G53SEC - PowerPoint PPT Presentation

About This Presentation
Title:

G53SEC

Description:

Centralised or Decentralised Controls. The Layer Below. G53SEC. 21. Focus of Control ... Centralised or Decentralised Controls. 4th Design Decision ... – PowerPoint PPT presentation

Number of Views:21
Avg rating:3.0/5.0
Slides: 30
Provided by: csNo
Category:

less

Transcript and Presenter's Notes

Title: G53SEC


1
G53SEC
Foundations of Computer Security
1
2
G53SEC
  • Overview of Todays Lecture
  • Definitions
  • Fundamental Dilemma
  • Data vs. Information
  • Principles of Computer Security
  • The Layer Below
  • Summary

2
3
G53SEC
  • Definitions
  • Security
  • Computer Security
  • Confidentiality
  • Integrity
  • Availability
  • Accountability
  • Nonrepudiation
  • Reliability

3
4
G53SEC
  • Security
  • Security is about the protection of assets
  • Knowledge of assets and their value is vital
  • Protection measures
  • Prevention sometimes the only feasible
    measure
  • Detection
  • Reaction

4
5
G53SEC
  • Computer Security
  • Traditional definition using the following
  • Confidentiality
  • Integrity
  • Availability
  • Debatable !
  • Priority ?
  • Incomplete list ?

5
6
G53SEC
  • Confidentiality (Privacy, Secrecy)
  • The prevention of unauthorised users reading
    sensitive information
  • Privacy protection of personal data
  • Secrecy protection of data of an organization
  • Hide documents content ?
  • Hide documents existence ? (Unlinkability and
    Anonymity)

6
7
G53SEC
Integrity Informally -Making sure everything is
as it is supposed to be. Formally -Integrity
deals with the prevention of unauthorised
writing. Data Integrity The state that exists
when computerised data is the same as that in the
source documents and has not been exposed to
accidental or malicious alteration or
destruction.
7
8
G53SEC
  • Availability
  • The property of being accessible and useable
    upon demand by an authorised entity.
  • We want to prevent denial of service
  • Denial of service
  • The prevention of authorised access to resources
    or the delaying of time-critical operations.

8
9
G53SEC
  • Accountability
  • Users should be held responsible for their
    actions
  • Thus system has to identify and authenticate
    users
  • Audit trail has to be kept
  • Audit information must be selectively kept and
    protected so that actions affecting security can
    be traced to the responsible party

9
10
G53SEC
  • Nonrepudiation
  • Nonrepudiation provide un-forgeable evidence
  • Evidence verifiable by a third party
  • Nonrepudiation of origin sender
    identification
  • delivery delivery confirmation
  • The concept of irrefutable evidence is alien to
    most legal systems !

10
11
G53SEC
  • Reliability
  • Reliability - (accidental) failures
  • Safety - impact of system failures on their
    environment
  • Security is an aspect of reliability and vice
    versa!
  • Dependability
  • The property of a computer system such that
    reliance can justifiably be placed in the service
    it delivers

11
12
G53SEC
  • Our Definition
  • Computer Security What?
  • Deals with the prevention and detection of
    unauthorised actions by users of a computer
    system
  • Computer Security Why?
  • Concerned with the measures we can take to deal
    with intentional actions by parties behaving in
    some unwelcome fashion

12
13
G53SEC
  • To Remember
  • No single definition of security exists
  • When dealing with security material, do not
    confuse your notion of security with that used
    in the material

13
14
G53SEC
The Fundamental Dilemma Security-unaware users
have specific security requirements but usually
no security expertise. Security evaluation -
evaluates the function of a security service and
its assurance of functionality The Orange Book
guideline for evaluating security products
(1985) ITSEC - separates functionality and
assurance - introduces Targets of Evaluation
14
15
G53SEC
  • The Fundamental Dilemma cont.
  • In contrast conflict between security and ease of
    use
  • Engineering trade-off
  • - Security mechanisms need increased
    computational resources
  • - Security interferes with working patterns of
    users
  • - Managing security is work thus better GUI
    wins

15
16
G53SEC
  • Data vs. Information
  • Security is about controlling access to
    information and resources
  • This can be difficult, thus controlling access
    to data is more viable
  • Data represents information
  • Information (subjective) interpretation of data
  • - Problem of inference

16
17
G53SEC
  • Principles of Computer Security
  • Computer security is NOT rocket science if
  • approached in a systematic, disciplined well
    planned manner, from the birth of a developed /
    designed system
  • However
  • if added as an afterthought to an existing
    complex system -gt TROUBLE!

17
18
G53SEC
Linux with Apache serving a website
18
19
G53SEC
Windows with IIS serving a website
19
20
G53SEC
  • Principles of Computer Security
  • Fundamental Design parameters
  • Focus of Control
  • The Man-Machine Scale
  • Complexity vs. Assurance
  • Centralised or Decentralised Controls
  • The Layer Below

20
21
G53SEC
  • Focus of Control
  • 1st Design Decision
  • In a given application, should the protection
    mechanisms in a computer system focus on
  • Data
  • Operations
  • Or users?

21
22
G53SEC
The Man-Machine Scale 2nd Design Decision In
which layer of the computer system should a
security mechanism be placed?
applications
applications
services
operating system
OS kernel
hardware
services
operating system
OS kernel
hardware
22
23
G53SEC
The Man-Machine Scale Combining previous two
design decisions
specific complex focus on users
generic simple focus on data
Man Oriented
Machine Oriented
Related to the distinction between data (machine
oriented) and information (man oriented)
23
24
G53SEC
Complexity vs. Assurance 3rd Design Decision Do
you prefer simplicity- and higher assurance- to a
feature-rich security environment? This decision
is linked to the fundamental dilemma! Feature-ric
h security systems and high assurance do not
match easily
24
25
G53SEC
Centralised or Decentralised Controls 4th Design
Decision Should the tasks of defining and
enforcing security be given to a central entity
or should they be left to individual components
in a system? Central entity could mean a
bottleneck Distributed solution more efficient
but harder to manage
25
26
G53SEC
The Layer Below Every protection mechanism
defines a security perimeter Security perimeter
parts of a system that can be used to disable
the protection mechanism 5th Design Decision How
can you prevent an attacker getting access to a
layer below the protection mechanism?
26
27
G53SEC
  • The Layer Below
  • To watch out for -
  • Recovery Tools
  • Unix Devices
  • Object Reuse (Release of Memory)
  • Buffer Overruns
  • Backup
  • Core Dumps

27
28
G53SEC
  • Summary
  • Definitions
  • Fundamental Dilemma
  • Data vs. Information
  • Principles of Computer Security
  • The Layer Below
  • Next Lecture
  • Identification and Authentication

28
29
G53SEC
End
29
Write a Comment
User Comments (0)
About PowerShow.com