Week1-overview - Radford University

advertisement

Introduction to Computer Security

Week 1:

The security problem

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

1

Admin stuff …

• Workload (Tentative)

– See syllabus

• Ethics caveat:

– Any of the following violations may result in an “ F ” grade (or worse):

• Plagiarism or un-authorized collaboration. Collaboration allowed only if I state so explicitly.

• Violating the University Honor Policy (incl. honesty) Violating the

University ’ s computing usage policy and in particular the white hat agreement, including

– Installing software such as password crackers and network sniffers.

– Illegally accessing other ’ s accounts (on or off campus).

– Breaking any of the cyber crime laws such as ECPA or CFAA.

• Even if intended and received “as a joke”.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

2

Admin stuff…

• Textbook:

– Security in Computing by Pfleeger and

Pfleeger 4 th edition.

– Available through Safari Online catalog in the library.

– http://proquest.safaribooksonline.com.lib-proxy.radford.edu/0132390779

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

3

Why study security?

• Security threats in computing are everywhere!

Accessing private data

User

Stealing laptops/disks etc

Sniffing, DOS attacks

User Network

User

Changing data e.g., adding a new user/password

User

Desktops

/Workstations/L

ANs

Social engineering: giving out password

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

4

Why study security?

Security threats: cost and other threats.

• Security violations are costly.

– Cyber crime

– Cyber espionage, Industrial espionage

– Cyberwar (e.g., stuxnet worm)

– Accidental damage (Petraeus emails)

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

5

Careers in Security.

• Application Security Engineer

• Software Engineers (with secure software development).

• ISOs (Information Security Officers)

• Administrators (system, database etc.)

• Good outlook for jobs/career: http://www.bls.gov/ooh/computer-and-informationtechnology/information-security-analysts-web-developers-andcomputer-network-architects.htm

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

6

• An overview of what it means to

“secure” a system.

Next:

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

7

Securing a computing infrastructure.

Suppose your boss asks you to secure a specific computing infrastructure.

To do this we need to ask (and answer) three questions.

– Secure what aspects ?

(define security)

– Secure against what threats ?

(threat assessment)

– Secure against whom ?

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

8

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

The word “secure” is abstract. We need to define it for each context.

• Examples:

– Alice and Bob want to communicate something private. We need to secure this communication. What exactly do we mean by this?

– A software company sends out an update to all its users over the Web. What does it mean to “secure” this update?

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

9

Defining security: goals that security must achieve.

• Depending on the specific infrastructure that must be secured, the common goals of security are:

– Confidentiality (if you can see it, you’re allowed to see it.)

– Availability (if you’re allowed to see it, you can)

– Integrity (“it” is really it.)

– Authentication (“you” are really you.)

– Non-repudiation (If you say it, you can’t un-say it.)

– Accountability (if something goes wrong – whose fault?)

Malicious, or non-malicious?

• Identifying security goals is the first step in securing systems. (Ask yourself: of all these goals, which are necessary for your situation?)

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

10

Confidentiality

• “ only authorized people have access to certain data ”

• Different views allowed, depending on role.

• Anonymity preserved.

• N.B. Determining identity is so important, it gets its own separate “authentification” category.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

11

Integrity

• if we say that we have preserved the integrity of an item, we may mean that the item is

– accurate

– unmodified

– modified only in acceptable ways

– modified only by authorized people

– modified only by authorized processes

– consistent

– internally consistent

– meaningful and usable

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

12

Availability

• We say a data item, service, or system is available if

– There is a timely response to our request.

– Resources are allocated fairly so that some requesters are not favored over others.

– The service or system involved follows a philosophy of fault tolerance, whereby hardware or software faults lead to graceful cessation of service or to work-arounds rather than to crashes and abrupt loss of information.

– The service or system can be used easily and in the way it was intended to be used.

– Concurrency is controlled; that is, simultaneous access, deadlock management, and exclusive access are supported as required.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

13

Next: threat assessment.

• Once you decide what goals need to be achieved, next step:

– Identify the threats.

– Why?

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

14

Some terminology:

Threats vs. Vulnerabilities vs. Exploits/Attacks

vulnerability is a weakness in the security system

threat to a computing system is a set of circumstances that has the potential to cause loss or harm

• Consider the picture

Threats : water can rise and overflow the wall.

