UNCLASSIFIED Version 1.0 May 2012
|
|
- Morris Chandler
- 8 years ago
- Views:
Transcription
1 Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice are readily available online. It is now common to see announcements of new vulnerabilities uncovered in widely deployed products, or new malware identified. Finding vulnerabilities and fixing them is a critical element of our efforts to secure systems, however the scale of the problem is increasing. The reactive approach deals with each new symptom as it emerges, but fails to address the root cause of the problem. Security mechanisms in today s computing platforms are often not enabled, or are bypassed to increase performance, improve usability, or to allow maintenance. Platforms are not designed to be secure by default; hence extensive (and expensive) effort must be devoted to managing the risks to our systems. A new approach is needed to reduce the harm caused by common and emerging classes of threat. Platforms that are not secure by default cannot represent commercial good practice, and should not be relied upon to protect sensitive data The rest of this paper will discuss desired characteristics of secure platforms; showing some ideas on how a concerted effort might be made to drive fundamental improvements in platform security. We aim to reduce the risk of a single vulnerability allowing a platform to be exploited. We will also suggest a practical example of how some of these characteristics could be provided. Desired Characteristics of Secure Platforms The term platform covers a huge range of computing environments and their underlying software and hardware. Examples include a conventional laptop/smartphone with a full OS and underlying chipset features, or a single processor chip onto which bespoke firmware can be loaded and executed. A single hardware device may also be thought of as multiple platforms, each with varying capabilities and security controls. The following characteristics are intended to be applied to any of the above examples, though inevitably they are written with the more common scenarios in mind. 1
2 Processor Security Controls Limit Access and Cannot be Bypassed Modern processors have evolved over time, and security mechanisms have been added to defend against or limit the scope of an attack. These measures are hampered or rendered irrelevant by the requirement to support modes of operation which bypass the security features. For example, x86 architectures provide legacy support for real mode, and also for System Management Mode (SMM). Both of these are required on some platforms (e.g. SMM code often performs power management functions), but both allow code to run outside the privilege restrictions normally enforced on the chip. New types of platforms do not require these mechanisms, and so we are at a point where it is feasible to deprecate them where they are not needed. New versions of existing platforms may require legacy support today, but a medium term deadline should be identified beyond which they will not be supported by default. The elimination of bypasses has long been a core objective of security design, as has least privilege ; limiting the access of a component to that required to do its job (in the above example, power management functions should not be given arbitrary memory access). A secure platform should have a clear hierarchy of control, and limit unnecessary access to system resources. Direct Memory Access (DMA) is Limited and Controlled Peripheral devices on a platform can be anything from graphics cards to wireless networking devices; as such they can require direct access to memory and can potentially access/alter data on the core platform. Any of these devices could be malicious (attached to the platform by an attacker), or compromised (a vulnerability in an existing peripheral allows an attacker to gain control of it). It is therefore good practice to limit access to areas of memory required for operation, and to deny access completely to untrusted peripherals. These controls will limit the potential for an attack on the core platform via a peripheral device. A secure platform should be able to limit the direct memory access granted to peripherals, and to report which restrictions are in place. 2
3 DMA from External Devices is Additionally Protected Some external interfaces (such as Firewire or Thunderbolt) also offer DMA capabilities; hence privileged access to the core platform is exposed outside the physical casing. This raises the possibility of an attack via this interface requiring only the briefest physical access to the platform. A secure platform exposing an external DMA-capable interface must mitigate the impact of unauthorised access, e.g. by requiring authentication of all attached devices. Central Processor Access From Other Processing Elements is Minimised and Controlled There can be performance or efficiency benefits to allow processing elements such as graphics processors access to main processor resources. It is important to realise that these accesses can potentially be used to attack the main processor. Again the principle of least privilege should apply in this situation; access should be limited to the resources required to do the job. A secure platform should ensure that external accesses to the main processor from other processing elements are strictly limited to those required for operation. Ideally it should be possible to disable them when sensitive data is being processed. Processes Consuming Platform Resources can be Identified and Controlled The owner of a computing platform may (depending on the deployment scenario) be the user, the enterprise, or a service provider. This entity should be able to determine which processes are running, and to prevent unwanted software from executing. A secure platform should not permit arbitrary resource consumption in an opaque manner. Debug Functionality Does Not Compromise Security Most platform components incorporate test circuitry such to enable product testing during development and on the production line, for example using JTAG functionality to probe functions and extract test data. By design some of this functionality may allow access to sensitive data on the platform (e.g. cryptographic key material). 3
