Is There a Security Problem in Computing? Information security / Mahmoud Obeidat 1 In This Chapter The risks involved in computing The goal of secure computing: confidentiality, integrity, availability The threats to security in computing: interception, interruption, modifications, fabrication Controls available to address these threats: encryption, programming controls, operating systems, network controls, administrative controls, laws and ethics Information security / Mahmoud Obeidat 2 What Does “Secure” Mean? Are you Secure? What makes you feel secure? Example: Banks Yesterday – learning from the past Today Protecting Valuables Protecting Money Vs. Protecting Information Size and Portability (large vs. small) Ability to Avoid Physical Contact (lots vs. little) Value of Asset (very high vs. variable) Information security / Mahmoud Obeidat 3 Developing an Understanding Examine the risk of security in computing Consider available countermeasures or controls Stimulate thought about uncovered vulnerabilities Identify areas where more work is needed Information security / Mahmoud Obeidat 4 Characteristics of Computer Intrusion Any computer system can be a target: Hardware, Software, Storage, Data, People/User Any system is most vulnerable at its weakest point. Principle of Easiest Penetration - An intruder must be expected to use any available means of penetration. Penetration may not necessarily be by the most obvious means, nor via the one we have the most defense against. Consider all the means of penetration Checked repeated times Don’t underestimate the attacker/think like an attacker Strengthening one thin might weaken another Information security / Mahmoud Obeidat 5 Attacks The components to attack: Hardware Software Data Vulnerability – a weakness in the security system that could be exploited to cause harm or loss. For instance, a particular system may be vulnerable to unauthorized data manipulation because the system does not verify a user's identity before allowing data access. Threat – a set of circumstances that has the potential to cause loss or harm. Wall holding back water Threat to get wet Vulnerability is a crack in the wall Information security / Mahmoud Obeidat 6 in Figure 1-1. Here, a wall is holding water back. The water to the left of the wall is a threat to the man on the right of the wall: The water could rise, overflowing onto the man, or it could stay beneath the height of the wall, causing the wall to collapse. So the threat of harm is the potential for the man to get wet, get hurt, or be drowned. For now, the wall is intact, so the threat to the man is unrealized. However, we can see a small crack in the walla vulnerability that threatens the man's security. If the water rises to or beyond the level of the crack, it will exploit the vulnerability and harm the man. Information security / Mahmoud Obeidat 7 Attack – human who exploits a vulnerability Control – a protective measure against an attack a control is an action, device, procedure, or technique that removes or reduces a vulnerability A threat is blocked by control of vulnerability Type of System Security Threats in computing Interception Interruption Modification Fabrication Information security / Mahmoud Obeidat 8 interception : some unauthorized party has gained access to an asset. The outside party can be a person, a program, or a computing system. Examples of this type of failure are illicit copying of program or data files, or wiretapping to obtain data in a network. Interruption : an asset of the system becomes lost, unavailable, or unusable. An example is malicious destruction of a hardware device, erasure of a program or data file. Modification: unauthorized party tampers with an asset. For example, someone might change the values in a database, alter a program so that it performs an additional computation, or modify data being transmitted electronically. fabrication : The intruder may insert spurious transactions to a network communication system or add records to an existing database. Information security / Mahmoud Obeidat 9 Figure 1-2. System Security Threats. Information security / Mahmoud Obeidat 10 Method, Opportunity & Motive Attacker must have three things: Method – the skill, knowledge and tool Opportunity – the time and access Motive – a reason to want to perform an attack Information security / Mahmoud Obeidat 11 Security Goals Secure is: Confidentiality (Secrecy or Privacy)- assets accessed only by authorized parties Not only reading but viewing, printing or knowing about the asset Integrity – assets modified only by authorized parties Includes writing, changing, changing the status, deleting or creating Availability – assets are accessible to authorized parties at appropriate times. Denial of Service Information security / Mahmoud Obeidat 12 Figure 1-3. Relationship Between Confidentiality, Integrity, and Availability. Information security / Mahmoud Obeidat 13 Availability Availability applies both to data and to services A data item, service, or system is available if 1. There is a timely response to our request. 2. Resources are allocated fairly so that some requesters are not favored over others. 3. The service or system involved follows a philosophy of fault tolerance. 