190 likes | 198 Views
Learn about the process of risk assessment, identification of assets, vulnerability analysis, risk calculation, and risk response planning. Understand the importance of information security measures and develop a security plan for a specific system.
E N D
5. 위험평가 2004.10 신수정
Reference • Information Security Architecture – Tudor 4장 • Risk Management Guide for Information Technology Systems – NIST SP 800-30 • Guide for Developing Security Plans for Information Technology Systems – NIST SP 800-18 • ISO 13335 • BS7799 Part 1,2 • 기타 신수정의 내부 자료 • - 더 자세한 내용은 ‘보안관리’(이재우교수님) 수업에서 공부하시길…
1. Introduction Data Data Application Application User User System System Network Network Physical Physical People 위험평가 보안전략/조직 정책/정보분류 보안기술 아키텍쳐 Process Technology 무결성 기밀성 가용성 Identification Authentication Authorization Administration Audit 보안관리 아키텍쳐 모니터링 사고대응 사업연속 인력보안 보안교육 외주보안 Validation/Audit/Measure/Certification Enterprise Architecture & IT Planning
2. 기본 Concept • Risk=f(value of Assets, likelihood of Threats, ease of exploitation of the Vulnerabilities by the threat , Existing Safeguard) • Risk Management • Risk Identification • Risk Analysis(qualitative, quantitative) • Risk Response planning • Risk monitoring and control • Risk Assessment • Impact • Likelihood/Probability Risk Assessment
2. 기본 Concept Threat circumvents control Unreliable control over threat Control covers threat Vulnera-bility Control (safeguard) Asset exploit Vulnerabilities (취약성) Threat(위협) Assets expose Increase Protect against(방어) Increase Safeguard (보안대책) Risk have Indicate Increase Met by Protection Requirement Values
3. 위험관리 절차 Establishment of Review Boundary Risk Analysis Identification of Assets Identification of existing/planned safeguard Valuation of assets and Establishment of dependencies between assets Threat Assessment Assessment of Vulnerabilities Assessment of Risks Selection of safeguards Identification Review of constraints Risk Acceptance No Yes IT System security policy ISO: Risk Management involving Detailed risk analysis IT security plan
3. 위험관리 절차 NIST
4. 위험평가 기법 –자산 조사 및 가치 부여 personnel Mainframe,minis, micro physical Peripherals, online/offline hardware Storage media facilities documentation supplies Assets Data/information logical System SW software Application SW • Asset are anything of value… • Within the review boundary
4. 위험평가 기법 –위협 및 빈도 조사 A threat • The potential for a threat-source(natural, human, environmental) to exercise a specific vulnerability • some action or event that can lead to a loss. • Possible source of harm for the IT system • Threat source – target - likelihood • Assess the Likelihood
4. 위험평가 기법 –취약성 분석 • Vulnerability • Weakness which allow a threat to occur • Vulnerability in itself does not cause harm • 취약성 점검 방법 • 체크리스트: NIST, BS7799 Control 등 • 시스템 보안 테스팅: 자동화툴, 보안테스트, 침투테스트
4. 위험평가 기법 –취약성 분석 • 위협-취약성 연계
4. 위험평가 기법 –위험 계산 • Risk=f(value of Assets, likelihood of Threats, ease of exploitation of the Vulnerabilities by the threat , Existing Safeguard)
4. 위험평가 기법 –위험 계산 Level of threat High Low Medium H Level of vul. L M L M H H L M Asset Value L M H
5. 위험 대응(완화) 정책 • Techniques for Risk response planning • Avoidance: changing the situation(ex. Plan) to eliminate the risk or condition. • Transference:seeking to shift the consequence of a risk to a third party together with ownership of the response • Mitigation: seeking to reduce the probability or/and consequences of adverse risk event to an acceptable threshold. • Acceptance: ‘contingency plan’(active) or ‘no action’(passive)
5. 위험 대응(완화) 정책 • Controls • Technical • Management • Operation • Residual Risk
7. Case Study • 조별로 1개의 시스템에 대해서 위험평가 및 보안계획 수립 • SP 800-18, SP 800-30 Reading