Computer Security: Principles and Practice PDF

Computer Security: Principles and Practice Chapter 1 – Overview 3rd Edition by William Stallings and Lawrie Brown Overview Computer Security: protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). Key Security Concepts Confidentiality This term covers two related concepts: Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Integrity This term covers two related concepts: Data integrity: Assures that information and programs are changed only in a specified and authorized manner. System integrity: Assures that a system performs its intended function in an correct manner, free from unauthorized manipulation of the system. Availability Assures that systems work promptly and service is not denied to authorized users. These three concepts form what is often referred to as the CIA triad. Key Security Concepts Confidentialit y Integrity Availability Preserving Guarding against Ensuring timely and authorized improper information reliable access to restrictions on modification or and use of information access destruction information Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are Authenticity and Accountability. Authenticity Being able to be verified and trusted. Confidence in the validity of a transmission or a message generator. Verifying that users are who they say they are and that each input arriving at the system come from a trusted source. Authorization is the process of giving someone permission or right to do or have something. Having the authorization of something means having the permission or the right of that thing. Accountability Generate the requirement for action of an entity to be traced uniquely to that entity Support nonrepudiation, means a user cannot deny having performed a transaction. Must be able to trace security breach to a responsible party. Keep records of their activates to permit later forensic analysis to trace security breaches or to aid in transaction dispute. Levels of Impact (breach impact) Modera Low High te The loss The loss The loss could be could be could be expected expected expected to have a to have a to have a severe or limited serious catastrop effect effect hic effect Computer Security Challenges Computer security is not simple Attackers only need to find a single weakness, the developer needs to find all battle between attacker / admin not see the benefits of security until a failure occurs. requires regular and constant monitoring. incorporated into a system after the design is complete. Thought of as an obstacle to efficient and user- friendly operation. Security Terminology Vulnerability - weakness in a system's design, implementation, or operation and management. Examples: https://cert.gov.sa/en/security-warnings/ Security Policy: a set of rules and practices that specify how a system provides security services to protect sensitive and critical system resources. Security Terminology Threat: an event that could cause a security breach and harm the system. Capable of exploiting vulnerabilities Represent potential security harm to a system Examples: Removable media such as flash drives. Brute force attack. Unauthorized use of your organization's system privileges. Loss or theft of devices containing confidential information. Security Terminology Countermeasure: An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack. Risk: the probability that a threat will exploit a vulnerability with a harmful result. Security Terminology Asset : System Resource Hardware Software Data Communication facilities and networks © 2016 Pearson Education, Inc., Hoboken, NJ. All rights reserved. Categories of vulnerabilities 1. Corrupted so that it does the wrong thing or gives wrong answers. For example, stored data values may differ from what they should be because they have been improperly modified (loss of integrity). 2. Leaky for example, someone who should not have access to some or all of the information available through the network obtains such access. (loss of confidentiality). 3. Unavailable or very slow. That is, using the system or network becomes impossible or impractical. (loss of availability) Attacks Attacks (threats carried out) o Insider attack: initiated by an entity inside the organization o Outsider attack: initiated from outside the organization Attacks Passive Attack Active Attack Attempts to learn or make use Attempts to alter system of information from the system resources or affect their but does not affect system operation resources Involve some modification Eavesdropping on, or of the data stream or the monitoring of, transmissions creation of a false stream Goal of attacker is to obtain Four categories: o Replay information that is being o Masquerade transmitted o Modification of messages Two types: o Denial of service o Release of message contents o Traffic analysis © 2016 Pearson Education, Inc., Hoboken, NJ. All rights reserved. Countermeasures Are means used to deal with security attacks Prevent Detect Recover Residual vulnerabilities may remain Goal is to May itself minimize introduce new residual level vulnerabilities of risk to the assets Table 1.3 Computer and Network Assets, with Examples of Threats Computer Security Strategy a plan that involves selecting and implementing best practices to protect a organization from internal and external threats. a plan of action designed to maximize the security and resiliency of your organization. Computer Security Strategy Security Policy Security Formal statement Implementation of rules and Involves four practices that complementary specify or regulate courses of action: how a system or Prevention organization Detection provides security services to protect Response sensitive and Recovery critical system resources Assurance Evaluation The degree of Process of confidence one has examining a that the security computer product measures, both or system with technical and respect to certain operational, work criteria as intended to protect the system and the information it processes

Computer Security: Principles and Practice PDF

Document Details

Tags

Related

Summary

Full Transcript