dr. bhavani thuraisingham introduction to information systems security lecture #1 may 27, 2011
TRANSCRIPT
Dr. Bhavani Thuraisingham
Introduction to Information Systems Security
Lecture #1
May 27, 2011
04/18/23 18:22
Outline
0 What is Cyber Security?
0 What is C. I. A.?
0 Ten Major Modules of Cyber Security
0 Some Topics in Cyber Security
04/18/23 18:22
Cyber Security
0 Security traditionally has been about CIA (Confidentiality, Integrity, Availability)
0 Security now also includes areas like Trustworthiness, Quality, Privacy
0 Dependability includes Security, Reliability and Fault Tolerance
0 Initially the term used was Computer Security (Compusec); it then evolved into Infosec – Information security – to include data and networks – now with web its called Cyber Security
04/18/23 18:22
C. I.A.
0 Confidentiality: Preventing from unauthorized disclosure
0 Integrity: Preventing from unauthorized modification
0 Availability: Preventing denial of service
04/18/23 18:22
Ten Major Modules of Cyber Security
0 Information Security and Risk Management
0 Access Control
0 Security Architecture and Design
0 Physical and Environmental Security
0 Telecommunications Security
0 Cryptography
0 Business Continuity Planning
0 Legal Regulations, Compliance and Investigations
0 Applications Security
0 Operations Security
04/18/23 18:22
Information Security and Risk Management
0 Security Management
0 Security Administration
0 Organizational Security Model
0 Information Risk Management
0 Risk Analysis
0 Policies, Standards, Guidelines, Procedures
0 Information Classification
0 Layers of Responsibility
0 Security Awareness Training
04/18/23 18:22
Access Control
0 Security Principles
0 Identification, Authentication, Authorization, Accountability
0 Access Control Models
0 Access Control techniques
0 Access Control Administration
0 Access Control Methods
0 Access Control Types
0 Accountability
0 Access Control practices
0 Access Control Monitoring
0 Threats to Access Control
04/18/23 18:22
Security Architecture and Design
0 Computer Architecture
0 Systems Architecture
0 Security Models
0 Security Modes of Operation
0 Systems Evaluation Methods
0 Open vs. Closed Systems
0 Enterprise Architecture
0 Security Threats
04/18/23 18:22
Physical and Environmental Security
0 What is Physical Security
0 Planning Process
0 Protecting assets
0 Internal Support Systems
0 Perimeter Security
0 Other aspects
04/18/23 18:22
Telecommunications and Network Security
0 Open Systems Interconnection Reference Model
0 TCP/IP
0 Types of Transmission
0 LAN Networking
0 Routing Protocols
0 Networking Devices
0 Networking services and protocols
0 Intranets and Extranets
0 Metropolitan Area networks
0 Remote access
0 Wireless technologies
0 Rootkits
04/18/23 18:22
Cryptography
0 History, Definitions and Concepts
0 Types of Ciphers
0 Methods of Encryption
0 Type of Asymmetric Systems
0 Message Integrity
0 PKI
0 Key Management
0 Link / End-to-end Encryption
0 Email standards
0 Internet security
0 Attacks
04/18/23 18:22
Legal Regulation and Compliance Investigation
0 Cyber law and Cyber crime
0 Intellectual property law
0 Privacy
0 Liability and Ramifications
0 Digital Forensics and Investigations
0 Ethics
04/18/23 18:22
Applications Security
0 Software and applications security issues
0 Database Security
0 Secu4e systems development
0 Application development and security
0 Object-oriented systems and security
0 Distributed computing and security
0 Expert systems and security
0 Web security
0 Mobile code
0 Patch management
04/18/23 18:22
Operations Security
0 Role of the Operations Department
0 Administrative Management
0 Assurance Levels
0 Configuration management
0 Media Controls
0 Data Leakage
0 Network and Resource Availability
0 Mainframes
0 Email Security
0 Vulnerability testing
04/18/23 18:22
Introduction to Cyber Security
0 Operating Systems Security
0 Network Security
0 Designing and Evaluating Systems
0 Web Security
0 Data Mining for Malware Detection
0 Other Security Technologies
04/18/23 18:22
Operating System Security
0 Access Control
- Subjects are Processes and Objects are Files
- Subjects have Read/Write Access to Objects
- E.g., Process P1 has read acces to File F1 and write access to File F2
0 Capabilities
- Processes must presses certain Capabilities / Certificates to access certain files to execute certain programs
- E.g., Process P1 must have capability C to read file F
04/18/23 18:22
Mandatory Security
0 Bell and La Padula Security Policy
- Subjects have clearance levels, Objects have sensitivity levels; clearance and sensitivity levels are also called security levels
