Security

ITS335
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Introduction to Security
Strategy
Summary
ITS335: IT Security
Sirindhorn International Institute of Technology

Thammasat University
Prepared by Steven Gordon on 20 December 2015

its335y15s2l01, Steve/Courses/2015/s2/its335/lectures/intro.tex, r4287
1/34
ITS335
Contents
Intro. to Security
Concepts
Threats, Attacks,
Assets
Computer Security Concepts
Comm. Security
Strategy
Summary
Threats, Attacks and Assets
Architecture for Communications Security
Computer Security Strategy
Summary
2/34
ITS335
What Is Security?
Intro. to Security
Concepts Computer Security

Threats, Attacks,
Assets The protection afforded to an automated
Comm. Security information system in order to attain the applicable
Strategy objectives of preserving the integrity, availability,
Summary and confidentiality of information system resources.
NIST Computer Security Handbook
3/34
ITS335
Key Security Objectives
Intro. to Security
Concepts Confidentiality
Threats, Attacks,
Assets I Data confidentiality: assure confidential information not
Comm. Security made available to unauthorized individuals
Strategy
I Privacy: assure individuals can control what information
Summary
related to them is collected, stored, distributed
Integrity
I Data integrity: assure information and programs are
changed only in a authorized manner
I System integrity: assure system performs intended
function
Availability
I Assure that systems work promptly and service is not
4/34
denied to authorized users
ITS335
Other Security Objectives
Intro. to Security
Concepts Authenticity
Threats, Attacks,
Assets I Users and system inputs are genuine and can be verified
Comm. Security and trusted
Strategy I Data authentication
Summary I Source authentication
Accountability
I Actions of an entity can be traced uniquely to that
entity
I Supports: non-repudiation, deterrence, fault isolation,
intrusion detection and prevention, after-action recovery
and legal action
5/34
ITS335
Computer Security Challenges
Intro. to Security
Concepts
I computer security is not as simple as it might first
Threats, Attacks,
appear to the novice
Assets I potential attacks on the security features must be
Comm. Security
considered
Strategy
I procedures used to provide particular services are often
Summary
counter-intuitive
I physical and logical placement needs to be determined
I additional algorithms or protocols may be involved
I attackers only need to find a single weakness, the
developer needs to find all weaknesses
I users and system managers tend to not see the benefits
of security until a failure occurs
I security requires regular and constant monitoring
I is often an afterthought to be incorporated into a
system after the design is complete
I thought of as an impediment to efficient and
6/34
user-friendly operation
ITS335
Intro. to Security
Concepts Assets
Threats, Attacks,
Assets I System resources that the users/owners wish to protect
Comm. Security I Hardware, software, data, communication lines
Strategy
Summary
Vulnerabilities
I Weakness in system implementation or operation
I Can make asset: corrupted, leaky, unavailable
Security Policy
I Set of rules and practices that specifies how a system
provides security services to protect assets
Threats
I Potential violation of security policy by exploiting a
7/34 vulnerability
ITS335
Intro. to Security
Concepts Attack
Threats, Attacks,
Assets
I A threat that is carried out; a successful attack leads to
Comm. Security
violation of security policy
Strategy
I Active attack: attempt to alter system resources or
Summary
operation
I Passive attack: attempt to learn information that does
not affect system resources
I Inside attack: initiated by entity with authorized access
to system
I Outside attack: initiated by unauthorized user of system
Countermeasure
I Means to deal with an attack
I Prevent, detect, respond, recover
I Even with countermeasures, vulnerabilities may exist,
leading to risk to the assets
8/34 I Aim to minimize the risks
ITS335
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
9/34 Credit: Figure 1.2 in Stallings and Brown, Computer Security, 2nd Ed., Pearson 2012
ITS335
Contents
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Summary
10/34
ITS335
Threat Consequences and Attacks
Intro. to Security
Concepts
Threat Action An attack
Threats, Attacks, Threat Agent Entity that attacks, or is threat to system
Assets
(adversary, attacker, malicious user)
Comm. Security
Strategy
Threat Consequence A security violation that results from a
Summary threat action
I Unauthorized Disclosure: exposure, interception,

