Introduction to Computer Security

Unit 1 Introduction to computer security

Syllabus: Basic components of security ( Confidentiality, Integrity and Availability ), Security threats ( Snooping, Modification, Masquerading, repudiation of origin, denial of receipt, Delay , Denial of service ), Issues with security ( Operational issues, human issues ), Security Policies, Type of security policy, Access control, Type of access control ( Introduction to MAC, DAC, Originator Controlled Access Control, Role Based Access Control ) Overview of the Bell- LaPadula Model and Biba integrity model. 2

Network Security: Analogy..!! “ The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable .” - The Art of War, Sun Tzu 3

Computer Security: ? The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity , availability and confidentiality of information system resources ( includes hardware, software, firmware, information/data, and telecommunications) - NIST 1995 4

Basic components of security Figure: CIA Triad 5

Basic components of security Confidentiality Data confidentiality : Assures that confidential information is not disclosed to unauthorized individuals Privacy : Assures that individual control or influence what information may be collected and stored Integrity Data integrity : assures that information and programs are changed only in a specified and authorized manner System integrity : Assures that a system performs its operations in unimpaired manner Availability : assure that systems works promptly and service is not denied to authorized users 6

Basic components of security Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are: Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. Accountability : The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity . 7

Levels of security breach impact Low : the loss will have a limited impact, e.g ., a degradation in mission or minor damage or minor financial loss or minor harm Moderate : the loss has a serious effect, e.g ., significance degradation on mission or significant harm to individuals but no loss of life or threatening injuries High : the loss has severe or catastrophic adverse effect on operations, organizational assets or on individuals e.g ., loss of life 8

Examples of security requirements: Confidentiality Student grade information is an asset whose confidentiality is considered to be very high The US FERPA Act: grades should only be available to students, their parents, and their employers (when required for the job) Student enrollment information: may have moderate confidentiality rating; less damage if enclosed Directory information: low confidentiality rating; often available publicly 9

Examples of security requirements: Integrity A hospital patient’s allergy information (high integrity data): a doctor should be able to trust that the info is correct and current If a nurse deliberately falsifies the data, the database should be restored to a trusted basis and the falsified information traced back to the person who did it An online newsgroup registration data: moderate level of integrity An example of low integrity requirement: anonymous online poll (inaccuracy is well understood) 10

Examples of security requirements: Availability A system that provides authentication: high availability requirement If customers cannot access resources, the loss of services could result in financial loss A public website for a university: a moderate availably requirement; not critical but causes embarrassment An online telephone directory lookup: a low availability requirement because unavailability is mostly annoyance (there are alternative sources) 11

Security Life Cycle 12

Security Wheels : Re-engineering 13

Who Attacks ?? 14

Hacker vs. Cracker: Assignment “ All Crackers are Hackers, But Not all Hackers are Crackers” Is This Statement True ??? Justify this Statement with a Suitable Example. 15

Threat Vs. Attack A threat is a “potential” violation of security The violation need not actually occur The fact that the violation might occur makes it a threat It is important to guard against threats and be prepared for the actual violation The actual violation of security is called an attack 16

Challenges of computer security Computer security is not simple One must consider potential (unexpected) attacks Procedures used are often counter-intuitive Must decide where to deploy mechanisms Involve algorithms and secret info (keys) A battle of wits between attacker / admin It is not perceived on benefit until fails Requires constant monitoring Too often an after-thought (not integral) Regarded as impediment to using system 17

Security: Categories ?? Information Security Protecting Information from Intruders who could possibly harm the state of Information. Information in encrypted form is most widely used form of security . Network Security Protecting Information from Intruders during its transmission. Protecting Network Services From Intruders. Very Critical and difficult to maintain 18

Security: Categories ?? Computer Security Protecting system from malicious software, network attacks. Generic name for the collection of tools designed to protect data and to prevent hackers. Keep up a system running. Internet Security Measure to protect data during their transmission over a collection of interconnected networks . 19

Security: Attacks..!! Security Attacks  Exploitation of Vulnerability. Types of Security Attacks. Passive Attacks A passive attack attempts to learn or make use of information from the system but does not affect system resources. Active Attacks An active attack attempts to alter system resources or affect their operation. 20

