Cs 1.pdf

Chat with Document Download Quiz & Flashcards

Document Details

AdulatoryGarnet8936

Uploaded by AdulatoryGarnet8936

Tags

computer security computer science IT

Related

Full Transcript

Lecture 1-Basic concepts 1.1 Computer security & i J- &...

Lecture 1-Basic concepts 1.1 Computer security & i J- & ↑ 5 CS is the protection - of the items you value, called Oof a computer or the assets computer system. There are many types of assets, involving hardware, software, data, - - - - people, processes, or combinations of these. To determine what to protect, we must - Spepoles -> =5 100 = - Computer first identify what has value and to whom. - - - - of % - I 6 joYlg & -. asset % f 3. / attacker - # 3% [. - · I - - vulunvability - harmful - Es < I' · Elis - Asset value depends on factors, personal, time dependent, replicable or not ,cost of lose 1.2- Computer Security Goals & j bras When we talk about computer security, we mean↑that we are↑addressing three↑ important - % -gig · aspects of any computer-related system: confidentiality, integrity, and availability. - &.& S ⑤ -i gi  Confidentiality ensures that computer-related assets are accessed only by - j - - & - - & voi & - & Est Buses & - si & %. A - gg & authorized parties. That is, only those who should have access to something will - - sett B past & actually get that access. By "access," we mean not only reading but also viewing, aS I ⑤ - printing, or simply knowing that a particular asset exists. Confidentiality is sometimes called - - Personal - SNI component)1 secrecy or privacy. Data &Privacy - 1: 1 11 2 Secrecy  Integrity means that- assets can be modified only by authorized parties or only in. - authorized ways. In this context, - modification includes writing, changing, 19 changing status, deleting, and creating. - -  - Availability means that assets are accessible to authorized parties at appropriate times. In other words, if some person or system has legitimate access to a - 630518193 - particular set of objects, that access should not be prevented. For this reason, - ab availability is sometimes - known by its opposite, denial of service. Sig & i - Qualibite /Goal - security aspect + , - 36 g · -  The properties are called the C-I-A triad or the security triad. # C - T - Ao , - ↑ sig - Jig 90 g ↑ ,  Adds to them two more properties that are desirable, particularly in jijg full protected (i) - · ↑ / 52 ~ communication networks:  authentication: the ability of a system to confirm the identity of a sender ] assis SSC 5 194 % see , 1 security Goal are/2 when all provide here C-1- A Lecture 1-Basic concepts In ReceiverS soSS / nonrepudiation or accountability: the ability of a system to confirm that a - wi 3 sender cannot convincingly deny having sent something 9&  Computer security seeks to prevent unauthorized viewing (confidentiality) or modification (integrity) of data while preserving access (availability). O 1.2.1 Confidentiality O One word that captures most aspects of confidentiality is view, Here are some properties gS that could mean a failure of data confidentiality: faulir Confiliid * An unauthorized person accesses a data item. An unauthorized process or program accesses a data item. X - 53 A person authorized to access certain data accesses other data not authorized X - -3 9535 - 1.2.2 Integrity sojr + Y , - ~ - Integrity is harder to pin down than confidentiality. integrity& means different things in different contexts. For example, if we say that we have preserved the integrity of an item, - - we may mean that the item is - - precise. - 1 Sag - 87 accurate -- - 2w unmodified Data 3 modified only in acceptable ways modified only by authorized people modified only by authorized processes consistent Data Structure 2 usable Lecture 1-Basic concepts Present enough capacity availibilty & - internally consistent acceptable - meaningful and usable 1.2.3 Availability a ccuret result In & - Availability applies both to data and to services (that is, to information and to information Processing), and it is similarly complex. As with the notion of confidentiality, different people expect availability to mean different things. For example, an object or service is thought to be available if the following are true: 2 It is present in a usable form. Data piggis , It has enough capacity to meet the service’s needs. hard ware It is making clear progress, and, if in wait mode, it has a bounded waiting The service is completed in an acceptable period of time. - - time. processes We can construct an overall description of availability by combining these goals. 1.3 Vulnerabilities, Threats, Attacks, and Controls - - - -  Vulnerability is a-- - e weakness in the security system, for example, in procedures, - & -S design, or implementation that might be exploited to cause loss or harm. 99. "  A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. I 9. E T - - ,· - exploits vulnerability perpetrates an- 5 -  Attacker a human who-. - - attack on the system.  a control is an action, device, procedure, or technique that -e - removes or reduces a Si - - - - - - vulnerability. d "Si - =1)  Harm The negative consequence of an actualized threat. 2  Attack: is an actualized threat. % We can describe the relationship among threats, controls, and vulnerabilities in this way: A threat is blocked by control of vulnerability the following figure shows how these concept are related - UN fixed vulnerability 7 & siggi attack 2 2 1gdis System ↓ so- progress 1 - jo Exploit Actualized threat Sist Threat > Tharms - Threat Harm j 51 , 3 attacker 25 , , & - 4 3 Lecture 1-Basic concepts - & &21224 - it is - , < , v = Vulnerability 23 2- 21 - - - 2...O System progress Control 3 6 - continue progress 5 - &. ), -I 1 5 Exploit Threat - Fail to harm 4 attack 54 S i 1.3.1 Source Threat of attack 2 936&[ by. source & - 3 Source of threat can be either human or nonhuman as listed below:. - 15-  Nonhuman threats include natural disasters like fires or floods; loss of electrical =power; failure of a component such as a> -- communications cable, processor chip, or - - disk drive; or attack by a wild boar. - ; &  Human threats I -- & #  Nonmalicious kinds of harm include someone’s accidentally spilling a soft drink on a laptop, unintentionally deleting text, inadvertently sending an email message to the wrong person, and carelessly typing “12” instead of “21” when entering a phone number or clicking “yes” instead of “no” to overwrite a file.  