Download Computer Security Lecture: Key Concepts, Terminology, and Threats and more Slides Computer Security in PDF only on Docsity!
Lecture 2:
Overview (cont)
Key Security Concepts
2
Confidentiality
- preserving authorized restrictions on information access and disclosure.
- including means for protecting personal privacy and proprietary information
Integrity
- guarding against improper information modification or destruction,
- including ensuring information nonrepudiation and authenticity
Availability
- ensuring timely and reliable access to and use of information
Computer Security Terminology
- Risk - An expectation of loss expressed as the
probability that a particular threat will exploit a particular vulnerability with a particular harmful result.
- Security Policy - A set of rules and practices that
specify how a system or org provides security services to protect sensitive and critical system resources.
- System Resource (Asset) - Data; a service provided by
a system; a system capability; an item of system equipment; a facility that houses system operations and equipment.
Computer Security Terminology
- Threat - A potential for violation of security, which
exists when there is a circumstance, capability, action, or event that could breach security and cause harm.
- Vulnerability - Flaw or weakness in a system's
design, implementation, or operation and management that could be exploited to violate the system's security policy.
Vulnerabilities, Threats and Attacks
- vulnerabilities
- leaky (loss of confidentiality)
- corrupted (loss of integrity)
- unavailable or very slow (loss of availability)
- threats
- capable of exploiting vulnerabilities
- represent potential security harm
- attacks (threats carried out)
- passive or active attempt to alter/affect system resources
- insider or outsider
Countermeasures
8
means used to deal with security attacks
may introduce new vulnerabilities Residual vulnerabilities may remain goal is to minimize residual level of risk to the assets
Threat Consequences
• Deception is a threat to either system or data
integrity
• Masquerade : e.g., Trojan horse; or an attempt
by an unauthorized user to gain access to a
system by posing as an authorized user
• Falsification : altering or replacing of valid data
or the introduction of false data
• Repudiation : denial of sending, receiving or
possessing the data.
Threat Consequences
• Disruption is a threat to availability or system
integrity
• Incapacitation : a result of physical destruction
of or damage to system hardware
• Corruption : system resources or services
function in an unintended manner;
unauthorized modification
• Obstruction : e.g. overload the system or
interfere with communications
Scope of Computer Security
Computer and Network Assets
Security Functional Requirements
16
computer security technical measures
- access control
- identification & authentication;
- system & communication protection
- system & information integrity
management controls and procedures
- awareness & training
- audit & accountability
- certification, accreditation, & security assessments
- contingency planning
- maintenance
- physical & environmental protection
- planning
- personnel security
- risk assessment
- systems & services acquisition
overlap computer security technical measures and management controls
- configuration management
- incident response
- media protection
- assuring a communication is from the source that it claims to be from
- interference by a third party masquerading as one of the two legitimate parties - Peer Entity Authentication - corroboration of the identity of a peer entity - confidence that an entity is not performing - a masquerade or - an unauthorized replay 17
Authentication Service
Data Origin Authentication corroboration of the source of a data supports applications where there are no prior interactions
- protection of transmitted data from passive attacks
- Protects user data transmitted over a period of time - connection confidentiality - connectionless confidentiality - selective-field confidentiality - protects the traffic flow from analysis - traffic-flow confidentiality
19
Data Confidentiality Service
- can apply to a stream of messages, a single message, or selected fields within a message
- with and without recovery
- connectionless integrity service
- provides protection against message modification only
- connection-oriented integrity service - assures that messages are received as sent - no duplication, insertion modification, reordering, or replays
20
Data Integrity Service