2 Security Engineering What is Security Engineering? "Security Engineering is about building systems to remain dependable in the face of malice, error or mischance." -- Ross Anderson
3 Goals What are the goals of security engineering? Depends on system Traditionally things like: confidentiality, data integrity, entity authentication, message authentication, signatures, authorization, validation, access control, certification, timestamping, witnessing, receipt, confirmation, ownership, anonymity, non-repudiation, revocation, assurance...
4 Assurance: What you say? Security Actual resistance to attack What sort of attack? What sort of attacker? Complex to quantify (intangible) Assurance Degree of belief that Security level is correct. Also intangible
5 Snake Oil, Inc. Ridiculous claims One Time Pad! 1,000,000 bit keys! Completely Unbreakable! Revolutionary! Inverse N-dimensional permutation matrix routed through the exhaust manifold and the main deflector dish, with a twist of lemon. No assurance at all. Secret/Unevaluated/Under-evaluated systems
6 Assurance for Dummies (Competent) Peer Review Standards Compliance Common Criteria FIPS PUBS FIPS 140-2, FIPS 180-2, FIPS Good Practice Independent Evaluation
7 OK... So Now What? How can the general system security goals be satisfied in reasonable (verifiable/quantifiable) ways, particularly in distributed settings? Generally a Hard Problem Good understanding of the problem and security engineering is important
8 Security Engineering Patterns Simplicity Complete Mediation Separation of Privilege Least Privilege Least Common Mechanism Defense in Depth Open Design Auditability Physiological Acceptability
10 Network Security Policy What are the Security Domains? What are the rules for each domain? What connections are allowed? What sort of information exchange is permitted? How can security domains interact?
11 NSP Application How can it be applied? Architecturally Network Design should make domains natural Device/Host configuration should be consistent with NSP Enforcement of the NSP Firewalls Verification of the NSP IDSes Where? Most critical at Security Domain Boundaries
13 Firewalls Stateless (basic packet filter) Complex rulesets Simplest design Least granularity Stateful Basic Understands some underlying protocols More symbolic (generally simpler) rulesets Moderate Complexity Proxy Most control over traffic Most complex Understands all protocols in use
14 Host based IDSes Analysis of host logging information Network based Network monitoring (sniffing) Interactions with switches
15 Common Failures Switches as security devices Incorrectly placed firewalls Misplaced trust in IDSes Logging trauma Lack of understanding of underlying protocols
16 Trust Management System design in terms of trust Extending trust Policy/Procedures Laws/Regulation Technical Solutions
17 Technical Measures Cryptography can help Has primitives to help establish Confidentiality Data integrity Authentication Non-repudiation
18 Cryptographic Primitives Random number generation Stream ciphers Block ciphers Public key encryption Cryptographic hash functions MACs Public key signatures
19 Trust Extension Each primitive has a set of attributes Primitives are used in a Security Protocol Security Protocol can be used to extend trust in various ways
20 SSL/TLS Client has: CA public certificate Possibly client certificate Server has: Server certificate Trust relationships Client and Server trust CA Client Trusts Real Server Server may trust Client Trust is extended through RNGs, Hashes, PK Signatures, PK encryption, Block (or stream) ciphers, MACs
21 IPSec/IKE Endpoints have Authentication data (various sorts) Trust relationships Endpoints trust each other Endpoints trust authentication data (and associated infrastructure) Trust is extended through RNGs, Hashes, MACs, Block Ciphers Other Stuff for IKE
22 There and Back Again A Packet s Tale VPNs attempt to emulate trusted connections Can encapsulate complete packets Can provide confidentiality, data authentication Virtual trusted piece of wire
23 Crypto-Modules Offer crypto-in-a-box Can be more secure than integrated crypto Smaller More fully evaluated Can be leveraged to make big, complex systems more secure
24 Quantifying Security What sort of attackers? How well funded are they? What resources do they have access to? How risk adverse are they? How much time do they have? Where in the system do they start? What expertise/information do they have?