Security Attacks: Passive Attacks 21

Security Attacks: Passive Attacks 22

Security Attacks: Active Attacks 23

Security Attacks: Active Attacks 24

Security Attacks: Active Attacks 25

Security Attacks: Active Attacks 26

Common security attacks Interruption, delay, or denial of service System assets or information become unavailable or are rendered unavailable Interception or snooping Unauthorized party gains access to information by browsing through files or reading communications Modification or alteration Unauthorized party changes information in transit or information stored for subsequent access Fabrication, masquerade, or spoofing Spurious information is inserted into the system or network by making it appear as if it is from a legitimate entity Repudiation of origin False denial that an entity created/sent something Denial of Receipt False denial that an entity received something 27

Classes of Threats Disclosure: unauthorized access to information Snooping Deception: acceptance of false data Modification, masquerading/spoofing, repudiation of origin, denial of receipt Disruption: interruption/prevention of correct operation Modification Usurpation: unauthorized control of a system component Modification, masquerading/spoofing, delay, denial of service 28

Threat consequences (tabular form) 29

Policy and Mechanism Security Policy: A statement of what is, and what is not, allowed. Security Mechanism: A method, tool, or procedure for enforcing a security policy. 30

Types of Security Policies A military security policy (also called a governmental security policy ) is a security policy developed primarily to provide confidentiality. A commercial security policy is a security policy developed primarily to provide integrity. A confidentiality policy is a security policy dealing only with confidentiality. An integrity policy is a security policy dealing only with integrity . 31

Types of Security Policies : Some common security policies Acceptable use policy Defines what actions users of a system may perform while using computing and networking equipment Human resource policy Policies of the organization that address human resources Password management policy A password management policy should clearly address how passwords are managed Privacy policy Organizations should have a privacy policy that outlines how the organization uses information it collects Disposal and destruction policy A disposal and destruction policy that addresses the disposing of resources is considered essential Service-level agreement Contract between a vendor and an organization for services 32

Types of Security Policies Figure: Security Policies Cycle along with Types of Security Policies 33

Types of Security Policies: Examples 34

Types of Security Policies 35

Goals of Security Prevention : Guarantee that an attack will fail Detection: Determine that a system is under attack, or has been attacked, and report it Recovery: Off-line recovery: stop an attack, assess and repair damage On-line recovery: respond to an attack reactively to maintain essential services 36

Issues with Security: Operational Issues Cost-Benefit Analysis Benefits vs. total cost Is it cheaper to prevent or recover? Risk Analysis Should we protect something? How much should we protect this thing? Risk depends on environment and change with time Laws and Customs Are desired security measures illegal? Will people do them? Affects availability and use of technology 37

Issues with Security: Human Issues Organizational Problems Power and responsibility Financial benefits People problems Outsiders and insiders Which do you think is the real threat? Social engineering 38

Access Control Security technique for the prevention of unauthorized use of a resource in a computing environment (i.e ., this service controls who can have access to a resource , under what conditions access can occur, and what those accessing the resource are allowed to do ). In the context of network security, access control is the ability to limit and control the access to host systems and applications via communications links. To achieve this, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual. 39

Access Control Principles 40

Access Control Access control systems perform authorization identification, authentication, access approval, and accountability of entities through login credentials including passwords, personal identification numbers (PINs), biometric scans, and physical or electronic keys. There are two main types of access control : physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access limits connections to computer networks, system files and data. 41

Access Control : Categories Some times Categories of access control are also called Types of access control The four main categories of access control are: Mandatory A ccess C ontrol (MAC) or Rule-based Access Control Discretionary Access C ontrol (DAC) Role-based Access C ontrol (RBAC) Originator Controlled Access Control (ORCON or ORG-CON) 42

Access Control: MAC When a system mechanism controls access to an object and an individual user cannot alter that access, the control is a mandatory access control (MAC), occasionally called a rule-based access control . The operating system enforces MAC. Neither the subject nor the owner of the object can determine whether access is granted. Typically , the system mechanism will check information associated with both the subject and the object to determine whether the subject should access the object. Rules describe the conditions under which access is allowed. 43

