Computer%20Security%20Introduction

1
Computer SecurityIntroduction
2
Basic Components

• Confidentiality Concealment of information
• (prevent unauthorized disclosure of
  information).
• Integrity Trustworthiness of data/resources
• (prevent unauthorized modifications).
• Data integrity
• Origin integrity (authentication)
• Availability Ability to use information/resources
  .
• (prevent unauthorized withholding of
• information/resources).

3
Basic Components

• Additionally
• Authenticity, accountability, reliability,
  safety,
• dependability, survivability . . .

4
Confidentiality

• Historically, security is closely linked to
  secrecy.
• Security involved a few organizations dealing
  mainly
• with classified data.
• However, nowadays security extends far beyond
• confidentiality.
• Confidentiality involves
• privacy protection of private data,
• secrecy protection of organizational data.

5
Integrity

• Making sure that everything is as it is supposed
  to be.
• For Computer Security this means
• Preventing unauthorized writing or modifications.
  

6
Availability

• For Computer Systems this means that
• Services are accessible and useable (without
  undue
• Delay) whenever needed by an authorized entity.
• For this we need fault-tolerance.
• Faults may be accidental or malicious
  (Byzantine).
• Denial of Service attacks are an example of
  malicious
• attacks.

7
Relationship between Confidentiality Integrity
and Availability

• Confidentiality

Integrity
Secure
Availability
8
Other security requirements

• Reliability deals with accidental damage,
• Safety deals with the impact of system failure
  caused by the environment,
• Dependability reliance can be justifiably
  placed on the system
• Survivability deals with the recovery of the
  system after massive failure.
• Accountability -- actions affecting security must
  be traceable
• to the responsible party. For this,
• Audit information must be kept and protected,
• Access control is needed.

9
Basic Components

• Threats potential violations of security
• Attacks violations
• Attackers those who execute the violations

10
Threats

• Disclosure or unauthorized access
• Deception or acceptance of falsified data
• Disruption or interruption or prevention
• Usurpation or unauthorized control

11
More threats

• Snooping (unauthorized interception)
• Modification or alteration
• Active wiretapping
• Man-in-the-middle attacks
• Masquerading or spoofing
• Repudiation of origin
• Denial of receipt
• Delay
• Denial of Service

12
Policy and Mechanisms

• A security policy is a statement of what is / is
  not allowed.
• A security mechanism is a method or tool that
  enforces a security policy.

13
Goals of Computer Security

• Security is about protecting assets.
• This involves
• Prevention
• Detection
• Recovery (reaction / restore assets)

14
Assumptions of trust

• Let
• P be the set of all possible states of a system
• Q be the set of secure states
• A mechanism is secure if P Q
• A mechanism is precise if P Q
• A mechanism is broad if there are states in P
  which
• are not in Q

15
Assurance

• Trust cannot be quantified precisely.
• System specifications design and implementation
  can
• provide a basis for how much one can trust a
  system.
• This is called assurance.
• A system is said to satisfy a specification if
  the specification correctly states how the system
  will function.

16
Assurance - Specifications

• A specification is a statement of the desired
  functioning of a system.
• It can be highly mathematical using any of
  several languages for that purpose.

17
Assurance Design/Implementation

• A design of a system translates the
  specifications into components that will
  implement them.
• Given a design the implementation creates a
  system that satisfies the design.
• A program is correct if its implementation
  performs as specified.

18
Assurance Testing

• Proofs of correctness require that each line of
  source code be checked for mathematical
  correctness.
• Because formal proofs of correctness are time
  consuming, a posteriori verification techniques
  known as testing have become widespread.
• Testing techniques are considerably simpler than
  formal methods, but do not provide the same
  degree of assurance their value is in
  eliminating common sources of error and forcing
  designers to define precisely what the system is
  supposed to do.

19
Operational issues

• Operational issues
• Cost-benefit analysis
• Example a database with salary info, which is
  used by a second system to print pay checks
• Risk analysis
• Environmental dependence
• Time dependence
• Remote risk
• Laws and customs

20
Fundamental DilemmaFunctionality or Assurance

• Security mechanisms need additional computational
  
• Security policies interfere with working
  patterns, and can be very inconvenient.
• Managing security requires additional effort and
  costs.
• Ideally there should be a tradeoff.

21
Laws and Customs

• Export controls
• Laws of multiple jurisdiction
• Human issues

22
Human issues

• Organizational problems (who is responsible for
  what)
• People problems (outsiders/insiders)

23
Tying it all together how ????
Threats Policy Specification Design
Implementation Operation Maintenance The
security life cycle
24
Computer Security -- Summary

• How to achieve Computer Security
• Security principles/concepts explore general
  principles/concepts that can be used as a guide
  to design secure information processing systems.
• Security mechanisms explore some of the security
  mechanisms that can be used to secure information
  processing systems.
• Physical/Organizational security consider
  physical organizational security measures

25
Computer Security

• Even at this general level there is disagreement
  on the precise definitions of some of the
  required security aspects.
• References
• Orange book US Dept of Defense, Trusted
  Computer System Evaluation Criteria.
• ITSEC European Trusted Computer System Product
  Criteria.
• CTCPEC Canadian Trusted Computer System Product
  Criteria