Malicious attacks can be random or directed. abige E 29  In a random attack the attacker wants to harm any computer or user; such an ⑭& attack is analogous to accosting the next pedestrian who walks down the street.. - -- An example of a random attack is malicious code posted on a website that could & gib be visited by anybody. R - - -  In a directed attack, the attacker intends harm to specific computers, perhaps at ·· one organization (think of attacks against a political organization) or belonging i to a specific individual (think of trying to drain a specific person’s bank account, ~ for example, by impersonation). g - - & isge ~ - - · 4 Lecture 1-Basic concepts - 5 j9 5. 54 - ↑ · We can view any threat as being one of four kinds: interception, interruption, by effect modification, and fabrication -  An interception means that some unauthorized party has gained access to an 31e- confidentity m - asset. The outside party can be a person, a program, or a computing system. Examples of this type of failure are illicit copying of program or data files, or interaction y -. wiretapping to obtain data in a network. It violates the confidentiality security concept. > - &  In an interruption, an asset of the system becomes lost, unavailable, or unusable. / An example is malicious destruction of a hardware device, erasure of a program bral- ibitays , or data file, or malfunction of an operating system file manager so that it cannot find a particular disk file. ItO violate the availability security concept -  & - If an unauthorized party not only accesses but tampers with an asset, the threat is 91s - , a modification. For example, someone might change the values in a database, alter a program so that it performs an additional computation, or modify data Integrat being transmitted electronically. Its violate the integrity concept  Finally, an unauthorized party might create a fabrication of counterfeit objects on a computing system. The intruder may insert spurious transactions to a network communication system or add records to an existing database. Sometimes these additions can be detected as forgeries, it violate the authenticity concept. C I A & n (interruption 5 i Interception S modification - Lecture 1-Basic concepts S D attack Passive a - - loss vein -- Evas dropper -- active attack modifit -- > - -n - S - I = - & 85 x355251 - 1.3.2 Attacker A malicious attacker must have three things to success:  Method: the skills, knowledge, tools, and other things with which to be able to pull off the attack  Opportunity: the time and access to accomplish the attack  Motive: a reason to want to perform this attack against this system it can be for Fun, challenge, revenge, fraud, extortion, money laundering, and drug trafficking. 1.3.4 Vulnerabilities Vulnerabilities of computing systems, are shown below 6 Lecture 1-Basic concepts 604 &1.3.4.1 -- Hardware Vulnerabilities - hard · glas Fig , do & attack& hardware  Visible Attack, by adding devices, changing them, removing them, intercepting the traffic to them, or flooding them with traffic until they can no longer function. physical - &  attacked i physically, Computers have been drenched with water, burned, frozen, gassed, and electrocuted with power surges I  Machinicide," usually involves someone who actually wishes to harm the - S - -: geS si · computer hardware or software. Machines have been shot with guns, stabbed with E - · - ↑ knives, and smashed with all kinds of things. jg Sometimes the security of hardware components can be enhanced greatly by simple physical measures such as locks and guards. Hardware security is usually the concern of a relatively small staff of computing center professionals. 1.3.4.2 Software Vulnerabilities. a. Software alteration: A classic example of exploiting software vulnerability is the case in which a bank worker realized that software truncates the fractional interest on each account. In other words, if the monthly interest on an account is calculated to be $14.5467, the software credits only $14.54 and ignores the $.0067. b. Software Deletion : Software is surprisingly easy to delete. Each of us has, at 53 zis some point in our careers, accidentally erased a file or saved a bad copy of a is i - program, destroying a good previous copy. 150 Because of software's high value to a commercial computing center, access to software is usually carefully controlled through a process called configuration management so that software cannot be deleted, destroyed, or replaced accidentally c. Software Modification: Software is vulnerable to modifications that either cause it to fail or cause it to perform an unintended task. Indeed, because software is so susceptible to errors, it is quite easy to modify.  The program may be maliciously modified to fail when certain conditions are met or when a certain date or time is reached. Because of this delayed effect, such a program is known as a logic bomb. For example, a disgruntled employee may modify a crucial program so that it accesses the system date and halts abruptly after July 1. Other categories of software modification include  Trojan horse: a program that overtly does one thing while covertly doing another zib  virus: a specific type of Trojan horse that can be used to spread its "infection" - 55 - from one computer to another  Trapdoor: a program that has a secret entry point - p S1 in pasties user in · 7 S Lecture 1-Basic concepts g Josh information leaks in a program: code that makes information accessible to & 95 - unauthorized people or programs s d. Software Theft : This attack includes unauthorized copying of software. Software authors and distributors are entitled to fair compensation for use of their product, as are musicians and book authors. Unauthorized copying of software has not been stopped satisfactorily by copyright laws for electronic media. Software security is a larger problem, its responsibility of programmers and analysts who create or modify programs. 