security engineering
play

Security Engineering Chester Rebeiro IIT Madras Examples motivated - PowerPoint PPT Presentation

Nov 25, 2023 •262 likes •594 views

Security Engineering Chester Rebeiro IIT Madras Examples motivated from Prof. Nickolai Zeldovich lectures; part of MIT Opencourse Work Security Engineering : What is it About? Building systems that work even with adversaries 2 What does it

  1. Security Engineering Chester Rebeiro IIT Madras Examples motivated from Prof. Nickolai Zeldovich lectures; part of MIT Opencourse Work

  2. Security Engineering : What is it About? Building systems that work even with adversaries 2

  3. What does it involve? • Threat assumptions • Security goals • Security policy • Security Mechanism 3

  4. Threat Assumptions • Assumptions about the attacker – Is the attacker all powerful? (Theoretical; very difficult to achieve in practice) – What can the attacker do? (guess keywords; sniff keystrokes; co-resides on the same machine) – Is hardware untrusted? (Snowden revelations; hardware trojans; may need more assurance about the hardware) – Insider attackers (knowledge of the entire system architecture, security policies leaked) 4

  5. Security Goals Any security system must address the following goals • Confidentiality keep data secret except to authorized users • Integrity – prevent unauthorized users from making modifications – Prevent authorized users from making improper modifications • Availability of data to unauthorized users – Handle Denial of Service, loss due to natural disasters, equipment failure eg. Facebook 5

  6. What does it involve? • Security goals • Security policy • Security Mechanism • Threat assumptions 6

  7. Security Policy • Document that outlines the rules, laws, and practices so that security goals are achieved. • High level statements generally signed by the company’s CEO – Does not go into the technical details of how security goals are achieved 7

  8. Security Policy for an IT Laboratory • For a Lab security • This is taken from https://www.sans.org/security-resources/policies/server-security/pdf/lab-security-policy Note the high level language, succent statements, and no details about • how the the policy is implemented 8

  9. 9

  10. 10

  11. 11

  12. 12

  13. What does it involve? • Threat assumptions • Security goals • Security policy • Security Mechanism Implementation aspects for the policy. (involves code, crypto, protocols, standards, …) 13

  14. What’s the Big Deal about Security Engineering? • A security system should – Allow authorized users access to a resource – Disallow all other users access to the resource (in spite of users having supreme power, access to source code, etc.) (weakest link matters) eg. Moodle Assignment submissions should be accessible to all TAs à this is easily achieved Assignment submissions should not be accessible to anyone but the Tas à not that easy! 14

  15. What can go wrong? There can be mistakes in each of these • Threat assumptions • Security policy • Security Mechanism 15

  16. Messing up Security Policies Forgot Password Security Questions https://en.wikipedia.org/wiki/Sarah_Palin_email_hack 16

  17. Messing up Security Policies When forgot password sends a “Reset Password” to a backup email address In a span of one hour • Google account deleted • Twitter account compromised • AppleID broken into • Remotely erased all data on iPhone, iPad, and MacBook https://www.theverge.com/2012/8/6/3224597/mat-honan-hacked-apple-icloud-google-twitter 17

  18. Hacked! • Daisy Chained Accounts Amazon iPhone Google Twitter Account Account Account Account The ultimate objective of the hacker The last 4 digits of the credit card iPhone thought this was private information Amazon thought this was public information 18

  19. So you think you are safe with SMS OTP? 19

  20. Threat Assumptions (What can go wrong?) • The human factor (can’t assume humans won’t fall prey to these) 20

  21. Threat Assumptions (What can go wrong?) • Threat model change with time 1980s 1990s Kerberos, invented in 1980s, Kerberos, invented in 1990s, used DES with 56 bit keys for still used DES with 56 bit encryption keys for encryption 56 bit keys pretty safe in the 56 bit keys cannot be 80s. practically broken in the 90s in a single day (with specialized hardware) DES went obsolete, but nobody thought of changing Kerberos 21