4 On a secure platform, debug features should be controlled once production testing is complete. Debug features should not allow unprivileged access to protected resources. I/O Control Even if it is not possible to attack a process directly, malware can potentially hijack the input or output paths. A passive attack could capture sensitive data (e.g. voice traffic passing from the microphone to a VOIP encryption application), while a more active man-in-the-middle attack could alter or insert data (e.g. entering commands to subvert the system, or overwriting alert messages with more benign alternatives). A secure platform should treat control of input/output paths to/from applications processing sensitive data as a security function, and limit access accordingly. Secure Device Identity In addition to strong user authentication (such as a smartcard or other token-based mechanism), a secure platform should be able to strongly identify itself to the network. Most widely deployed systems today use port or MAC address-based device authentication, which is easy to spoof and can be inflexible in a mobile environment. Strong, reliable device identification allows access control decisions to be made on a perdevice basis, as well as per-user (e.g. some platforms may be able to access data not available to less protected hardware). Additionally such mechanisms can automate asset management processes and keep track of valuable devices. For example, log files would show when and where each device has been used, and by whom. It becomes unnecessary to manage bureaucratic processes to document where devices have been deployed. Secure Credential Storage A secure platform should provide a mechanism for storing private keys such that the keys themselves are not directly accessible to applications. The platform can then make use of these keys (for signing or encryption) without exposing them to theft and use on another platform. Such a mechanism offers a degree of protection for sensitive keys such as authentication credentials for a web service; potentially a malicious process on that platform can still produce valid signatures, but it cannot steal the credentials to later access the service from elsewhere. 4
5 Measured/Verified Boot An unauthorised entity should not be able to modify the boot process of a secure platform, and any attempt to do so should be detected. During the boot process, highly privileged code is executed which has access to most of the platform s resources. Malicious implants at this level are difficult if not impossible for the Operating System to detect; protection in hardware is required. Verified Boot is a mechanism which only allows authorised code to be executed during boot, e.g. only code signed by the platform manufacturer. Measured Boot is a mechanism by which the platform can record which code is loaded during boot, and provide this information to a remote entity in an authenticated manner. The remote entity can then use this data to make access control decisions based on the state of the platform. A secure platform should implement both of these mechanisms, continuing as far as possible into the boot process. Secure Update/Recovery Modern software and firmware is designed to be updated in the field (post-production). This can be to fix a bug or security vulnerability, or to allow a corrupted system to be reinitialised into a usable state. Potential threats arise both from malicious updates and also from slow deployment of security updates leaving platforms in a vulnerable state. A secure platform should only accept updates and other executable code from an authenticated source. Security updates should be made available and deployed onto platforms as rapidly as practical following discovery of a flaw. Control Flow Integrity The control flow of software describes the order in which commands are executed. A common attack vector is to target critical memory locations which direct the control flow. Typically these should not be accessible; however software bugs can expose them. A buffer overflow in which the return address of a function is overwritten is a example of such an attack. Reducing the harm caused by these bugs requires a platform to either prevent dangerous memory corruptions from occurring, or to reduce the chances that an attacker can gain control as a result. A secure platform will defend against memory corruption events which could affect the control flow. 5
