Introduction to Information Security

Similar documents
Threat modeling. Tuomas Aura T Information security technology. Aalto University, autumn 2011

Threat Modeling. Frank Piessens ) KATHOLIEKE UNIVERSITEIT LEUVEN

Microsoft STRIDE (six) threat categories

Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats

Mobile Application Threat Analysis

Security Testing. How security testing is different Types of security attacks Threat modelling

Plain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Threat Modeling. Categorizing the nature and severity of system vulnerabilities. John B. Dickson, CISSP

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Security Maintenance Practices. IT 4823 Information Security Administration. Patches, Fixes, and Revisions. Hardening Operating Systems

Chap. 1: Introduction

Information Security Basic Concepts

COSC 472 Network Security

Threat Modeling. 1. Some Common Definition (RFC 2828)

Guide to Vulnerability Management for Small Companies

BEST PRACTICES FOR SECURITY TESTING TOP 10 RECOMMENDED PRACTICES

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Introduction to Security

Introduction to Computer Security

Computer Security: Principles and Practice

Content Teaching Academy at James Madison University

Security Goals Services

Web Application Security

Chapter 6: Fundamental Cloud Security

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

Security and Privacy in Cloud Computing

IY2760/CS3760: Part 6. IY2760: Part 6

Cryptography and Network Security Chapter 1

Threat Modeling/ Security Testing. Tarun Banga, Adobe 1. Agenda

Development Processes (Lecture outline)

Bypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken

Security aspects of e-tailing. Chapter 7

Managing internet security

Board Portal Security: How to keep one step ahead in an ever-evolving game

ECE 646, CRYPTOGRAPHY PROJECT SPECIFICATION GEORGE MASON UNIVERSITY FALL, 2013

Public Cloud Security: Surviving in a Hostile Multitenant Environment

Cryptography and Network Security Overview & Chapter 1. Network Security. Chapter 0 Reader s s Guide. Standards Organizations.

Cryptography and Network Security

FISMA / NIST REVISION 3 COMPLIANCE

What is Web Security? Motivation

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

Security Defense Strategy Basics

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

CS 203 / NetSys 240. Network Security

Entire contents 2011 Praetorian. All rights reserved. Information Security Provider and Research Center

SAFECode Security Development Lifecycle (SDL)

Threat Modelling for Web Application Deployment. Ivan Ristic (Thinking Stone)

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

HIPAA Security COMPLIANCE Checklist For Employers

Application Intrusion Detection

Network Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. March 19, 2015

CPSC 467: Cryptography and Computer Security

1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

Juniper Networks Secure

Threat Modeling: Lessons from Star Wars. Adam

IT Networking and Security

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

EECS 588: Computer and Network Security. Introduction January 14, 2014

Windows Phone 8 Security Overview

DATABASE SECURITY, INTEGRITY AND RECOVERY

Data Protection: From PKI to Virtualization & Cloud

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

Secure Data Exchange Solution

Security Advice for Instances in the HP Cloud

Introduction to Microsoft Security Development Lifecycle (SDL) Threat Modeling

Weighted Total Mark. Weighted Exam Mark

Principles of Computer Security. Dr George Danezis

Security Threats in Demo Steinkjer

Application Security Testing

DEVELOPING A NETWORK SECURITY PLAN

Computer and Network Security

Securing Data on Microsoft SQL Server 2012

OWASP AND APPLICATION SECURITY

An Approach to Threat Modeling in Web Application Security Analysis

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

EECS 588: Computer and Network Security. Introduction

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

Data Security Incident Response Plan. [Insert Organization Name]

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

8 Steps for Network Security Protection

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

8 Steps For Network Security Protection

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

CSC 474 Information Systems Security

A Systems Engineering Approach to Developing Cyber Security Professionals

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Transcription:

Introduction to Information Security Chapter 1 Information Security Basics Winter 2015/2016 Stefan Mangard, www.iaik.tugraz.at

What is Information Security? 2

Security vs. Safety The German word Sicherheit includes Security and Safety Security Safety 3

Buzzwords and Their Definitions 4

Information Security always starts with assets. An asset is anything (e.g. an information, a service or a device) that has value to an entity (e.g. an organization or a person). Fotos Documents Website 5

Security Properties Security properties of assets define what makes the asset valueable The three central security properties are Confidentiality Integrity Availability 6

Confidentiality Confidentiality is a property that applies to information. Preserving the confidentiality of information means that is not made available or disclosed to unauthorized entities. Example A picture must only be available to a certain group of people 7

Integrity Integrity can apply to information or a service/system. Preserving the integrity means that changes can only be done in a specified and authorized manner. Example A website must not be altered by hackers 8

Availability Availability can apply to information or a service/system. Ensuring availability means that there is timely and reliable access to the information or service. Example A picture or website should be viewable whenever you like to see it 9

More Security Properties There are many more security properties in literature on IT security that partly overlap with the three main properties Prominent examples Authenticity: to assure that information is from the source it claims to be from. Non-Repudiation: to assure that someone cannot deny something (e.g. having received some information). Privacy, anonymity: typically map to other security properties, such as the confidentiality of personal information. 10

