Add to collection(s) Add to saved
  1. No category
Uploaded by meho3

CCS1 23

advertisement 
CCS1_23
Info
• Contacts
– Mail eliska.ochodkova@vsb.cz
– Web www.cs.vsb.cz/ochodkova
– Office EA439
– Phone +420 597 325 964
• Classes: Wednesdays 7:15 – 9:30 CET
• Methods of assessment
– Credit – 4 assignments graded by 11,11,11,12 points, min 25 ‐
max 45 points
– Examination ‐ written exam: min 20 ‐ max 55 points
2021/23
CCS, 1. lecture
2
References
• Chapter 1, Stallings, W.: Cryptography and
Network Security
2021/23
CCS, 1. lecture
3
Why computer security?
• Information is a strategic resource
• Spread of IT requires automated/technical,
physical & administrative means
• Concerned both
– with information stored and processed within a
computer
– transferred between computers
• Need to define requirements for security and
identify how to meet them
2021/23
CCS, 1. lecture
4
Computer security
• Security is a state of well‐being of information and
infrastructures in which the possibility of successful yet
undetected theft, tampering, and disruption of information
and services is kept low or tolerable.
• Computer security is the protection of the items you value,
called the assets of a computer system. Main types of assets
are:
– hardware,
– software,
– data.
2021/23
CCS, 1. lecture
5
Security Services (functions)
•
•
•
•
confidentiality ‐ protect info content/access
authentication ‐ protect info origin (sender)
integrity ‐ protect info accuracy
nonrepudiation ‐ protect from deniability, protection against
denial by one of the parties in a communication
• authorization ‐ ensure identity of users
• availability ‐ ensure info delivery
• access control ‐ control access to info/resources
2021/23
CCS, 1. lecture
6
Security Services
• Confidentiality is the concealment of information or
resources.
– E.g., only sender, intended receiver should
“understand” message contents
• Authenticity is the identification and assurance of the origin
of information.
• Integrity refers to the trustworthiness of data or resources in
terms of preventing improper and unauthorized changes.
• Availability refers to the ability to use the information or
resource desired.
2021/23
CCS, 1. lecture
7
Security Policy
• Security policy: a statement of what is, and is not allowed.
– What is being protected? What activities or events
should be prevented / protected?
• Security policy is usually stated in terms of:
– principals (actors, participants, or the best term is
roles)
– defining permissible (or impermissible) actions
– on classes of objects
– E.g.
• „Each registered voter may vote at most once“
• „Only an administrator may modify this file“
• …
2021/23
CCS, 1. lecture
8
Security Mechanisms
• Security mechanism: a procedure, tool, or method of
enforcing a policy.
• Security mechanisms implement functions that help prevent,
detect, and respond and recovery from security attacks.
• Security services are typically made available to users through
APIs or integrated interfaces.
• Cryptography underlies many security mechanisms.
2021/23
CCS, 1. lecture
9
Security Mechanisms
•
•
•
•
•
•
Personnel
– Access Tokens, Biometrics
Physical
– Integrated Access control
Managerial
– Security Education
Data Networking
– Encryption, Config control
SW & OS
– Testing, Evaluation, Certification
HW
– TCB (trusted computing base), Tamper‐proof, Encryption
2021/23
CCS, 1. lecture
10
Security Meachanisms (X.800)
• Pervasive security
mechanisms:
• Specific security
mechanisms:
– Trusted
functionality
– Security labels
– Event detection
– Security audit trails
– Security recovery
– Encipherment
– Digital signatures
– Access controls
– Data integrity
– Authentication exchange
– Traffic padding
•
– Routing control
•
– Notarization
2021/23
CCS, 1. lecture
ITU‐T X.800 Security
Architecture for OSI
Defines a systematic way of
defining and providing security
requirements
11
Participants of communication process
• Alice and Bob are the good guys (Ron Rivest,
1978)
• Trudy is the bad guy, generic intruder
(attacker), also Eve, Oscar, Mallory etc.
• http://en.wikipedia.org/wiki/Alice_and_Bob
2021/23
CCS, 1. lecture
12
Alice’s Online Bank
• Alice opens Alice’s Online Bank (AOB)
• What are Alice’s security concerns?
• If Bob is a customer of AOB, what are his
security concerns?
• How are Alice’s and Bob’s concerns similar?
How are they different?
• How does Trudy view the situation?