6 Security Primitives Many platforms provide features designed to enable/improve security within applications: controls on execution of code in arbitrary memory, stack protections, and implementations of common crypto functions (including entropy generation) are all good examples. While the secure development of applications is outside the scope of this paper, we observe that including these primitives and encouraging their use is hugely beneficial to platform security. Re-use of standard components and technologies simplifies security design and also the assurance process. A Practical Example Having described the characteristics of a secure platform, we should now show how some of these might be realised using technological primitives that exist today. Further work is still required to deprecate legacy features and implement robust I/O control; however there are grounds for optimism that the overall goal is achievable. Robust Domain Isolation on a Secure Platform A computing platform will process sensitive data; in a connected world it is likely also to be required to process untrusted data in a secure manner. For example, access usually shares a platform with a web browser; web-based malware can compromise corporate and/or personal data. Limiting/monitoring web access reduces the risk, but some users require access to untrusted data (e.g. if they work with untrusted 3 rd parties, or conduct research using potentially untrusted sources) in order to carry out critical tasks. Improvements to platform security require effort and resources, and may break existing insecure/legacy implementations. We believe that confronting these issues is not only important but necessary in order to deliver the next generation of secure computing platforms. A secure platform can be used to isolate sensitive and untrusted domains such that data/code running in one trust domain cannot interfere with or leak into another. This includes minimising the level of information which can pass between domains via a side-channel, e.g. timing information. 6
7 One approach to implementing this is to use virtualisation combined with the other characteristics described above: A purpose built baremetal hypervisor designed to isolate virtual machines (VMs) from each other. Trusted/Verified Boot ensuring that the system (up to and including the hypervisor) boots up in a known state, and that this can be verified remotely. Hardware-level controls exist to limit access to/from peripherals on a per-vm basis; legacy modes of operation which bypass these controls do not operate on the platform. The result is a higher degree of confidence that processes/operating Systems running in different virtual machines can be effectively isolated from each other. Several of the above features are implemented in some platforms today: the Trusted Platform Module (TPM) is capable of implementing Secure device Identity; Secure Credential Storage, and of storing/reporting measurements of the platform state during boot. NIST, the US technology standards agency, has produced guidelines 1 for implementing measured boot and firmware signing at the BIOS level of a PC platform. TPMs are deployed in a significant proportion of laptops as well as desktops and servers. Input/Output Memory Management Units (IOMMUs) exist which support access controls for peripheral devices. These features should be activated and used where available (even if not all are available) and implemented across the range of existing computing platforms, from servers to mobile devices. 1 BIOS Integrity Measurement Guidelines: BIOS Protection Guidelines: 7
8 Summary: Secure Platform Characteristics 1. A secure platform should have a clear hierarchy of control, and limit unnecessary access to system resources. 2. A secure platform should be able to limit the direct memory access granted to peripherals, and to report which restrictions are in place. 3. A secure platform exposing an external DMA-capable interface must mitigate the impact of unauthorised access. 4. A secure platform should ensure that external accesses to the main processor from other processing elements are strictly limited to those required for operation. Ideally it should be possible to disable them when sensitive data is being processed. 5. A secure platform should not permit arbitrary resource consumption in an opaque manner. 6. On a secure platform, debug features should be controlled once production testing is complete. Debug features should not allow unprivileged access to protected resource. 7. A secure platform should treat control of input/output paths to/from applications processing sensitive data as a security function, and limit access accordingly. 8. A secure platform should be able to strongly identify itself to the network. 9. A secure platform should provide a mechanism for storing private keys such that the keys themselves are not directly accessible to applications. 10. An unauthorised entity should not be able to modify the boot process of a secure platform, and any attempt to do so should be detected. 11. A secure platform should only accept updates and other executable code from an authenticated source. Security updates should be made available and deployed onto platforms as rapidly as practical following discovery of a flaw. 12. A secure platform will defend against memory corruption events which could affect the control flow 8
The Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationFrontiers in Cyber Security: Beyond the OS
2013 DHS S&T/DoD ASD (R&E) CYBER SECURITY SBIR WORKSHOP Frontiers in Cyber Security: Beyond the OS Clear Hat Consulting, Inc. Sherri Sparks 7/23/13 Company Profile CHC was founded in 2007 by S. Sparks
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationUsing Remote Desktop Clients
CYBER SECURITY OPERATIONS CENTRE December 2011 Using Remote Desktop Clients INTRODUCTION 1. Remote access solutions are increasingly being used to access sensitive or classified systems from homes and
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationPlain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75
Plain English Guide To Common Criteria Requirements In The Field Device Protection Profile Version 0.75 Prepared For: Process Control Security Requirements Forum (PCSRF) Prepared By: Digital Bond, Inc.