1.3.4.3 Data Vulnerability a. Data Confidentiality Data can be gathered by many means, such as tapping wires, planting bugs in output devices, sifting through trash receptacles, monitoring electromagnetic radiation, bribing key employees, inferring one data point from other values, or simply requesting the data. b. Data Integrity Data are especially vulnerable to modification through malicious programs, errant file system utilities, and flawed communication facilities.. · varigig Harm occurs when a threat is realized against a vulnerability. To protect against harm, 1.3.4.5 Methods of Defense - -- - & - then, we can neutralize the threat, close the vulnerability, or both. The possibility for harm to occur is called risk. risk harm Si I S 3 · & I 7 - We can deal with harm in several ways. We can seek to >. harm es #50 & = E prevent it, by blocking the attack or closing the vulnerability - & 62 x5s glBl &y ; - deter it, by making the attack harder but not impossible i deflect it, by making another target more attractive (or this one less so) level post j.s r detect it, either as it happens or some time after the fact - -- - What defence T recover from its effects · S S j - yep sig git Y 1.3.5 Controls · 9 To consider the controls or countermeasures that attempt to prevent exploiting a computing system's vulnerabilities. a. Data control Encryption clearly addresses the need for confidentiality of data. Additionally, it can be used to ensure integrity; data that cannot be read generally cannot easily be changed in a meaningful manner. b. Software Controls Program controls include the following: 8 Lecture 1-Basic concepts gis , i is  Internal program controls: parts of the program that enforce security restrictions, such as access limitations in a database management program 0. 5 S1 >  Operating system and network system controls: limitations enforced by the operating system or network to protect each user from all other users opesvording 12 n  Independent control programs: application programs, such as password checkers, - intrusion detection utilities, or virus scanners, that protect against certain types of vulnerabilities ja  Development controls: quality standards under which a program is designed, coded, tested, and maintained to prevent software faults from becoming exploitable vulnerabilities c. Hardware Controls &its% Numerous hardware devices have been created to assist in providing computer security. These devices include a variety of means, such as: -hardware or smart card implementations of encryption -locks or cables limiting access or deterring theft -devices to verify users' identities -firewalls -intrusion detection systems -circuit boards that control access to storage media d. User Policies and Procedures Enforce procedures or policies among users rather than enforcing security through hardware or software means. In fact, some of the simplest controls, such as frequent changes of passwords, can be achieved at essentially no cost but with tremendous effect. 9 Lecture 1-Basic concepts Exercises 1- Distinguish among vulnerability, threat, and control. 2- One control against accidental software deletion is to save all old versions of a program. Of course, this control is prohibitively expensive in terms of cost of storage. Suggest a less costly control against accidental software deletion. Is your control effective against all possible causes of software deletion? If not, what threats does it not cover? 3- List at least three kinds of harm a company could experience from electronic espionage or unauthorized viewing of confidential company materials. 4- Suppose a program to print paychecks secretly leaks a list of names of employees earning more than a certain amount each month. What controls could be instituted to limit the vulnerability of this leakage? 5- Preserving confidentiality, integrity, and availability of data is a restatement of the concern over interruption, interception, modification, and fabrication. How do the first three concepts relate to the last four? That is, is any of the four equivalent to one or more of the three? Is one of the three encompassed by one or more of the four? 6- When you say that software is of high quality, what do you mean? How does security fit into your definition of quality? For example, can an application be insecure and still be "good"? 7- Consider a program to display on your web site your city's current time and temperature. Who might want to attack your program? What types of harm might they want to cause? What kinds of vulnerabilities might they exploit to cause harm? 8- Consider a program that allows consumers to order products from the web. Who might want to attack the program? What types of harm might they want to cause? What kinds of vulnerabilities might they exploit to cause harm? 9- Consider a program to accept and tabulate votes in an election. Who might want to attack the program? What types of harm might they want to cause? What kinds of vulnerabilities might they exploit to cause harm? 10- Consider a program that allows a surgeon in one city to assist in an operation on a patient in another city via an Internet connection. Who might want to attack the program? What types of harm might they want to cause? What kinds of vulnerabilities might they exploit to cause harm? 10

Use Quizgecko on...
Browser
Open
Browser
Browser