1 / 68

Security Objectives and Threats: Protecting Confidentiality, Integrity, and Availability of Information

This chapter explores the key security objectives of confidentiality, integrity, and availability, along with various types of security threats and attack methods. It also discusses trapdoors, malicious code, viruses and worms, and network security attacks such as web site defacing and denial of service.

wandab
Download Presentation

Security Objectives and Threats: Protecting Confidentiality, Integrity, and Availability of Information

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 1 [SB] chapters 1,13,14,15,16,17,18 Articles J1,J2 Prof. Ehud Gudes Security Ch1

  2. Security objectives • Confidentiality – No leakage of sensitive or private information Only authorized access is allowed (both Read and Write) • Integrity – no modification or destruction of information (both accidental and malicious) • Availability – Timely Response, No denial of service , Quality of service • Security – all-together, but mainly confidentiality! Prof. Ehud Gudes Security Ch1

  3. Key Security Concepts

  4. Integrity vs. Security • Integrity – Disallow Invalid update – Read is not a problem! • Security - Disallow unauthorized access – Read is a problem! Prof. Ehud Gudes Security Ch1

  5. Aspects of Integrity • Preciseness, Accuracy • Consistency • Meaningfulness and correctness • Integrity problems may happen accidentally or maliciously Prof. Ehud Gudes Security Ch1

  6. Integrity - Types of errors • A single user enters invalid data - Integrity. • Access by Multiple users causing invalid or inconsistent database – Concurrency • System (Hardware or Software) Failures – Recovery • Abort of Transactions which may leave database in Inconsistent state - Recovery Prof. Ehud Gudes Security Ch1

  7. Aspects of Availability • Timely response • Fair allocation • Fault tolerance • Utility and Usability, Quality of Service • Controlled concurrency • No denial of service Prof. Ehud Gudes Security Ch1

  8. Examples for Security Problems • Computer Crime • Access to Proprietary Information • Disruption of Operations (Denial of service) • Violation of Privacy • Theft of Proprietary Software Prof. Ehud Gudes Security Ch1

  9. Types of Security Threats • Hardware • Theft • Eavesdropping • Fire, Flood Terror. • Software • Illegal use • Illegal modification • Theft • Data • Destruction • Illegal disclosure • Illegal modification Prof. Ehud Gudes Security Ch1

  10. Security Threats - Locations Prof. Ehud Gudes Security Ch1

  11. Attackers • Insiders – According to studies, about half of the attacks to a system come from insiders [Neu99]. • Hackers – Usually try to show off their ability by penetrating systems • Spies –Industrial or government espionage. Prof. Ehud Gudes Security Ch1

  12. Methods of Attacks • Bypassing authentication (e.g. guessing password) • Using Authority dishonestly (e.g. System people ) • Utilizing human error or carelessness • Utilizing “holes” in Software - Trapdoors • Bypassing access control • Using Viruses • Use Inference from authorized access Prof. Ehud Gudes Security Ch1

  13. Attack methods • Preparation —Information gathering, scanning, planting malicious code, masquerading (spoofing) • Activation —perpetrator-controlled, timed, victim activated • Mission — active (affects integrity and availability), and passive misuse (eavesdropping, inference), denial of service Prof. Ehud Gudes Security Ch1

  14. Trap-doors • A Trap-door is a “hole” in a legal program module through which an invalid access can be performed. • Such hole may be left intentionally or unintentionally • Example – a hole in the password checking module (Thompson’s example) Prof. Ehud Gudes Security Ch1

  15. Malicious Code • Trojan Horses — A Trojan Horse is an apparently useful program that has hidden functions, usually harmful. A Trojan Horse can violate integrity more easily than confidentiality. • Viruses – A virus is a program that attaches itself to another program, propagates, and usually causes some data destruction. General virus detection is a difficult problem, but we can detect specific viruses. • Worms — A worm is a program that propagates itself without infecting the host. Prof. Ehud Gudes Security Ch1

  16. Viruses and worms • Self-propagating • May destroy information and clog services • A mix of vandalism and ego trip • Take advantage of operating system and utilities flaws and uniformity of systems • Examples of malicious software • May also be used by organizations or government agencies Prof. Ehud Gudes Security Ch1

  17. Virus - Stages of an Attack Prof. Ehud Gudes Security Ch1

  18. Network Security Attacks • classify as passive or active • passive attacks are eavesdropping • release of message contents • traffic analysis • are hard to detect so aim to prevent • active attacks modify/fake data • masquerade • replay • modification • denial of service • hard to prevent so aim to detect

