1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

1. Computer Security: An Introduction Definitions Security threats and analysis Types of security controls Security services Mar 2012 ICS413 network security 1

1.1 Definitions A computer security system is the set of mechanisms and techniques that protect a computer system (assets) from loss or harm, e.g. unauthorized access, unauthorized disclosure, and Undesirable interference with operations. Mar 2012 ICS413 network security 2

Computer system Assets Resources Hardware, software, communication channels, people Data Files, databases, messages Mar 2012 ICS413 network security 3

Security system goals System Availability System Integrity Confidentiality of Information Mar 2012 ICS413 network security 4

Security Terms (ref. Pfleeger) Exposure A form of possible loss or harm Threats Circumstances that have potential to cause loss or harm Vulnerability A weakness in the system that can potentially lead to loss or harm Mar 2012 ICS413 network security 5

Terms (cont.) Attack The act of attempting to exploit a vulnerability and therefore cause loss or harm Adversary, attacker, intruder One who perpetrates an attack Security control Protective measure to reduce vulnerability, or reduce loss/harm Mar 2012 ICS413 network security 6

1.2 Security threat analysis Exposures and threats Need to Identify What security breaches can occur Where they can occur How they can occur o E.g., do a quick threat analysis of an 1. email system, 2. a web server Mar 2012 ICS413 network security 7

Exposures and threats e.g File store Processor data link Switching node data link Terminal node People???? Mar 2012 ICS413 network security 8

Exposures (what can happen) On information e.g. Theft, copying, disclosure Modification, corruption or fabrication Destruction (deletion) Repudiation Mar 2012 ICS413 network security 9

Exposures (what can happen) On resource, e.g. Theft, Destruction, degradation License expiry unauthorized modification unauthorized use interference with operation Denial of access to authorized user(s) Mar 2012 ICS413 network security 10

Sources of threats Competitors Threats to System Availability System Integrity Confidentiality of Information Disgruntled, compromised: employees, consultants; also ex- Government agencies, military & industrial spies Mar 2012 ICS413 network security 11

Sources of threats Hackers/crackers, pranksters Amateur criminals Career criminals Terrorists Mar 2012 ICS413 network security 12

Sources of threats Natural disasters Accidents Unreliable software, bugs etc. Mar 2012 ICS413 network security 13

Passive vs. active attacks Passive attacks, e.g. Observe information without interference Message content: break confidentiality Message traffic analysis: frequency, length, source, destination Mar 2012 ICS413 network security 14

Active attack, e.g. Modify message contents or stream: delete, delay, reorder, replay, insert Masquerade as authorized user Disrupt, degrade service availability Theft, destruction Mar 2012 ICS413 network security 15

Security Analysis After identifying assets, exposures and potential threats proceed to: Vulnerability analysis: identify potential weak elements within system Threat assessment: likelihood of a threat being transformed into an attack which exploits an existing vulnerability. How to assess? Risk analysis: potential consequences of problems arising from security breach and the estimated cost of successful attack Mar 2012 ICS413 network security 16

Security Analysis(cont.) Prevention techniques: what can be done to prevent security breaches and what are the costs? Cost benefit analysis: do the consequences of security breaches justify the cost of protection? [Consider also the inconvenience, loss of performance.] [Recovery may be less costly than prevention!] Mar 2012 ICS413 network security 17

Principle of adequate protection: (ref. Pfleeger) Computer items must be protected only until they lose their value. Must be protected to a degree consistent with their value Mar 2012 ICS413 network security 18

1.3 Security mechanisms and techniques: Broad classification Physical Administrative Logical security Mar 2012 ICS413 network security 19

Physical security controls physical measures or mechanisms put in place to control exposure of and physical access to the computer system resources in order to avoid loss or harm Mar 2012 ICS413 network security 20

Physical security controls: examples Secure computer rooms no windows, locked doors, guards, fireproof, etc Secure terminals or terminal rooms Dedicate terminals to users No remote access, disconnect from network Secure (physically) the switching nodes Use fiber-optic cables, secure cable ducts,... etc. Mar 2012 ICS413 network security 21

Administrative security controls administrative measures, mechanisms, systems or procedures put in place to protect the computer system and resources from loss or harm Mar 2012 ICS413 network security 22

Administrative security controls - examples Organization policies Administrative procedures System development standards, procedures Operational procedures Legal provisions Professional Ethics etc. Mar 2012 ICS413 network security 23

Logical security controls Measures incorporated within the computer system to protect its resources from threats and attacks That may have breached physical and administrative controls, or For which physical and administrative controls are inadequate. Mar 2012 ICS413 network security 24

1.4 Some Security Services The security system should provide Access control Confidentiality Authentication Integrity Non-Repudiation Availability Mar 2012 ICS413 network security 25

Access control: define and enforce who has access to services or resources Confidentiality: prevent disclosure of information to unauthorized users Authentication: establish validity of the identity of an entity Mar 2012 ICS413 network security 26

Integrity: prevent modification of information by unauthorized users includes no duplication, replays, insertions, or reordering Availability: prevent denial of service e.g. by disruption, theft, overload, etc Non Repudiation: (accountability) prevent denial of sending or receipt of a message, creating or modifying data. Mar 2012 ICS413 network security 27

Principle of effectiveness: (ref. Pfleeger) Controls used must be effective. They must be efficient, easy to use and appropriate. Mar 2012 ICS413 network security 28

Summary Definition Security threat analysis Classifications of security controls Security services Mar 2012 ICS413 network security 29

Next Access control User authentication Authorization Mar 2012 ICS413 network security 30