More informationDiscovering passwords in the memory
Discovering passwords in the memory Abhishek Kumar (abhishek.kumar@paladion.net) November 2003 Escalation of privileges is a common method of attack where a low privileged user exploits a vulnerability
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationCPA SECURITY CHARACTERISTIC SECURE VOIP CLIENT
26579500 CPA SECURITY CHARACTERISTIC SECURE VOIP CLIENT Version 2.0 Crown Copyright 2013 All Rights Reserved UNCLASSIFIED Page 1 About this document This document describes the features, testing and deployment
More informationA Survey on Virtual Machine Security
A Survey on Virtual Machine Security Jenni Susan Reuben Helsinki University of Technology jreubens@cc.hut.fi Abstract Virtualization plays a major role in helping the organizations to reduce the operational
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationSecurity Overview for Windows Vista. Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation
Security Overview for Windows Vista Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation Agenda User and group changes Encryption changes Audit changes User rights New and modified
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationMobile Device Management:
Mobile Device Management: A Risk Discussion for IT Decision Makers Mobile Device Management (MDM) software provides IT organizations with security-relevant capabilities that support the integration of
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 24 Windows and Windows Vista Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Windows and Windows Vista Security
More informationWIND RIVER SECURE ANDROID CAPABILITY
WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion
More informationEnhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
More informationSECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014
SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security
More informationAdditional Security Considerations and Controls for Virtual Private Networks
CYBER SECURITY OPERATIONS CENTRE APRIL 2013 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL REFERENCES
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationSecure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda
Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationVerfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014
Verfahren zur Absicherung von Apps Dr. Ullrich Martini IHK, 4-12-2014 Agenda Introducing G&D Problem Statement Available Security Technologies Smartcard Embedded Secure Element Virtualization Trusted Execution
More informationWindows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org
Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes
More informationSecurity Considerations in Cloud Deployments Matthew Garrett <matthew.garrett@nebula.com>
Security Considerations in Cloud Deployments Matthew Garrett (cloud) Computing for the Enterprise Security concerns in traditional hosting Someone hacks your system Your hosting
More informationControl your corner of the cloud.
Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing
More informationBlackBerry 10.3 Work and Personal Corporate
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
More informationSkySecure System Overview
SKYSECURE SYSTEM COMPONENTS SKYSECURE SERVER Trusted compute platform based on locked-down firmware, signed immutable images, Intel Trusted Execution Technology and the SkySecure I/O Controller. Controller
More informationPCI PA - DSS. Point ipos Implementation Guide. Version 1.01. VeriFone Vx820 using the Point ipos Payment Core
PCI PA - DSS Point ipos Implementation Guide VeriFone Vx820 using the Point ipos Payment Core Version 1.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationAdvanced Endpoint Protection Overview
Advanced Endpoint Protection Overview Advanced Endpoint Protection is a solution that prevents Advanced Persistent Threats (APTs) and Zero-Day attacks and enables protection of your endpoints by blocking
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationUMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY Firewall Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator: Recommended by Director
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More informationBitLocker Drive Encryption Hardware Enhanced Data Protection. Shon Eizenhoefer, Program Manager Microsoft Corporation
BitLocker Drive Encryption Hardware Enhanced Data Protection Shon Eizenhoefer, Program Manager Microsoft Corporation Agenda Security Background BitLocker Drive Encryption TPM Overview Building a BitLocker
More informationA M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions
A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions AMD DAS (DASH, AMD Virtualization (AMD-V ) Technology, and Security) 1.0 is a term used to describe the various
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationThe evolution of virtual endpoint security. Comparing vsentry with traditional endpoint virtualization security solutions
The evolution of virtual endpoint security Comparing vsentry with traditional endpoint virtualization security solutions Executive Summary First generation endpoint virtualization based security solutions
More informationDell Client BIOS: Signed Firmware Update