27 Summary Security is Hard It is intangible It is complex Its goals are difficult to define Assurance is often ignored There are several Techniques to help Network security is even more hard and complex
Encrypting ATM Firewall Abstract This paper explores the mechanics and policies that are necessary to protect information transmitted over an untrusted high speed wide area ATM network. The network model
Reducing the Cyber Risk in 10 Critical Areas Information Risk Management Regime Establish a governance framework Enable and support risk management across the organisation. Determine your risk appetite
Standard: Version: 2.0 Date: June 2011 Author: PCI Data Security Standard (PCI DSS) Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines
Asia-pacific Journal of Multimedia Services Convergence with Art, Humanities and Sociology Vol.1, No.2 (2011), pp. 93-100 http://dx.doi.org/10.14257/ajmscahs.2011.12.06 Secure Multi-Party Computation in
Payment and Security Experts Implementing PCI A Guide for Network Security Engineers Updated For PCI Data Security Standard Version 1.2.1 Tom Arnold, CISSP, ISSMP, CFS, CPISM/A, PCI/QSA Partner, PSC Sponsored
Version 1.0 Date: Author: PCI Security Standards Council Executive Summary The time to migrate is now. For over 20 years Secure Sockets Layer (SSL) has been in the market as one of the most widely-used
Security Models and Requirements for Healthcare Application Clouds Rui Zhang 1,2 and Ling Liu 1 1. College of Computing, Georgia Institute of Technology, Atlanta, GA, USA 2. School of Computer and Information
Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary
Introduction Mobility, cloud, and consumerization of IT are all major themes playing out in the IT industry today all of which are fundamentally changing the way we think about managing IT infrastructure.
BlackBerry Enterprise Solution for Microsoft Exchange Security Analysis Fraunhofer SIT Certification Report 06-104302 Copyright Notice The content of this document is owned by Fraunhofer Gesellschaft e.
Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls
BSI-DSZ-CC-0848-2012 for Red Hat Enterprise Linux, Version 6.2 on IBM Hardware for Power and System z Architectures from Red Hat, Inc. BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach
SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY
WHITE PAPER Network Security: A Simple Guide to Firewalls CONTENTS Why a Firewall Am I Really at Risk?................... 1 What Is a Firewall?......... 2 Types of Attack............ 2 Firewall Technologies........
McAfee NGFW Reference Guide for Firewall/VPN Role 5.7 NGFW Engine in the Firewall/VPN Role Legal Information The use of the products described in these materials is subject to the then current end-user
Institute of Parallel and Distributed Systems University of Stuttgart Universitätsstraße 38 D 70569 Stuttgart Diplomarbeit Nr. 3242 Data security in multi-tenant environments in the cloud Tim Waizenegger
AWS Security Best Practices Dob Todorov Yinal Ozkan November 2013 (Please consult http://aws.amazon.com/security for the latest version of this paper) Page 1 of 56 Table of Contents Abstract... 4 Overview...
Special Publication 800-41 Guidelines on Firewalls and Firewall Policy Recommendations of the National Institute of Standards and Technology John Wack, Ken Cutler, Jamie Pole NIST Special Publication 800-41
Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies October 2009 DISCLAIMER This report was prepared as an account of work sponsored by an agency of
Special Publication 800-125 Guide to Security for Full Virtualization Technologies Recommendations of the National Institute of Standards and Technology Karen Scarfone Murugiah Souppaya Paul Hoffman NIST
What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies
Windows Firewall with Advanced Security Design Guide and Deployment Guide Microsoft Corporation Published: October 2008 Author: Dave Bishop Editor: Allyson Adley Reviewers: Bilal Aijazi, Boyd Benson, Shalaka
FRAUNHOFER RESEARCH INSTITUTION AISEC CLOUD COMPUTING SECURITY PROTECTION GOALS.TAXONOMY.MARKET REVIEW. DR. WERNER STREITBERGER, ANGELIKA RUPPEL 02/2010 Parkring 4 D-85748 Garching b. München Tel.: +49
Understanding and Selecting a Tokenization Solution Understanding and Selecting a Tokenization Solution 1 Author s Note The content in this report was developed independently of any sponsors. It is based
Securing Enterprise Applications Version 1.1 Updated: November 20, 2014 Securosis, L.L.C. 515 E. Carefree Highway Suite #766 Phoenix, AZ 85085 T 602-412-3051 firstname.lastname@example.org www.securosis.com Author
Secure Credential Federation for Hybrid Cloud Environment with SAML Enabled Multifactor Authentication using Biometrics B.Prasanalakshmi Assistant Professor Department of CSE Thirumalai Engineering College