Computer Security Lecture: Key Concepts, Terminology, and Threats, Slides of Computer Security

A lecture transcript covering key concepts, terminology, and threats in computer security. Topics include confidentiality, integrity, availability, adversaries, threats, vulnerabilities, attacks, countermeasures, and consequences. It also discusses passive and active attacks, security functional requirements, and security services.

Typology: Slides

2012/2013

Uploaded on 04/25/2013

bageshri
bageshri 🇮🇳

4.3

(24)

175 documents

1 / 31

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Lecture 2:
Overview (cont)
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f

Partial preview of the text

Download Computer Security Lecture: Key Concepts, Terminology, and Threats and more Slides Computer Security in PDF only on Docsity!

Lecture 2:

Overview (cont)

Key Security Concepts

2

Confidentiality

  • preserving authorized restrictions on information access and disclosure.
  • including means for protecting personal privacy and proprietary information

Integrity

  • guarding against improper information modification or destruction,
  • including ensuring information nonrepudiation and authenticity

Availability

  • ensuring timely and reliable access to and use of information

Computer Security Terminology

  • Risk - An expectation of loss expressed as the

probability that a particular threat will exploit a particular vulnerability with a particular harmful result.

  • Security Policy - A set of rules and practices that

specify how a system or org provides security services to protect sensitive and critical system resources.

  • System Resource (Asset) - Data; a service provided by

a system; a system capability; an item of system equipment; a facility that houses system operations and equipment.

Computer Security Terminology

  • Threat - A potential for violation of security, which

exists when there is a circumstance, capability, action, or event that could breach security and cause harm.

  • Vulnerability - Flaw or weakness in a system's

design, implementation, or operation and management that could be exploited to violate the system's security policy.

Vulnerabilities, Threats and Attacks

  • vulnerabilities
    • leaky (loss of confidentiality)
    • corrupted (loss of integrity)
    • unavailable or very slow (loss of availability)
  • threats
    • capable of exploiting vulnerabilities
    • represent potential security harm
  • attacks (threats carried out)
    • passive or active attempt to alter/affect system resources
    • insider or outsider

Countermeasures

8

means used to deal with security attacks

may introduce new vulnerabilities Residual vulnerabilities may remain goal is to minimize residual level of risk to the assets

  • prevent
  • detect
  • recover

Threat Consequences

• Deception is a threat to either system or data

integrity

• Masquerade : e.g., Trojan horse; or an attempt

by an unauthorized user to gain access to a

system by posing as an authorized user

• Falsification : altering or replacing of valid data

or the introduction of false data

• Repudiation : denial of sending, receiving or

possessing the data.

Threat Consequences

• Disruption is a threat to availability or system

integrity

• Incapacitation : a result of physical destruction

of or damage to system hardware

• Corruption : system resources or services

function in an unintended manner;

unauthorized modification

• Obstruction : e.g. overload the system or

interfere with communications

Scope of Computer Security

Computer and Network Assets

Security Functional Requirements

16

computer security technical measures

  • access control
  • identification & authentication;
  • system & communication protection
  • system & information integrity

management controls and procedures

  • awareness & training
  • audit & accountability
  • certification, accreditation, & security assessments
  • contingency planning
  • maintenance
  • physical & environmental protection
  • planning
  • personnel security
  • risk assessment
  • systems & services acquisition

overlap computer security technical measures and management controls

  • configuration management
  • incident response
  • media protection
  • assuring a communication is from the source that it claims to be from
  • interference by a third party masquerading as one of the two legitimate parties - Peer Entity Authentication - corroboration of the identity of a peer entity - confidence that an entity is not performing - a masquerade or - an unauthorized replay 17

Authentication Service

 Data Origin Authentication  corroboration of the source of a data  supports applications where there are no prior interactions

  • protection of transmitted data from passive attacks
  • Protects user data transmitted over a period of time - connection confidentiality - connectionless confidentiality - selective-field confidentiality - protects the traffic flow from analysis - traffic-flow confidentiality

19

Data Confidentiality Service

  • can apply to a stream of messages, a single message, or selected fields within a message
  • with and without recovery
    • connectionless integrity service
      • provides protection against message modification only
    • connection-oriented integrity service - assures that messages are received as sent - no duplication, insertion modification, reordering, or replays

20

Data Integrity Service