Network Security. Instructor: Adam Hahn

Transcription

1 Network Security Instructor: Adam Hahn

2 The syllabus

3 Reading for Wednesday Ken Thompson, Reflections on Trusting Trust, Communication of the ACM, Vol. 27, No. 8, August 1984, pp Bruce Schneier, The Security Mindset /the_security_mi_1.html

4 Why Network Security???

5 Cybercrime Source: New York Magazine, Source: CNN Money,

6 Hactivism Source: Forbes, -wsjs-facebook-page-got-hacked-and-what-othersshould-do-to-prevent-this/ Source: Mother Jones, -cyberattack-israel-gaza

7 Nation-State Threats Source: The Washington Post, da634b334390_story.html Source: CNET, computers-hit-by-virus/ Source: The New York Times,

8 What is computer/network security?

9 Security Definition & Properties Computer Security : The protection afforded to an automated information system in order to attain the applicabile objectives of preserving the integrity, availability, and confidentiality of information system resources. -NIST Computer Security Handbook Key Principles: CIA Triad [From FIPS-199] Confidentiality - Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information Integrity - Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity Availability - Ensuring timely and reliable access to and use of information.

10 Security Properties cont. Accountability The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. Privacy - Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be displosed Authenticity - The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator.

11 Security Properties - Examples Student Grades Confidentiality only the student/instructor can see their grade Integrity grades accurate represent hw/test scores Availability grades should be available for report cards Authenticity only the instructor can assign grades Privacy student has discretion over who sees grades Accountability evidence that instructor added grades to the system

12 In class example: Facebook Integrity? Confidentiality? Availability? Accountability? Privacy? Authenticity?

13 Security Concepts and Relationships

14 Threats/Attacks Threat Consequence Unauthorized Disclosure A circumstance or event whereby an entity gains access to data for which the entity is not authorized. Deception A circumstance or event that may result in an authorized entity receiving false data and believing it to be true. Disruption A circumstance or event that interrupts or prevents the correct operation of system services and functions. Usurpation A circumstance or event that results in control of system services or functions by an unauthorized entity. Threat Action (attack) Exposure: Sensitive data are directly released to an unauthorized entity. Interception: An unauthorized entity directly accesses sensitive data traveling between authorized sources and destinations. Inference: A threat action whereby an unauthorized entity indirectly accesses sensitive data (but not necessarily the data contained in the communication) by reasoning from characteristics or byproducts of communications. Intrusion: An unauthorized entity gains access to sensitive data by circumventing a system's security protections. Masquerade: An unauthorized entity gains access to a system or performs a malicious act by posing as an authorized entity. Falsification: False data deceive an authorized entity. Repudiation: An entity deceives another by falsely denying responsibility for an act. Incapacitation: Prevents or interrupts system operation by disabling a system component. Corruption: Undesirably alters system operation by adversely modifying system functions or data. Obstruction: A threat action that interrupts delivery of system services by hindering system operation. Misappropriation: An entity assumes unauthorized logical or physical control of a system resource. Misuse: Causes a system component to perform a function or service that is detrimental to system security.

15 Assets - Threats

16 Attack Trees Intro Model to help understand potential vulnerabilities in a system Root node = objective Leaf node = specific threat/attack Can use AND/OR gates

17 Attack Trees: In Class Root Node: Access contents of a safe

18 Security Design Principles Saltzer and Schroeder Economy of mechanisms mechanisms should be as simple, small as possible Fail-safe defaults system fails into the correct state (deny or allow) Complete mediation every access to a system should be checked/validated Open design security designs should be open, no security by obscurity Separation of privilege require multiple privileges to access restricted resource/function Least privilege processes/users should always use least privileges Least common mechanism minimize functions shared by different users Psychological acceptability mechanisms should not interfere with work for users

19 Security Strategy 1. Security Policies What is the system supposed to do? 2. Security Mechanisms How is the policy enforced? 3. Assurance/Evaluation Does the mechanism enforce the policy?

20 Security Policy Business decision Risk/threats Value of information/systems Describes intended system behavior Who needs/doesn t need access to information/systems Identify trade-offs Security vs usability Security vs cost Security vs performance

21 Security Implementations Four possible actions Prevention Examples: Firewalls, encryption Detection Examples: Intrusion detection systems, antivirus Response Examples: Reconfigure/modify system Recovery Examples: Contingency planning/disaster recovery

22 Security Assurance/Evaluation Assess efficacy of security controls More formal Common Criteria international standards for computer security certification Less formal Security test & evaluation Vulnerability assessments Penetration tests attempt to break into system