770 likes | 873 Views
Lesson 2-General Security Concepts. Objectives. Upon completion of this lesson, the learner will be able to: Define basic terminology associated with computer and information security. Describe the basic approaches to computer and information security.
E N D
Objectives • Upon completion of this lesson, the learner will be able to: • Define basic terminology associated with computer and information security. • Describe the basic approaches to computer and information security. • Describe various methods to implement access controls. • Identify and explain methods used to verify the identity and authenticity of an individual. • Describe some of the basic models of security used when implementing security in operating systems.
Basic Security Terms • A hacker refers to an individual who attempts to gain unauthorized access to computer systems or networks. • Cracker and cracking refer to the nefarious type of activity – the terminology generally accepted by the public is that of hacker and hacking. • Phreaking refers to the “hacking” of computers and systems used by a telephone company.
Network Security • Network security refers to the protection of multiple computers and the devices that are connected.
Information Security and Assurance • Information security and assurance place the focus of the security process on the data they process and not on the hardware and software being used. • Assurance introduces another concept, that of the availability of the systems and the information when people want them.
Computer and Network Security • Computer and network security is essential for individuals to function effectively and safely in today's highly automated environment. • From its inception, the goal of computer security has been threefold: • Confidentiality • Integrity • Availability
The “CIA” of Security • Confidentiality ensures that only authorized individuals are able to view information. • Integrity ensures that only authorized individuals are able to change (or delete) information. • Availability ensures that the data, or the system, is available for the authorized user when required.
CIA Extensions • The increased use of networks for commerce requires two additional security goals for the CIA of security. • Authentication • Nonrepudiation
Operational Security • For many years, protection was equated with prevention. • Regardless of how well people seem to do in prevention technology, somebody always seems to find a way around safeguards. • Therefore, multiple prevention techniques and technology are required to alert when prevention has failed and to provide ways to address the problem.
Operational Model of Computer Security • The operational model of computer security includes two additions to the original security equation: • Protection = Prevention + (Detection + Response) • Every security technique and technology falls into at least one of the three elements of the equation.
Operational Model of Computer Security Sample technologies in the operational model of computer security
Security Principles • There are three ways an organization can address the protection of its networks: • Ignore security issues. • Provide host security. • Approach security at a network level.
Ignore Security Issues • If an organization decides to ignore security, it chooses to use the minimal security provided with its workstations, servers, and devices. • Each “out of the box” system has certain security settings that can be configured.
Host Security • Host security focuses on protecting each computer and device individually instead of addressing protection of the network as a whole. • If an organization decides to implement only host security and does not include network security, there is a high probability of introducing or overlooking vulnerabilities.
Host Security • Host Security Problem • Ensuring that every computer is “locked down” to the same degree as every other system in the environment can be overwhelming. • Moreover, this often results in an unsuccessful and frustrating effort.
Host Security • Host security is a complementary process to be combined with network security. • If individual host computers have vulnerabilities, then network security can provide another layer of protection that may stop any intruders.
Network Security • Network security emphasizes controlling access to internal computers from external entities. • This control can be through devices such as: • Routers • Firewalls • Authentication hardware and software • Encryption • Intrusion detection systems (IDSs)
Least Privilege • Least privilege means that a subject should have only the necessary rights and privileges to perform its task with no additional permissions. A subject may include a user, application, or process. • Limiting an object's privileges limits the amount of harm that can be caused, thus limiting an organization's exposure to damage.
Least Privilege • Least privilege: • Protects its most sensitive resources. • Ensures that whoever is interacting with these resources has a valid reason to do so.
Configuration Plan • Before operating systems are configured, an overall plan should be devised. • Standardized methods should be developed to ensure that a solid security baseline is implemented.
Trust Relationships • When trust relationships are created, they should not be implemented in such a way that everyone trusts each other simply because it is easier. • One domain should trust another for specific reasons, and the implementers should have an understanding the trust relationship. • Another issue that falls under the least privilege concept is the security context in which an application runs.
Domain Trusts • All applications, scripts, and batch files run in the security context of a specific user on an operating system. • This means they will execute with specific permissions as if they were a user. • Programs should execute only in the security context needed to perform their duties successfully.
Layered Security • Layered security architecture employs several security methods to accomplish a compromise that consumes more time and effort than it is worth to a potential attacker. • It is important to implement different layers so that if intruders succeed at one layer, they could be stopped at the next. • The redundancy of different layers assures that there is no one single point of failure pertaining to security.
Coordinating Layered Security • Security at each layer can be very complex, and grouping different layers can increase the complexity exponentially. • The layers need to work in a coordinated manner so that one does not obstruct another's functionality and introduce a security hole.
