1 / 17

SEC511 Principles of Information Assurance and Security Lecture 2 Introduction to Security

This lecture discusses the importance of information security and the goals of confidentiality, integrity, and availability. It also covers different types of security attacks and defense mechanisms.

aleman
Download Presentation

SEC511 Principles of Information Assurance and Security Lecture 2 Introduction to Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. King Fahd University of Petroleum & Minerals College of Computer Science & Engineering SEC511 Principles of Information Assurance and Security Lecture 2 Introduction to Security This lecture is based on: - Chapter 1: Cryptography and Network Security, Forouzan - Chapter 1: Security+ Book, Ciampa

  2. Defining Information Security • Information security protects information that has value, protecting “CIA”: • Confidentiality • Integrity • Availability S. Zhioua

  3. Information Security Goals S. Zhioua

  4. Confidentiality Confidentiality is probably the most common aspect of information security. We need to protect our confidential information. An organization needs to guard against those malicious actions that endanger the confidentiality of its information. S. Zhioua

  5. Integrity Information needs to be changed constantly. Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. S. Zhioua

  6. Availability The information created and stored by an organization needs to be available to authorized entities. Information needs to be constantly changed, which means it must be accessible to authorized entities. S. Zhioua

  7. Overview of Attacks The three goals of securityconfidentiality, integrity, and availabilitycan be threatened by security attacks. Taxonomy of attacks with relation to security goals S. Zhioua

  8. Attacks Threatening Confidentiality Snooping refers to unauthorized access to or interception of data. Traffic analysis refers to obtaining some other type of information by monitoring online traffic. S. Zhioua

  9. Attacks Threatening Integrity Modification means that the attacker intercepts the message and changes it. Masquerading or spoofing happens when the attacker impersonates somebody else. Replaying means the attacker obtains a copy of a message sent by a user and later tries to replay it. Repudiation means that sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message. S. Zhioua

  10. Attacks Threatening Availability Denial of service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system. S. Zhioua

  11. Defenses against Attacks • Although multiple defenses may be necessary to withstand an attack • These defenses should be based on five fundamental security principles: • Layering • Limiting • Diversity • Obscurity • Simplicity S. Zhioua

  12. Layering • Information security must be created in layers • One defense mechanism may be relatively easy for an attacker to circumvent • Instead, a security system must have layers, making it unlikely that an attacker has the tools and skills to break through all the layers of defenses • A layered approach can also be useful in resisting a variety of attacks • Layered security provides the most comprehensive protection S. Zhioua

  13. Limiting • Limiting access to information reduces the threat against it • Only those who must use data should have access to it • In addition, the amount of access granted to someone should be limited to what that person needs to know • Some ways to limit access are technology-based, while others are procedural S. Zhioua

  14. Diversity • Layers must be different (diverse) • If attackers penetrate one layer, they cannot use the same techniques to break through all other layers • Using diverse layers of defense means that breaching one security layer does not compromise the whole system S. Zhioua

  15. Obscurity • An example of obscurity would be not revealing the type of computer, operating system, software, and network connection a computer uses • An attacker who knows that information can more easily determine the weaknesses of the system to attack it • Obscuring information can be an important way to protect information S. Zhioua

  16. Simplicity • Information security is by its very nature complex • Complex security systems can be hard to understand, troubleshoot, and feel secure about • As much as possible, a secure system should be simple for those on the inside to understand and use • Complex security schemes are often easily compromised. • Keeping a system simple from the inside but complex on the outside can sometimes be difficult but reaps a major benefit S. Zhioua

  17. The end Reading: Forouzan, Chapter 1 Ciampa, Chapter 1

More Related