•
Beginning of slides from http://www.cs.sjsu.edu/~stamp/
2021/23
CCS, 1. lecture
13
CIA
• CIA == Confidentiality, Integrity, and
Availability
• AOB must prevent Trudy from learning Bob’s
account balance
• Confidentiality: prevent unauthorized reading
of information
– Cryptography used for confidentiality
2021/23
CCS, 1. lecture
14
CIA
• Trudy must not be able to change Bob’s
account balance
• Bob must not be able to improperly change
his own account balance
• Integrity: detect unauthorized writing of
information
– Cryptography used for integrity
2021/23
CCS, 1. lecture
15
CIA
• AOB’s information must be available whenever it’s
needed
• Alice must be able to make transaction
– If not, she’ll take her business elsewhere
• Availability: Data is available in a timely manner
when needed
• Availability is a “new” security concern
– Denial of service (DoS) attacks
2021/23
CCS, 1. lecture
16
Beyond CIA: Crypto
• How does Bob’s computer know that “Bob” is
really Bob and not Trudy?
• Bob’s password must be verified
– This requires some clever cryptography
• What are security concerns of passwords?
– the worst passwords of 2016
– http://www.mirror.co.uk/tech/worst‐passwords‐2016‐revealed‐123456‐
9644740
• Are there alternatives to passwords?
2021/23
CCS, 1. lecture
17
Beyond CIA: Protocols
• When Bob logs into AOB, how does AOB know that
“Bob” is really Bob?
• As before, Bob’s password is verified
• Unlike the previous case, network security issues
arise
• How do we secure network transactions?
– Protocols are critically important
– Crypto plays critical role in protocols
2021/23
CCS, 1. lecture
18
Beyond CIA: Access Control
• Once Bob is authenticated by AOB, then AOB must
restrict actions of Bob
– Bob can’t view Charlie’s account info
– Bob can’t install new software, etc.
• Enforcing these restrictions: authorization
• Access control includes both authentication and
authorization
2021/23
CCS, 1. lecture
19
Beyond CIA: Software
• Cryptography, protocols, and access control are
implemented in software
– Software is foundation on which security rests
• What are security issues of software?
– Real world software is complex and buggy
– Software flaws lead to security flaws
– How does Trudy attack software?
– How to reduce flaws in software development?
– And what about malware?
2021/23
CCS, 1. lecture
20
AAA
• AAA ‐ authentication, authorization and accounting.
• E.g. RADIUS protocol, RFC 2865
http://tools.ietf.org/html/rfc2865
– authentication, authorization and accounting
refers to a security architecture for distributed
systems, which enables control over which users
are allowed access to which services, and how
much of the resources they have used.
2021/23
CCS, 1. lecture
21
The People Problem
• People often break security
– Both intentionally and unintentionally
– Here, we consider the unintentional
• For example, suppose you want to buy
something online
– To make it concrete, suppose you want to buy
Information Security: Principles and Practice, 2nd
edition from amazon.com
2021/23
CCS, 1. lecture
22
The People Problem
• To buy from amazon.com…
– Your Web browser uses SSL protocol
– SSL relies on cryptography
– Access control issues arise
– All security mechanisms are in software
• Suppose all of this security stuff works
perfectly
– Then you would be safe, right?
2021/23
CCS, 1. lecture
23
The People Problem
• What could go wrong?
• Trudy tries man‐in‐the‐middle attack (later)
– SSL is secure, so attack doesn’t “work”
– But, Web browser issues a warning
– What do you, the user, do?
• If user ignores warning, attack works!
– None of the security mechanisms failed
– But user unintentionally broke security
– End of slides from http://www.cs.sjsu.edu/~stamp/
2021/23
CCS, 1. lecture
24
Security Threats
• Vulnerability is a weakness in the security system, for
example, in procedures, design, or implementation, that
might be exploited to cause loss or harm.
• Threat is a possible danger that might exploit a vulnerability.
– Flaws in design, implementation, and operation.
Vulnerablity
(crack in the wall )
Threat
2021/23
CCS, 1. lecture
25
Attacks
• A computer‐based system has three separate but valuable
components: hardware, software, and data.
• An attack is any action that violates security.
– Active adversary
• An attack has an implicit concept of “intent”
– Router mis‐configuration or server crash can also
cause loss of availability, but they are not attacks
• A passive attack attempts to learn or make use of information
from the system but does not affect system resources. An
active attack attempts to alter system resources or affect
their operation.
