Lecture 1: Organization Security Requirements PDF

Document Details

StylishSpessartine

Uploaded by StylishSpessartine

University of Science and Technology

Prof. Noureldien A. Noureldien

Tags

computer security internet security network security information security

Summary

This lecture provides an overview of organization security requirements, focusing on recent changes in information security and measures to protect data. It discusses concepts such as data confidentiality, integrity, and availability. The lecture also covers some common security violations and the challenges involved in computer security.

Full Transcript

University of Science and Technology Faculty of Computer Science and Information Technology Department of Information and Communication Technology Lecture (1) Instructor: Prof. Noureldien A. Noureldien Organization Security Requirements The requirements of information security within an organizatio...

University of Science and Technology Faculty of Computer Science and Information Technology Department of Information and Communication Technology Lecture (1) Instructor: Prof. Noureldien A. Noureldien Organization Security Requirements The requirements of information security within an organization have undergone two major changes in the last several decades. Before the widespread use of data processing equipment, the security of information felt to be valuable to an organization was provided primarily by physical and administrative means. The first major change is the introduction of the computer, the need for automated tools for protecting files and other information stored on the computer became evident. This is especially the case for a shared system, such as a timesharing system, and the need is even more acute for systems that can be accessed over a public telephone network, data network, or the Internet. The second major change that affected security is the introduction of distributed systems and the use of networks and communications facilities for carrying data between terminal user and computer and between computer and computer. Network security measures are needed to protect data during their transmission. In fact, the term network security is somewhat misleading, because virtually all business, government, and academic organizations interconnect their data processing equipment with a collection of interconnected networks. Such a collection is often referred to as an internet,and the term internet security is used. There are no clear boundaries between these two forms of security. For example, a computer virus may be introduced into a system physically when it arrives on a flash drive or an optical disk and is subsequently loaded onto a computer. Viruses may also arrive over an internet. In either case, once the virus is 1 resident on a computer system, internal computer security tools are needed to detect and recover from the virus. This course focuses on internet security, which consists of measures to prevent, detect, and correct security violations that involve the transmission of information. Violation Examples To give you a feel for the areas covered in this course, consider the following examples of security violations: 1. User A transmits a file to user B. The file contains sensitive information (e.g., payroll records) that is to be protected from disclosure. User C, who is not authorized to read the file, is able to monitor the transmission and capture a copy of the file during its transmission. 2. A network manager, D, transmits a message to a computer, E, under its management. The message instructs computer E to update an authorization file to include the identities of a number of new users who are to be given access to that computer. User F intercepts the message, alters its contents to add or delete entries, and then forwards the message to E, which accepts the message as coming from manager D and updates its authorization file accordingly. 3. Rather than intercept a message, user F constructs its own message with the desired entries and transmits that message to E as if it had come from manager D. Computer E accepts the message as coming from manager D and updates its authorization file accordingly. 4. An employee is fired without warning. The personnel manager sends a message to a server system to invalidate the employee’s account. When the invalidation is accomplished, the server is to post a notice to the employee’s file as confirmation of the action. The employee is able to intercept the message and delay it long enough to make a final access to the server to retrieve sensitive information. The message is then forwarded, the action taken, and the confirmation posted. The employee’s action may go unnoticed for some considerable time. 5. A message is sent from a customer to a stockbroker with instructions for various transactions. Subsequently, the investments lose value and the customer denies sending the message. Although this list by no means exhausts the possible types of security violations, it illustrates the range of concerns of network security. 2 Computer Security Concepts A Definition of Computer Security. The NIST Computer Security Handbook [NIST95] defines the term computer security as Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). This definition introduces three key objectives that are at the heart of computer security. ■ Confidentiality: This term covers two related concepts: Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. ■ Integrity: This term covers two related concepts: Data integrity: Assures that data (both stored and in transmitted packets) and programs are changed only in a specified and authorized manner. System integrity: Assures that a system performs its intended function in an unaffected manner, free from deliberate or inadvertent unauthorized manipulation of the system. ■ Availability: Assures that systems work promptly and service is not denied to authorize users. 