The Layered Model Various layers of security
The Layered Model • The top-layer protection mechanism is responsible for controlling traffic. • It would be overwhelming and cause performance degradation if each aspect of the packet were inspected. • Instead, each layer usually digs deeper into the packet and looks for specific items.
The Layered Model • Layers closer to the resource deal with only a fraction of the traffic than the top-layer security mechanisms do. • As a result, it will not cause as much of a performance hit to look deeper and at more granular aspects of the traffic.
Diversity of Defense • Diversity of defense involves making different layers of security dissimilar. • Even if attackers know how to get through a system making up one layer, they may not know how to get through a different type of layer employing a different system for security.
Diversity of Defense • When applying the diversity of defense concept: • Set up security measures that protect against the different types of attacks. • Use products from different vendors. • Every product has its own security vulnerabilities that an experienced attacker knows.
Trade-off • Trade-offs must be considered before implementing diversity of security using different vendor products. • Doing so usually increases operational complexity, and security and complexity are seldom a good mix.
Security Through Obscurity • Security through obscurity uses the approach of protecting something by hiding it. • Security through obscurity is considered effective if the environment and protection mechanisms are confusing or are generally not known. • However, this is a poor approach, especially if it is the only approach to security.
Security Through Obscurity • An organization can use security through obscurity measures to hide critical assets. • Other security measures should be employed to provide a higher level of protection.
Keep It Simple • Security processes and tools should be as simple and elegant as possible. • They should be simple to troubleshoot, use, and administer.
Troubleshooting • When something goes wrong with security mechanisms, a troubleshooting process is used to identify the actual issue. • If a mechanism is overly complex, identifying the root of the problem can be overwhelming if not nearly impossible.
Services on the System • Another application of the principle of keeping things simple concerns the number of services that can run on the system. • Default installations of computer operating systems often leave many services running. • The general rule of thumb is to eliminate all nonessential services and protocols.
Access Control • Access • Authentication • Access control matrix • Access control lists • Discretionary access control • Mandatory access control • Role-based access control
Access Control and Authentication • Access control describes all security features to prevent unauthorized access to a computer system or network. • Access is the ability of a subject, such as an individual or a process running on a computer system, to interact with an object, such as a file or a hardware device. • Authentication deals with verifying the identity of a subject.
Access Control Matrix An Access Control Matrix
Access Control List • An ACL is a list that contains the subjects with access rights to a particular object. • The list identifies not only the subject but also the specific access the subject has for the object. • Types of access include read, write, and execute.
Discretionary Access Control (DAC) • The “Orange Book” discretionary access controls restrict access to objects based on the identity of subjects and/or groups to which they belong. • The controls are discretionary, which means a subject with certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject. • In systems that employ discretionary access controls, the owner of an object decides which other subjects may have access to the object and what specific access they may have.
Mandatory Access Control • Mandatory access controls (MAC) is a means of restricting access to objects based on the sensitivity of the information contained in the objects and the formal authorization of subjects to access information of such sensitivity.
Mandatory Access Control • With MAC, the owner or the subject cannot determine whether access is to be granted to another subject. • The operating system decides whether access is to be granted to another subject. • The security mechanism controls access to all objects, and individual subjects cannot change that access. • The label attached to every subject and object identifies the level of classification for that object and the level that the subject is entitled.
Role-Based Access Control • In RBAC, a user is assigned a set of roles that may be performed. • The roles are assigned the access permissions needed to perform tasks associated with the role. • Users are granted permissions to objects in terms of the specific duties required—not of a security classification associated with individual objects.
Authentication • Kerberos • CHAP • Certificates • Tokens • Multifactor • Mutual authentication
Authentication • Authentication deals with verifying the identity of a subject. • Access controls define what actions a user can perform or what objects a user can have access to, because these controls assume that the identity of the user has been verified. • Authentication mechanisms should be used to admit only valid users.
Authentication Methods • To verify their identity, users can provide: • Something they know. • Something they have. • Something about them (something they are).
Authentication Method • The most common authentication mechanism is to provide something that only the valid user should know. • The most frequently used example of this is the userid (or username) and password. • Since users are not supposed to share passwords with anybody else, only they should know their passwords. • By providing the userid and password, users are proving to the system that they are who they claim to be.
Authentication Method • A second method of providing authentication is by using something that only valid users should have in their possession. • In the same way that a key works with a lock, a similar method can be used to authenticate users for a computer system or network (though the key may be electronic and may reside on a smart card or similar device).
The Problem • If people lose their keys or cards, they cannot log on to the system. • Somebody who finds the key may then be able to access the system.