Professional Documents
Culture Documents
Objectives
information security.
Describe the basic approaches to computer and information security. Describe various methods to implement access controls. Identify and explain methods used to verify the identity and authenticity of an individual. Describe some of the basic models of security used when implementing security in operating systems.
A hacker refers to an individual who attempts to gain unauthorized access to computer systems or networks.
Network Security
Network security refers to the protection of multiple computers and the devices that are connected.
want them.
Computer and network security is essential for individuals to function effectively and safely in today's highly
automated environment.
From its inception, the goal of computer security has been threefold:
Confidentiality
Integrity Availability
Confidentiality ensures that only authorized individuals are able to view information.
CIA Extensions
The increased use of networks for commerce requires two additional security goals for the CIA of security.
Authentication
Nonrepudiation
Operational Security
For many years, protection was equated with prevention. Regardless of how well people seem to do in prevention
Every security technique and technology falls into at least one of the three elements of the equation.
Security Principles
There are three ways an organization can address the protection of its networks:
Ignore security issues.
Provide host security. Approach security at a network level.
If an organization decides to ignore security, it chooses to use the minimal security provided with its workstations,
Host Security
Host security focuses on protecting each computer and device individually instead of addressing protection of the
network as a whole.
If an organization decides to implement only host security and does not include network security, there is a high
Host Security
Host Security
Network Security
Network security emphasizes controlling access to internal computers from external entities.
Least Privilege
Least privilege means that a subject should have only the necessary rights and privileges to perform its task with no
Least Privilege
Least privilege:
Protects its most sensitive resources.
Configuration Plan
Trust Relationships
When trust relationships are created, they should not be implemented in such a way that everyone trusts each other
relationship.
Another issue that falls under the least privilege concept is the security context in which an application runs.
Domain Trusts
All applications, scripts, and batch files run in the security context of a specific user on an operating system.
Layered Security
Layered security architecture employs several security methods to accomplish a compromise that consumes more
next.
The redundancy of different layers assures that there is no one single point of failure pertaining to security.
Security at each layer can be very complex, and grouping different layers can increase the complexity exponentially.
Layers closer to the resource deal with only a fraction of the traffic than the top-layer security mechanisms do.
Diversity of Defense
Diversity of Defense
types of attacks.
Use products from different vendors.
Trade-off
Trade-offs must be considered before implementing diversity of security using different vendor products.
Doing so usually increases operational complexity, and security
and complexity are seldom a good mix.
Security through obscurity uses the approach of protecting something by hiding it.
An organization can use security through obscurity measures to hide critical assets.
Keep It Simple
Troubleshooting
When something goes wrong with security mechanisms, a troubleshooting process is used to identify the actual issue.
Another application of the principle of keeping things simple concerns the number of services that can run on the
system.
Default installations of computer operating systems often leave many services running.
The general rule of thumb is to eliminate all nonessential services and protocols.
Access Control
Access Authentication
An ACL is a list that contains the subjects with access rights to a particular object.
The list identifies not only the subject but also the specific
access the subject has for the object. Types of access include read, write, and execute.
Mandatory access controls (MAC) is a means of restricting access to objects based on the sensitivity of the information
With MAC, the owner or the subject cannot determine whether access is to be granted to another subject.
The operating system decides whether access is to be granted
to another subject.
subject is entitled.
Authentication
Kerberos CHAP
Certificates
Tokens Multifactor Mutual authentication
Authentication
Authentication deals with verifying the identity of a subject. Access controls define what actions a user can perform or
Authentication Methods
Authentication Method
The most common authentication mechanism is to provide something that only the valid user should know.
The most frequently used example of this is the userid (or
username) and password.
Authentication Method
A second method of providing authentication is by using something that only valid users should have in their
possession.
In the same way that a key works with a lock, a similar method can be used to authenticate users for a computer
The Problem
If people lose their keys or cards, they cannot log on to the system.
Somebody who finds the key may then be able to access the
system.
The Solution
A combination of the something-you-know and somethingyou-have methods is often used so that the individual with
The third method of providing authentication involves something that is unique about users.
Kerberos
Tickets
Tickets are granted by the authentication server. It is an entity trusted by both the client and the server the
It eliminates the inherently insecure transmission of items such as a password that can be intercepted on the network.
Tickets are time-stamped, and cannot be reused.
CHAP
CHAP
CHAP provides authentication periodically through the use of a challenge/response system a three-way handshake.
The initial challenge (a randomly generated number) is sent to
the client. The client uses a one-way hashing function to calculate the response and then sends this back. The server compares the response with the response calculated by it. If it matches, the communication continues. If the two values do not match, the connection is terminated.
CHAP
This mechanism relies on a shared secret between the two entities so that the correct values can be calculated.
Certificates
Certificates are a method of establishing authenticity of specific objects such as an individual's public key or
downloaded software.
A digital certificate is an attachment to a message. It verifies that the message came from the entity it claims to
Multifactor
Multifactor is a term used to describe the use of more than one authentication mechanism at the same time.
network.
Mutual Authentication
Mutual authentication:
Describes a process in which each side of an electronic
Security Models
Security Models
The security model implements the security policy that has been chosen, and enforces the security characteristic that
Confidentiality Models
The Bell-LaPadula security model is also known as the *property (pronounced star property).
A subject may write to an object only if its security
classification was less than or equal to the objects security classification.
Integrity Models
In the Biba security model, instead of security classifications, integrity levels are used.
Biba Model
Integrity levels indicate the level of trust that can be placed in information at different levels while at the same
Low-Water-Mark Policy
This policy is the opposite of the *-property. It prevents subjects from writing to objects of a higher integrity level.
Low-Water-Mark Policy
The amount of trust placed in data formed from data at a specific integrity level cannot be higher than the level of
trust you have in the subject creating the new data object.
The level of trust you have in the subject can only be as high as the level of trust you had in the original data.
Low-Water-Mark Policy
The final rule in the Low-Water-Mark policy states that a subject can only execute a program if the programs
Another policy the Ring Policy addresses the reduction of trust issue by allowing any subject to read any object
The Biba security model implements a hybrid of the Ring and Low-Water-Mark policies.
The Clark-Wilson security model uses transactions as the basis to derive its rules.
The Clark-Wilson model defines only two levels of integrity,
constrained data items (CDI) and unconstrained data items (UDI). CDI data is subject to integrity controls while UDI data is not.
Data in this model cannot be modified directly by a user. It must be modified by the trusted transformation