inference, intrusion
I Deception: masquerade, falsification, repudiation
I Disruption: incapacitation, corruption, obstruction
I Usurpation: misappropriation, misuse
See: R. Shirey, Internet Security Glossary, IETF RFC 2828,
May 2000. http://www.ietf.org/rfc/rfc2828.txt (or
version 2 in RFC 4949).
11/34
ITS335
Scope of Computer Security
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.3 in Stallings and Brown, Computer Security, 2nd Ed., Pearson 2012
12/34
ITS335
Assets and Examples of Threats
Intro. to Security
Concepts
Threats, Attacks, Availability Confidentiality Integrity

Assets Hardware Equipment is stolen or
Comm. Security disabled, thus denying
service.
Strategy Software Programs are deleted, An unauthorized copy of A working program is modi-
denying access to users software is made. fied, either to cause it to fail
Summary during execution or to cause
it to do some unintended
task.
Data Files are deleted, An unauthorized read Existing files are modified or
denying access to users. of data is performed. new files are fabricated.
An analysis of statistical
data reveals underlying
data.
Commu- Messages are destroyed Messages are read. The Messages are modified,
nication or deleted. traffic pattern of delayed, reordered, or dupli-
Lines Communication lines or messages is observed. cated. False messages are
networks are rendered fabricated.
unavailable.
Credit: Table 1.3 in Stallings and Brown, Computer Security, 2nd Ed., Pearson 2012
13/34
ITS335
Contents
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Summary
14/34
ITS335
Intro. to Security
Concepts
I Systematic approach to define requirements for security
Threats, Attacks,
and approaches to satisfying those requirements
Assets
I ITU-T Recommendation X.800, Security Architecture
Comm. Security
for OSI
Strategy
Summary
I Provides abstract view of main issues of security
I Security aspects: Attacks, mechanisms and services
I Focuses on security of networks and communications
systems
I Concepts also apply to computer security
15/34
ITS335
Aspects of Security
Intro. to Security
Concepts Security Attack

Threats, Attacks,
Assets
Any action that attempts to compromise the security of
Comm. Security information or facilities
Strategy
Summary
Security Mechanism
A method for preventing, detecting or recovering from an
attack
Security Service
Uses security mechanisms to enhance the security of
information or facilities in order to stop attacks
16/34
ITS335
Defining a Security Service
Intro. to Security
Concepts
I ITU-T X.800: service that is provided by a protocol
Threats, Attacks,
layer of communicating systems and that ensures
Assets adequate security of the systems or of data transfers
Comm. Security
I IETF RFC 2828: a processing or communication service
Strategy
that is provided by a system to give a specific kind of
Summary
protection to system resources
I Security services implement security policies and are
implemented by security mechanisms
17/34
ITS335
Security Services
Intro. to Security
Concepts
1. Authentication Assure that the communicating entity is
Threats, Attacks,
the one that it claims to be. (Peer entity and data
Assets origin authentication)
Comm. Security
2. Access Control Prevent unauthorised use of a resource
Strategy
Summary 3. Data Confidentiality Protect data from unauthorised

disclosure
4. Data Integrity Assure data received are exactly as sent
by authorised entity
5. Non-repudiation Protect against denial of one entity
involved in communications of having participated in
communications
6. Availability System is accessible and usable on demand
by authorised users according to intended goal
18/34
ITS335
Attacks on Communication Lines
Intro. to Security
Concepts Passive Attack