3 CIA Trail The following three concepts form what is often referred to as the CIA triad. The three concepts embody the fundamental security objectives for both data and for information and computing services. 1- Confidentiality: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information. 2- Integrity: Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information. 3- Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture (Figure 1.1). Two of the most commonly mentioned are 4- Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source. 5- Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. Because truly secure systems are not yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes. 4 Levels of Security Impact on Organizations We use three levels of impact on organizations orindividuals when there be a breach of security (i.e., a loss of confidentiality, integrity,or availability). ■ Low: The loss could be expected to have a limited adverse effect on organizationaloperations, organizational assets, or individuals. A limited adverse effectmeans that, for example, the loss of confidentiality, integrity, or availability might (i) cause a degradation in organization capability but theorganization is able to perform its primary functions, but the effectiveness of thefunctions is noticeably reduced; (ii) result in minor damage to organizationalassets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals. 5 ■ Moderate: The loss could be expected to have a serious effect on organizationaloperations, organizational assets, or individuals. A serious adverseeffect means that, for example, the loss might (i) cause a significant degradationin organization capability but the organization isable to perform its primary functions, but the effectiveness of the functions issignificantly reduced; (ii) result in significant damage to organizational assets; (iii) result in significant financial loss; or (iv) result in significantharm to individualsthat does not involve loss of life or serious, life-threatening injuries. ■ High: The loss could be expected to have a severe or catastrophic adverse effecton organizational operations, organizational assets, or individuals. A severe orcatastrophic adverse effect means that, for example, the loss might (i) causea severe degradation in organization capability but the organization is not able to perform one or more of its primaryfunctions; (ii) result in major damage to organizational assets; (iii) result inmajor financial loss; or (iv) result in severe or catastrophic harm to individualsinvolving loss of life or serious, life-threatening injuries. The Challenges of Computer Security Computer and network security is both interesting and complex. Some of the reasonsinclude: 1. Security is not as simple as it might first appear to the novice. The requirementsseem to be straightforward; one-word labels: Confidentiality,authentication, nonrepudiation, availability, and integrity. But the mechanisms used tomeet those requirements can be quite complex, and understanding them mayinvolve rather subtle reasoning. 6 2. In developing a particular security mechanism or algorithm, one must alwaysconsider potential attacks on those security features. In many cases, successfulattacks are designed by looking at the problem in a completely different way,therefore exploiting an unexpected weakness in the mechanism. 3. Because of point 2, the procedures used to provide particular services areoften counterintuitive. Typically, a security mechanism is complex, and it is notobvious from the statement of a particular requirement. It is only clear when the various aspects of the threat are considered. 4. Having designed various security mechanisms, it is necessary to decide whereto use them. This is true both in terms of physical placement (e.g., at what pointsin a network the certain security mechanism is needed) and in a logical sense[e.g., at what layer or layers of an architecture such as TCP/IP (TransmissionControl Protocol/Internet Protocol) should mechanisms be placed]. 5. Security mechanisms typically involve more than a particular algorithm or protocol. They also require that participants be in possession of some secret information(e.g., an encryption key), which raises questions about the creation,distribution, and protection of that secret information. 6. Computer and network security is essentially a battle between a perpetratorwho tries to find holes and the designer or administrator who tries toclose them. The great advantage that the attacker has is that he or she needonly find a single weakness, while the designer must find and eliminate allweaknesses to achieve perfect security. 7 7. There is a natural tendency on the part of users and system managers to perceivelittle benefit from security investment until a security failure occurs. 8. Security requires regular, even constant, monitoring, and this is difficult intoday’sshort-term, overloaded environment. 9. Security is still too often an afterthought to be incorporated into a system afterthe design is complete rather than being an integral part of the design process. 10. Many users (and even security administrators) view strong security as an impediment(obstacle) to efficient and user-friendly operation of an information system. 8

Use Quizgecko on...
Browser
Browser