  22. Threat Assumptions (What can go wrong?) • Hardware Backdoors / Cloned Hardwre Do you need to Worry about Cloned Hardware? Hardware backdoors Cannot assume your hardware is safe 22

  23. Threat Assumptions (what can go wrong?) • Trusted parties may get compromised • Example : DigiNotar (a Dutch Certifying Authority) compromised in 2011. – Issued fraudulent certificates which were used to conduct man-in-the-middle attacks against Google, Yahoo, Mozilla, and many other services – Targeted 300,000 gmail users – Suspected to be work of a Government 23

  24. Threat Assumptions (What can go wrong?) • Improper use of crypto Suppose the prime generation for RSA was faulty • – So that, primes generated were always from a small subset – Then, RSA can be broken Pairwise GCD of over a million RSA modulii collected from the Internet • showed that – 2 in 1000 have a common prime factor Ron was Wrong, Whit is right, 2012 24

  25. Threat Assumptions (What can go wrong?) • Insiders cannot be trusted 1980s had an insider inserting backdoors in a secure OS used for military applications the attacker could get access to the system through the backdoor 25

  26. Security Mechanisms (What can go wrong?) • Due to Programmers – Forget – Don’t know – Only look for functional correctness • Programming Languages – Do not inherently do certain checks 26

  27. Number of Password Attempts Websites typically have N password attempts before your account is blocked Passwords are not very difficult to crack (see John the Ripper : http://www.openwall.com/john/) combined with the fact that many people are not very smart at setting passwords (one of the most famous passwords is password) (http://www.telegraph.co.uk/technology/2017/01/16/worlds-common-passwords-revealed-using) What happens if the programmer forgets to do the count check? Disaster any time 27

  28. Number of Password Attempts Apple’s iCloud password-guessing rate limits The iCloud has many services and many APIs. One service forgot to implement limiting the no. of password trials. Adversary could try infinite times https://github.com/hackappcom/ibrute 28

  29. Missing Access Control Checks Citi bank data breach in 2011 Citi’s Login Page Webpage 2 Enters username The URL contains the and password account number of the LOGIN user Change the account number in this page and you will get another user’s account details http://www.nytimes.com/2011/06/14/technology/ 29 14security.html

  30. Seeding the Random Number Generator • Random numbers generated by PRSG • PRSG needs to be fed an initial value called seed. • If the seed are equal, the random numbers generated are the same. 30

  31. Bitcoin Theft • Random numbers used to generate secret keys and make Bitcoin transactions • If an attacker steals the random number, bitcoins are stolen • Android’s Java SecureRandom API forgot to seed the PRSG in certain cases. Seed was initialized to 0. Random numbers can be then predicted, keys can then be stolen https://bitcoin.org/en/alert/2013-08-11-android 31

  32. Program Bugs That Can be Exploited (Most Common Vulnerability) • Buffer overflows – In the stack – In the heap – Return-to-libc attacks • Double frees • Integer overflows • Format string bugs 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security Engineering Security Engineering Wallace Hopp Industrial Engineering Department

Security Engineering Security Engineering Wallace Hopp Industrial Engineering Department

Security Engineering Security Engineering Wallace Hopp Industrial Engineering Department McCormick School of Engineering A Flat World is an exciting but dangerous world Technology Opportunity Advances Reduced Risk Political Barriers

449 views • 17 slides
Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering They are where cryptography and system mechanisms meet They allow trust to be taken from where it exists to where it s needed But they are

941 views • 67 slides
Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens

Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens

2 Herausforderung: Security Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens Sicherheits-Mechanismen umgehen statt brechen. Sichere Systems aus Computing Department unsicheren Komponenten ? The

314 views • 6 slides
CS 5150 So(ware Engineering 14. Security William Y. Arms Security in the So(ware Development

CS 5150 So(ware Engineering 14. Security William Y. Arms Security in the So(ware Development

