A Comprehensive Model for Information Systems Security

About This Presentation

Title:

Description:

Number of Views:63

Avg rating:3.0/5.0

Slides: 14

Provided by: edwa74

Category:

more less

Transcript and Presenter's Notes

Title: A Comprehensive Model for Information Systems Security

1
A Comprehensive Model forInformation Systems
Security

Information Systems Security A Comprehensive
Model by John R. McCumber, Proceedings of the
14th National Computer Security Conference, 1991
Slides courtesy of the Center for Information and
Computer Security, University of North Texas

2
Motivation

Need a common language/terminology in order to
communicate effectively
People work better when given a concrete
framework in which to place abstract ideas

3
States of Information

4
Characteristics of Information

Information should satisfy the three main goals
of computer security
Confidentiality
Integrity
Availability
Because security and utility often conflict, the
science of information systems security is also a
study in subtle compromises.

5
Security Measures / Controls

Three main kinds of controls
Technology
Policy and Practices
Education, Training, and Awareness
These build on one another
Technology must reflect policy, but policy
can still exist when no technological solution
Policy disseminated through training, but
can have awareness of principles even when no
specific policy

6
The Model
7
Using the Model A Developer

Starts with an idea of how a system will deal
with information
Identify where information is in each state
Establish what information characteristics mean
in this application
Consider technical, policy, and
education/training measures to enforce
characteristics in each state
Note that technical isnt always possible,
nor is policy but these can build on each other

8
Example An E-mail System

Password information states
Processing Does it need to be kept?
In the server Only briefly clear
buffers!
In the client maybe longer (to keep from
having to reenter it). Consider obfuscating or
locking memory pages.
Storage Does password need to be stored?
In the server Some form must be checked.
Store plaintext? Encrypted? Hashed? Separate
authentication server?
In the client Store for later use? Is
this a single-user machine? Any vulnerabilities?
Could password be used elsewhere for something
more sensitive?
Transmission
Whats visible on the network? Plaintext?
Challenge-response protocol? Inside encrypted
tunnel (SSL/TLS)?

9
Example Client Server DB System

10
Client Server DB System

Security Measures (consider Technology)
(Storage, Availability) DB is mirrored
(Storage, Integrity) Authorized users
perform updates (SQL Grant), changes are correct
(SQL assertions, Domains), backup and recovery
capability
(Storage, Confidentiality) Access control
mechanisms are provided, queries are limited to
prevent disclosure or inference

11
Using the Model An Auditor

An auditor/evaluator ensures that policy is
properly followed and enforced
Model allows information characteristics and
information states to be evaluated separately
from specific technology
Then appropriateness of technology and
policy can be evaluated

12
Using the Model A Manager

Managers must set policy
Its of particular importance that
corporate and government regulations not be bound
by technology.
Policy can be guided by other dimensions,
independent of technology.

13
Conclusions

A clear model helps
Give a common terminology for communication
Give a concrete form to abstract ideas
Form a framework for designing-in security
Using a common model across differing roles
(developer, manager, auditor) enables a
consistent and uniform approach to information
security

Write a Comment

User Comments (0)