Information SocietySecurity Risks

Attacks

Origin

Consequences

RISKS ...

The Attacks

Availability

Integrity

Confidentiality

The Origin

• ACCIDENTS Physical Accidents Breakdowns Loss of essential service Force majeure

• ERRORS Operational, conceptual or implementation errors

• MALEVOLENCY Theft - Sabotage Fraud Logical Attacks Dispersion

The Consequences

• Direct and indirect losses

• Material and immaterial losses

• Supplementary Expenses and operational losses

• Losses of assets ( goods , money )

• Civil responsibility

• Sabotage of the enterprise operations

• Injure the business image

• Damage the competitive capability

Risk Management Prevention

Protection

Detection

After incident recovery

Transfer to insurance

Repression

The RISKS

Major Dead or alive

unacceptable

insurance inadequate

Minor probability of

incident x severity temporary

acceptable prevention and/or

insurance

Types of Problems

Intrusion

Viruses

Quality of information

Confidentiality

Intellectual rights

Criminality - security

Who is responsible ?

Who is the organizer ?

How identify the actors ?

Law applicable ?

Questions

Intrusion

Alteration Destruction Access - theft

data

programs

Theft of resources

Who can use the INTERNET ?

What can they do on the INTERNET ?

Who authorizes ?

How can it be controlled?

INTERNET Usage Politics

Protection against Intrusion

• Barriers (firewalls)

• Access Control

– identification– authentication signature – authorization classification

• Cost calculation

• Access Journalisation

Methods of Violation

CLASSICpass-word attacks

brute force

encryption and comparisons

social engineering

Methods of Violation (cont)

MODERNinterception of dataEthernet sniffingKeyboard Logging Monitoring X-WindowsModified Utilities (login, in.telnetd, in.ftpd,

finger, ...)Attacks based on protocols

Encapsulated or wrong configured utilities (NIS, NFS, TELNET, FTP, WWW, R-commands, Sendmail, …)

FIREWALLS

Everything that is not permitted is forbidden ?

Everything that is not forbidden is allowed ?

All the incoming and outgoing traffic should pass the firewall !

Limitations of FIREWALLS

Session-jackingof a connected and authorized user

Tunnelinterfere with an authorized traffic

Circumventionusage of an alternative access

Weaknesses of certain applications

Problems with FIREWALLS

Reduction of the network throughput

Recovery in case of breakdowns Not 100 % reliable Generate a blind confidence Insufficient Installation Tests Permanent Upgrades required The danger is not only external Logs control work Static defense

Protection against Alteration

• Seal (electronic seal)

Protection against destruction

• Safety copies

VIRUSES

Impossible to avoid

The ideal antidote does not exists

The viruses grow in number and complexity

Decontamination is a highly specialized job

QUALITY of INFORMATION

Newspapers have degenerated.

They may now be absolutely relied upon.

Oscar Wilde (1856-1900).

Data Reliability

Access Control

Encryption

symmetric keysasymmetric keys

Encryption

IndividualSociety

Legal Status of encryption ?

INFORMATION BATTLE

Espionage

Industrial Espionage

Criminality

Terrorism

Information Highway and Society

• Cost of access and usage

• Info-poors and info-riches

• Contents surveillance

• Impose access restrictions

Code of conduct

Censure ?

Regulation

‘sensitive Information’ via the information highway

Protection of intellectual rights

Serial number

Copyright registration

Encryption

Product marks

Private life protection

ELECTRONIC COMMERCE

PARTY AUTHENTICATION

AUTHORIZATION

CONFIDENTIALITY

INTEGRITY - NON ALTERATION

JOURNALISATION

NON REFUSION at EMISSION and at RECEPTION

SECURITY is and will always be in the first place a HUMAN PROBLEM!

Not connecting is the only 100 % security