2021/23
CCS, 1. lecture
26
Attacks
(1)
– Normal information flow:
A
B
- Interruption - an asset of the system becomes lost,
unavailable, or unusable, attack on availability (e.g.
malicious destruction of a hardware device, erasure of a
program or data file, or malfunction of an operating
system file manager so that it cannot find a particular
disk file).
A
2021/23
B
CCS, 1. lecture
27
Attacks
(2)
– Interception ‐ some unauthorized party has gained access
to an asset, attack on confidentiality (e.g. illicit copying of
program or data files, or wiretapping to obtain data in a
network)
A
B
E
2021/23
CCS, 1. lecture
28
Attacks
(3)
‐ Modification ‐ unauthorized party not only accesses but
tampers with an asset, attack on integrity (e.g. change the
values in a database, alter a program so that it performs an
additional computation, or modify data being transmitted
electronically)
B
A
E
2021/23
CCS, 1. lecture
29
Attacks
(4)
– Fabrication ‐ unauthorized assumption of other’s
identity, generate and distribute objects under this
identity, attack on authentication (insert spurious
transactions to a network communication system or
add records to an existing database)
B
A
E
2021/23
CCS, 1. lecture
30
Methods of defence
• How can we defend against a threat?
–
–
–
–
Prevent it: prevent the attack
Deter it: make the attack harder or more expensive
Defect it: make yourself less attractive to attacker
Detect it: notice that attack is occurring (or has
occurred)
– Recover from it: mitigate the effects of the attack
• Often, we'll want to do many things to defend
against the same threat „Defence in depth"
2021/23
CCS, 1. lecture
31
Example of defence
• Threat: your car may get stolen
• How to defend?
– Prevent: Immobilizer? Is it possible to absolutely
prevent?
– Deter: Store your car in a secure parking facility
– Deflect: have sticker mentioning car alarm, keep
valuables out of sight
– Detect: Car alarms, …
– Recover: Insurance
2021/23
CCS, 1. lecture
32
Defence of computer systems
• Remember we may want to protect any of our assets
– Hardware, software, data
• Many ways to do this; for example:
• Cryptography
–
–
–
–
–
Protecting data by making it unreadable to an attacker
Authenticating users with digital signatures
Authenticating transactions with cryptographic protocols
Ensuring the integrity of stored data
Aid customers' privacy by having their personal
information automatically become unreadable after a
certain length of time
2021/23
CCS, 1. lecture
33
Defence of computer systems
• Software controls
– Passwords and other forms of access control
– Operating systems separate users' actions from
each other
– Virus scanners watch for some kinds of malware
– Development controls enforce quality measures
on the original source code
– Personal firewalls that run on your desktop
2021/23
CCS, 1. lecture
34
Defence of computer systems
• Hardware controls
– Not usually protection of the hardware itself, but
rather using separate hardware to protect the
system as a whole
– Fingerprint readers
– Smart tokens
– Firewalls
– Intrusion detection systems
2021/23
CCS, 1. lecture
35
Defence of computer systems
• Physical controls
– Protection of the hardware itself, as well as
physical access to the console, storage media, etc.
– Locks
– Guards
– Off‐site backups
– Don't put your data centre on a fault line in
California
– Don't put your nuclear power plant in a tsunami
zone
2021/23
CCS, 1. lecture
36
Defence of computer systems
• Policies and procedures
– Non‐technical means can be used to protect
against some classes of attack
– If an employee connects his own Wi‐Fi access
point to the internal company network, that can
accidentally open the network to outside attack
• So don't allow the employee to do that!
– Rules about changing passwords
– Training in best security practices
2021/23
CCS, 1. lecture
37
Related documents
Research Methodology Course Announcement
Research Methodology Course Announcement
Gender Approach in Education Research Certificate
Gender Approach in Education Research Certificate
Khartoum Health System Functionality Assessment 2021
Khartoum Health System Functionality Assessment 2021
Natural vs Man-Made Materials Handout
Natural vs Man-Made Materials Handout
Marketing Defined: Concepts & Strategies
Marketing Defined: Concepts & Strategies
Physics Group Assignment: Asteroid Collision
Physics Group Assignment: Asteroid Collision
Lesson Plan: Figurative Language & Word Alignment
Lesson Plan: Figurative Language & Word Alignment
Download
advertisement