- Unclassified < Confidential < Secret < TopSecret
- Compartments are also possible
- Compartments and Security levels form a partially ordered lattice
0 Security Properties
- Simple Security Property: Subject has READ access to an object of the subject’s security level dominates that of the objects
- Star (*) Property: Subject has WRITE access to an object if the subject’s security level is dominated by that of the objects\
04/18/23 18:22
Covert Channel Example
0 Trojan horse at a higher level covertly passes data to a Trojan horse at a lower level
0 Example:- File Lock/Unlock problem- Processes at Secret and Unclassified levels collude with
one another- When the Secret process lock a file and the Unclassified
process finds the file locked, a 1 bit is passed covertly- When the Secret process unlocks the file and the
Unclassified process finds it unlocked, a 1 bit is passed covertly
- Over time the bits could contain sensitive data
04/18/23 18:22
Steps to Designing a Secure System
0 Requirements, Informal Policy and model
0 Formal security policy and model
0 Security architecture
- Identify security critical components; these components must be trusted
0 Design of the system
0 Verification and Validation
0 End to End Security?
0 Building a Secure System with Untrusted Components
04/18/23 18:22
Product Evaluation
0 Orange Book
- Trusted Computer Systems Evaluation Criteria
0 Classes C1, C2, B1, B2, B3, A1 and beyond
- C1 is the lowest level and A1 the highest level of assurance
- Formal methods are needed for A1 systems
0 Interpretations of the Orange book for Networks (Trusted Network Interpretation) and Databases (Trusted Database Interpretation)
0 Several companion documents
- Auditing, Inference and Aggregation, etc.
0 Many products are now evaluated using the federal Criteria
04/18/23 18:22
Network Security
0 Security across all network layers- E.g., Data Link, Transport, Session, Presentation,
Application0 Network protocol security
- Ver5ification and validation of network protocols0 Intrusion detection and prevention
- Applying data mining techniques0 Encryption and Cryptography0 Access control and trust policies0 Other Measures
- Prevention from denial of service, Secure routing, - - -
04/18/23 18:22
Data Security: Access Control
0 Access Control policies were developed initially for file systems
- E.g., Read/write policies for files
0 Access control in databases started with the work in System R and Ingres Projects
- Access Control rules were defined for databases, relations, tuples, attributes and elements
- SQL and QUEL languages were extended
=GRANT and REVOKE Statements
=Read access on EMP to User group A Where EMP.Salary < 30K and EMP.Dept <> Security
- Query Modification:
=Modify the query according to the access control rules
=Retrieve all employee information where salary < 30K and Dept is not Security
04/18/23 18:22
Multilevel Secure Data Management
What is MLS/DBMS ?Users are cleared at different security levelsData in the database is assigned different sensitivity levels--
multilevel databaseUsers share the multilevel databaseMLS/DBMS is the software that ensures that users only obtain
information at or below their levelIn general, a user reads at or below his level and writes at his
levelNeed for MLS/DBMS
Operating systems control access to files; coarser grain of granularity
Database stores relationships between dataContent, Context, and Dynamic access controlTraditional operating systems access control to files is not
sufficientNeed multilevel access control for DBMSs
04/18/23 18:22
Inference Problem
Inference is the process of forming conclusions from premises
If the conclusions are unauthorized, it becomes a problem
Inference problem in a multilevel environment
Aggregation problem is a special case of the inference problem - collections of data elements is Secret but the individual elements are Unclassified
Association problem: attributes A and B taken together is Secret - individually they are Unclassified
04/18/23 18:22
Security Threats to Web/E-commerce
SecurityThreats andViolations
AccessControlViolations
IntegrityViolations Fraud
Denial ofService/InfrastructureAttacks
Sabotage
ConfidentialityAuthenticationNonrepudiationViolations
04/18/23 18:22
Intrusion Detection / Malware Detection
0 An intrusion can be defined as “any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource”.
0 Attacks are: Host-based attacks; Network-based attacks
0 Intrusion detection systems are split into two groups:
- Anomaly detection systems; Misuse detection systems 0 Use audit logs: Capture all activities in network and hosts.
