1 / 29

G53SEC

G53SEC. Foundations of Computer Security. 1. G53SEC. Overview of Today’s Lecture: Definitions Fundamental Dilemma Data vs. Information Principles of Computer Security The Layer Below Summary. 2. G53SEC. Definitions : Security Computer Security Confidentiality

janhebert
Télécharger la présentation

G53SEC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. G53SEC Foundations of Computer Security 1

  2. G53SEC • Overview of Today’s Lecture: • Definitions • Fundamental Dilemma • Data vs. Information • Principles of Computer Security • The Layer Below • Summary 2

  3. G53SEC • Definitions: • Security • Computer Security • Confidentiality • Integrity • Availability • Accountability • Nonrepudiation • Reliability 3

  4. G53SEC • Security: • Security is about the protection of assets • Knowledge of assets and their value is vital • Protection measures: • Prevention – sometimes the only feasible measure • Detection • Reaction 4

  5. G53SEC • Computer Security: • Traditional definition using the following: • Confidentiality • Integrity • Availability • Debatable ! • Priority ? • Incomplete list ? 5

  6. G53SEC • Confidentiality (Privacy, Secrecy): • The prevention of unauthorised users reading sensitive information • Privacy – protection of personal data • Secrecy – protection of data of an organization • Hide document’s content ? • Hide document’s existence ? (Unlinkability and Anonymity) 6

  7. G53SEC • Integrity • Informally • -Making sure everything is as it is supposed to be. • Formally • -Integrity deals with the prevention of unauthorised writing. • Data Integrity • “The state that exists when computerised data is the same as that in the source documents and has not been exposed to accidental or malicious alteration or destruction.” 7

  8. G53SEC • Availability • “The property of being accessible and useable upon demand by an authorised entity.” • We want to prevent denial of service • Denial of service • “The prevention of authorised access to resources or the delaying of time-critical operations.” 8

  9. G53SEC • Accountability • Users should be held responsible for their actions • Thus system has to identify and authenticate users • Audit trail has to be kept • “Audit information must be selectively kept and protected so that actions affecting security can be traced to the responsible party” 9

  10. G53SEC • Nonrepudiation • Nonrepudiation provide un-forgeable evidence • Evidence verifiable by a third party • Nonrepudiation of origin – sender identification • delivery – delivery confirmation • The concept of irrefutable evidence is alien to most legal systems ! 10

  11. G53SEC • Reliability • Reliability - (accidental) failures • Safety - impact of system failures on their environment • Security is an aspect of reliability and vice versa! • Dependability • “The property of a computer system such that reliance can justifiably be placed in the service it delivers” 11

  12. G53SEC • Our Definition • Computer Security – What? • “Deals with the prevention and detection of unauthorised actions by users of a computer system” • Computer Security – Why? • “Concerned with the measures we can take to deal with intentional actions by parties behaving in some unwelcome fashion” 12

  13. G53SEC • To Remember • No single definition of security exists • When dealing with security material, do not confuse your notion of security with that used in the material 13

  14. G53SEC • The Fundamental Dilemma • “Security-unaware users have specific security • requirements but usually no security expertise.” • Security evaluation - evaluates the function of a security service and its assurance of functionality • The Orange Book – guideline for evaluating security products (1985) • ITSEC- separates functionality and assurance • - introduces Targets of Evaluation 14

  15. G53SEC • The Fundamental Dilemma cont. • In contrast conflict between security and ease of use: • Engineering trade-off: • - Security mechanisms need increased computational resources • - Security interferes with working patterns of users • - Managing security is work – thus better GUI wins 15

  16. G53SEC • Data vs. Information • Security is about controlling access to information and resources • This can be difficult, thus controlling access to data is more viable Data – represents information Information – (subjective) interpretation of data - Problem of inference 16

  17. G53SEC • Principles of Computer Security • Computer security is NOT rocket science if: • approached in a systematic, disciplined & well planned manner, from the birth of a developed / designed system • However: • if added as an afterthought to an existing complex system -> TROUBLE! 17

  18. G53SEC Linux with Apache – serving a website 18

  19. G53SEC Windows with IIS– serving a website 19

  20. G53SEC • Principles of Computer Security • Fundamental Design parameters: • Focus of Control • The Man-Machine Scale • Complexity vs. Assurance • Centralised or Decentralised Controls • The Layer Below 20

  21. G53SEC • Focus of Control • 1st Design Decision • In a given application, should the protection mechanisms in a computer system focus on: • Data • Operations • Or users? 21

  22. G53SEC • The Man-Machine Scale • 2nd Design Decision • In which layer of the computer system should a security mechanism be placed? applications services operating system OS kernel hardware 22

  23. G53SEC • The Man-Machine Scale • Combining previous two design decisions: specific complex focus on users generic simple focus on data Man Oriented Machine Oriented Related to the distinction between data (machine oriented) and information (man oriented) 23

  24. G53SEC • Complexity vs. Assurance • 3rd Design Decision • Do you prefer simplicity- and higher assurance- to a feature-rich security environment? • This decision is linked to the fundamental dilemma! • Feature-rich security systems and high assurance do not match easily 24

  25. G53SEC • Centralised or Decentralised Controls • 4th Design Decision • Should the tasks of defining and enforcing security be given to a central entity or should they be left to individual components in a system? • Central entity – could mean a bottleneck • Distributed solution – more efficient but harder to manage 25

  26. G53SEC • The Layer Below • Every protection mechanism defines a security perimeter • Security perimeter – parts of a system that can be used to disable the protection mechanism • 5th Design Decision • How can you prevent an attacker getting access to a layer below the protection mechanism? 26

  27. G53SEC • The Layer Below • To watch out for - • Recovery Tools • Unix Devices • Object Reuse (Release of Memory) • Buffer Overruns • Backup • Core Dumps 27

  28. G53SEC • Summary • Definitions • Fundamental Dilemma • Data vs. Information • Principles of Computer Security • The Layer Below • Next Lecture • Identification and Authentication 28

  29. G53SEC End 29

More Related