Access Control: DAC If an individual user can set an access control mechanism to allow or deny access to an object, that mechanism is a discretionary access control (DAC), also called an identity-based access control (IBAC ). DAC base access rights on the identity of the subject and the identity of the object involved. Identity is the key; the owner of the object constrains who can access it by allowing only particular subjects to have access. The owner states the constraint in terms of the identity of the subject, or the owner of the subject . 44

Access Control: RBAC Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. In this context, access is the ability of an individual user to perform a specific task, such as view, create, or modify a file. Roles are defined according to job competency, authority, and responsibility within the enterprise. 45

Access Control: ORCON or ORG-CON An originator controlled access control (ORCON or ORGCON) bases access on the creator of an object (or the information it contains ). The goal of this control is to allow the originator of the file (or of the information it contains) to control the dissemination of the information. The owner of the file has no control over who may access the file. 46

Security Models Bell- LaPadula Model (1973) Biba Model (1977) Clark-Wilson Model (1987) Access Control Matrix Information Flow Model Noninterference Model Chinese Wall Model Lattice Model Confidentiality Integrity Availability Security Requirements Security Models 47

Overview of the Bell- LaPadula Model Funded by the U.S. government, Bell- LaPadula model is the first mathematical model of a multilevel security policy. Because users with different clearances use the system, and the system processes data with different classifications. Is a state machine model that enforce the confidentiality aspects of access control, but not with integrity or availability Is an information flow security model as it ensures information does not flow in an insecure manner. All mandatory access control ( MAC ) model are based on the Bell- LaPadula model. 48

Overview of the Bell- LaPadula Model The Simple Security Property ( ss Property ) states that a subject at a given security level cannot read data that resides at a higher security level ( No Read Up ). The * (star) Security Property states that a subject in a given security level cannot write information to a lower security level. ( No Write Down ). The Strong Star Property states that a subject that has read and write capabilities can only perform those functions at the same security level, nothing higher and nothing lower. A subject to be able to read and write to an object, the clearance and classification must be equal. 49

Overview of the Bell- LaPadula Model Simple Security Property Star (*) Property Strong Star (*) Property Layer of Lower Secrecy Layer of Higher Secrecy Read Write Read/Write Divulging Secrets Divulging Secrets Χ Χ Χ Reading Secrets Reading Secrets Χ 50

Bell- LaPadula Model: Example security level subject object Top Secret Tamara Personnel Files Secret Samuel E-Mail Files Confidential Claire Activity Logs Unclassified James Telephone Lists Tamara can read all files Claire cannot read Personnel or E-Mail Files James can only read Telephone Lists 51

Overview of the Biba Integrity Model Developed in 1977, the Biba integrity model mathematically describes read and write restrictions based on integrity access classes of subjects and objects. It is the first model to address integrity. Is an information flow model as it is concerned about data flowing from one level to another. The model looks similar to the Bell- LaPadula Model; however, the read-write conditions are reversed . 52

Overview of the Biba Integrity Model The Simple Integrity Axiom: States that a subject at one level of integrity is not permitted to observe (read) an object of a lower integrity. No Read Down . The * (Star) Integrity Axiom: States that an object at one level of integrity is not permitted to modify (write to) an object of a higher level of integrity. No Write Up . Invocation property states that a subject at one level of integrity cannot invoke (call up) a subject at a higher level of integrity. 53

Overview of the Biba Integrity Model Simple Integrity Property Integrity Star (*) Property Layer of Lower Secrecy Read Write Χ Contamination Χ Get Contaminated 54

Overview of the Biba Integrity Model The Biba model can be extended to include an access operation called invoke . A subject can invoke another subject, such as a software utility, to access an object. The subject cannot send message (logical request for service) to subjects of higher integrity. Subjects are only allowed to invoke utilities or tools at the same or lower integrity level (otherwise, a dirty subject could use a clean tool to access or contaminate a clean object ). 55

T hank You 56

Introduction to Computer Security

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Introduction to Computer Security

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Slide 50

Slide 51

Slide 52

Slide 53

Slide 54

Slide 55

Slide 56

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Pray For The Peace Of Jerusalem and You Will Prosper

Don_t_Waste_Your_Life_God.....powerpoint

VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf

Fertility awareness methods for women in the society

Chapter 5 Arithmetic Functions Computer Organisation and Architecture

syakira bhasa inggris (1) (1).pptx.......