0 Mine the Audit Logs
0 Malware: Virus, Worms, Trojan Horses, - - -
0 Malware changes patterns; need data mining techniques to detect novel classes
04/18/23 18:22
Some Security Technologies
0 Digital Identity Management0 Digital Forensics0 Digital Watermarking0 Risk/Cost Analysis0 Biometrics0 Other Applications
04/18/23 18:22
Digital Identity Management
0 Digital identity is the identity that a user has to access an electronic resource
0 A person could have multiple identities - A physician could have an identity to access medical
resources and another to access his bank accounts0 Digital identity management is about managing the multiple
identities- Manage databases that store and retrieve identities- Resolve conflicts and heterogeneity- Make associations- Provide security
0 Ontology management for identity management is an emerging research area
04/18/23 18:22
Digital Identity Management - II
0 Federated Identity Management- Corporations work with each other across organizational
boundaries with the concept of federated identity- Each corporation has its own identity and may belong to
multiple federations- Individual identity management within an organization
and federated identity management across organizations0 Technologies for identity management
- Database management, data mining, ontology management, federated computing
04/18/23 18:22
Digital Forensics
0 “Digital forensics, also known as computer forensics, involved the preservation, identification, extraction, and documentation of computer evidence stored as data or magnetically encoded information”, by John Vacca
0 Digital evidence may be used to analyze cyber crime (e.g. Worms and virus), physical crime (e.g., homicide) or crime committed through the use of computers (e.g., child pornography)
0 Objective of Computer Forensics: To recover, analyze and present computer based material in such a way that it is usable as evidence in a court of law
04/18/23 18:22
Steganography and Digital Watermarking
0 Steganography is about hiding information within other information- E.g., hidden information is the message that terrorist may
be sending to their pees in different parts of the worlds- Information may be hidden in valid texts, images, films
etc.- Difficult to be detected by the unsuspecting human
0 Steganalysis is about developing techniques that can analyze text, images, video and detect hidden messages- May use data mining techniques to detect hidden patters
0 Steganograophy makes the task of the Cyber crime expert difficult as he/she ahs to analyze for hidden information- Communication protocols are being developed
04/18/23 18:22
Steganography and Digital Watermarking - II
0 Digital water marking is about inserting information without being detected for valid purposes- It has applications in copyright protection- A manufacturer may use digital watermarking to copyright
a particular music or video without being noticed- When music is copies and copyright is violated, one can
detect two the real owner is by examining the copyright embedded in the music or video
04/18/23 18:22
Risk/Cost Analysis0 Analyzing risks
- Before installing a secure system or a network one needs to conduct a risk analysis study
- What are the threats? What are the risks?
- Quantitative approach: Events are ranked in the order of risks and decisions are made based on then risksQualitative approach: estimates are used for risks
0 Security vs Cost
- If risks are high and damage is significant then it may be worth the cost of incorporating security; If risks and damage are not high, then security may be an additional cost burden
- Develop cost models
- Cost vs. Risk/Threat study
04/18/23 18:22
Biometrics: Overview
0 Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristic
0 Features measured: Face, Fingerprints, Hand geometry, handwriting, Iris, Retinal, Vein and Voice
0 Identification and personal certification solutions for highly secure applications
0 Biometrics replaces Traditional Authentication Methods- Provides better security; More convenient; Better
accountability0 Applications : Fraud detection and Fraud deterrence0 Dual purpose: Cyber Security and National Security0 Numerous applications: medical, financial, child care,
computer access etc.
04/18/23 18:22
Biometrics: Process
0 Three-steps: Capture-Process-Verification0 Capture: A raw biometric is captured by a sensing device
such as fingerprint scanner or video camera0 Process: The distinguishing characteristics are extracted
from the raw biometrics sample and converted into a processed biometric identifier record- Called biometric sample or template
0 Verification and Identification- Matching the enrolled biometric sample against a single
record; is the person really what he claims to be?- Matching a biometric sample against a database of
identifiers0 Study the attacks of biometrics systems
- Modifying fingerprints; Modifying facial features