Computer Systems and Security - PowerPoint PPT Presentation

1 / 30
About This Presentation
Title:

Computer Systems and Security

Description:

Computer Systems and Security--- New era of secure communications ---Lecture 1 * Last lecture we saw the data encryption standard. However this require that the ... – PowerPoint PPT presentation

Number of Views:540
Avg rating:3.0/5.0
Slides: 31
Provided by: PDLe
Category:

less

Transcript and Presenter's Notes

Title: Computer Systems and Security


1
Computer Systems and Security
  • --- New era of secure communications ---
  • Lecture 1

2
Schedule
  • 1. Computer Systems and Security
  • 2. Introduction to Information and Network
    Security
  • 3. Introduction to Cryptography
  • 4. Cryptosystems, Hash Functions and Digital
    Signatures
  • 5. Introduction to Firewalls
  • 6. Security at the IP Layer
  • 7. Security at the Transport Layer SSL and TLS
  • 8. Electronic Mail, Web Security and Malicious
    code
  • 9. Information and Network Security
    Authentication
  • 10. Introduction to Wireless Security
  • 11. Security of Large Computer Systems
  • 12. Informal Test

3
Computer Security and Industries
Government and private intelligence communities
Internal threats (dishonest employees, software
failures etc.)
Business partners(customers, competitors,suppli
ers, etc.)
Hackers, investigator,reporters etc.
4
Vulnerabilities
  • The three broad computing system resources are
  • hardware
  • interruption (denial of service), interception
    (theft)
  • software
  • interruption (deletion), interception,
    modification
  • data
  • interruption (loss), interception, modification
    and fabrication

5
Security facts believe it or not!
  • Bank robbery through computers
  • Industrial espionage on corporate information
  • Loss of individual privacy (files, emails, chats,
    video conferencing, ...)
  • Information vandalism (destroy backup, delete
    files, vandalise web pages, )
  • Computer viruses
  • (more can be found in comp.risks and other
    websites)

6
Computer Security e.g
  • Attacks can be INTERNAL and EXTERNAL.
  • INTERNAL
  • altering data
  • stealing source code
  • damaging computer systems
  • revealing confidential information
  • intentionally writing bad code for later use
  • etc.
  • EXTERNAL
  • Send malicious programs
  • Scanning your network for vulnerabilities and
    attack it
  • Sending viruses (for Windows and Unix)- annoying,
    destructive
  • Etc.

7
Is Computer Threat Real?
  • 1997 survey of 61 large companies that had
    firewalls (site had gt 1000 pcs Internet
    servers)
  • 44 reported probes by outsiders
  • 23 IP spoofing (used to break in hosts on the
    Internet)
  • 10 email bombs
  • 8 denial of service attacks
  • 8 sendmail probes
  • 89 reported that the firewall responded
    adequately

Internet sources
8
Computer Threat
  • Computer Security Institute/FBI Survey
  • 35 annual increases in data sabotage incidents
    from 1997 to 1999
  • 25 annual increases in financial fraud
    penetrated on-line
  • Abuse of network access increased over 20
    resulting losses of 8 billions
  • Security breaches caused US15 billions losses in
    2000

Internet sources
9
Other Surveys
  • Poll of 1,400 companies with gt 100 employees
  • About 90 are confident with their firms network
    security
  • But 50 failed to report break-ins
  • 58 increased in spending on security
  • 1997-2001,fortune firms lost US45 billions
    high-tech firms most vulnerable

Internet sources
10
Why Study Network Security?
  • IT professionals will either design, build,
    manage software, manage a network of computers or
    teams of IT professionals
  • Need to know possible security threads and
    solutions
  • Security Experts are very well paid
  • Computer Security is becoming one of the most
    important things that governments and industries
    need to spend money for
  • Management staff need to know possible computer
    security threads to their companies
  • Ordinary users are interested in knowing how to
    protect their computers and their works

11
Security Forms
Borrowed from Stalling 2001
12
Reactions to Security Threads
  • Find methods for defence by active research in
    security privacy(numerous conferences each
    year)
  • Enforce new laws
  • Provide education and training
  • Set up collaborations between governments,
    industries academia
  • Employ computer security specialists

13
How Secure Should It Be?
  • How should you spend the money on securing your
    system?
  • University computer systems - ?
  • Free Servers - ?
  • Bank computer systems - ?
  • Computer systems of department of defence - ?