Threats, Attacks,
Assets I Make use of information, but not affect system
Comm. Security resources, e.g.
Strategy 1. Release message contents
Summary 2. Traffic analysis
I Relatively hard to detect, but easier to prevent
Active Attack
I Alter system resources or operation, e.g.
1. Masquerade
2. Replay
3. Modification
4. Denial of service
I Relatively hard to prevent, but easier to detect
19/34
ITS335
Release Message Contents
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.2(a) in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
20/34
ITS335
Traffic Analysis
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.2(b) in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
21/34
ITS335
Masquerade Attack
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.3(a) in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
22/34
ITS335
“On the Internet, nobody knows you’re a dog”
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Peter Steiner, The

c New Yorker magazine
23/34
ITS335
Replay Attack
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.3(b) in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
24/34
ITS335
Modification Attack
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.3(c) in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
25/34
ITS335
Denial of Service Attack
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Figure 1.3(d) in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
26/34
ITS335
Security Mechanisms
Intro. to Security
Concepts
I Techniques designed to prevent, detect or recover from
Threats, Attacks,
attacks
Assets
I No single mechanism can provide all services
Comm. Security
Strategy
I Common in most mechanisms: cryptographic techniques
Summary I Specific security mechanisms from ITU-T X.800:
Encipherment, digital signature, access control, data
integrity, authentication exchange, traffic padding,
routing control, notarization
I Pervasive security mechanisms from ITU-T X.800:
Trusted functionality, security label, event detection,
security audit trail, security recovery
27/34
ITS335
Security Services and Mechanisms
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Credit: Table 1.4 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011
28/34
ITS335
Contents
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Summary
29/34
ITS335
Computer Security Strategy and Principles
Intro. to Security
Concepts
Policy What is the security scheme supposed to do?
Threats, Attacks,
I Informal description or formal set of rules of desired
Assets
system behaviour
Comm. Security
I Consider: assets value; vulnerabilities; potential
Strategy
threats and probability of attacks
Summary
I Trade-offs: Ease of use vs security; cost of security
vs cost of failure and recovery
Implementation How does it do it?
I Prevention, detection, response, recovery
Assurance Does it really work?

I Assurance: degree of confidence that security
measures work as intended
I Evaluation: process of evaluating system with
respect to certain criteria
30/34
ITS335
Information Security Principles
Intro. to Security
Concepts
NIST Guide to General Server Security
Threats, Attacks, I Simplicity
Assets
Comm. Security
I Fail-safe
Strategy I Complete Mediation
Summary I Open Design
I Separation of Privilege
I Least Privilege
I Psychological Acceptability
I Least Common Mechanism
I Defense-in-Depth
I Work Factor
I Compromise Recording
31/34
ITS335
Contents
Intro. to Security
Concepts
Threats, Attacks,
Assets
Comm. Security
Strategy
Summary
Summary
32/34
ITS335
Key Points
Intro. to Security
Concepts
I Objectives: confidentiality, integrity, availability
Threats, Attacks, I Protect assets: hardware, software, data, comms
Assets
I Attacks:
Comm. Security
Strategy
I Passive: release message, traffic analysis
I Active: masquerade, replay, modification, DoS
Summary
I Inside or outside
I Countermeasures, Security mechanisms: techniques to
prevent, detect, recover from attacks; often use
cryptographic techniques
33/34
ITS335
Areas To Explore
Intro. to Security
Concepts Standards and procedures for computer security

Threats, Attacks,
Assets I ISO/ITU, NIST FIPS, IETF, IEEE, . . .
Comm. Security
Strategy
Summary
Monitoring and trends in threats and attacks
I CERT, CVE, NVD . . .
Certification and professional associations

I SANS, CISSP, CCSP, GIAC, CompTIA, . . .
34/34

Security

Enviado por

Dados do documento

Descrição original:

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Security

Enviado por

Direitos autorais:

Formatos disponíveis

ITS335

Sirindhorn International Institute of Technology

Prepared by Steven Gordon on 20 December 2015

Architecture for Communications Security

Computer Security Strategy

Concepts Computer Security

Architecture for Communications Security

Computer Security Strategy

I Unauthorized Disclosure: exposure, interception,

Threats, Attacks, Availability Confidentiality Integrity

Architecture for Communications Security

Computer Security Strategy

Concepts Security Attack

Summary 3. Data Confidentiality Protect data from unauthorised

Concepts Passive Attack

Credit: Peter Steiner, The

Architecture for Communications Security

Computer Security Strategy

Assurance Does it really work?

Architecture for Communications Security

Computer Security Strategy

Concepts Standards and procedures for computer security

Certification and professional associations

Você também pode gostar