an overview of information security

8/10/2019 An Overview of Information Security

1/30

An Overview of Information Security

Week 1


2/30

2

Computer Security

Computational data can be in one of 3 statesat a time:

Stored

!rocessed

In transmission

"ence# computer security involves $ata security

!ro%ram security

&etwork security


3/30

3

Security !rinciples

Con'dentiality Secrecy of data

Inte%rity

$ata (ave not been c(an%ed incorrectly )by accident ordeliberately* Availability

$ata s(ould be available to aut(ori+ed entities at alltimes,

CIAprinciples


4/30

Con'dentiality

Concealment of data# its resources and-or t(ee.istence of data,

$ata concealment can be ac(ieved via

crypto%rap(y,

/esources are protected by limitin% data# fore.ample by usin% 'rewalls or address translationmec(anisms,

We can conceal t(e e.istence of data by accesscontrol mec(anisms,

/elies on t(e 0need to know principle ofmilitary,

4


5/30

Inte%rity

2rustwort(iness of data or resources bypreventin% improper or unaut(ori+ed c(an%e,

Inte%rity includes

$ata inte%rity )t(e content of information*

Ori%in inte%rity )also called aut(entication*

A newspaper prints information leaked from

W(ite "ouse# but it turns out to be from awron% source, 2(is information preserves datainte%rity )printed as received*# but violatesori%in inte%rity )as t(e source is incorrect*,

5


6/30

Inte%rity

Inte%rity mec(anisms are cate%ori+ed into classes

!revention mec(anisms# suc( as access controlst(at prevent unaut(ori+ed modi'cation of data

Occurs w(en an unaut(ori+ed user attempts toc(an%e data

$etection mec(anisms# w(ic( are intended to

detect unaut(ori+ed modi'cations w(enpreventive mec(anisms (ave failed,

Occurs w(en an aut(ori+ed user attempts to c(an%edata in ille%itimate ways,

6


7/30

Inte%rity

4.ample:

An interrupted database transaction# leavin% t(edatabase in an inconsistent state violates inte%rity ofdata,

Controls t(at protect inte%rity include principles ofleast privile%e# separation# and rotation of duties,

Clark5Wilson model brin%s to%et(er t(ese controls toprovide inte%rity,

Crypto%rap(ic tools can be used to detect violation of

inte%rity# but t(ey cannot prevent t(em, $i%ital si%nature can be used to determine if data (as

c(an%ed,

7


8/30

Availability

2(e ability to use t(e information or resourcedesired,

$e'ned in terms of 06uality of service# in w(ic(

aut(ori+ed users are e.pected to receive a speci'clevel of service )stated in terms of a metric*,

System desi%ns assume a statistical model toanaly+e e.pected patterns of use# and

mec(anisms ensure availability w(en t(atstatistical model (olds,

$enial of service )$oS* attacks are attempts toblock availability,

8


9/30

Availability

4.ample:

Ann compromises a bank7s secondary system server#w(ic( supplies bank account balances, W(en anin6uiry is submitted to t(is secondary server# Ann cansupply any information s(e wants, 8erc(ants validatec(ecks by contactin% t(e bank7s primary balanceserver, 9ut w(en t(e primary server connection ispro(ibited# all merc(ant 6ueries will to t(e secondserver# w(ere Ann will never (ave a c(eck turneddown# re%ardless of (er actual balance,

If t(e bank (ad only t(e primary server# t(is sc(emewouldn7t work as t(e merc(ant wouldn7t be able tovalidate c(ecks,

9


10/30

2(reats

A t(reat is a potential violation of security,

2(e violation need not actually occur for t(ereto be a t(reat,

2(e possibility t(at a violation mi%(t occurmeans t(at we s(ould %uard a%ainst t(oseactions t(at could cause it, 2(ese actions arecalled attacks,

10


11/30


12/30

Classes of 2(reats

$isclosure Snoopin%: unaut(ori+ed interception of

data, 4.: passive wiretappin%# w(ere t(e attacker

monitors communications,

12


13/30

Classes of 2(reats

$eception 8odi'cation )alteration*: 4.: active wiretappin%#

w(ere t(e attacker in;ects somet(in% into acommunication or modi'es parts of t(ecommunication,

