Week1-overview - Radford University

Introduction to Computer Security

Week 1:

The security problem

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

1

Admin stuff …

• Workload (Tentative)

– See syllabus

• Ethics caveat:

– Any of the following violations may result in an “ F ” grade (or worse):

• Plagiarism or un-authorized collaboration. Collaboration allowed only if I state so explicitly.

• Violating the University Honor Policy (incl. honesty) Violating the

University ’ s computing usage policy and in particular the white hat agreement, including

– Installing software such as password crackers and network sniffers.

– Illegally accessing other ’ s accounts (on or off campus).

– Breaking any of the cyber crime laws such as ECPA or CFAA.

• Even if intended and received “as a joke”.




2

Admin stuff…

• Textbook:

– Security in Computing by Pfleeger and

Pfleeger 4 th edition.

– Available through Safari Online catalog in the library.

– http://proquest.safaribooksonline.com.lib-proxy.radford.edu/0132390779




3

Why study security?

• Security threats in computing are everywhere!

Accessing private data

User

Stealing laptops/disks etc

Sniffing, DOS attacks

User Network

User

Changing data e.g., adding a new user/password

User

Desktops

/Workstations/L

ANs

Social engineering: giving out password




4

Why study security?

Security threats: cost and other threats.

• Security violations are costly.

– Cyber crime

– Cyber espionage, Industrial espionage

– Cyberwar (e.g., stuxnet worm)

– Accidental damage (Petraeus emails)




5

Careers in Security.

• Application Security Engineer

• Software Engineers (with secure software development).

• ISOs (Information Security Officers)

• Administrators (system, database etc.)

• Good outlook for jobs/career: http://www.bls.gov/ooh/computer-and-informationtechnology/information-security-analysts-web-developers-andcomputer-network-architects.htm




6

• An overview of what it means to

“secure” a system.

Next:




7

Securing a computing infrastructure.

Suppose your boss asks you to secure a specific computing infrastructure.

To do this we need to ask (and answer) three questions.

– Secure what aspects ?

(define security)

– Secure against what threats ?

(threat assessment)

– Secure against whom ?



8


The word “secure” is abstract. We need to define it for each context.

• Examples:

– Alice and Bob want to communicate something private. We need to secure this communication. What exactly do we mean by this?

– A software company sends out an update to all its users over the Web. What does it mean to “secure” this update?




9

Defining security: goals that security must achieve.

• Depending on the specific infrastructure that must be secured, the common goals of security are:

– Confidentiality (if you can see it, you’re allowed to see it.)

– Availability (if you’re allowed to see it, you can)

– Integrity (“it” is really it.)

– Authentication (“you” are really you.)

– Non-repudiation (If you say it, you can’t un-say it.)

– Accountability (if something goes wrong – whose fault?)

Malicious, or non-malicious?

• Identifying security goals is the first step in securing systems. (Ask yourself: of all these goals, which are necessary for your situation?)




10

Confidentiality

• “ only authorized people have access to certain data ”

• Different views allowed, depending on role.

• Anonymity preserved.

• N.B. Determining identity is so important, it gets its own separate “authentification” category.




11

Integrity

• if we say that we have preserved the integrity of an item, we may mean that the item is

– accurate

– unmodified

– modified only in acceptable ways

– modified only by authorized people

– modified only by authorized processes

– consistent

– internally consistent

– meaningful and usable




12

Availability

• We say a data item, service, or system is available if

– There is a timely response to our request.

– Resources are allocated fairly so that some requesters are not favored over others.

– The service or system involved follows a philosophy of fault tolerance, whereby hardware or software faults lead to graceful cessation of service or to work-arounds rather than to crashes and abrupt loss of information.

– The service or system can be used easily and in the way it was intended to be used.

– Concurrency is controlled; that is, simultaneous access, deadlock management, and exclusive access are supported as required.




13

Next: threat assessment.

• Once you decide what goals need to be achieved, next step:

– Identify the threats.

– Why?




14

Some terminology:

Threats vs. Vulnerabilities vs. Exploits/Attacks

• vulnerability is a weakness in the security system

• threat to a computing system is a set of circumstances that has the potential to cause loss or harm

• Consider the picture

Threats : water can rise and overflow the wall.