  19. Web site defacing and hijacking • Alteration of the web pages of some institution • Visitors may be hijacked to other sites, sometimes impostor sites • Political motivation or hacking • Take advantage of web server weaknesses, e.g., CGI scripts or lack of isolation of pages; also through OS • Cross-site scripting - XSS • Phishing Prof. Ehud Gudes Security Ch1

  20. Dist. Denial of Service • Multiplication of messages towards some site • Requires previously inserted software by perpetrator (slaves) • A site may become inaccessible • Political motivation or vandalism • Uses flaws or features of network protocols and OS flaws Prof. Ehud Gudes Security Ch1

  21. Illegal database access • Illegal access to web-connected databases • Stealing of information, e.g., credit card numbers. • SQL injection • Exploit poor database authorization, implementation, or alternate routes Prof. Ehud Gudes Security Ch1

  22. Cyberwar and Terrorism • Massive attack to the computer systems of some country or institution or to the Internet itself • Carried out by organized groups or a government • Uses all the other attacks Prof. Ehud Gudes Security Ch1

  23. איך מתקיפים • התקפה פאסיבית ציתות(Interception) • התקפה על סודיות • התקפות אקטיביות הפרעה(Interruption) • התקפה על זמינות שינוי(Modification) • התקפה על שלמות זיוף(Fabrication) • התקפה על אמיתות שידור חוזר (Replay) Prof. Ehud Gudes Security Ch1

  24. תוצאות מקוות • הטרדה - Intrusion • …. Denial of service • גניבת אינפורמציה • מרמה Prof. Ehud Gudes Security Ch1

  25. תכנון ההתקפה • איום לא מכוון • באגים….. • שכחתי את הסיסמא….. • איום מכוון • איום טבעי • אסונות טבע Prof. Ehud Gudes Security Ch1

  26. מקור ההתקפה • מתוך משתמשי המערכת • מתוך הארגון • מחוץ לארגון, אבל פיסית מבפנים • מארגון אחר “מהימן” • מחוץ לארגון • מה-Internet Prof. Ehud Gudes Security Ch1

  27. דוגמאות • העברת חלקי אגורות לחשבונו של עובד הבנק • גניבת סרטי גיבוי ומחיקת דיסקים ע”י עובד החברה • הצפת מרכז המחשבים. • ברכה לחג המולד - סוס טרויאני ב-PostScript • וירוסים ב- Mail attachments – I Love you virus • תשלומים בעזרת כרטיסי אשראי בטלפון (ב- Internet) • סוס טרויאני - Windows NT registration • שינוי הדף של ה-C.I.A ב-Web • Internet Worm • פרסום הדיסק של יזהר אשדות • התקפת ה-DDOS על Yahoo, Amazon , CNN ועוד Prof. Ehud Gudes Security Ch1

  28. Most popular Attack methods ([P] sidebar 1.3 ) • Exploiting OS vulnerability – 33% • Exploiting unknown application – 27% • Guessing Passwords – 22% • Abusing valid user accounts – 17% • Using internal denial of service – 12% Prof. Ehud Gudes Security Ch1

  29. Countermeasures • Access control/ authorization --provide confidentiality and integrity • Authentication-- proper identification • Auditing-- basis for prosecution or improvements to the system • Cryptography-- a mechanism to hide information and prove identity and rights Prof. Ehud Gudes Security Ch1

  30. Security Functional Requirements • technical measures: • access control; identification & authentication; system & communication protection; system & information integrity • management controls and procedures • awareness & training; audit & accountability; certification, accreditation, & security assessments; contingency planning; maintenance; physical & environmental protection; planning; personnel security; risk assessment; systems & services acquisition • overlapping technical and management: • configuration management; incident response; media protection

  31. Basic Security Mechanisms Prof. Ehud Gudes Security Ch1

  32. Security Mechanisms Area Procedures and Mechanisms External Procedures Security clearance of personnel Protection of passwords Information classification and security policy formulation Application program controls Audit Periods processing Physical environment Secure areas for files / processors / terminals Radiation shielding Data storage Data encryption Duplicate copies Prof. Ehud Gudes Security Ch1

  33. Security Mechanisms cont. Area Procedures and Mechanisms Processor software Authentication of user Access control Threat monitoring Audit trail of transactions Processor hardware Memory protection States of privilege Reliability Communication lines Data encryption Prof. Ehud Gudes Security Ch1