Cornell University Compu1ng and Informa1on Science CS 5150 So(ware Engineering 14. Security William Y. Arms Security in the So(ware Development Process The security goal The security goal is to make sure that the agents (people or external

489 views • 24 slides
Backwaters: Security Streaming Platform Comcast TPX Security Solutions Engineering (SSE) The Team

Backwaters: Security Streaming Platform Comcast TPX Security Solutions Engineering (SSE) The Team

Backwaters: Security Streaming Platform Comcast TPX Security Solutions Engineering (SSE) The Team Chris Maenner Ryan Van Antwerp Will Weber Principal Security Developer Principal Security Developer Senior Security Developer 2 Agenda

179 views • 17 slides
Outline Cryptographic Algorithm Engineering and Provable Security Crypto refresher

Outline Cryptographic Algorithm Engineering and Provable Security Crypto refresher

Bart Preneel September 2007 Cryptographic Algorithm Engineering and Provable Security Outline Cryptographic Algorithm Engineering and Provable Security Crypto refresher Basic concepts Foundations of Security Analysis and

958 views • 31 slides
CCM4350 Security Architecture and Engineering Lecture 2 Security Design Principles 15.10.2012

CCM4350 Security Architecture and Engineering Lecture 2 Security Design Principles 15.10.2012

CCM4350 Security Architecture and Engineering Lecture 2 Security Design Principles 15.10.2012 1 Content of Todays Lecture Summary and Wrap up on Security Terminology The Fundamental Dilemma of Security Five Design Principles

801 views • 25 slides
WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at

WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at

WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at Ernst and Young (EY) Penetration testing and red teaming T: https://twitter.com/_V1VI E: gabriel@thevivi.net QUESTIONS Stop me whenever youre

891 views • 42 slides
Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The Open University, GB http://www.umlsec.org Challenge: Security Security is holistic property: Attackers often circumvent (not: break) mechanisms.

639 views • 36 slides
Security of diabetes monitoring apps Research project 1 Security and Network Engineering Edgar

Security of diabetes monitoring apps Research project 1 Security and Network Engineering Edgar

Security of diabetes monitoring apps Research project 1 Security and Network Engineering Edgar Bohte & Roy Vermeulen Why diabetes? 2 3 The upside 4 Smartphone app security 5 Health data confidentiality 6 Diabetes data integrity

645 views • 28 slides
Security Engineering Chester Rebeiro IIT Madras Examples mo<vated from Prof. Nickolai

Security Engineering Chester Rebeiro IIT Madras Examples mo<vated from Prof. Nickolai

Security Engineering Chester Rebeiro IIT Madras Examples mo<vated from Prof. Nickolai Zeldovich lectures; part of MIT Opencourse Work Security Engineering : What is it About? Building systems that work even with adversaries 2 What does it

812 views • 34 slides
UP and Security: Penetrate-and-patch Overview of UMLsec (aka banana strategy): Jan

UP and Security: Penetrate-and-patch Overview of UMLsec (aka banana strategy): Jan

2 Software Engineering & Security UP and Security: Penetrate-and-patch Overview of UMLsec (aka banana strategy): Jan Jrjens insecure Competence Center for IT Security disruptive Software & Systems Engineering

219 views • 7 slides
Social Engineering and Physical Security Spring 2015

Social Engineering and Physical Security Spring 2015

CSE 484 / CSE M 584: Computer Security and Privacy Social Engineering and Physical Security Spring 2015 Franziska (Franzi) Roesner

425 views • 13 slides
in in National Security Jameel-Un Nabi GIK Institute of Engineering Sciences & Technology

in in National Security Jameel-Un Nabi GIK Institute of Engineering Sciences & Technology

The Role le of f Education, Scie ience & Technology in in National Security Jameel-Un Nabi GIK Institute of Engineering Sciences & Technology 28 th July, 2016 Islamabad National Security National security is a multifaceted

