Professional Documents
Culture Documents
Visión General
Visión General
Education, Inc.,
Hoboken, NJ. All rights
reserved.
Chapter 1
Overview
rity
ident
Data
Conf
and
services
© 2016
Pearson
Availability Education,
Inc., Hoboken,
NJ. All rights
Key Security Concepts
Confidentiality Integrity Availability
Computer
Security
Terminology
RFC 4949, Internet
Security Glossary,
May 2000
to
reduce
to to
risk threats
that
increase
Software
Data
• Threats
• Capable of exploiting vulnerabilities
• Represent potential security harm to an asset
Residual
vulnerabilities
may remain
Goal is to
May itself minimize
introduce new residual level of
vulnerabilities risk to the
assets
© 2016 Pearson Education, Inc.,
Hoboken, NJ. All rights reserved.
Threat Consequence Threat Action (Attack)
Unauthorized Exposure: Sensitive data are directly released to an
Disclosure unauthorized entity.
A circumstance or Interception: An unauthorized entity directly accesses
event whereby an sensitive data traveling between authorized sources and Table 1.2
entity gains access to destinations.
data for which the Inference: A threat action whereby an unauthorized entity
entity is not indirectly accesses sensitive data (but not necessarily the Threat
authorized. data contained in the communication) by reasoning from
characteristics or byproducts of communications. Consequences,
Intrusion: An unauthorized entity gains access to sensitive
data by circumventing a system's security protections. and the
Deception Masquerade: An unauthorized entity gains access to a
A circumstance or system or performs a malicious act by posing as an Types of
event that may result authorized entity.
in an authorized entity Falsification: False data deceive an authorized entity. Threat Actions
receiving false data Repudiation: An entity deceives another by falsely denying
and believing it to be responsibility for an act. That Cause
true.
Each
Disruption Incapacitation: Prevents or interrupts system operation by
A circumstance or disabling a system component. Consequence
event that interrupts Corruption: Undesirably alters system operation by
or prevents the correct adversely modifying system functions or data.
operation of system Obstruction: A threat action that interrupts delivery of
services and system services by hindering system operation.
Based on
functions.
Usurpation Misappropriation: An entity assumes unauthorized logical RFC 4949
A circumstance or or physical control of a system resource.
event that results in Misuse: Causes a system component to perform a function
control of system or service that is detrimental to system security.
services or functions
by an unauthorized
entity.
**Table is on page 20 in the textbook. © 2016 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
© 2016 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Table 1.3
Computer and Network Assets, with Examples of Threats
Availability Confidentiality Integrity
Equipment is stolen or
An unencrypted CD-
Hardware disabled, thus denying
ROM or DVD is stolen.
service.
A working program is
modified, either to
Programs are deleted, An unauthorized copy cause it to fail during
Software
denying access to users. of software is made. execution or to cause it
to do some unintended
task.
An unauthorized read
of data is performed. Existing files are
Files are deleted,
Data An analysis of modified or new files
denying access to users.
statistical data reveals are fabricated.
underlying data.
Messages are destroyed Messages are modified,
Communication or deleted. Messages are read. The delayed, reordered, or
Lines and Communication lines traffic pattern of duplicated. False
Networks or networks are messages is observed. messages are
rendered unavailable. fabricated.
Passive and Active
Attacks
Passive Attack Active Attack
• Attempts to learn or make
• Attempts to alter system
use of information from the
resources or affect their
system but does not affect
operation
system resources
• Involve some modification
• Eavesdropping on, or of the data stream or the
monitoring of, transmissions creation of a false stream
• Goal of attacker is to obtain • Four categories:
information that is being o Replay
transmitted o Masquerade
o Modification of messages
• Two types: o Denial of service
o Release of message contents
o Traffic analysis © 2016 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Table 1.4
Security
Requirements
(page 1 of 2)
Security
Requirements
(page 2 of 2)
Least
Separation of Least Psychological
common
privilege privilege acceptability
mechanism
Least
astonishment
© 2016 Pearson Education, Inc.,
Hoboken, NJ. All rights reserved.
Attack Surfaces
Consist of the reachable and exploitable
vulnerabilities in a system
Examples:
Code that
Open ports on processes An employee with
outward facing incoming data, access to sensitive
Services available
Web and other email, XML, office Interfaces, SQL, information
on the inside of a
servers, and code documents, and and Web forms vulnerable to a
firewall
listening on those industry-specific social engineering
ports custom data attack
exchange formats
Vulnerabilities created by
personnel or outsiders, such as
social engineering, human
error, and trusted insiders
Included in this category are
network protocol vulnerabilities,
such as those used for a denial- Particular focus is Web server
of-service attack, disruption of software
communications links, and
various forms of intruder attacks
Low Medium
Deep
Small Large
Attack Surface
Malicious software
Vulnerability exploit
installation
UT/U3a Smartcard analyzers UT/U2a Hidden code
CC2 Sniffing
User communication
UT/U4a Social engineering
with attacker
UT/U4b Web page
obfuscation
Redirection of
Injection of commands CC3 Active man-in-the communication toward
middle attacks fraudulent site
User credential guessing IBS1 Brute force attacks CC1 Pharming