Spoo'n% )mas6ueradin%*: an impersonation ofone entity by anot(er,

$ele%ation is a le%itimate form of spoo'n%,

/epudiation of ori%in: A false denial t(at anentity sent or created somet(in%,

$enial of receipt: A false denial t(at an entityreceived data,

13


14/30

Classes of 2(reats

$isruption 8odi'cation

surpation 8odi'cation

Spoo'n%

$elay: A temporary in(ibition of service, $enial of service: A lon%5term in(ibition of

service,

14


15/30

15

Security Attacks

!assive attacks


16/30

16

Con'dentiality Attacks

2ra>c analysis

Intercept communication to observe on%oin%tra>c

Still works even if messa%e is encrypted ?ields fre6uency# len%t( of messa%es

!revention: tra>c paddin%

Snoopin%

Intercept communication to e.ploit t(e content !revention: 4ncrypt data

9ot( are passive attacks


17/30

17

Inte%rity Attacks

8odi'cation

8odify# delete# or delay messa%e

Active attacks

!revention: (as( )'n%erprint*

/eplay

Intercept t(e messa%e and send a%ain at a latertime

Active attack

!revention: se timestamps


18/30

18

Availability Attacks

$enial of Service

Slow down or completely prevent acommunication# an entity# or a w(ole network

from servicin%

Active attack

!revention: se upper limit for @ of messa%es inbuer


19/30

19

Aut(enticity Attacks

8as6ueradin% )Spoo'n%*

Attacker impersonates eit(er sender or receiver)man5in5t(e5middle attack*

Active attack

!revention: se 8AC )keyed5(as(*


20/30

20

&on5/epudiation Attacks

/epudiation

/e;ectin% t(e occurrence of transmission

4it(er sender or receiver may performrepudiation attack

!revention: se di%ital si%nature


21/30

!olicies and 8ec(anisms

!olicy says w(at is# and is not# allowed

2(is de'nes 0security for t(e site# system# etc,

!olicy maybe e.pressed in:

natural lan%ua%e# imprecise but easy tounderstand

mat(ematics# precise but (ard to understand

policy lan%ua%es# look like some form of

pro%rammin% lan%ua%e and try to balanceprecision wit( ease of understandin%

21


22/30

!olicies and 8ec(anisms

8ec(anism A met(od# tool# or procedure to enforce a security

policy,

8ec(anisms maybe:

tec(nical# in w(ic( controls in t(e computer enforcet(e policyB for e.ample# t(e re6uirement t(at a usersupply a password to aut(enticate (erself beforeusin% t(e computer

procedural# in w(ic( controls outside t(e system

enforce t(e policyB for e.ample# 'rin% someone forbrin%in% in a disk containin% a %ame pro%ramobtained from an untrusted source

Composition of policies

If policies conict# discrepancies may createsecurity vulnerabilities

22


23/30

Doals of Security

!revention !revent attackers from violatin% security policy

$etection $etect attackers7 violation of security policy

/ecovery Stop attack# assess and repair dama%e

Continue to function correctly even if attack

succeeds

23


24/30

Assurance

Assurance is (ow muc( you can trust t(e system to dow(at it is supposed to do, It does not say w(at t(esystem is to doB rat(er# it only covers (ow well t(esystem does it,

Speci'cation /e6uirements analysis

Statement of desired functionality

$esi%n

"ow system will meet speci'cation

Implementation

!ro%rams-systems t(at carry out desi%n

24


25/30


26/30

Cost 9ene't Analysis 4.ample

A $9 provides salary information to anot(er systemt(at prints c(ecks, If t(e data in t(e $9 is altered# t(ecompany would suer si%ni'cant 'nancial lossB (ence#t(e cost5bene't analysis s(ould su%%est t(at t(estron%est inte%rity mec(anisms s(ould protect t(e data

in t(e $9,

Anot(er company (as several branc( o>ces# and eac(day a copy of t(e data is copied to eac( branc( o>ce,

2(e branc( o>ces use t(e data to recommend salaries

for new employees, "owever# t(e 'nal decision is madeby t(e main o>ce usin% t(e ori%inal $9, In t(is case#%uardin% t(e inte%rity of t(e copies is not particularlyimportant,

26


27/30

/isk Analysis

/isk is a function of environment,

2(e risks c(an%e wit( time,

8any risks are remote# but still e.ist,

27


28/30


29/30

"uman Issues

Or%ani+ational !roblems

!ower and responsibility

Ginancial bene'ts

!eople problems

Outsiders and insiders

Social en%ineerin%

29


30/30

9rin%in% it all to%et(er ,,

2(e security lifecycle

30

Threats

PolicySpecification

Design

Implementation

peration "

maintenance

an overview of information security

Documents