information society security risks. attacks origin consequences risks
Post on 18-Dec-2015
223 views
TRANSCRIPT
Information SocietySecurity Risks
Attacks
Origin
Consequences
RISKS ...
The Attacks
Availability
Integrity
Confidentiality
The Origin
• ACCIDENTS Physical Accidents Breakdowns Loss of essential service Force majeure
• ERRORS Operational, conceptual or implementation errors
• MALEVOLENCY Theft - Sabotage Fraud Logical Attacks Dispersion
The Consequences
• Direct and indirect losses
• Material and immaterial losses
• Supplementary Expenses and operational losses
• Losses of assets ( goods , money )
• Civil responsibility
• Sabotage of the enterprise operations
• Injure the business image
• Damage the competitive capability
Risk Management Prevention
Protection
Detection
After incident recovery
Transfer to insurance
Repression
The RISKS
Major Dead or alive
unacceptable
insurance inadequate
Minor probability of
incident x severity temporary
acceptable prevention and/or
insurance
Types of Problems
Intrusion
Viruses
Quality of information
Confidentiality
Intellectual rights
Criminality - security
Who is responsible ?
Who is the organizer ?
How identify the actors ?
Law applicable ?
Questions
Intrusion
Alteration Destruction Access - theft
data
programs
Theft of resources
Who can use the INTERNET ?
What can they do on the INTERNET ?
Who authorizes ?
How can it be controlled?
INTERNET Usage Politics
Protection against Intrusion
• Barriers (firewalls)
• Access Control
– identification– authentication signature – authorization classification
• Cost calculation
• Access Journalisation
Methods of Violation
CLASSICpass-word attacks
brute force
encryption and comparisons
social engineering
Methods of Violation (cont)
MODERNinterception of dataEthernet sniffingKeyboard Logging Monitoring X-WindowsModified Utilities (login, in.telnetd, in.ftpd,
finger, ...)Attacks based on protocols
Encapsulated or wrong configured utilities (NIS, NFS, TELNET, FTP, WWW, R-commands, Sendmail, …)
FIREWALLS
Everything that is not permitted is forbidden ?
Everything that is not forbidden is allowed ?
All the incoming and outgoing traffic should pass the firewall !
Limitations of FIREWALLS
Session-jackingof a connected and authorized user
Tunnelinterfere with an authorized traffic
Circumventionusage of an alternative access
Weaknesses of certain applications
Problems with FIREWALLS
Reduction of the network throughput
Recovery in case of breakdowns Not 100 % reliable Generate a blind confidence Insufficient Installation Tests Permanent Upgrades required The danger is not only external Logs control work Static defense
Protection against Alteration
• Seal (electronic seal)
Protection against destruction
• Safety copies
VIRUSES
Impossible to avoid
The ideal antidote does not exists
The viruses grow in number and complexity
Decontamination is a highly specialized job
QUALITY of INFORMATION
Newspapers have degenerated.
They may now be absolutely relied upon.
Oscar Wilde (1856-1900).
Data Reliability
Access Control
Encryption
symmetric keysasymmetric keys
Encryption
IndividualSociety
Legal Status of encryption ?
INFORMATION BATTLE
Espionage
Industrial Espionage
Criminality
Terrorism
Information Highway and Society
• Cost of access and usage
• Info-poors and info-riches
• Contents surveillance
• Impose access restrictions
Code of conduct
Censure ?
Regulation
‘sensitive Information’ via the information highway
Protection of intellectual rights
Serial number
Copyright registration
Encryption
Product marks
Private life protection
ELECTRONIC COMMERCE
PARTY AUTHENTICATION
AUTHORIZATION
CONFIDENTIALITY
INTEGRITY - NON ALTERATION
JOURNALISATION
NON REFUSION at EMISSION and at RECEPTION
SECURITY is and will always be in the first place a HUMAN PROBLEM!
Not connecting is the only 100 % security