorized interception, is a kind of disclosure (eavesdrop on wireless). Countered by confidentiality or other information hiding methods. • Modification: unauthorized change of data, may lead to deception, disruption, and usurpation. Countered by integrity. • Spoofing: impersonation, may lead to deception and usurpation. Countered by integrity. • Difference b/w impersonation and delegation • Denial of receipt or origin: is a kind of deception • Interesting questions: simultaneous contract signing

  5. Policy and mechanism • Policy is a statement of what is and what is not allowed. • Can be presented formally (in mathematical way) • Can be described in plain English • When two communicating parties have different policies, they may need to compromise (example b/w univ. and industry) • Mechanism is a method to enforce a policy. • May impact the system performance • Prevention: to fail an attack • Detection • Recovery: fix not only data, but also vulnerabilities • Tolerance

  6. Assumptions: • Security rests on assumptions of the required security and application environments • Assumptions of a security policy • A policy can correctly and unambiguously partitions system states into secure and insecure • A security mechanism will prevent a system from entering a insecure state • Define a security mechanism as secure, precise, or broad (the example of highway) • In real life, security mechanisms are usually broad (Why?)

  7. Assurance: • The level of trust that we put on a system is based on its specification, design, and implementation • Specification: desired function of the system • Design: translate specifications into components that will implement them. Need to determine whether the specifications are satisfied • Implementation: create a system that should satisfy the specification and design • Verification: complexity, input, assumptions • Testing: what to test, how to test

  8. Operational issues: • An isolated PC will not be attacked through network, but it cannot access network either • We must balance the benefit of protection against the cost of designing, implementation, and usage of a system • Cost-benefit analysis: • Protect data or regenerated data? Which is cheaper? • There are after-impacts as well. (view of company?)

  9. Operational issues (continued): • Risk analysis: • We must understand the kinds and levels of threats, and their likelihood to happen to determine the levels of protection • Risk is a function of environment • Risk changes with time • Low probability attacks still exist • You must act on the analysis results

  10. Operational issues (continued): • Laws and customs • The selection of policy and mechanisms must consider legal issues: Example of encryption export and email monitor • A legal security mechanism is not necessarily acceptable: submit your DNA so we have bio-based authentication • A good technology is not necessarily being widely adopted: security is beyond technology

  11. Human issues: • Get the security tools from right hands, and put them into right hands • Organizational issues: • Security does not directly generate profit, but reduce potential losses • It often reduces performance • Power and responsibility must be properly linked • Shortage in people and resources

  12. Human issues (continued): • People issues: • People is heart of any security system • Attacks from outsider and insiders • Under trained workers and administrators • Social engineering based break-ins (in a bar at SV you can learn a lot) • The problem of misconfiguration (Example of SigComm)

  13. Putting them together: • Feedback and maintenance is important • Pay close attention to figure 1-1 on page 20

More Related