Dell Client BIOS: Signed Firmware Update An Implementation and Deployment Guide to NIST SP800-147 BIOS Protections for Dell Client BIOS Rick Martinez Dell Client BIOS This white paper is for informational
More informationUNCLASSIFIED CPA SECURITY CHARACTERISTIC REMOTE DESKTOP. Version 1.0. Crown Copyright 2011 All Rights Reserved
18570909 CPA SECURITY CHARACTERISTIC REMOTE DESKTOP Version 1.0 Crown Copyright 2011 All Rights Reserved CPA Security Characteristics for CPA Security Characteristic Remote Desktop 1.0 Document History
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationS E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s
S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s During the period between November 2012 and March 2013, Symantec Consulting Services partnered with Bomgar to assess the security
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationPublic Cloud Security: Surviving in a Hostile Multitenant Environment
Public Cloud Security: Surviving in a Hostile Multitenant Environment SESSION ID: EXP-R01 Mark Russinovich Technical Fellow Windows Azure, Microsoft @markrussinovich The Third Computing Era Security Could
More informationCPA SECURITY CHARACTERISTIC ENTERPRISE MANAGEMENT OF DATA AT REST ENCRYPTION
UNCLASSIFIED 24426399 CPA SECURITY CHARACTERISTIC ENTERPRISE MANAGEMENT OF DATA AT REST ENCRYPTION Version 1.0 Crown Copyright 2013 All Rights Reserved UNCLASSIFIED Page 1 UNCLASSIFIED Enterprise Management
More informationPCI PA - DSS. Point BKX Implementation Guide. Version 2.01. Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core
PCI PA - DSS Point BKX Implementation Guide Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core Version 2.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationPCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00
PCI PA - DSS Point XSA Implementation Guide Atos Worldline Banksys XENTA SA Version 1.00 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page number 2 (16)
More informationThreat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationHost/Platform Security. Module 11
Host/Platform Security Module 11 Why is Host/Platform Security Necessary? Firewalls are not enough All access paths to host may not be firewall protected Permitted traffic may be malicious Outbound traffic
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationSandbox Roulette: Are you ready for the gamble?
Sandbox Roulette: Are you ready for the gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap rahul@bromium.com What is a sandbox? In computer security terminology, a sandbox is an environment designed
More informationStart building a trusted environment now... (before it s too late) IT Decision Makers
YOU CAN T got HAP Start building a trusted environment now... IT Decision Makers (before it s too late) HAP reference implementations and commercial solutions are available now in the HAP Developer Kit.
More informationCyber Essentials Questionnaire
Cyber Essentials Questionnaire Introduction The Cyber Essentials scheme is recommended for organisations looking for a base level Cyber security test where IT is a business enabler rather than a core deliverable.
More informationUNCLASSIFIED CPA SECURITY CHARACTERISTIC SERVER VIRTUALISATION. Version 1.21. Crown Copyright 2012 All Rights Reserved
ID18939561 CPA SECURITY CHARACTERISTIC SERVER VIRTUALISATION Version 1.21 Crown Copyright 2012 All Rights Reserved CPA Security Characteristics for Server Virtualisation 18/05/2012 Document History Version
More informationCloud Computing Governance & Security. Security Risks in the Cloud
Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud
More informationReducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define
More informationIntel s Virtualization Extensions (VT-x) So you want to build a hypervisor?
Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Mr. Jacob Torrey February 26, 2014 Dartmouth College 153 Brooks Road, Rome, NY 315.336.3306 http://ainfosec.com @JacobTorrey
More informationICTN 4040. Enterprise Database Security Issues and Solutions
Huff 1 ICTN 4040 Section 001 Enterprise Information Security Enterprise Database Security Issues and Solutions Roger Brenton Huff East Carolina University Huff 2 Abstract This paper will review some of
More informationObjectives. Windows 7 Security. Desktop OS Market Share. Windows Background. CS140M Fall 2014. Lake
Objectives Windows 7 Security By Al Fall 2014 CS 140M LBCC Background Windows Security Architecture Windows Vulnerabilities Means of Evaluating Metrics System Hardening Windows Defenses OS Security Capabilities
More informationPenetration Testing Report. Client: xxxxxx Date: 19 th April 2014
1. Executive Summary Penetration Testing Report Client: xxxxxx Date: 19 th April 2014 On the 19th of April, a security assessment was carried out on the internal networks of xxxxxx, with the permission
More informationLecture Embedded System Security Dynamic Root of Trust and Trusted Execution
1 Lecture Embedded System Security Dynamic Root of Trust and Execution Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2014 Dynamic Root
More informationThe Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap rahul@bromium.com
The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap rahul@bromium.com What is a sandbox? Environment designed to run untrusted (or exploitable) code, in a manner
