Network Security
Reading for Wednesday
• Ken Thompson, “Reflections on Trusting
Trust”, Communication of the ACM, Vol. 27,
No. 8, August 1984, pp. 761-763.
–
http://cm.bell-labs.com/who/ken/trust.html
• Bruce Schneier, “The Security Mindset”
– https://www.schneier.com/blog/archives/2008/03
/the_security_mi_1.html
Cybercrime
Source: New York Magazine,
http://nymag.com/daily/intelligencer/2013/04/ap-twitter-hack-sends-stock-market-spinning.html
Source: CNN Money,
http://nymag.com/daily/intelligencer/2013/04/ap-twitter-hack-sends-stock-market-spinning.html
Hactivism
Source: Mother Jones,
http://www.motherjones.com/politics/2014/07/anonymous -cyberattack-israel-gaza Source: Forbes, http://www.forbes.com/sites/quora/2014/07/24/how -wsjs-facebook-page-got-hacked-and-what-others-should-do-to-prevent-this/
Nation-State Threats
Source: The Washington Post, http://www.washingtonpost.com/world/national- security/spyware-tools-allow-buyers-to-slip-malicious-code-into-youtube-
videos-microsoft-pages/2014/08/15/31c5696c-249c-11e4-8593-da634b334390_story.html
Source: CNET, http://www.cnet.com/news/saudi-oil-firm-says-30000-computers-hit-by-virus/
Source: The New York Times,
http://www.nytimes.com/2013/05/20/world/asia/chinese-hackers-resume-attacks-on-us-targets.html?pagewanted=all&_r=0
Security Definition & Properties
Computer Security :
The protection afforded to an automated information system in
order to attain the applicabile objectives of preserving the integrity, availability, and confidentiality of information system resources. -NIST Computer Security Handbook
Key Principles: CIA Triad [From FIPS-199]
● Confidentiality - Preserving authorized restrictions on information access and disclosure, including means for protecting personal
privacy and proprietary information
● Integrity - Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity
● Availability - Ensuring timely and reliable access to and use of information.
Security Properties cont.
● Accountability – The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.
● Privacy - Assures that individuals control or influence what
information related to them may be collected and stored and by whom and to whom that information may be displosed
● Authenticity - The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator.
Security Properties - Examples
• Student Grades
– Confidentiality
• only the student/instructor can see their grade
– Integrity
• grades accurate represent hw/test scores
– Availability
• grades should be available for report cards
– Authenticity
• only the instructor can assign grades
– Privacy
• student has discretion over who sees grades
– Accountability
In class example:
– Integrity?
– Confidentiality?
– Availability?
– Accountability?
– Privacy?
– Authenticity?
Threats/Attacks
Threat Consequence Threat Action (attack) Unauthorized Disclosure
A circumstance or
event whereby an entity gains access to data for which the entity is not authorized.
Exposure: Sensitive data are directly released to an unauthorized
entity.
Interception: An unauthorized entity directly accesses sensitive
data traveling between authorized sources and destinations.
Inference: A threat action whereby an unauthorized entity
indirectly accesses sensitive data (but not necessarily the data contained in the communication) by reasoning from
characteristics or byproducts of communications.
Intrusion: An unauthorized entity gains access to sensitive data by
circumventing a system's security protections.
Deception
A circumstance or event that may result in an authorized entity receiving false data and believing it to be true.
Masquerade: An unauthorized entity gains access to a system or
performs a malicious act by posing as an authorized entity.
Falsification: False data deceive an authorized entity.
Repudiation: An entity deceives another by falsely denying
responsibility for an act.
Disruption
A circumstance or event that interrupts or prevents the correct operation of system services and functions.
Incapacitation: Prevents or interrupts system operation by
disabling a system component.
Corruption: Undesirably alters system operation by adversely
modifying system functions or data.
Obstruction: A threat action that interrupts delivery of system
services by hindering system operation.
Usurpation
A circumstance or event that results in control of system
services or functions by an unauthorized entity.
Misappropriation: An entity assumes unauthorized logical or
physical control of a system resource.
Misuse: Causes a system component to perform a function or
Attack Trees Intro
• Model to help
understand potential
vulnerabilities in a
system
• Root node = objective
• Leaf node = specific
threat/attack
Attack Trees: In Class
Security Design Principles
• Saltzer and Schroeder
– Economy of mechanisms – mechanisms should be as simple, small as possible
– Fail-safe defaults – system fails into the correct state (deny or allow) – Complete mediation – every access to a system should be
checked/validated
– Open design – security designs should be open, no “security by obscurity”
– Separation of privilege – require multiple privileges to access restricted resource/function
– Least privilege – processes/users should always use least privileges – Least common mechanism – minimize functions shared by different
users
– Psychological acceptability – mechanisms should not interfere with work for users