4. The service or system can be used easily and in the way it was intended to be used. 5. Concurrency is controlled. Information security / Mahmoud Obeidat 14 Vulnerabilities Hardware It is very visible Easy to attack adding devices, changing them, removing them, intercepting the traffic to them Water, burned, frozen, gassed and electrocuted, dust, time, environment Voluntary Machine Slaughter or Machinicide Machines have been shot with guns, stabbed with knives, and smashed with all kinds of things. Bombs, fires, and collisions have destroyed computer rooms Information security / Mahmoud Obeidat 15 Software Software Deletion Software Modification (cause it to fail or cause it to perform an unintended task) Software Theft Software replaced Software destroyed the attacks are obvious, as when the software no longer runs. More subtle are attacks in which the software has been altered but seems to run normally. Information security / Mahmoud Obeidat 16 Figure 1-4. Vulnerabilities of Computing Systems. Information security / Mahmoud Obeidat 17 Malicious Modification of Software Logic Bomb: a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. Trojan Horse: a program that overtly does one thing while covertly doing another Virus Trapdoor : a program that has a secret entry point Information leaks : code that makes information accessible to unauthorized people or programs Information security / Mahmoud Obeidat 18 Data Vulnerabilities Effects everyone Data is more than just an electronic file Principle of Adequate Protection – Computer items must be protected only until they lose their value. Data Confidentiality Data can be gathered by many means, such as tapping wires, planting bugs in output devices, sifting through trash receptacles, monitoring electromagnetic radiation, bribing key employees, inferring one data point from other values, or simply requesting the data. Data Integrity Printed data, however, can be readily interpreted by the general public. Because of its visible nature, a data attack is a more widespread and serious problem than either a hardware or software attack. Thus, data items have greater public value than hardware and software because more people know how to use or interpret data. Information security / Mahmoud Obeidat 19 Other Exposed Assets Networks very exposed storage medium or access from distant and potentially untrustworthy computing systems. Access steal computer time to do general-purpose computing, destroys software or data and deny service to a legitimate user Key People People can be crucial weak points in security. If only one person knows how to use or maintain a particular program, trouble can arise if that person is ill, suffers an accident, or leaves the organization . In particular, a disgruntled employee can cause serious damage by using inside knowledge of the system and the data that are manipulated. Information security / Mahmoud Obeidat 20 Information security / Mahmoud Obeidat Figure 1-5. Security of Data. 21 Computer Criminals Amateurs Crackers or Hackers Career Criminal Terrorists Information security / Mahmoud Obeidat 22 The security community distinguishes between a "hacker," someone who programs, manages, or uses computing systems, and a "cracker," someone who attempts to access computing systems for malicious purposes. Crackers are the "evildoers." Now, hacker has come to be used outside security to mean both benign and malicious users. Information security / Mahmoud Obeidat 23 Terrorists terrorists using computers in three ways: 1. targets of attack: denial-of-service attacks and web site defacements are popular for any political organization because they attract attention to the cause and bring undesired negative attention to the target of the attack. 2. propaganda vehicles: web sites, web logs, and e-mail lists are effective, fast, and inexpensive ways to get a message to many people. 3. methods of attack: to launch offensive attacks requires use of computers Information security / Mahmoud Obeidat 24 Methods of Defense Harm occurs when a threat is realized against a vulnerability Risk – the possibility of harm Dealing with Harm prevent it, by blocking the attack or closing the vulnerability deter it, by making the attack harder but not impossible deflect it, by making another target more attractive (or this one less so) detect it, either as it happens or some time after the fact recover from its effects Information security / Mahmoud Obeidat 25 Controls Control – attempt to prevent the exploitation of a vulnerability Computer Security has lots of controls Simple or Difficulty Inexpensive or Expensive Type of Control Encryption – formal name for the scrambling process deals with confidentially and integrity Does not solve computer security problems. Cleartext Ciphertext Protocols Information security / Mahmoud Obeidat 26 Software Controls Programs must be secure to prevent attacks Program Controls: Internal Program Controls Operating System and Network System Controls Independent Control Programs (virus checker) Development Controls (quality standards in construction) Software controls effect the user Hardware Controls Smart cards, locks, devices to ID users, firewalls, intrusion detection systems, circuitry control Policies and Procedures Policies – an agreement of way things are done Must be written and training provided Physical Controls – locks/security officer/backups Information security / Mahmoud Obeidat 27 Effectiveness of Controls Controls must be properly used! Awareness of Problem Likelihood of Use Principles of Effectiveness - Control must be usedand used properly- to be effective. They must be efficient, easy to use, and appropriate. Overlapping Controls (good) Periodic Review – controls are not permanent Principle of Weakest Link – Security can be no stronger than its weakest link. Information security / Mahmoud Obeidat 28 Conclusion The risks involved in computing The goal of secure computing: confidentiality, integrity, availability The threats to security in computing: interception, interruption, modifications, fabrication Controls available to address these threats: encryption, programming controls, operating systems, network controls, administrative controls, laws and ethics Information security / Mahmoud Obeidat 29