Water can break the wall and drown the person.

Vulnerability : crack in the wall.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

15

Discuss.

• Consider bank security.

– What are some of the threats?

– What are some of the vulnerabilities?

– What are some possible attacks?

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

16

Bank security

• Threats:

– Bank robbery.

– Stealing account information/personal information online.

• Vulnerabilities:

– Insecure web-page.

– A bank-guard with proclivity to take frequent donut-breaks.

• Exploits/attacks:

– Something that takes advantage of the vulnerabilities to steal money/information.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

17

Threat categories

Figure 1-2 System Security Threats.

What goals (C., I., A.) does each category apply to?

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

18

Hardware, software and data vulnerabilities.

Vulnerabilities

Figure 1-4 Vulnerabilities of Computing Systems.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

19

Threat Assessment

• “ Keep your friends close, your enemies closer ”

– Sun Tzu

• To truly secure a system: we need to know who the enemy is. Specifically 1 ,

– Who are the attackers?

– Why will they attack the system?

– How will they attack it? What are the resources they have available to them.

• Threat assessment is hard: Need to realistically gauge threats with the probability of the threats being exploited.

• E.g., Will a car thief spend $1000 to break into a car and steal a

$200 radio?

1

• Do we care about denial-of-service for our radios?

• What about military radios?

1 Material derived from Joseph/Tygar/Vairani/Wagner

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

20

Part of Threat Assessment

• Do a security analysis 1.

– Which of the threats in threat model will violate the security goals? One formulation 1 :

“ The security goals and threat models define the game. The threat model defines the set of moves the adversary is allowed to make, and the design of the system defines how the defender will play the game. The security goals define the success condition: if the adversary violates any security goal, he [sic] wins: otherwise, the defender wins. The security analysis involves examining all moves and counter-moves to see who has a winning strategy ” .

• Security analysis requires a thorough knowledge of all countermeasures.

1 Material derived from Joseph/Tygar/Vairani/Wagner

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

21

Enemies/Attackers

• Who are they?

– Amateurs (Script kiddies)

– Crackers or Malicious hackers

– Career Criminals

– Industrial Spies

– Terrorists

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

22

Controls/countermeasures

• How to prevent vulnerabilities from being exploited?

• Security is holistic; needs three types of controls.

Ignoring one level can render the entire system insecure.

– Physical security -- against physical loss of data.

• Protection against stealing (e.g. VA data theft) and nature.

– Technological security

• { hardware, software, network, data } x { interception, interruption, modification, fabrication }

– Administrative Security – policies, procedures re behavior

Even if a system is secured against physical and technological threats, there can still be vulnerabilities.

• Ensure employees really do lock doors when leaving, etc.

• Social engineering; blackmail

• Rumours (undermine stock price, or customer confidence)

• Shaping popular opinion (GMOs, drone attacks, …)

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

23

Security is holistic:

Multiple controls

Figure 1-6 Multiple Controls.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

24

In Summary, studying security involves:

• Ability to analyze threats

– Usually requires knowledge of:

• Threats

• Vulnerabilities (that threats could exploit)

• Actual attacks (threats that exploit vulnerabilties).

• Ability to perform risk management

– Threats vs. cost of controlling them

• Ability to apply countermeasures

– Physical, technical and administrative.

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

25

What we will study in the class …

• This class is an introduction!

– Will cover all the aspects from the previous slide…without going into depth.

• Two security courses:

ITEC 445 (System security)

ITEC 455 (Network Security) look into some of the topics in greater depth.

– RU offers an Undergraduate Certificate in Information Security

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

26

Class Discussion

• Consider a program that allows a surgeon in one city to assist in an operation on a patient in another city via an Internet connection. Who might want to attack the program?

What types of harm might they want to cause? What kinds of vulnerabilities might they exploit to cause harm?

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

27

Next class:

• Linux/Windows OS

– Next class: intro to using Linux

• Please bring your laptops to class if you can!

ITEC 345 © Slide material is usually derived from Pfleeger & Plfeeger, except as noted.

Images © Pfleeger & Pfleeger.

Slides prepared by Prem Uppuluri, and modified by Ian Barland.

28

Download