370 views • 18 slides
Cyber Security: Social Engineering Mid-America Technology Alliance Wednesday June 18th, 2015

Cyber Security: Social Engineering Mid-America Technology Alliance Wednesday June 18th, 2015

Cyber Security: Social Engineering Mid-America Technology Alliance Wednesday June 18th, 2015 What is Social Engineering? Social engineering, in the context of information security, is the art of manipulating people so they give up

320 views • 10 slides
Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Introduction to OS Security Trent

770 views • 28 slides
Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection

Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection

Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection Horizontal Techniques Specification-checking Techniques Mining-based Techniques Mining Repositories Mining Traces Mining Source Code Mining

683 views • 44 slides
N UKTI : English-Inuktitut Word Alignment System Description Philippe Langlais, Fabrizio Gotti

N UKTI : English-Inuktitut Word Alignment System Description Philippe Langlais, Fabrizio Gotti

N UKTI : English-Inuktitut Word Alignment System Description Philippe Langlais, Fabrizio Gotti and Guihong Cao RALI Dpartement dinformatique et de recherche oprationnelle Universit de Montral WPT June 2005 Felipe & Fabrizio

486 views • 21 slides
What is Smoke Test? Empirical Evaluation of the Fault-detection Effectiveness of Smoke Regression

What is Smoke Test? Empirical Evaluation of the Fault-detection Effectiveness of Smoke Regression

What is Smoke Test? Empirical Evaluation of the Fault-detection Effectiveness of Smoke Regression Test Cases Smoke test for GUI-based Software Borrowed from hardware testing Qing Xie A relatively simple check to see whether the

499 views • 5 slides
Evolution-Aware Monitoring-Oriented Programming (eMOP) Owolabi Legunsen, Darko Marinov , and

Evolution-Aware Monitoring-Oriented Programming (eMOP) Owolabi Legunsen, Darko Marinov , and

Evolution-Aware Monitoring-Oriented Programming (eMOP) Owolabi Legunsen, Darko Marinov , and Grigore Rou ICSE 2015 (NIER Track) Florence, Italy May 21, 2015 CCF-1439957 ITI RPS #28 CCF-1012759 Monitoring-Oriented Programming (MOP)

279 views • 13 slides
Locality Locality CS 105 Tour of the Black Holes of Computing Principle of Locality: Programs

Locality Locality CS 105 Tour of the Black Holes of Computing Principle of Locality: Programs

Locality Locality CS 105 Tour of the Black Holes of Computing Principle of Locality: Programs tend to use data and instructions with

757 views • 11 slides
Hardware OS & OS- Application interface Summer 2016 Cornell University 1 Today

Hardware OS & OS- Application interface Summer 2016 Cornell University 1 Today

CS 4410 Operating Systems Hardware OS & OS- Application interface Summer 2016 Cornell University 1 Today HW-OS interface OS-App interface Protection 2 How can an editor use a keyboard? keyboard keyboard controller CPU

491 views • 21 slides
KVM Live Migration Optimization Li, Liang Zhang, Yang Aug 2015 1 Agenda Background

KVM Live Migration Optimization Li, Liang Zhang, Yang Aug 2015 1 Agenda Background

KVM Live Migration Optimization Li, Liang Zhang, Yang Aug 2015 1 Agenda Background Problems Solutions Performance Work in progress 2 Background Live migration usage in cloud computing facilitate maintenance

461 views • 18 slides
on a Cluster Hongbo Rong, Frank Schlimbach Programming & Systems Lab (PSL) Software Systems

on a Cluster Hongbo Rong, Frank Schlimbach Programming & Systems Lab (PSL) Software Systems

Transparently Composing CnC Graph Pipelines on a Cluster Hongbo Rong, Frank Schlimbach Programming & Systems Lab (PSL) Software Systems Group (SSG) 7 th Annual Concurrent Collections Workshop 9/8/2015 Problem A productivity program

892 views • 33 slides

More recommend