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationSANS Institute First Five Quick Wins
#1 QUICK WIN- APPLICATION WHITELISTING SANS Critical Controls: #2: Inventory of Authorized and Unauthorized Software 1) Deploy application whitelisting technology that allows systems to run software only
More informationComprehensive Security for Internet-of-Things Devices With ARM TrustZone
Comprehensive Security for Internet-of-Things Devices With ARM TrustZone Howard Williams mentor.com/embedded Internet-of-Things Trends The world is more connected IoT devices are smarter and more complex
More informationThe Advantages of a Firewall Over an Interafer
FIREWALLS VIEWPOINT 02/2006 31 MARCH 2006 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor organisation to the Centre for the Protection
More informationPenetration Testing Windows Vista TM BitLocker TM
Penetration Testing BitLocker TM Drive Encryption Douglas MacIver Penetration Engineer System Integrity Group, Corporation Hack In The Box 2006/09/21 2006 Corporation. All rights reserved. Trustworthy
More informationSecurity within a development lifecycle. Enhancing product security through development process improvement
Security within a development lifecycle Enhancing product security through development process improvement Who I am Working within a QA environment, with a focus on security for 10 years Primarily web
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationHomeland Security Red Teaming
Homeland Security Red Teaming Directs intergovernmental coordination Specifies Red Teaming Viewing systems from the perspective of a potential adversary Target hardening Looking for weakness in existing
More informationBuild (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)
It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The
More informationUnderstanding and evaluating risk to information assets in your software projects
Understanding and evaluating risk to information assets in your software projects ugh.. what a mouthful Dana Epp Windows Security MVP Who am I? Microsoft Windows Security MVP Information Security Professional
More informationA SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1
A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile
More informationEA-ISP-012-Network Management Policy
Technology & Information Services EA-ISP-012-Network Management Policy Owner: Adrian Hollister Author: Paul Ferrier Date: 01/04/2015 Document Security Level: PUBLIC Document Version: 1.00 Document Ref:
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationRedhawk Network Security, LLC 62958 Layton Ave., Suite One, Bend, OR 97701 sales@redhawksecurity.com 866-605- 6328 www.redhawksecurity.
Planning Guide for Penetration Testing John Pelley, CISSP, ISSAP, MBCI Long seen as a Payment Card Industry (PCI) best practice, penetration testing has become a requirement for PCI 3.1 effective July
More informationOverview of Windows 10 Requirements for TPM, HVCI and SecureBoot
presented by Overview of Windows 10 Requirements for TPM, HVCI and SecureBoot UEFI Spring Plugfest May 18-22, 2015 Gabe Stocco, Scott Anderson, Suhas Manangi Updated 2011-06-01 UEFI Plugfest May 2015 www.uefi.org
More informationPatch and Vulnerability Management Program
Patch and Vulnerability Management Program What is it? A security practice designed to proactively prevent the exploitation of IT vulnerabilities within an organization To reduce the time and money spent
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationWorking Together Managing and Securing Enterprise Mobility WHITE PAPER. Larry Klimczyk Digital Defence P: 222.333.4444
Working Together Managing and Securing Enterprise Mobility WHITE PAPER Larry Klimczyk Digital Defence P: 222.333.4444 Contents Executive Summary... 3 Introduction... 4 Security Requirements... 5 Authentication...
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationGuidance Regarding Skype and Other P2P VoIP Solutions
Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationSecurity Principles. Related to. Handset Theft
Security Principles Related to Handset Theft Table of Contents TABLE OF CONTENTS...2 GLOSSARY OF TERMS...3 1. INTRODUCTION...4 1.1 IMPORTANCE OF IMEI INTEGRITY...4 1.2 IMPROVED IMEI INTEGRITY PRINCIPLES...4
More informationUNCLASSIFIED CPA SECURITY CHARACTERISTIC SOFTWARE FULL DISK ENCRYPTION. Version 1.1. Crown Copyright 2011 All Rights Reserved
11590282 CPA SECURITY CHARACTERISTIC SOFTWARE FULL DISK ENCRYPTION Version 1.1 Crown Copyright 2011 All Rights Reserved CPA Security Characteristics for software full disk encryption Document History [Publish
More informationSecurity and Risk Analysis of VoIP Networks
Security and Risk Analysis of VoIP Networks S.Feroz and P.S.Dowland Network Research Group, University of Plymouth, United Kingdom e-mail: info@network-research-group.org Abstract This paper address all
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationS E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010
S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M Bomgar Product Penetration Test September 2010 Table of Contents Introduction... 1 Executive Summary... 1 Bomgar Application Environment Overview...
More information