Water can break the wall and drown the person.

Vulnerability : crack in the wall.




15

Discuss.

• Consider bank security.

– What are some of the threats?

– What are some of the vulnerabilities?

– What are some possible attacks?




16

Bank security

• Threats:

– Bank robbery.

– Stealing account information/personal information online.

• Vulnerabilities:

– Insecure web-page.

– A bank-guard with proclivity to take frequent donut-breaks.

• Exploits/attacks:

– Something that takes advantage of the vulnerabilities to steal money/information.




17

Threat categories

Figure 1-2 System Security Threats.

What goals (C., I., A.) does each category apply to?




18

Hardware, software and data vulnerabilities.

Vulnerabilities

Figure 1-4 Vulnerabilities of Computing Systems.




19

Threat Assessment

• “ Keep your friends close, your enemies closer ”

– Sun Tzu

• To truly secure a system: we need to know who the enemy is. Specifically 1 ,

– Who are the attackers?

– Why will they attack the system?

– How will they attack it? What are the resources they have available to them.

• Threat assessment is hard: Need to realistically gauge threats with the probability of the threats being exploited.

• E.g., Will a car thief spend $1000 to break into a car and steal a

$200 radio?

1

• Do we care about denial-of-service for our radios?

• What about military radios?

1 Material derived from Joseph/Tygar/Vairani/Wagner




20

Part of Threat Assessment

• Do a security analysis 1.

– Which of the threats in threat model will violate the security goals? One formulation 1 :

“ The security goals and threat models define the game. The threat model defines the set of moves the adversary is allowed to make, and the design of the system defines how the defender will play the game. The security goals define the success condition: if the adversary violates any security goal, he [sic] wins: otherwise, the defender wins. The security analysis involves examining all moves and counter-moves to see who has a winning strategy ” .

• Security analysis requires a thorough knowledge of all countermeasures.

1 Material derived from Joseph/Tygar/Vairani/Wagner




21

Enemies/Attackers

• Who are they?

– Amateurs (Script kiddies)

– Crackers or Malicious hackers

– Career Criminals

– Industrial Spies

– Terrorists




22

Controls/countermeasures

• How to prevent vulnerabilities from being exploited?

• Security is holistic; needs three types of controls.

Ignoring one level can render the entire system insecure.

– Physical security -- against physical loss of data.

• Protection against stealing (e.g. VA data theft) and nature.

– Technological security

• { hardware, software, network, data } x { interception, interruption, modification, fabrication }

– Administrative Security – policies, procedures re behavior

Even if a system is secured against physical and technological threats, there can still be vulnerabilities.

• Ensure employees really do lock doors when leaving, etc.

• Social engineering; blackmail

• Rumours (undermine stock price, or customer confidence)

• Shaping popular opinion (GMOs, drone attacks, …)




23

Security is holistic:

Multiple controls

Figure 1-6 Multiple Controls.




24

In Summary, studying security involves:

• Ability to analyze threats

– Usually requires knowledge of:

• Threats

• Vulnerabilities (that threats could exploit)

• Actual attacks (threats that exploit vulnerabilties).

• Ability to perform risk management

– Threats vs. cost of controlling them

• Ability to apply countermeasures

– Physical, technical and administrative.




25

What we will study in the class …

• This class is an introduction!

– Will cover all the aspects from the previous slide…without going into depth.

• Two security courses:

ITEC 445 (System security)

ITEC 455 (Network Security) look into some of the topics in greater depth.

– RU offers an Undergraduate Certificate in Information Security




26

Class Discussion

• Consider a program that allows a surgeon in one city to assist in an operation on a patient in another city via an Internet connection. Who might want to attack the program?

What types of harm might they want to cause? What kinds of vulnerabilities might they exploit to cause harm?




27

Next class:

• Linux/Windows OS

– Next class: intro to using Linux

• Please bring your laptops to class if you can!




28

Week1-overview - Radford University

Related documents

Products

Support

Week1-overview - Radford University

Related documents

Add this document to collection(s)

Add this document to saved

Suggest us how to improve StudyLib