540 likes | 815 Views
CSE2500 System Security and Privacy. Lecturers. Prof B Srinivasan Phone: 990 31333 Room No: C4.47 srini@infotech.monash.edu.au. Ms Nandita Bhattacharjee Phone: 990 32185/990 53293 Room No C4.05 nandita@csse.monash.edu.au. Organisation and Evaluation . 12 weeks of lectures
E N D
Lecturers Prof B Srinivasan Phone: 990 31333 Room No: C4.47 srini@infotech.monash.edu.au Ms Nandita BhattacharjeePhone: 990 32185/990 53293Room No C4.05nandita@csse.monash.edu.au
Organisation and Evaluation • 12 weeks of lectures • 2 hours of tutorials per week – mainly problem solving, starting from week 2 to week 12.
Weekly Lectures • Lectures • Wednesdays 7p.m. to 9p.m. in Caulfield K Block K3.21 • Alternative Lecture times? • Fridays 12 noon to 2p.m. in Caulfield – K block 3.09 • Fridays 3p.m. to 5p.m. in Caulfield B block B2.13
Tutorials • Tutorials from week 2 to week 12: • Wednesdays 10a.m. in Caulfield/B471 • Wednesdays 4p.m. in Caulfield/B471 • Wednesdays 4p.m. in Caulfield/B476 • Thursdays 10a.m. in Caulfield/A212 • Thursdays 2p.m. in Caulfield/B224 • Thursdays 6p.m. in Caulfield/F206 or Wednesday 5p.m in Caulfield/?? • Pl use Allocate+ for allocating tutorials. If you have any problems, please see us during the tutorial times next week.
Assessment • Four assessment components • Two 30 min tests during the tutorial sessions in weeks 6 and 12, worth 15% each. • Individual question solving during the tutorial session from weeks 7 to 11, worth 10% • Each student will be assigned a time slot and a problem and they have to make a presentation of the solution to the rest of the group. • Examination – 2 hours duration – worth 60% • You need to get at least 50% to pass this unit.
References • Primary Reference book: • Security in Computing – C P Pfleeger and S L Pfleeger, Third Edition, 2003, Prentice Hall • Secondary Reference book: • Computer Security—Dieter Gollmann, 1999, John Wiley
Subject: CSE2500 Lecturers: Prof. Bala Srinivasan Mrs. Nandita Bhattacharjee Prescribed Text: Pfleeger Security in Computing 3e Available from the University Bookshop
Where to look for the subject materials? • http://www.csse.monash.edu.au/courseware/cse2500 • http://beast.csse.monash.edu.au/cse2500 • Please down load and print the lecture materials before coming to the class as NOfurther photocopies of notes will be distributed in the class. • The lecture notes is complementary to the prescribed text.
Security • Why do you lock your house before you leave? • How do you choose the kind of lock for your house? • Any added devices (such as alarms, bull terrier, etc…) • What you do when you observe that things in the house are scattered around?
What are you protecting? • Brick and walls • Money and jewellery • Music CDs and tapes • Etc ….
Threats to Computer and Communications systems • Domain of information and network security • Taxonomy of security attacks • Aims or services of security • Model of system/(inter)network security • Methods of defense
Security • Human nature • physical, financial, mental,…, data and information security
There are Problems • Theft - of equipment • Theft – e.g. Copying of confidential material • Modification - for gain – e.g. Adding false names to payroll • Modification - malicious – e.g. Virus infections • Access - easy for ‘us’ and difficult for ‘them’ • ….
Fact sheet • bank robbery through computers • industrial espionage on corporate information • loss of individual privacy (email, mobile phone/computer, fax, ...) • information vandalism • computer viruses • (more can be found in “comp.risks”)
What we mean by Security? • Protection of assets - can take several forms: • Prevention • Detection • Reaction
Reactions • active research in security & privacy(numerous conferences each year) • new laws • education • collaborations between governments, industries & academia • employment of computer security specialists
What that means for computer assets? • What are the assets (for system security)?
Information Security • Shift from the physical security to the protection of data (on systems) and to thwart hackers (by means of automated software tools) – calledSystem and information security
Network Security • With the widespread use of distributed systems and the use of networks and communications require protection of data during transmission – callednetwork security
Internetwork security • The term Network Security may be misleading, because virtually all businesses, govt., and academic organisations interconnect their data processing equipment with a collection of interconnected networks – probably we should call it as (inter)network security
Aspects of System (and information) security • Security attack – any action that compromises the security of system and information. • Security mechanism – to detect, prevent, or recover from a security attack. • Security service – service that enhances and counters security attacks.
