Professional Documents
Culture Documents
What is security?
Security Architecture
Security Principles
Security Policy
Security Attacks / Threats
Methods of Defense
Security Services
Security Mechanisms
Definition:
◦ Security is the quality or state of
being secure that is to be free from
danger and
◦ to be protected from adversaries –
from those who would do harm,
intentionally or otherwise
Information Security:
◦ Information Security is the
protection of information and the
systems and hardware that use,
store, and transmit that information
By NSTISSC
Threat
◦ A threat may be an expressed or demonstrated
intent to harm an asset or cause it to become
unavailable.
◦ Example: Hostile acts that target an asset,
irrespective of the motive, human error.
◦ Impact of threats can cause web service or email
interruptions, loss or unintentional disclosure of
sensitive information,.
Vulnerabilities
◦ vulnerability is a flaw in the measures you take to
secure an asset. This is a broader interpretation of
the traditional definition, which considers only
flaws or weaknesses in systems or networks.
◦ Example :
if you do not run antivirus and antimalware software,
your laptop or mobile device is vulnerable to
infections.
User behaviors create opportunities for attackers and
are thus vulnerabilities
◦ Impact :
expose your organization's assets to harm
Exploits
◦ exploit is commonly used to describe a software
program that has been developed to attack an asset
by taking advantage of a vulnerability.
◦ Example : Virus, malware, trojan, rootkit
◦ Impact : able to control the asset, loss to
organization
Risk is a measure of the cost of a vulnerability
(taking into account probability of a
successful attack).
Risk analysis determines whether expenditure
Recovery
Tools: cryptography techniques,
proper planning
Prevention of unauthorized disclosure of
Confidentiality information
Internet or other
communications
facility
Observe pattern of messages
from Halim to Anita
Internet or other
communications
facility
Message from Alex that appears
to be from Halim
Internet or other
communications
facility
Capture message from Halim to
Anita; later replay
message to Anita
Internet or other
communications
facility
Alex modifies message from Halim
to Anita
Internet or other
communications
facility
Alex disrupts service provided
by server
Internet or other
communications
facility
Passive Attack Active Attack
◦ Very difficult to ◦ Quite difficult to
detect. Why? prevent active
◦ Feasible to prevent attacks. Why?
the success of these ◦ Instead, the goal
attacks. How? is to detect active
◦ Emphasis in dealing attacks and to
with passive attacks recover from any
is on prevention disruption or
rather than delays caused by
detection. them.
We can deal with harm that
occurs when a threat is realized
against a vulnerability in several
ways:
◦ Prevent it, by blocking the attack
or closing the vulnerability.
◦ Deter it, by making the attack
harder, but not impossible.
◦ Deflect it, by making another
target more attractive.
◦ Detect it, either as it happens or
some time after the fact.
◦ Recover from its effects.
Encryption
Software Controls - access
limitations in a data base, in
operating system protect each
user from other users
Hardware Controls –
smartcard
Policies - frequent changes
of passwords
Physical Controls
Program controls include:
◦ Internal program controls: part of the program
that enforce security restrictions, such as access
limitations in a database management program.
unauthorized disclosure
Data Integrity - assurance that data received
source of data.
Does not protect against duplication or
modification of data.
GSM, web servers
recorded delivery
n rm
c a tio en
nt i
he
Aut Data Integrity
Digital Signature
d ing
d Access Control
Pa
ffic
ms
Tra
Notar
izatio
nis
n
ha
Routing Control
ec
yM
rit
cu
Se
ific
ec
Sp
Encryption mechanisms = encryption or
cipher algorithms.
◦ Can provide data and traffic flow confidentiality.
Digital signature mechanisms
◦ signing procedure (private),
◦ verification procedure (public).
◦ Can provide non-repudiation, origin authentication
and data integrity services.
Both can be basis of some authentication
exchange mechanisms.
i o nal
ct
d Fun
r uste
T
Security label Security Audit Trail
very
o
R ec
Event Detection
ity
s
ur
sm
c
Se
ni
ha
ec
M
ity
cur
Se
e
iv
as
rv
Pe
Trusted functionality
◦ Any functionality providing or accessing security
mechanisms should be trustworthy.
◦ May involve combination of software and hardware.
Security labels
◦ Any resource (e.g. stored data, processing power,
communications bandwidth) may have security label
associated with it to indicate security sensitivity.
◦ Similarly labels may be associated with users. Labels
may need to be securely bound to transferred data.