  34. Counter Measures (Stallings) • technical measures: • access control; identification & authentication; system & communication protection; system & information integrity • management controls and procedures • awareness & training; audit & accountability; certification, accreditation, & security assessments; contingency planning; maintenance; physical & environmental protection; planning; personnel security; risk assessment; systems & services acquisition • overlapping technical and management: • configuration management; incident response; media protection

  35. Computer Security Losses

  36. Security Technologies Used

  37. מדיניות הגנה • על מה להגן? • משאבים, נתונים • כנגד אילו איומים? • ציתות, שנוי, Denial of service • על אילו חלקים מהמערכת להגן? • חמרה, תכנה Prof. Ehud Gudes Security Ch1

  38. שיקולים בבחירת מדיניות הגנה • מידת ההגנה שרוצים לספק : בד”כ תלוי בנזק שיכול הארגון “לספוג” • מחיר ההגנה • מחיר פיסי (כספי) • קלות ונוחות השימוש • מודל הערכת סיכונים (להלן) תמיד נוגדים זה את זה - שיקולי עלות/תועלת • במי בוטחים - Trust Model Prof. Ehud Gudes Security Ch1

  39. שיקולים בבחירת מדיניות הגנה לאחר בחירת מדיניות ההגנה, יש לבחור מהם מנגנוני ההגנה שבעזרתם מממשים את מדיניות ההגנה. Prof. Ehud Gudes Security Ch1

  40. מנגנוני הגנה • הגנה פיסית • הגנה אישית/ מנהלית • אמצעי ניטור - מעקב • בקרת גישה • בקרת זרימה • בקרת היקש • מנגנונים קריפטוגרפים Prof. Ehud Gudes Security Ch1

  41. דוגמאות • Firewalls • Smart cards • הצפנה • הקשחה של מערכות הפעלה • Access Control • הגנות פיסיות Prof. Ehud Gudes Security Ch1

  42. מערכות בטוחות צריכות להכיל מנגנונים (ידניים או ממוחשבים), לזהוי והגנה כנגד כל סוגי האיומים. אפילו אם מנגנון בודד חסר, המערכת עלולה להיות לא בטוחה לחלוטין. חוזקה של שרשרת האבטחה היא כחוזק החוליה החלשה ביותר שבה. Prof. Ehud Gudes Security Ch1

  43. Summary - Security objectives • Confidentiality – no leakage of sensitive or private information • Integrity – no modification or destruction of information • Availability – • No denial of service Prof. Ehud Gudes Security Ch 2

  44. The meaning of security • Security implies providing these objectives in the presence of the attacks discussed earlier • Security requires technical, management, and physical countermeasures • We mainly consider technical aspects here • A related aspect is privacy, a legal and ethics concern • How we achieve all the above without sacrificing basic democratic principles! Prof. Ehud Gudes Security Ch1

  45. Principles for Security • Accountability • Awareness • Ethics • Multidisciplinary • Proportionality • Integration • Non-repudiation • Timeliness • Reassessment • democracy Prof. Ehud Gudes Security Ch1

  46. The principle of Effectiveness A security control is effective if: • It is easy to use • Efficient (not too much overhead) • Appropriate (not impeding legal access) • And actually USED! Remember: the strength of a chain is that of its weakest segment! Prof. Ehud Gudes Security Ch1

  47. Need for conceptual structure • Security is an all-levels problem • In current systems we have disjoint, ad hoc solutions at each level • We should start from high-level policies that can be mapped to the lower levels • We need precise models to guide system development Prof. Ehud Gudes Security Ch1

  48. Management and Administrative Aspects • PC measures • Unix Issues - e.g. use of Accounts, Passwords • Network issues - Insiders vs. Outsiders, firewalls • Computer emergency response teams (CERT) • Risk Analysis Prof. Ehud Gudes Security Ch1

  49. Security Measures Administrative Security Measures Physical Security Measures Technical Security Measures Legal Security Measures Prof. Ehud Gudes Security Ch1

  50. PC measures • Secure equipment. Do not leave PCs, printers unattended. Secure equipment. • Secure secondary media. • Perform periodic backups • Practice separation of authority • Add security boards or plugs • Use authorized software only • Provide access control and/or encryption to files • Provide automatic logout and screen save locks • Assure machine identification Prof. Ehud Gudes Security Ch1

More Related