Assets and Security Properties Assets and security properties define what we care about Finding the assets and their security properties is a crucial first step of every security analysis You should always dig for the low-level assets don t simply state the mobile phone is an asset, but determine what assets on your mobile phone make your phone an asset 11

What assets do you have on your mobile phone? Stefan Mangard, www.iaik.tugraz.at 12

Threats Threats define what can go wrong A threat describes a potential violation of security. The sum of all threats describes everything that can lead to a violation of a security property of the asset. Typically threats can be grouped to hierarchical classes of a threats that form an attack tree 13

An Attack Tree for a Safe Assume we place a confidential document in a safe What are the threats? Let s build a complete attack tree 14

Attack Surface The larger, the attack tree, the larger is the attack surface How would the attack tree look like, if you placed the document not in a safe, but in a room of your apartment/your car/your garden/your work place? Clearly the goal is always to minimize the attack surface 15

Attacks Trees for Large Systems can become and Complex Stefan Mangard, www.iaik.tugraz.at Example branch that could lead to the disclosure of a confidential file on a mobile phone Attack via network vs. local attack Software bug vs. side-channel vs. trojan vs.. Application level vs. OS level Asset. 16

When Threats Become Reality Vulnerability: A concrete flaw or weakness in system security that can be exploited by one or more threats Attack: A concrete attempt to violate one of the security properties of an asset. Asset with a certain value and certain security properties Threats Vulnerabilities Attack 17

The Path From an Asset to an Attack Asset with a certain value and certain security properties Threats Vulnerabilities Attack Minimize the attack surface Verification and checks Updates and Patches The goal when designing a secure system is to break these links 18

Do We have to Break All Links? No Each link is associated with a certain probability The sum of the probabilities for the paths that lead from an asset to an attack constitute the risk of a security violation In practical settings, this probability is not zero 19

Secure Systems Security is about risk management. It is about finding balance between risks and the effort for security measures 20

The Door to Your Apartment 21

A Safe 22

Fort Knox, Kentucky, USA [1] 23

How do we build a secure IT system? 24

General Guidelines General guidelines to breaking the links from assets to attacks in practice Asset Threat Design systems with security in mind adding security on top of an existing design typically leads to a large attack surface Threat Vulnerability Use established standardized security mechanisms and use them correctly Proofing, verification, testing of security features Vulnerability Attack Prepare for the fact that things can go wrong Update mechanisms, logging, tracing mechanisms 25

The Typical Design Is an Iterative System Definition Stefan Mangard, www.iaik.tugraz.at Identification of assets, threat modeling and rating of risks System definition Threats including risk rating Accept risks Final system definition update of security mechanisms 26

The Nature of Security Mechanisms Security mechanisms shift the problem of protecting one asset to protecting another (new) asset that is more easy to protect Example Asset is a confidential file Security mechanism is to protect the access by a password New assets: password, password checking function Security mechanism is to encrypt the files New assets: the cryptographic key, the encryption software Nothing is for free ;-) 27

Threat Modeling The process of collecting all assets, threats and risks is called Threat Modeling Threat modeling takes a lot of time it is worth the time! Do not start implementing security mechanisms without having done threat modeling Threat modeling can be done at different levels of abstraction Security requirements definition System level Device level Software Hardware 28

Tools Microsoft offers the free tool SDL Threat Modeling Tool STRIDE Threat Model Spoofing Tampering Repudiation Information Disclosure Denial of Service Elevation of Privilege 29

Checklist for Threat Modeling List of assets complete? Where are the assets processed (which devices)? Does the threat modeling indeed fit to the implementation? Are all standard threats (STRIDE) mitigated? Are mitigations done right? 30

Security Policy A security policy is a statement of what is allowed and of what is not allowed Security policies for persons Define what the person is allowed to do or not Example: The password must be at least 10 characters long and include numbers, lowercase and uppercase letters and a punctuation mark Don t write down your password Lock confidential documents in a safe when leaving the work place Printed confidential documents must not leave the workplace (e.g. to work at home) Security are vital and every company needs to have one 31

Security Policy Security policies can also be technical and formal Formal definitions of a security policy are used to do a formal verification of the security of software/hardware Examples Access to this file must only be granted, if The content of register xy must always be cleared, when there is a task switch 32

Security Mechanisms and Policies When designing security mechanisms and policies, do not forget about the humans! [2] 33

Security Mechanisms and Policies When designing security mechanisms and policies, do not forget about the humans! [2] 34

Security Mechanisms in a Typical System Computer Security (Part 2 of IIS) Communication (e.g. network) Computation (the CPUs) Cryptography Cryptography (Part 1 of IIS) Storage (e.g. hard disk, memories, flash, cloud) 35

Supplementary Material 36

Supplementary Material Books Matt Bishop: Computer Security: Art and Science, ISBN-13: 078-5342440997 William Stallings and Lawrie Brown: Computer Security Principles and Practice, ISBN-13: 978-1-292-06617-2 Web Threat modeling at Microsoft https://www.microsoft.com/en-us/sdl/adopt/threatmodeling.aspx 37

Credits 38

Images [1] Fort Knox: By Cliff [CC BY 2.0 (http://creativecommons.org/licenses/by/2.0)], via Wikimedia Commons [2] Crypto Nerd Comic: via xkcd http://xkcd.com/538/ 39

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information