Chapter 1: Introduction Components of computer security Threats - - PDF document

chapter 1 introduction
SMART_READER_LITE
LIVE PREVIEW

Chapter 1: Introduction Components of computer security Threats - - PDF document

Jan 29, 2024 294 likes •382 views

Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues April 1, 2004 ECS 235 Slide #1 Basic Components

slide-1
SLIDE 1

1

April 1, 2004 ECS 235 Slide #1

Chapter 1: Introduction

  • Components of computer security
  • Threats
  • Policies and mechanisms
  • The role of trust
  • Assurance
  • Operational Issues
  • Human Issues

April 1, 2004 ECS 235 Slide #2

Basic Components

  • Confidentiality

– Keeping data and resources hidden

  • Integrity

– Data integrity (integrity) – Origin integrity (authentication)

  • Availability

– Enabling access to data and resources

slide-2
SLIDE 2

2

April 1, 2004 ECS 235 Slide #3

Classes of Threats

  • Disclosure

– Snooping

  • Deception

– Modification, spoofing, repudiation of origin, denial of receipt

  • Disruption

– Modification

  • Usurpation

– Modification, spoofing, delay, denial of service

April 1, 2004 ECS 235 Slide #4

Policies and Mechanisms

  • Policy says what is, and is not, allowed

– This defines “security” for the site/system/etc.

  • Mechanisms enforce policies
  • Composition of policies

– If policies conflict, discrepancies may create security vulnerabilities

slide-3
SLIDE 3

3

April 1, 2004 ECS 235 Slide #5

Goals of Security

  • Prevention

– Prevent attackers from violating security policy

  • Detection

– Detect attackers’ violation of security policy

  • Recovery

– Stop attack, assess and repair damage – Continue to function correctly even if attack succeeds

April 1, 2004 ECS 235 Slide #6

Trust and Assumptions

  • Underlie all aspects of security
  • Policies

– Unambiguously partition system states – Correctly capture security requirements

  • Mechanisms

– Assumed to enforce policy – Support mechanisms work correctly

slide-4
SLIDE 4

4

April 1, 2004 ECS 235 Slide #7

Types of Mechanisms

secure precise broad set of reachable states set of secure states

April 1, 2004 ECS 235 Slide #8

Assurance

  • Specification

– Requirements analysis – Statement of desired functionality

  • Design

– How system will meet specification

  • Implementation

– Programs/systems that carry out design

slide-5
SLIDE 5

5

April 1, 2004 ECS 235 Slide #9

Operational Issues

  • Cost-Benefit Analysis

– Is it cheaper to prevent or recover?

  • Risk Analysis

– Should we protect something? – How much should we protect this thing?

  • Laws and Customs

– Are desired security measures illegal? – Will people do them?

April 1, 2004 ECS 235 Slide #10

Human Issues

  • Organizational Problems

– Power and responsibility – Financial benefits

  • People problems

– Outsiders and insiders – Social engineering

slide-6
SLIDE 6

6

April 1, 2004 ECS 235 Slide #11

Tying Together

Threats Policy Specification Design Implementation Operation

April 1, 2004 ECS 235 Slide #12

Chapter 13: Design Principles

  • Overview
  • Principles

– Least Privilege – Fail-Safe Defaults – Economy of Mechanism – Complete Mediation – Open Design – Separation of Privilege – Least Common Mechanism – Psychological Acceptability

slide-7
SLIDE 7

7

April 1, 2004 ECS 235 Slide #13

Overview

  • Simplicity

– Less to go wrong – Fewer possible inconsistencies – Easy to understand

  • Restriction

– Minimize access – Inhibit communication

April 1, 2004 ECS 235 Slide #14

Least Privilege

  • A subject should be given only those

privileges necessary to complete its task

– Function, not identity, controls – Rights added as needed, discarded after use – Minimal protection domain

slide-8
SLIDE 8

8

April 1, 2004 ECS 235 Slide #15

Fail-Safe Defaults

  • Default action is to deny access
  • If action fails, system as secure as when

action began