14
Risk Analysis
  • Before carrying out security policy, we need to
    evaluate the cost of implementing security
    measures as opposed to losing the data and
    information.
  • Should you maximise security and minimise
    services?
  • How can you provide maximum services with minimum
    risk?
  • Which security path should you take?
  • Hire experts?
  • Purchase the best software?
  • Wait-and-see?

15
Security and Cost Analysis
cost
100
security
16
Principles of Security
  • Principle of easiest penetration
  • an intruder will use any means of penetration
  • Principles of timeliness
  • items only need to be protected until they lose
    their value
  • Principles of effectiveness
  • controls must work, and they should be
    efficient, easy to use, and appropriate.

17
Attacks
18
Attacks Passive Types
  • Passive (interception) eavesdropping on,
    monitoring of, transmissions.
  • The goal is to obtain information that is being
    transmitted.
  • Types here are release of message contents and
    traffic analysis.

19
Attacks Active Types
  • Involve modification of the data stream or
    creation of a false stream.
  • It can be subdivided into
  • masquerade,
  • replay,
  • modification of messages, and
  • denial of service.

20
Security Attacks - Taxonomy
  • Interruption attack on availability
  • Interception attack on confidentiality
  • Modification attack on integrity
  • Fabrication attack on authenticity

Properties that are compromised
21
Interruption
  • Causes denial of services.
  • Information resources (hardware, software and
    data) are deliberately made unavailable, lost or
    unusable, usually through malicious destruction.
  • E.g cutting a communication line, disabling a
    file management system (e.g unmount a NFS file
    system), etc.

22
Interception
  • Also known as un-authorised access.
  • Difficult to trace as no traces of intrusion
    might be left.
  • e.g illegal eavesdropping or wiretapping or
    sniffing, illegal copying.

23
Modification
  • Also known as tampering a resource.
  • Resources can be data, programs, hardware
    devices, etc.
  • E.g intercept a message, change and send it
  • E.g intercept a mobile application, change and
    send it

24
Fabrication
  • also known as counterfeiting (of objects such as
    data, programs, devices, etc).
  • Allows to by pass the authenticity checks.
  • e.g insertion of spurious messages in a
    network, adding a record to a file, counterfeit
    bank notes, fake cheques,
  • impersonation/masquerading
  • E.g To pretend some authorised entity to gain
    access to data, services etc.

25
Security Attacks - Taxonomy
26
Decide what/where to control
  • What should be the focus of the controls?
  • For example should protection mechanisms focus
    on data or operations on that data or on the
    users who use the data?
  • Since there are layers of technology, where
    controls should apply?
  • Applications, services, operating systems,
    kernel, hardware.

27
Study Effectiveness of Controls
  • Merely having controls does no good unless they
    are used properly. The factors that affect the
    effectiveness are
  • Awareness of protection
  • Likelihood of users
  • Overlapping controls
  • Periodic review

28
Methods of Defence
  • Physical controls
  • Lock, guards, backup of data and software, thick
    walls,
  • Hardware firmware controls
  • Apply security devices, smart cards, firmware
    passwords
  • Software controls
  • Set up firewalls, install software to enforce
    authentication, etc...

29
Methods of Defence (e.g)
  • Prevention
  • Using cryptographic techniques to encrypt
    information
  • Using software tools to find possible security
    problems and fix them before any attack occurs
    (e.g, Scanning programs STAN, ISS)
  • Using secure communications or firewalls to
    prevent certain attacks
  • Etc.
  • Detection
  • Use hardware software tools and security
    expertise to detect both attempts to violate and
    successful security violations
  • Recovery
  • Using Backup recovery, software (COPS, Tiger,
    etc) to automatically check the systems and
    recover

30
Methods of Defence (cont)
  • Regularly check your systems for security holes
  • Study new software carefully before install or
    update your systems
  • Carry out and review company security polices and
    procedures
  • Educating users
Write a Comment
User Comments (0)
About PowerShow.com