Other terminology • vulnerability • a weakness in a computer system that might be exploited to cause loss or harm • attack • an action that exploits a vulnerability • threat • circumstances that have the potential to cause loss or harm • control - a protective measure
Security mechanisms • No single mechanism that can provide the services mentioned in the previous slide. However one particular aspect that underlines most (if not all) of the security mechanism is the cryptographic techniques. • Encryption or encryption-like transformation of information are the most common means of providing security.
Why Security? • Security is not simple as it might first appear. • In developing a particular security measure one has to consider potential counter measures. • Because of the counter measures, the problem itself becomes complex. • Once you have designed the security measure, it is necessary to decide where to use them. • Security mechanisms usually involve more than a particular algorithm or protocol.
Security and Cost Analysis cost 100% Security level
Security Attacks - Taxonomy • Interruption – attack on availability • Interception – attack on confidentiality • Modification – attack on integrity • Fabrication – attack on authenticity Property that is compromised
Interruption • Also known as denial of services. • Information resources (hardware, software and data) are deliberately made unavailable, lost or unusable, usually through malicious destruction. • e.g: cutting a communication line, disabling a file management system, etc.
Interception • Also known as un-authorised access. • Difficult to trace as no traces of intrusion might be left. • e.g: illegal eavesdropping or wiretapping or sniffing, illegal copying.
Modification • Also known as tampering a resource. • Resources can be data, programs, hardware devices, etc.
Fabrication • Also known as counterfeiting (of objects such as data, programs, devices, etc). • Allows to by pass the authenticity checks. • e.g: insertion of spurious messages in a network, adding a record to a file, counterfeit bank notes, fake cheques,… • impersonation/masquerading • to gain access to data, services etc.
Information Source Information Destination Normal Information Source Information Destination Information Source Information Destination Interruption Interception Information Source Information Destination Information Source Information Destination Modification Fabrication Security Attacks - Taxonomy Source and Destination - can be what is supposed to be and what you get
Attacks – Passive types • Passive (interception) – eavesdropping on, monitoring of, transmissions. • The goal is to obtain information that is being transmitted. • Types here are: release of message contents and traffic analysis.
Attacks – Active types • Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service.
Active Passive Interception (confidentiality) Interruption (availability) Modification (integrity) Fabrication (integrity) Release of Message contents Traffic analysis Attacks
Security threats (to maintain) are • Confidentiality • Integrity • Availability • to give us secure data (and information) • Authenticity
Confidentiality • Only accessible by authorised parties • Not revealed • More that just not reading • Confidentiality is distinct from secrecy and privacy ( ?)
Integrity • Associated with loss and corruption • Data Integrity as • Computerised data same as external, source data • Data not exposed to alteration or destruction • No inappropriate modification
Availability • The property of being accessible and useable (without delay) upon demand by an authorised entity • We want there to be • no denial of service
Other issues • Accountability • Reliability • Safety • Dependability
Security is defined as • Computer security deals with the prevention and detection of unauthorised actions by users of a computer system • Security deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others
The security dilemma • security deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others. • Security-unaware users have specific security requirements but (usually) no security expertise.But
The security dilemma • The costs of additional resources to implement security mechanisms can be quantified. • Security mechanisms interfere with users, and can lead to loss of productivity. • Managing security also costs. • Need to perform risk analysis (which will be the next topic)
Principles of Security • Principle of easiest penetration • an intruder will use any means of penetration • Principles of timeliness • items only need to be protected until they lose their value • Principles of effectiveness • controls must work, and they should be efficient, easy to use, and appropriate.
Layers of technology (and Onion Model) • In which layer should security mechanisms be placed ? • Should controls be placed in more that one layer ? • See slide 46 too. Operating System Kernel Hardware Services Applications
Layers • The presence of layers is a feature of technology • Separate layers often perform very different functions • Similar functions are combined in one layer • The boundary between two layers is usually easily defined • Layers can often be independently implemented
Vulnerabilities • The three broad computing system resources are • hardware • interruption (denial of service), interception (theft) • software • interruption (deletion), interception, modification • data • interruption (loss), interception, modification and fabrication
One method of defence • By controls • What should be the focus of the controls? • For example: should protection mechanisms focus on data or operations on that data or on the users who use the data? • Since there are layers of technology, where controls should apply? • Applications, services, operating systems, kernel, hardware.
Controls • Can be applied at hardware, software, physical or polices. • Simple mechanisms or lots of features? • Should defining and enforcing security mechanism be a centralised function? • How to prevent access to the layer below the security mechanism?
Examples of Controls • Modern cryptology • Encryption, authentication code, digital signature,etc. • Software controls • Standard development tools (design, code, test, maintain,etc) • Operating systems controls • Internal program controls (e.g: access controls to data in a database) • Firewalls